53-1002949-01 26 July 2013 Brocade Network Advisor SAN + IP User Manual Supporting Network Advisor 12.1.
Copyright © 2006-2013 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, MLX, SAN Health, VCS, and VDX are registered trademarks, and AnyIO, Brocade One, CloudPlex, Effortless Networking, ICX, NET Health, OpenScript, and The Effortless Network are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Contents About This Document In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . liii How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . liii Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . lvi What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .lxiii Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Supported open source software products. . . . . . . . . . . . . . . . . . . . 24 SAN feature-to-firmware requirements . . . . . . . . . . . . . . . . . . . . . . . 27 Chapter 2 Licenses Licenses overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Managed count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Managed SAN port count calculation. . . . . . . . . . . . . . . . . . . . . 30 Managed IP port count calculation. . . . .
Resume monitoring of discovered switches . . . . . . . . . . . . . . . 65 SAN Seed switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 Seed switch requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Seed switch failover. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 Changing the seed switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67 IP discovery overview . . . . . . . . . . . . . . . . . . . . . . . .
Configuring address ranges . . . . . . . . . . . . . . . . . . . . . . . . . . .104 Editing address ranges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108 Scheduling discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .109 Suspending a discovery schedule . . . . . . . . . . . . . . . . . . . . . .113 Editing a discovery schedule. . . . . . . . . . . . . . . . . . . . . . . . . . .114 Configuring advanced discovery profile preferences . . . . . . .
Chapter 5 Management Groups Management groups overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . .149 Displaying Network Object view . . . . . . . . . . . . . . . . . . . . . . . .149 Product group overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .150 Static product groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .151 Dynamic product groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .153 Viewing product group properties . . . . . .
Name settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .183 Setting names to be unique . . . . . . . . . . . . . . . . . . . . . . . . . . .183 Setting names to be non-unique. . . . . . . . . . . . . . . . . . . . . . . .183 Fixing duplicate names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184 Viewing names . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185 Adding a name to an existing device . . . . . . . . . . . . . . .
Chapter 7 User Account Management Users overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .237 Configuration requirements . . . . . . . . . . . . . . . . . . . . . . . . . . .237 Viewing configured users . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238 User accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241 Creating a new user account . . . . . . . . . . . . . . . . . . . . . . . . . .
Configuring CLI credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . .267 Configuring the CLI credential policy . . . . . . . . . . . . . . . . . . . .268 Chapter 8 Dashboard Management Dashboard overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .269 Dashboard toolbar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271 Dashboard messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .272 Dashboards expand navigation bar . .
Top Port Encode Error Out monitor . . . . . . . . . . . . . . . . . . . . . .312 Top Port Errors monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .313 Top Port Link Failures monitor . . . . . . . . . . . . . . . . . . . . . . . . .315 Top Port Link Resets monitor . . . . . . . . . . . . . . . . . . . . . . . . . . 316 Top Port Overflow Errors monitor . . . . . . . . . . . . . . . . . . . . . . . 317 Top Port Receive EOF monitor. . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter 9 View Management SAN tab overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362 SAN main toolbar . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363 View All list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .364 Port Display buttons. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .365 Connectivity Map toolbar . . . . . . . . . . . . . . . . . . . . . . . . . . . . .365 Product List . . .
SAN view management overview . . . . . . . . . . . . . . . . . . . . . . . . . . .400 Creating a customized view. . . . . . . . . . . . . . . . . . . . . . . . . . . .400 Editing a customized view . . . . . . . . . . . . . . . . . . . . . . . . . . . . .402 Deleting a customized view. . . . . . . . . . . . . . . . . . . . . . . . . . . .403 Copying a view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .403 SAN topology layout . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Displaying port properties for an attached device. . . . . . . . . .434 Accessing performance monitoring . . . . . . . . . . . . . . . . . . . . .435 Chapter 10 MRP Topology MRP Topology overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .437 Viewing a MRP Topology map. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .438 Viewing a MRP ring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .439 Configuring the application to show a dashed line. . . .
Removing an event filter from the Call Home Event Filters list . . .469 Searching for an assigned event filter . . . . . . . . . . . . . . . . . . . . . .469 Chapter 12 Third-party tools About third-party tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 471 Starting third-party tools from the application . . . . . . . . . . . . . . . .472 Launching a Telnet session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .472 Launching an Telnet session from the IP tab . . .
Ports tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .491 Viewing server port numbers . . . . . . . . . . . . . . . . . . . . . . . . . .491 AAA Settings tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .492 Configuring Radius server authentication . . . . . . . . . . . . . . . .492 Configuring LDAP server authentication . . . . . . . . . . . . . . . . .495 Configuring TACACS+ server authentication . . . . . . . . . . . . . .
Frame viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .550 Viewing discarded frames from a port . . . . . . . . . . . . . . . . . . .552 Clearing the discarded frame log . . . . . . . . . . . . . . . . . . . . . . .553 Refreshing the discarded frame log . . . . . . . . . . . . . . . . . . . . .553 Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .553 Viewing port connectivity . . . . . . . . . . . . . . . . . .
Chapter 15 Host Port Mapping Host port mapping overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .589 Creating a new Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .590 Renaming an HBA Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .591 Deleting an HBA Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .591 Viewing Host properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
CLI configuration management . . . . . . . . . . . . . . . . . . . . . . . . . . . .611 Cluster mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .612 VLAN management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .612 Performance management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .613 Policy Monitors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .613 Fault management . . . . . . . . . . .
Ethernet fabric traceroute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .637 Tracing Ethernet fabric routes . . . . . . . . . . . . . . . . . . . . . . . . .637 Exporting diagnostic data . . . . . . . . . . . . . . . . . . . . . . . . . . . . .640 Chapter 19 Host Management Host management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .641 Brocade adapters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .642 Host Bus Adapters . . . .
Backup support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .670 Configuring backup to a hard drive . . . . . . . . . . . . . . . . . . . . .670 Enabling backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671 Disabling backup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 671 Chapter 20 Fibre Channel over Ethernet In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
VLAN classifier configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .702 Adding a VLAN classifier rule . . . . . . . . . . . . . . . . . . . . . . . . . .702 Editing a VLAN classifier rule . . . . . . . . . . . . . . . . . . . . . . . . . .704 Deleting a VLAN classifier rule . . . . . . . . . . . . . . . . . . . . . . . . .704 Creating a VLAN classifier group. . . . . . . . . . . . . . . . . . . . . . . .705 Deleting a VLAN classifier group. . . . . . . . . . . . . . . . . . . . . . . .
Deleting a policy or rule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 745 Deploying a PBR policy on demand . . . . . . . . . . . . . . . . . . . . . 745 Saving a PBR policy deployment. . . . . . . . . . . . . . . . . . . . . . . . 746 Scheduling a PBR policy deployment . . . . . . . . . . . . . . . . . . . . 747 ACL Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .750 Enabling or disabling ACL accounting . . . . . . . . . . . . . . . . . . .
Security configuration deployment . . . . . . . . . . . . . . . . . . . . . . . . .819 Deploying a security configuration on demand . . . . . . . . . . . .820 Saving a security configuration deployment . . . . . . . . . . . . . .821 Scheduling a security configuration deployment. . . . . . . . . . .822 Chapter 23 FC-FC Routing Service Management Devices that support Fibre Channel routing . . . . . . . . . . . . . . . . . .827 Fibre Channel routing overview . . . . . . . . . . . . . . . . . . . . . . . . .
Tracking smart cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .861 Editing smart cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .864 Network connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .865 Blade processor links . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .865 Configuring blade processor links . . . . . . . . . . . . . . . . . . . . . .866 Encryption node initialization and certificate generation.
ESKM/SKM key vault deregistration . . . . . . . . . . . . . . . . . . . .892 Steps for connecting to a TEKA appliance. . . . . . . . . . . . . . . . . . . .892 Setting up TEKA network connections . . . . . . . . . . . . . . . . . . .893 Creating a client on TEKA . . . . . . . . . . . . . . . . . . . . . . . . . . . . .894 Establishing TEKA key vault credentials on the switch . . . . . .895 Signing the encryption node KAC CSR on the TEKA appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Replacing an encryption engine in an encryption group . . . . . . . .965 High availability clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .966 HA cluster configuration rules . . . . . . . . . . . . . . . . . . . . . . . . .966 Creating HA clusters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .967 Removing engines from an HA cluster . . . . . . . . . . . . . . . . . . .968 Swapping engines in an HA cluster . . . . . . . . . . . . . . . . . . . . .
Redirection zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1012 Disk device decommissioning . . . . . . . . . . . . . . . . . . . . . . . . . . . .1012 Decommissioning disk LUNs. . . . . . . . . . . . . . . . . . . . . . . . . .1013 Displaying and deleting decommissioned key IDs. . . . . . . . .1014 Displaying Universal IDs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1015 Rekeying all disk LUNs manually . . . . . . . . . . . . . . . . . . . . . . . . . .
Enabling or disabling the default zone for fabrics . . . . . . . . 1056 Creating a zone alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1056 Editing a zone alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1057 Removing an object from a zone alias . . . . . . . . . . . . . . . . . 1058 Exporting zone aliases. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1058 Renaming a zone alias . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Zoning administration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1085 Comparing zone databases. . . . . . . . . . . . . . . . . . . . . . . . . . 1085 Managing zone configuration comparison alerts . . . . . . . . .1087 Setting change limits on zoning activation. . . . . . . . . . . . . . 1088 Clearing the fabric zone database . . . . . . . . . . . . . . . . . . . . 1089 Removing all user names from a zone database . . . . . . . . 1089 Finding a member in one or more zones . . . . . .
Teradata pipelining . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1112 Connecting cascaded FICON fabrics over FCIP. . . . . . . . . . . . . . Planning the configuration . . . . . . . . . . . . . . . . . . . . . . . . . . Configuring IP links and merging the fabrics . . . . . . . . . . . Configuring DWDM links to use R_RDYs . . . . . . . . . . . . . . . Extending RDR applications over FCIP . . . . . . . . . . . . . . . . 1112 1114 1115 1117 1117 FCIP configuration guidelines. . . . . . .
Chapter 28 Fabric Binding Fabric Binding overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1147 Viewing fabric binding membership . . . . . . . . . . . . . . . . . . . .1147 Enabling fabric binding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1149 Disabling fabric binding. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1150 Adding switches to the fabric binding membership list . . . .1151 Adding detached devices to the fabric binding membership list . . . . . .
Chapter 30 FICON Environments FICON configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1179 Configuring a switch for FICON operation . . . . . . . . . . . . . . . . . . 1180 Planning the configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 1180 Configuring the switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1182 Configuring FICON display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1187 Configuring an Allow/Prohibit Matrix . . .
Configure VLAN dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . 1218 Web Management interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1219 Accessing the Web Management interface . . . . . . . . . . . . 1219 Accessing the IP device front panel . . . . . . . . . . . . . . . . . . . 1220 Web Management interface troubleshooting . . . . . . . . . . . . . . . 1220 Chapter 32 Configuration Repository and Backup In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . .
Creating a new product configuration . . . . . . . . . . . . . . . . . 1259 Changing product credentials . . . . . . . . . . . . . . . . . . . . . . . . . . . 1264 Importing parameter values into a configuration . . . . . . . . . . . . 1265 Previewing CLI commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1266 CLI command guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1267 Copying a product configuration . . . . . . . . . . . . . . . . . . . . . .
Automatically retrieving software images from products . . 1292 Deploying software images to products . . . . . . . . . . . . . . . . 1293 Deleting software images from the Management application . . . . . . . . . . . . . . . . . . . . . . . . . . . 1293 Unified image management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . Viewing the list of unified images . . . . . . . . . . . . . . . . . . . . . Importing unified images into the Management application . . . . . . . . . . . . . . . . . . . .
LSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1324 Viewing LSP Admin Group information . . . . . . . . . . . . . . . . . 1325 Viewing LSP path information . . . . . . . . . . . . . . . . . . . . . . . . 1326 Viewing RSVP LSP information . . . . . . . . . . . . . . . . . . . . . . . 1327 Viewing saved LSP configurations . . . . . . . . . . . . . . . . . . . . 1328 Adding an LSP admin group . . . . . . . . . . . . . . . . . . . . . . . . .
VCID pools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1375 Viewing, creating, and deleting VCID pools . . . . . . . . . . . . . 1375 802.1ag Connectivity Fault Management . . . . . . . . . . . . . . . . . . .1376 Configuring a maintenance association. . . . . . . . . . . . . . . . .1376 Editing a maintenance association . . . . . . . . . . . . . . . . . . . 1379 Adding a MEP to a maintenance association. . . . . . . . . . . . 1382 Editing a MEP . . . . . . . . . .
Chapter 40 SSL Certificates for ServerIron Products In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1421 SSL certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1421 SSL certificate configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1422 Accessing SSL certificates on the Certificate View tab . . . 1423 Accessing SSL certificates on the Product View tab . . . . . . .
FCIP troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1454 Configuring IP ping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1454 Tracing IP routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1456 Viewing FCIP tunnel performance. . . . . . . . . . . . . . . . . . . . . .1457 Chapter 43 Performance Data SAN performance overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1459 SAN performance measures . . . . . . .
Disabling bottleneck detection . . . . . . . . . . . . . . . . . . . . . . . 1494 Thresholds and event notification . . . . . . . . . . . . . . . . . . . . . . . . Creating and editing a threshold policy . . . . . . . . . . . . . . . . Duplicating a threshold policy. . . . . . . . . . . . . . . . . . . . . . . . Assigning a threshold policy . . . . . . . . . . . . . . . . . . . . . . . . . Deleting a threshold policy . . . . . . . . . . . . . . . . . . . . . . . . . .
Scheduling custom sFlow reports. . . . . . . . . . . . . . . . . . . . . 1556 Suspending a custom sFlow report schedule . . . . . . . . . . . 1559 IP Traffic analyzer monitoring and sFlow reports . . . . . . . . . . . . 1559 Device-level configuration requirements . . . . . . . . . . . . . . 1559 802.1X configuration requirements . . . . . . . . . . . . . . . . . . 1560 Displaying sFlow monitoring reports. . . . . . . . . . . . . . . . . . . 1560 Selecting a report. . . . . . . . . . . . . . . . . . . . . .
Context-based flow definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . .1611 Flow parameter and configuration rules and limitations . . . . . . .1612 General flow parameter rules . . . . . . . . . . . . . . . . . . . . . . . 1612 Supported basic flow parameter combinations . . . . . . . . . 1613 Flow Generator supported flow identification parameter combinations . . . . . . . . . . . . . . . . . . . . . . . . . . . 1613 Flow Mirror supported flow identification parameter combinations . . . . .
Schedule PoE power deployment. . . . . . . . . . . . . . . . . . . . . . . . . .1641 Scheduling an power up deployment . . . . . . . . . . . . . . . . . 1641 Scheduling a power down deployment. . . . . . . . . . . . . . . . . 1646 Updating a power deployment schedule . . . . . . . . . . . . . . . .1647 Viewing the configured ports for a power deployment schedule . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1648 Deleting a power deployment schedule . . . . . . . . . . . . . . . .
Adding a configuration block. . . . . . . . . . . . . . . . . . . . . . . . . .1697 Duplicating a configuration block . . . . . . . . . . . . . . . . . . . . . 1698 Editing a user-defined configuration block . . . . . . . . . . . . . 1699 Deleting conditions and blocks. . . . . . . . . . . . . . . . . . . . . . . .1700 Predefined blocks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1700 Running a policy monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Setting pseudo event policies . . . . . . . . . . . . . . . . . . . . . . . . . 1749 Filtering pseudo event traps . . . . . . . . . . . . . . . . . . . . . . . . . .1750 Creating a pseudo event definition by copying an existing definition . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1752 Editing a pseudo event definition . . . . . . . . . . . . . . . . . . . . . .1752 Deleting a pseudo event definition. . . . . . . . . . . . . . . . . . . . .
Chapter 50 Monitoring and Alerting Policy Suite Monitoring and Alerting Policy Suite overview . . . . . . . . . . . . . . .1783 MAPS role-based access control. . . . . . . . . . . . . . . . . . . . . . 1784 Enabling MAPS on a device. . . . . . . . . . . . . . . . . . . . . . . . . . .1785 MAPS interoperability with other features. . . . . . . . . . . . . . . . . . .1785 Fabric Watch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
MAPS events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1829 Viewing MAPS events. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1829 MAPS integration with other features . . . . . . . . . . . . . . . . . . . . . 1832 Chapter 51 Technical Support In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1833 Server and client support save . . . . . . . . . . . . . . . . . . . . . . . . . .
IP report contents . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1859 IP Wired Products report. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1860 Detailed Product Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1861 Detailed Cluster Report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1865 IP Module report . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1867 IP Port VLANs report . . . . . . . . . . . . . . .
Appendix C Event Categories Link incident events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1929 Product status events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1929 Product audit events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1930 Security events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1931 Security events for FC devices . . . . . . . . . . . . . . . . . . . . . . .
Chapter H Troubleshooting In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2017 Application Configuration Wizard troubleshooting . . . . . . . . . . . 2018 Browser troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2018 Client browser troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . 2019 Configuration backup and restore troubleshooting . . . . . . . . . . 2019 Fabric tracking troubleshooting . . . . . . . . . . .
EE_MONITOR_STATS_5MIN_INFO. . . . . . . . . . . . . . . . . . . . . 2251 EE_MONITOR_STATS_30MIN_INFO . . . . . . . . . . . . . . . . . . . 2251 EE_MONITOR_STATS_2HOUR_INFO . . . . . . . . . . . . . . . . . . . 2251 EE_MONITOR_STATS_1DAY_INFO . . . . . . . . . . . . . . . . . . . . . 2252 TE_PORT_STATS_5MIN_INFO . . . . . . . . . . . . . . . . . . . . . . . . 2252 TE_PORT_STATS_30MIN_INFO . . . . . . . . . . . . . . . . . . . . . . . 2252 TE_PORT_STATS_2HOUR_INFO. . . . . . . . . . . . . . . . . . . . . . .
SFLOW_MINUTE_MAC_VIEW . . . . . . . . . . . . . . . . . . . . . . . . . 2290 SCOM_EE_MONITOR_INFO . . . . . . . . . . . . . . . . . . . . . . . . . . 2291 SENSOR_INFO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2292 SMART_CARD_USAGE_INFO . . . . . . . . . . . . . . . . . . . . . . . . . 2292 SWITCH_CONFIG_INFO . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2293 SWITCH_DETAILS_INFO . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
About This Document In this chapter • How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . liii • Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lvi • What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxiii • Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . lxv • Additional information . . . . . . . . . . .
• Chapter 14, “SAN Device Configuration,” provides device configuration instructions. • Chapter 15, “Host Port Mapping,” provides instructions about how to create Hosts and assign the HBAs to them and import an externally created Host port mapping file (.CSV) to the Management application. • Chapter 16, “Storage Port Mapping,” provides instructions about how to create and assign properties to a storage device. • Chapter 17, “Wireless Management,” provides information about wireless devices.
• Chapter 41, “Deployment Manager,” provides information about how to view, deploy, and manage deployment configurations. • Chapter 42, “Fibre Channel Troubleshooting,” provides troubleshooting details for Fibre Channel devices. • Chapter 43, “Performance Data,” provides information on how to manage performance. • Chapter 44, “Flow Vision,” is a network diagnostic tool that provides a unified platform to manage traffic-related applications on Fabric OS devices.
Supported hardware and software In those instances in which procedures or parts of procedures documented here apply to some devices but not to others, this guide identifies exactly which devices are supported and which are not. Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc. for Network Advisor 12.1.X, documenting all possible configurations and scenarios is beyond the scope of this document.
TABLE 1 Fabric OS-supported hardware (Continued) Device name Terminology used in documentation Firmware level required Brocade 6505 switch 24-port, 16 Gbps Edge switch Fabric OS v7.0.1 or later Brocade M6505 embedded switch 24-port, 16 Gbps embedded switch Fabric OS v7.2.0 or later Brocade 6510 switch 48-port, 16 Gbps switch Fabric OS v7.0.0 or later Brocade 6520 switch 96-port, 16 Gbps switch Fabric OS v7.1.
TABLE 1 Fabric OS-supported hardware (Continued) Device name Terminology used in documentation Firmware level required Brocade DCX 1, 2 with FX8-24 Blades 8-slot Backbone Chassis with 8 Gbps 12-FC port, 10 GbE ports, 2-10 GbE ports blade Fabric OS v6.3.1_CEE Brocade DCX 1, 2 with FCoE10-24 Blades 8-slot Backbone Chassis with 10 Gbps 24-port FCoE blade Fabric OS v6.3.1_CEE Brocade DCX-4S 4-slot Backbone Chassis Fabric OS v6.0.
IronWare hardware and software support The following firmware platforms are supported by this release of Network Advisor 12.1.X: • • • • • • BigIron 2.7.02e (sustaining mode) or later FastIron 7.2.0 or later NetIron 5.1.0 or later ServerIron (JetCore) 11.0 or later ServerIron ADX 12.2.0 or later TurboIron 4.2.0 or later For platform-specific firmware requirements, refer to Table 2. Table 2 lists the hardware platforms supported by this release of Network Advisor 12.1.
TABLE 2 IronWare-supported hardware (Continued) Device name lx Terminology used in documentation Firmware level required ICX 6610-48 Stackable switch 48 RJ-45 ports Campus LAN Edge stackable switch FastIron 07.0.3 and later Hyper Edge stacking requires FastIron 8.0 or later ICX 6610-24F Stackable switch 24 SFP ports Campus LAN Edge stackable switch FastIron 07.0.3 and later Hyper Edge stacking requires FastIron 8.
TABLE 2 IronWare-supported hardware (Continued) Device name Terminology used in documentation ICX 6450 IronStack switch 48-port Campus LAN stackable switch FastIron GS Ethernet L2/L3 Access switch FastIron GS-STK Ethernet L2/L3 Access switch, stackable FastIron LS Enterprise LAN switch FastIron LS-STK Enterprise LAN switch, stackable FastIron SuperX/SX Enterprise LAN chassis FastIron 8-port 10 GbE SFP Blade 8-port 10 GbE SFP Blade FastIron 24-port Fiber SFP GbE Blade 24-port Fiber SFP GbE
TABLE 2 IronWare-supported hardware (Continued) Device name Terminology used in documentation Firmware level required NetIron MLXe (Supported regardless of license configuration) Ethernet Core router NetIron 5.0.0 or 5.0.1 NetIron XMR (Supported regardless of license configuration) Ethernet Backbone router NetIron 5.0.0 or 5.0.1 NetIron CES 2048CX (NI-CES-2048CX-AC) (Supported regardless of license configuration) Ethernet Carrier router NetIron 5.0.0 or 5.0.
TABLE 3 Network OS-supported hardware (Continued) Device name Terminology used in documentation Firmware level required Brocade VDX 6740 switch VDX 6740 switch 4.0 or later Brocade VDX 6740-T switch VDX 6740-T switch 4.0 or later Brocade VDX 8770-4 switch VDX 8770-4 switch 3.0 or later Brocade VDX 8770-8 switch VDX 8770-8 switch 3.
• Information that was changed: - View management — changes to Accept changes dialog box - Dashboard (SAN and IP) — Port status widgets and performance monitors enhancements - FCIP - FICON — Cascaded FICON fabric merge Deployment dialog box renamed Task Scheduler dialog box Virtual Switches — Port address binding Performance - SAN performance overview SAN Historical performance dat Generating and saving historical performance graph SAN Top Talker monitoring Enabling bottlenec
Document conventions This section describes text formatting conventions and important notice formats used in this document.
Notice to the reader This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations. These references are made for informational purposes only. Corporation Referenced trademarks and products Linus Torvalds Linux Microsoft Corporation Windows, Windows NT, Internet Explorer Netscape Communications Corporation Netscape Red Hat, Inc.
Other industry resources For additional resource information, visit the Technical Committee T11 website. This website provides interface standards for high-performance and mass storage applications for Fibre Channel, storage management, and other applications: http://www.t11.org For information about the Fibre Channel industry, visit the Fibre Channel Industry Association website: http://www.fibrechannel.
• Brocade 5000—On the switch ID pull-out tab located on the bottom of the port side of the switch • Brocade 7600—On the bottom of the chassis • Brocade 48000—Inside the chassis next to the power supply bays • Brocade DCX and DCX-4S—On the bottom right on the port side of the chassis 4. World Wide Name (WWN) Use the licenseIdShow command to display the WWN of the chassis.
Chapter Getting Started 1 In this chapter • User interface components . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 • Management server and client. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 • Accessibility features for the Management application . . . . . . . . . . . . . . . . 16 • PostgreSQL database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 • Supported open source software products . . . . .
1 User interface components FIGURE 1 Main window 1. Menu bar — Lists commands you can perform on the Management application. The available commands vary depending on which tab (SAN, IP, or Dashboard) you select. For a list of available commands, refer to Appendix A, “Application menus”. 2. Toolbar — Provides buttons that enable quick access to dialog boxes and functions. The available buttons vary depending on which tab (SAN, IP, or Dashboard) you select.
Management server and client 1 Management server and client The Management application has two parts: the Server and the Client. The Server is installed on one machine and stores device-related information; it does not have a user interface. To view information through a user interface, you must log in to the Server through a Client. The Server and Clients may reside on the same machine, or on separate machines. If you are running Professional, the server and the client must be on the same machine.
1 Management server and client 5. Click Login. 6. Click OK on the Login Banner dialog box. The Management application displays. NOTE When you launch the Management application or navigate to a new view, the SAN tab displays with a gray screen over the Product List and Topology Map while data is loading. Launching a remote client To launch a remote client, complete the following steps. 1. Open a web browser and enter the IP address of the Management application server in the Address bar.
Management server and client 7. 1 Click OK on the Login Banner dialog box. The Management application displays. NOTE When you launch the Management application or navigate to a new view, the SAN tab displays with a gray screen over the Product List and Topology Map while data is loading. Clearing previous versions of the remote client The remote client link in the Start menu does not automatically upgrade when you upgrade the Management application.
1 Management server and client 3. Click Yes on the confirmation message. 4. Complete the following steps on the FTP/SCP/SFTP Server screen. a. Choose one of the following options: • Select Built-in FTP/SCP/SFTP Server to configure an internal FTP/SCP/SFTP server and select one of the following options: - Select Built-in FTP Server to configure an internal FTP server The internal FTP server uses a default account and port 21. You can configure your own account from the Options dialog box.
Management server and client a. Select an address from the Server IP Configuration list. b. Select an address from the Switch - Server IP Configuration Preferred Address list. 1 NOTE If the “hostname” contains invalid characters, the host name does not display in the list. Valid characters include alphanumeric and dash (-) characters. The IP address is selected by default. If the an IPv6 address is selected, server start up will fail.
1 Management server and client d. Enter a port number in the Starting Port Number field (default is 24600). NOTE For Professional software, the server requires 15 consecutive free ports beginning with the starting port number. NOTE For Trial and Licensed software, the server requires 18 consecutive free ports beginning with the starting port number. e. Enter a port number in the Syslog Port Number field (default is 514).
Management server and client 1 • If you configured authentication to CAC, enter your PIN in the CAC PIN field. • If you configured authentication to the local database, an external server (RADIUS, LDAP, or TACACS+), or a switch, enter your user name and password. The defaults are Administrator and password, respectively. NOTE Do not enter Domain\User_Name in the User ID field for LDAP server authentication. 12. Click Login. 13. Click OK on the Login Banner.
1 Management server and client Disconnecting users To disconnect a user, complete the following steps. 1. Select Server > Active Sessions. The Active Sessions dialog box displays. 2. Select the user you want to disconnect and click Disconnect. 3. Click Yes on the confirmation message. 4. The user you disconnected receives the following message: The Client has been disconnected by User_Name from IP_Address at Disconnected_Date_and_Time. 5. Click Close.
Management server and client TABLE 4 1 Server Properties Field/Component Description Java VM Vendor The Java Virtual Machine vendor. Java VM Version The Java Virtual Machine version running on the server. Server Name The server’s name. OS Architecture The operating system architecture on the server. OS Name The name of the operating system running on the server. OS Version The operating system version running on the server. Region The server’s geographical region.
1 Management server and client FIGURE 6 Port Status dialog box 2. Review the port status details: • Name — The Port name. Options include CIM Indication for Event Handling, CIM Indication for HCM Proxy, FTP, SCP/SFTP, sFlow, SNMP Trap, Syslog, TFTP, Web Server (HTTP), and Web Server (HTTPS). • Port # — The required port number. • Status — The status of the port. The status options are as follows: Success — The port is listening or bound to the server.
Management server and client 1 Server and client ports In some cases, a network may utilize virtual private network (VPN) or firewall technology, which can prohibit communication between Products and the Servers or Clients. In other words, a Server or Client can find a Product, appear to log in, but is immediately logged out because the Product cannot reach the Server or Client. To resolve this issue, check to determine if the ports in the table below need to be opened up in the firewall.
1 Management server and client TABLE 5 Port usage and firewall requirements (Continued) Port Number Ports Transport Description Communication Path Open in Firewall 801 Product HTTP server TCP Product non-SSL http port for http and CAL communication if you do not use secure communication to the product Server–Product Yes Product non-SSL http port for http and CAL communication if you do not use secure communication to the product and you do not use the Management application server proxy Clie
Management server and client TABLE 5 1 Port usage and firewall requirements (Continued) Port Number Ports Transport Description Communication Path Open in Firewall 5432 Database port TCP Port used by database if you access the database remotely from a third-party application Remote ODBC– Database Yes 5988 SMI Server port TCP SMI server port on the Management application and the CIM/SMI port on HBAs if you use SMI Agent without SSL SMI Client- Server Yes Server-Managed Host Yes SMI Age
1 Accessibility features for the Management application TABLE 5 Port usage and firewall requirements (Continued) Port Number Ports Transport Description Communication Path Open in Firewall 246162 Apache JServ port TCP Proxys web server requests, not used remotely Server Yes 246172 Remote Management application connector access port TCP Not used remotely Server Yes 34568 HCM Agent discovery port TCP Used for HBA management via JSON Server - Managed Host Yes 555561 Launch in Contex
Accessibility features for the Management application TABLE 6 1 Keyboard shortcuts Menu Item or Function Keyboard Shortcut Delete Delete Delete All CTRL +Delete Help F1 Internet Explorer SHIFT + F2 Master Log F5 FireFox SHIFT + F1 Paste CTRL + V Product List F9 Properties Alt-Enter Select All CTRL + A Show Ports F4 SSH Shift-F5 View Utilization CTRL + U Zoom In CTRL + NumPad+ Zoom Out CTRL + NumPad- Look and feel customization You can configure the Management application
1 Accessibility features for the Management application TABLE 7 Look and feel changes Components Affected Components Not Affected The Menu bar, Tool bar, Status bar, as well as all tables and dialog boxes are affected. All icons and images are not affected. Layout is affected only when it is empty. The Minimap is not affected. 1. Select Server > Options. The Options dialog box displays. 2. Select Look and Feel in the Category list. 3.
PostgreSQL database 1 4. Click Apply or OK to save your work. 5. Click OK on the message. NOTE Changes do not take affect until after you restart the client. PostgreSQL database You can connect to the database using one of the following options: • pgAdmin III • ODBC client • Command line interface Connecting to the database using pgAdmin III To access the PostgreSQL database, complete the following steps. 1. Choose one of the following options: • On Windows systems, launch the dbadmin.
1 PostgreSQL database Connecting to the database using the ODBC client (Windows systems) The Open Database Connectivity (ODBC) driver enables you to configure the data source name (DSN) for the database. To install the ODBC driver and create a new data source, complete the following steps. 1. Double-click edb_psqlodbc.exe located on the DVD (DVD_Drive/Management_Application/odbc/Windows). 2.
PostgreSQL database 1 20. Click Save. 21. Click OK on the ODBC Data Source Administrator dialog box. 22. To export data, select Data > Import External Data > New Database Query and complete the steps in the Data Connection Wizard. Connecting to the database using the ODBC client (Linux systems) NOTE The ODBC driver is not supported on 64-bit Linux systems. You must have the Open Database Connectivity (ODBC) driver to allow remote clients to export data and generate reports.
1 PostgreSQL database Adding the Datasourse on Linux systems Before you edit the INI files, make sure the PostgreSQL database is up and running. NOTE For RedHat and Oracle Enterprise systems, the odbc.ini and odbcinst.ini files are located in /etc. For SUSE systems, the odbc.ini and odbcinst.ini files are located in /etc/unixODBC. 1. Open the odbc.ini file in an editor and enter the datasource information as follows: [TestDB] Description = PostgreSQL 8.4 Driver = /opt/PostgreSQL/psqlODBC/lib/psqlodbcw.
PostgreSQL database 1 5. On the Set up user authentication screen, complete the following steps. a. Enter the database user name in the User name field. b. Select the Password required check box. c. Click Test Connection to test the connection. The Authentication Password dialog box displays. d. Enter the database password in the Password field and click OK. e. Click OK on the Connection Test dialog box.
1 Supported open source software products If the current password and new password are the same, the following message displays: Old and New passwords cannot be same. Use different password and try again. Press any key to continue. If the new password and confirm password do not match, the following message displays: New password and confirm password do not match. Please try again. Press any key to continue. 3. Launch the Server Management Console. 4. Click the Services tab. 5.
Supported open source software products TABLE 9 1 Open source software third-party software products Open Source Software License Type ApacheCommonsLogging 0.4 Apache License v2.0 ApacheCommonsMath 2.0 Apache License v2.0 ApacheCommonsNet 2.0 Apache License v2.0 ApacheCommonsPool 1.5.4 Apache License v2.0 ApacheCommonsValidator 1.3.1 Apache License v2.0 Apache Extras Companion for Apache log4j 1.1 Apache License v2.0 ApacheFTPServer 1.0.3 Apache License v2.0 Apache Log4j 1.2.
1 Supported open source software products TABLE 9 26 Open source software third-party software products Open Source Software License Type JBossApplicationServer 5.1.0 GA LGPL JBossWeb 2.1.9 GNU Lesser General Public License version 3 JCalendar 1.3.3 LGPL v2.1 JCommon 1.0.16 LGPL v2.1 JDOM 1.1.1 Apache Style JFreeChart 1.0.13 LGPL v2.1 JGoodiesForms 1.2.1 BSD JGoodiesLooks 2.2.2 BSD JGraph 5.13.0.1 BSD Style JIDE 2.10.1 JIDE Software License Jmesa 2.4.5 Apache JSON-RPCJava 1.0.
SAN feature-to-firmware requirements 1 SAN feature-to-firmware requirements Use the following table to determine whether the Management application SAN features are only available with a specific version of the Fabric OS firmware as well as if there are specific licensing requirements. TABLE 10 SAN feature to firmware requirements Feature Fabric OS Access Gateway (AG) AG connected to Fabric OS devices requires firmware 5.2 or later. Call Home (Trial and Licensed version Only) Requires Fabric OS 5.
1 TABLE 10 SAN feature-to-firmware requirements SAN feature to firmware requirements Feature Fabric OS Port Fencing (Trial and Licensed version Only) Requires Fabric OS 6.2 or later. Requires Fabric OS 6.3 or later for State Change and C3 Discard Frames violation types. Security Management Requires Fabric OS 5.2 and later for SCC Policy. Requires Fabric OS 5.2 and later for DCC Policy. Requires Fabric OS 5.3 and later for IP Filter Policy. Requires Fabric OS 6.
Chapter 2 Licenses In this chapter • Licenses overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Managed count . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Entering the license key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Upgrading the Management application . . . . . . . . . . . . . . . . . . . . . . . . . . . . • License downgrade . . . . . . . . . . . . .
2 Managed count NOTE Virtual Fabrics are counted as Fabrics when calculating the managed count limits. NOTE IP Enterprise Licensed version can manage up to 5,050 IP products and 100 MPLS products with the appropriate number of device licenses installed. NOTE IP Enterprise Trial version can manage up to 150 IP products and 10 MPLS products with the appropriate number of device licenses installed.
Managed count 2 Managed IP port count calculation NOTE If you exceed the maximum port count for your version, software functionality is impacted and you must reduce the port count using the Discover Setup - IP dialog box or contact your vendor to purchase an additional license for your version. The managed IP port count is calculated using the following rules: • • • • Only ports discovered from the IP tab are counted. The port must be a physical port.
2 Managed count Managed MPLS product count calculation NOTE If you exceed the maximum product count for your version, software functionality is impacted and you must reduce the product count using the Discover Setup - IP dialog box or contact your vendor to purchase an additional license for your version. The managed MPLS product count is calculated using the following rules: • Any device discovered with VLL, LSP, and VPLS configured is counted as an MPLS device.
Entering the license key 2 Entering the license key A license key is required to run the Management application. The license key specifies the expiration date of a trial license, as well as the number of ports allowed. NOTE You are not required to enter a license key for a trial license. If you selected 75 Days Trial during installation, you can use the Management application, including all of its features, for a trial period of 75 days.
2 Upgrading the Management application • Managed Count — The number of managed ports, or products, and fabrics. NOTE Virtual Fabrics are counted as Fabrics when calculating the managed count limits. SAN Enterprise edition supports a maximum of 9,000 ports and 36 fabrics. SAN Professional Plus edition supports a maximum of 2,560 ports and 36 fabrics. Only fabrics and devices discovered from the SAN tab are counted.
Upgrading the Management application TABLE 12 IP upgrade paths Current software release To software release IP Base Trial IP Base Licensed version SAN + IP Enterprise Licensed version IP Base Licensed version (lower count) IP Base Licensed version (higher count) SAN + IP Enterprise Licensed version TABLE 13 2 SAN + IP upgrade paths Current software release To software release SAN + IP Professional SAN Professional Plus + IP Trial or Enterprise Licensed version SAN + IP Enterprise Trial or Lic
2 License downgrade 6. Click Login. 7. Click OK on the Login Banner. NOTE When you launch the Management application or navigate to a new view, the SAN tab displays with a gray screen over the Product List and Topology Map while data is loading. License downgrade You can downgrade from a higher Trial configuration to a licensed version with a lower configuration.
License downgrade 2 Downgrading the edition The following table list the available downgrade paths. TABLE 14 Edition downgrade paths Current software release To software release Enterprise SAN + IP Professional Plus SAN + IP Professional Plus SAN Enterprise SAN Professional Plus SAN + IP Professional Plus SAN Before you downgrade the edition, make sure your application meets the following requirements: • Make sure that your application configuration is within the limit of the licensed version.
2 License downgrade Downgrading the package NOTE You cannot downgrade if the IP discovery profile is running and server backup is in process. The following table list the available downgrade paths.
License downgrade 2 • When you downgrade from SAN + IP to IP only, the SAN network size changes to none, and all network size related parameters (such as, asset collection thread pool size and client and server heap size) are updated. NOTE When you downgrade from SAN + IP to IP only, the IP discovery profile, if scheduled, is disabled during the downgrade. Downgrading the MPLS product count You can downgrade from a license with MPLS to a license without MPLS.
2 License downgrade 2. Browse to the license key file (.xml) in the License Key field and click Update. Depending on your downgrade, one of the following occurs: • A message displays that MPLS products cannot be managed and all MPLS configurations will be deleted to proceed. Click Yes to delete the MPLS configurations automatically. Click No to delete the MPLS configurations yourself. After you manually delete the MPLS configurations, you must rediscover the IP products.
License downgrade 2 To downgrade to a license with fewer or no Ethernet Fabrics, complete the following steps. 1. Select Help > License. The License dialog box displays. 2. Browse to the license key file (.xml) in the License Key field and click Update. A message displays that details the support that will no longer be available after the license update. 3. Click Yes on the message to continue. The client closes after updating the license successfully.
Chapter 3 Patches In this chapter • Installing a patch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 • Uninstalling a patch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44 Installing a patch The patch installer enables you to update the Management application between releases. Each patch installer includes the previous patches within a specific release. For example, patch F (11.X.
3 Uninstalling a patch • Extracts patch files to the Install_Home folder. • Creates a back up (zip) of the original files to be updated and copies the zip file to the Install_Home\patch-backup directory (for example, Install_Home\patch-backup\na_11-3-0a.zip). The first time you apply a patch, the back up patch zip file uses the following naming convention: _-- .zip (for example, Install_Home\patch-backup\na_11-3-0a.zip).
Uninstalling a patch 3 6. Copy the artifact from the extracted folder to the source folder in the Install_Home/patch-backup directory. 7. Repeat step 5 and 6 for all artifacts listed in the restore.xml folder. 8. Go to the Install_Home/conf directory. 9. Open the version.properties file in a text editor. 10. Change the patch version (patch.version) value to the reverted patch (for example, if you are reverting from patch F to patch C then patch.version = c).
Chapter 4 Discovery In this chapter • SAN discovery overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 • DCB discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58 • Viewing the fabric discovery state . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 • Troubleshooting fabric discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59 • SAN Fabric monitoring. . . . .
4 SAN discovery overview SAN discovery overview Discovery is the process by which the Management application contacts the devices in your SAN. When you configure discovery, the application discovers devices connected to the SAN. The application illustrates each device and its connections on the Connectivity Map (topology).
SAN discovery overview 4 FCS policy and seed switches The Management application requires that the seed switch is the primary Fabric Configuration Server (FCS) switch at the time of discovery. Setting time on the fabric will set the time on the primary FCS switch, which will then distribute the changes to other switches.
4 SAN discovery overview Discovering fabrics NOTE Fabric OS devices must be running Fabric OS 5.0 or later. NOTE Only one copy of the application should be used to monitor and manage the same devices in a subnet. NOTE When accessing additional data from the SAN Inventory or SAN Status widgets, it takes a few moments to populate newly discovered products in the SAN Products - Status dialog box (where Status is the section of the widget you selected).
SAN discovery overview FIGURE 8 4 Add Fabric Discovery dialog box (IP Address tab) 3. Enter a name for the fabric in the Fabric Name field. 4. Enter an IP address (IPv4 or IPv6) for a device in the IP Address field. To configure the preferred IP format for the Management application server to connect with Fabric OS devices, refer to “Configuring the preferred IP format” on page 222. If the product has both an IPv4 and IPv6 address, the Management server uses the preferred address.
4 SAN discovery overview For Virtual Fabric discovery device requirements, refer to “Virtual Fabrics requirements” on page 834. To discover a Virtual Fabric device, you must have the following permissions: • Switch user account with Chassis Admin role permission on the physical chassis. • Switch and SNMPv3 user account with access rights to all logical switches (all Fabric IDs (1 - 128). For information about configuring permissions on a Fabric OS device, refer to the Fabric OS Administrator’s Guide.: 5.
SAN discovery overview d. 4 Select the SNMP version from the SNMP Version list. • If you selected v1, continue with step e. • If you select v3, the SNMP tab displays the v3 required parameters. Go to step i. To discover a Fabric OS device (not virtual fabric-capable), you must provide the existing SNMPv3 username present in the switch. To discover a Virtual Fabric device, you must configure SNMPv3 and your SNMP v3 user account must be defined as a Fabric OS switch user.
4 SAN discovery overview Editing the password for multiple devices You can only edit password for Fabric OS devices in the same fabric. To edit the password for multiple devices within the same fabric, complete the following steps. 1. Select Discover > Fabrics. The Discover Fabrics dialog box displays. 2. Select multiple devices within the same fabric from the Discovered Fabrics table. 3. Click Edit. The Fabric_Name Edit Switches dialog box displays. FIGURE 10 Edit Switches dialog box 4.
SAN discovery overview 4 Configuring SNMP credentials 1. Select Discover > Fabrics. The Discover Fabrics dialog box displays. 2. Select an IP address from the Discovered Fabrics table. 3. Click Edit. The Add Fabric Discovery dialog box displays. 4. To revert to the default SNMPv3 settings, click the Automatic option. Go to step 19. 5. To manually configure SNMP, select the Manual option. Go to step 6. 6. Click the SNMP tab. FIGURE 11 7.
4 SAN discovery overview 16. Enter the authorization password in the Auth Password field. • If you selected Configure for 256-Port_Director_Name, go to step 19. • If you did not select Configure for 256-Port_Director_Name, continue with step 17. 17. Select the privacy protocol in the Priv Protocol field. 18. Enter the privacy password in the Priv Password field. 19. Click OK on the Add Fabric Discovery dialog box. If the seed switch is not partitioned, continue with step 20.
SAN discovery overview 4 Removing a fabric from active discovery If you decide you no longer want the Management application to discover and monitor a specific fabric, you can delete it from active discovery. Deleting a fabric also deletes the fabric data on the server (both system collected and user-defined data) except for user-assigned names for the device port, device node, and device enclosure information. To delete a fabric from active discovery, complete the following steps. 1.
4 DCB discovery DCB discovery You can discover DCB devices from both the SAN and IP tabs. The following sections details the differences between discovery from the SAN tab or the IP tab. DCB discovery from the SAN tab • You can discover DCB devices through fabric discovery. • If you discover a fabric that contains DCB devices on the SAN tab, the DCB devices display on the IP tab in the Network Objects, L2 Topology, IP Topology, and VLAN Topology views. Non-DCB devices do not display on the IP tab.
Viewing the fabric discovery state 4 Viewing the fabric discovery state The Management application enables you to view device status through the Discover Setup dialog box. To view the discovery status of a device, complete the following steps. 1. Select Discover > Fabrics. The Discover Fabrics dialog box displays. 2. Right-click a fabric and select Expand All to show all devices in the fabric. The Name field displays the discovery status icons in front of the device name.
4 Troubleshooting fabric discovery Managed count exceeded troubleshooting The following section states possible issues and the recommended solution when you exceed your managed count limits. Problem Resolution If you exceed your managed count limit, the Management application displays a “licensed exceeded” message on the topology.
Troubleshooting fabric discovery Problem 4 Resolution Deleting a fabric Before you can delete a fabric permanently from discovery, you must remove it from active discovery. Refer to “Remove a device from active discovery”. To delete a fabric permanently from discovery, complete the following steps. 1 Select Discover > Fabrics. The managed count exceeded message displays. Managed counts that have been exceeded display with a light red background.
4 SAN Fabric monitoring Problem Resolution At the time of discovery or fabric refresh, the SNMP v3 user account does not have a matching Fabric OS switch user account. This is required to obtain performance statistics from all logical switches. Make sure the SNMP v3 user account is also defined as a Fabric OS switch user. At the time of fabric refresh, the physical chassis is reachable; however, a previously discovered logical switch is not reachable.
SAN Fabric monitoring TABLE 22 Monitor Intervals SAN Size Default Minimum Small 120 seconds (2 minutes) 60 seconds (1 minute) Medium 900 seconds (15 minutes) 120 seconds (2 minutes) Large 1800 seconds (30 minutes) 180 seconds (3 minutes) 4 To change the monitoring interval, refer to “Configuring asset polling” on page 219. Stop monitoring of discovered fabrics NOTE Monitoring is not supported on Hosts.
4 SAN Fabric monitoring • Does not perform any scheduled or on demand operations (other than monitor) on the switch. • Removes the switch from product list, topology, and all feature dialog boxes. • Displays the switch in the Discovery Fabrics dialog box with the unmonitored icon and prefixes “Unmonitored” to the discovery status.
SAN Fabric monitoring 4 • Fabric Name — The name of the associated fabric. • Status — Whether the unmonitor was successful or failed. • Reason — The reason for the failure. Blank for success. 4. Click Close on the Unmonitor Status dialog box. 5. Click Close on the Discover Fabrics dialog box. Resume monitoring of discovered fabrics NOTE Monitoring is not supported on Hosts. To monitor a fabric and all associated devices, complete the following steps. 1. Select Discovery > Fabrics.
4 SAN Seed switch SAN Seed switch The seed switch must be running a supported Fabric OS version and must be HTTP-reachable. Sometimes, the seed switch is auto-selected, such as when a fabric segments or when two fabrics merge. Other times, you are prompted (an event is triggered) to change the seed switch, such as in the following cases: • If, during fabric discovery, the Management application detects that the seed switch is not running a supported version, you are prompted to change the seed switch.
SAN Seed switch 4 Seed switch requirements The seed switch must be running Fabric OS 5.0 or later. For a complete list of all supported Fabric OS hardware, refer to “Supported hardware and software” on page lvi. Seed switch failover The Management application collects fabric-wide data (such as, fabric membership, connectivity, name server information, zoning, and so on) using the seed switch.
4 IP discovery overview 3. Click Seed Switch. If the fabric contains other switches that are running the latest version and are also HTTP-reachable from the Management application, the Seed Switch dialog box appears. Otherwise, a message displays that you cannot change the seed switch. 4. Select a switch to be the new seed switch from the Seed Switch dialog box. You can select only one switch. Only switches that are running the latest Fabric OS version in the fabric are displayed.
IP discovery overview 4 • If you did not configure discovery to prefer loopback addresses, the original IP address used to discover the product is the primary IP address of the product. The primary address is the address that appears on the Network Object Manager and other configuration and display panels in the Management application. The Management application provides two types of discovery, simple discovery and profile-based discovery.
4 IP discovery overview Similarly, if you configure discovery to search for neighbor addresses (refer to “Configuring advanced discovery profile preferences” on page 116), the third query scans the device’s SNMP LLDP, FDP, and CDP tables. Any neighbor IP address is added to the list of candidate IP addresses to probe. Discovery adds any IP address from the LLDP, FDP, and CDP tables to the list of candidate IP addresses.
IP discovery overview 4 MIB support IP discovery requires SNMP management information base (MIB) support on the device for management information collection. For a list of required MIBs, refer to Table 23 on page 71 or Table 24 on page 73. TABLE 23 Required MIB support for IronWare OS devices IETF standard MIB name N/A Brocade MIB IEEE 802.1AB LLDP-MIB lldpObjects.lldpRemoteSystemsData For Layer 2 topology information: Entire lldpObjects.lldpRemoteSystemsData RFC 1213 MIB-II mib-2.
4 IP discovery overview TABLE 23 Required MIB support for IronWare OS devices (Continued) IETF standard MIB name Required MIB object Data collected RFC 2863 IF-MIB ifMIBObjects.ifXTable From ifMIBObjects.ifXTable for interface level information: • ifName/ifDescr • ifAlias • ifType • ifMtu • ifSpeed • ifPhysAddress • ifAdminStatus • ifOperStatus • ifLastChange RFC 4363 Q-BRIDGE-MIB dot1qVlan.dot1qPortVlanTable For VLAN information: Entire dot1qVlan.
IP discovery overview 4 Table 24 provides a list of MIB support required for third-party devices. TABLE 24 Required MIB support for third-party devices IETF standard MIB name Required MIB object Data collected RFC 1213 MIB-II mib-2.system mib-2.interfaces.ifTable mib-2.ip.ipAddrTable From mib-2.interfaces.ifTable for interface level information: • ifName/ifDescr • ifAlias • ifType • ifMtu • ifSpeed • ifPhysAddress • ifAdminStatus • ifOperStatus • ifLastChange From mib-2.ip.
4 VDX/VCS discovery TABLE 24 Required MIB support for third-party devices (Continued) IETF standard MIB name Required MIB object Data collected RFC 4133 ENTITY-MIB entPhysicalTable entAliasMappingTable (if available) For module (line card) information: Entire entPhysicalTable Entire entAliasMappingTable, if available RFC 4293 IP-MIB mib2.ip.
VDX/VCS discovery 4 VCS devices use the following to determine reachability: • Reachable — The VDX/VCS product is online and is accessible by ICMP, Netconf, and SNMP; therefore, it is reachable. • Degraded Link — The VDX/VCS product is not accessible by one of the following: ICMP, Netconf, or SNMP. • Not Reachable — The VDX/VCS product is offline and is not accessible by any of the following: ICMP, Netconf, and SNMP. The following sections detail the VDX/VCS discovery behavior.
4 VDX/VCS discovery • When you discover any member in a VCS fabric through individual IP device discovery, that member acts as the seed switch and discovers all other members in the VCS fabric. The principal switch of the VCS fabric displays as a VCS fabric. The VCS fabric members display as individual L2 (DCB) devices.
Logical chassis cluster mode discovery 4 VCS fabric split and merge • If the seed switch looses connectivity with the VCS fabric but is still reachable from the Management application, the Management application selects another member of the VCS fabric to act as the seed switch and manages the original seed switch as a separate VCS fabric. When the original seed switch rejoins the original VCS fabric, the Management application uses the original seed switch as the seed switch for the merged VCS fabric.
4 Logical chassis cluster mode discovery • Uses the IP address of any member of the logical chassis cluster for discovery. • Sets the cluster IP address to the IP address of the principal node. NOTE You can change the principal node for the cluster by running the logical-chassis principal-priority command from the NOS prompt. For more information, refer to the Network OS Command Reference.
Logical chassis cluster mode discovery 4 Administratively removing a node from a logical chassis cluster You can remove a node from a logical chassis cluster by using the Network OS command line interface. For instructions, refer to the Network OS Administrator’s Guide and the Network OS Command Reference, versions 4.0 or later. Once the node is removed, all configurations corresponding to that node are removed from the cluster configuration database.
4 HyperEdge stack discovery FIGURE 15 Discover Setup - IP dialog box after rediscovery How the Management application handles a cluster mode change In Network OS release 4.0, an administrator can change the mode of a cluster from fabric cluster mode to logical chassis cluster mode, and vice versa. For instructions, refer to the Network OS Administrator’s Guide and the Network OS Command Reference. NOTE All cluster-specific configurations are lost during a cluster-mode change.
Configuring IP profile discovery 4 Configuring IP profile discovery NOTE You must have the All IP Products AOR (area of responsibility) in your user account to discover new products. For more information about user accounts, refer to “User accounts” on page 241. To configure profile discovery, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays.
4 Configuring IP simple discovery 2. Click the Global Settings tab. a. To set SNMP credentials, refer to “IP SNMP credentials” on page 83. b. To configure default user names and passwords, refer to “Default IP user credentials” on page 89. c. To configure global setting preferences, refer to “Defining global setting preferences” on page 97. 3. Click the Profiles tab. a. To create a discovery profile, refer to “IP discovery profiles” on page 101. b.
IP SNMP credentials 4 IP SNMP credentials NOTE The Management application supports SNMPv1, SNMPv2c, and SNMPv3. The Management application requires SNMP credentials to obtain information from devices and to deploy configurations to devices. Because different devices may have different credentials, discovery can store many sets of credentials to make sure that the correct credentials are available when contacting a device.
4 IP SNMP credentials 4. Enter a unique label to identify the community string in the Display Label field of the Add/Edit Read-Write Community Strings list. This label can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. 5. Enter the unique community string in the Community Strings field. The community string can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. The string displays as asterisks. 6.
IP SNMP credentials 4 4. Enter a unique label to identify the credentials in the Display Label field of the Add/Edit SNMPv3 Read-Write Credentials area. This label can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. 5. Enter the SNMPv3 user name in the User ID field. The user name can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. 6.
4 IP SNMP credentials Editing SNMPv1 and SNMPv2c credentials To edit a SNMPv1 or SNMPv2c read-write community string, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Global Settings tab. 3. Click the SNMP tab. 4. Select the community string you want to edit in the Selected Read-Write Community Strings list and click the left arrow button. The selected credentials display in the Add/Edit Read-Write Community Strings area. 5.
IP SNMP credentials 4 4. Select the SNMPv3 credentials you want to edit in the Selected SNMPv3 Read-Write Credentials list and click the left arrow button. The selected credentials display in the Add/Edit SNMPv3 Read-Write Credentials area. 5. Enter a unique label to identify the credentials in the Display Label field of the Add/Edit SNMPv3 Read-Write Credentials area. This label can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. 6.
4 IP SNMP credentials Reordering SNMP credentials in the list Discovery probes the network for devices, according to the order in the list of SNMPv3 read-write credentials or SNMPv1 or SNMPv2c read-write community strings. Discovery uses the first item to find devices that are associated with those credentials or community strings, then continues down the list. Therefore, place the most commonly used credentials or community strings first.
Default IP user credentials 4 Default IP user credentials The Management application uses default user names and passwords to access devices when contacting these devices through the command line interface (CLI) on the network. You can enter a list of default names and passwords in the Management application before running discovery. Discovery uses this list to contact devices to determine the correct user name and password for the device.
4 Default IP user credentials FIGURE 19 Default Passwords 4. Enter a login prompt user name and password by selecting Read/Write Login Prompt from the Credential Type list and completing the following steps. FIGURE 20 a. Read/Write Login Prompt Enter a unique label to identify the credentials in the Display Label field. This label can be from 1 through 200 characters long, case sensitive, and allows all printable ASCII characters. 90 b. Enter the user name in the User ID field. c.
Default IP user credentials 4 5. Enter an enable prompt user name and password by selecting Read/Write Enable Prompt from the Credential Type list and completing the following steps. FIGURE 21 a. Read/Write Enable Prompt Enter a unique label to identify the credentials in the Display Label field. This label can be from 1 through 200 characters long, case sensitive, and allows all printable ASCII characters. b. Enter the user name in the User ID field. c.
4 Default IP user credentials 8. Click Close to close the Discover Setup - IP dialog box. 9. Click Yes on the confirmation message. Editing login prompt user credentials To edit a login prompt user name and password, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Global Settings tab. 3. Click the Default Passwords tab. 4. Select Read/Write Login Prompt from the Credential Type list. 5.
Default IP user credentials 4 6. Edit the unique label to identify the credentials in the Display Label field. This label can be from 1 through 200 characters long, case sensitive, and allows all printable ASCII characters. 7. Edit the user name in the User ID field. 8. Edit the user password in the Password field. 9. Click the right arrow button. 10.
4 Default IP user credentials Reordering user credentials in the list Discovery tries the user credentials in order until one set of credentials is found that works, so place the most common ones first. To rearrange the user credentials, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Global Settings tab. 3. Click the Default Passwords tab. 4.
IP Object identifier filters 4 IP Object identifier filters The object identifier (OID) filter allows you to select which product types to include or exclude from discovery. If you add a third-party product OID to the Included Product Types list during discovery and later move it to the Excluded Product Types list, note that you will not be able to discover a new device with that product OID.
4 IP Object identifier filters 5. In the top Add/Edit Product Types area, choose one of the following options: • Enter the device’s sysObjectID you want to include in the Product Type list. • Select an existing device sysObjectID from the Product Type list. Table 26 lists the default third party product types. TABLE 26 Default third-party product types Product sysObjectID Vendor .1.3.6.1.4.1.9. Cisco .1.3.6.1.4.1.4874. Juniper .1.3.6.1.4.1.2636.1. Juniper 6.
Defining global setting preferences 4 Deleting product types from the list To delete an entry from the Included Product Types or Excluded Product Type list, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Global Settings tab. 3. Click the OID Filter tab. 4. Select an entry from the Included Product Types or Excluded Product Type list and click the left arrow button. 5. Click Apply to save your work. 6.
4 Defining global setting preferences 5. Select one of the following Ping Type options: • ICMP Ping (default). Go to step 7. • TCP Ping. Continue with step 6. 6. Enter the TCP port number (from 1 through 65536) in the TCP Ping Port field. The default is 23. 7. Enter the number of times (from 0 through 10) to ping the device when ping is unsuccessful in the Ping Retries field. The default is 0. 8. Select the Enable lazy polling check box to periodically rediscover all devices in the database.
Configuring event-based collection 4 12. Select the Prefer loopback addresses for products check box to enable discovery to choose an IP address associated with a router loopback interface to be the router primary IP address. Clear the check box to configure discovery to select the original IP address used to discover the device. 13. Select the Import SSL Certificate and Key check box to enable discovery to download and synchronize certificates from SSL capable Application products. 14.
4 Configuring event-based collection d. Select the Enable event triggered polling check box to enable adaptive discovery on the predefined SNMP traps. NOTE This settings cannot be disabled for DCB switches. NOTE Network OS devices must be running version 4.0 or later to enable this setting. NOTE For Network OS devices, adaptive discovery is also performed for Syslog events. The lazy polling function sends login and log messages to the Master Log and the switch console.
IP discovery profiles 4 IP discovery profiles NOTE You cannot configure a discovery profile if you do not have the All IP Products AOR (area of responsibility) in your user account. A discovery profile contains the settings you configure when discovery is run. These settings include address range parameters, ping sweep parameters, SNMP settings, default passwords, and other settings. The Management application is shipped with a default discovery profile named “Default”.
4 IP discovery profiles FIGURE 25 Profile tab 3. Click Add. A new row (named “new_profile”) displays in the Discovery Profiles table. 4. Click “new_profile” in the Profile Name field to enter a unique name for the profile. This name can be from 1 through 255 characters long, case sensitive, and allows all printable ASCII characters. 5. Click the Address Ranges tab to configure address ranges for the profile. For step-by-step instructions, refer to “Configuring address ranges” on page 104. 6.
IP discovery profiles 4 9. Click Apply to save your changes. 10. Click Close to close the Discover Setup - IP dialog box. 11. Click Yes on the confirmation message. Duplicating a discovery profile NOTE You cannot duplicate a discovery profile if you do not have the All IP Products AOR (area of responsibility) in your user account. NOTE DCB devices discovered through Fabric discovery (from the SAN tab) are automatically added to IP discovery during rediscovery.
4 IP discovery profiles Configuring address ranges NOTE DCB devices discovered through Fabric discovery (from the SAN tab) are automatically added to IP discovery during rediscovery. To include and exclude addresses from profile discovery, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Profiles tab 3. Select the profile you want to edit in the Discovery Profiles table and click the Address Ranges tab. 4.
IP discovery profiles 4 Adding CIDR subnet addresses To add CIDR subnet addresses (IPv4 and IPv6), complete the following steps. 1. Select CIDR Subnet from the Entry Type list. FIGURE 26 Include CIDR Subnet 2. Enter the IP address in the IP Address field. 3. Enter the number of subnet mask bits in the Subnet Mask Bits field. For IPv4, the number of subnet mask bits is from 0 through 32. For IPv6, the number of subnet mask bits is from 0 through128. 4.
4 IP discovery profiles Adding IP addresses To add an IP address range (IPv4 and IPv6), complete the following steps. 1. Select IP Address from the Entry Type list. FIGURE 28 Include Address Range 2. Enter the first IP address in the range in the first IP Address field. 3. Enter the last IP address in the range in the second IP Address field. 4. To exclude an address range using the IP Address format, refer to “Excluding IP addresses” on page 107. 5.
IP discovery profiles 4 Excluding subnet addresses To exclude subnet addresses (IPv4 only), complete the following steps. 1. Select Subnet from the Entry Type list. FIGURE 30 Exclude Subnet 2. Enter the IP address in the IP Address field. 3. Enter the subnet mask in the Subnet Mask field. 4. To include an address range using the Subnet format, refer to “Adding subnet addresses” on page 105. 5. To finish configuring the address ranges, return to “Configuring address ranges” on page 104.
4 IP discovery profiles Editing address ranges NOTE DCB devices discovered through Fabric discovery (from the SAN tab) are automatically added to IP discovery during rediscovery. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Profiles tab 3. Select the profile you want to edit in the Discovery Profiles table and click the Address Ranges tab. 4. To edit an included address range, select the address range you want to edit in the Included IP Addresses list. 5.
IP discovery profiles 4 Editing CIDR subnet addresses To edit the CIDR subnet address (IPv4 and IPv6) range, complete the following steps. 1. Change the IP address in the IP Address field. 2. Change the number of subnet mask bits in the Subnet Mask Bits field. For IPv4, the number of subnet mask bits is from 0 through 32. For IPv6, the number of subnet mask bits is from 0 through 128. 3. To finish editing the address ranges, return to “Editing address ranges” on page 108.
4 IP discovery profiles 3. Select the profile you want to edit in the Discovery Profiles table and click the Scheduling tab. FIGURE 32 Scheduling tab 4. Choose one of the following options to configure the frequency at which discovery runs for the profile: • To configure discovery to run only once, refer to “Configuring a one-time discovery schedule” on page 110. • To configure hourly discovery, refer to “Configuring an hourly discovery schedule” on page 111.
IP discovery profiles 4 2. Select the time of day you want discovery to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 3. Click the Date list to select a date from the calendar. 4. Click the right arrow button to add the schedule to the Scheduled Discovery Cycles list. 5. To finish configuring the discovery schedule, return to “Scheduling discovery” on page 109.
4 IP discovery profiles Configuring a weekly discovery schedule To configure a weekly discovery schedule, complete the following steps. 1. Select Weekly from the Frequency list. FIGURE 36 Scheduling tab - Weekly 2. Select the time of day you want discovery to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 3. Select the day you want discovery to run from the Day of the Week list. 4.
IP discovery profiles 4 Configuring a yearly discovery schedule To configure a yearly discovery schedule, complete the following steps. 1. Select Yearly from the Frequency list. FIGURE 38 Scheduling tab - Yearly 2. Select the time of day you want discovery to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 3. Click the Date list to select a date from the calendar. 4.
4 IP discovery profiles Editing a discovery schedule To edit a discovery schedule, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Profiles tab 3. Select the profile you want to edit in the Discovery Profiles table and click the Scheduling tab. 4. Select the schedule you want to edit from the Scheduled Discovery Cycles list. 5. Click the left arrow button to display the schedule in the Add/Edit Schedules area. 6.
IP discovery profiles 4 Editing an hourly discovery schedule To edit an hourly discovery schedule, complete the following steps. 1. Select the minute past the hour you want discovery to run from the Minutes past the Hour list. Where the minute value is from 00 through 59. 2. Click the right arrow button to add the schedule to the Scheduled Discovery Cycles list. 3. To finish editing the discovery schedule, return to “Editing a discovery schedule” on page 114.
4 IP discovery profiles Editing a yearly discovery schedule To edit a yearly discovery schedule, complete the following steps. 1. Select the time of day you want discovery to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 2. Click the Date list to select a date from the calendar. 3. Click the right arrow button to add the schedule to the Scheduled Discovery Cycles list. 4.
IP discovery profiles 4 5. Enter the name of the file that contains specific IP addresses to probe in the Discovery Address File field. The file supports both IPv4 and IPv6 addresses. This file must be located in the Install_Home\conf\discovery\ip folder on the server. The default file is the discovery_addrs.txt file; however, you can create additional files. To create a discovery address file, refer to “Creating a discovery address file” on page 117. 6.
4 IP discovery profiles #this file, as long as they are not # excluded by any scoping restrictions. # 10.1.2.54 10.55.2.68 3. Select File > Save. 4. Browse to the Install_Home\conf\discovery\ip folder. This file must be saved to the Install_Home\conf\discovery\ip folder on the server. 5. Enter a name for the file. 6. Click Save. Starting discovery manually To start discovery for a profile, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2.
IP discovery profiles 4 Stopping discovery To stop discovery for a profile, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Profiles tab. 3. Select the discovery profile on which you want to stop discovery in the Discovery Profiles table and click Stop. 4. Click Close to close the Discover Setup - IP dialog box. 5. Click Yes on the confirmation message.
4 IP discovery profiles 4. Click Close to close the Discover Setup - IP dialog box. 5. Click Yes on the confirmation message. E-mailing discovery reports To e-mail a report for a discovery profile, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Profiles tab. 3. Select the discovery profile for which you want to e-mail a report in the Discovery Profiles table and click Report. 4.
Individual IP device discovery 4 8. Click Close to close the Discover Setup - IP dialog box. 9. Click Yes on the confirmation message. Viewing the discovery log The discovery log displays the status of the current discovery activity. To configure the discovery log size, refer to “Defining global setting preferences” on page 97. To view the discovery log, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Click the Profiles tab. 3.
4 Individual IP device discovery 2. Click Add. The Add product dialog box displays. FIGURE 40 Add product dialog box 3. Choose one of the following options: • Enter the IP address (IPv4 or IPv6) of the IP device in the Network Address field. • Enter the host name or DNS name (up to 64 characters) of the IP device in the Network Address field. NOTE The Management application does not validate the Network address until you save your work. 4.
Individual IP device discovery FIGURE 41 b. 4 SNMPv3 credentials Enter the SNMPv3 user name in the User ID field. The user name can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. c. Select one of the following protocols from the Authentication Protocol list: • None • HMAC_MD5 • HMAC_SHA d. Enter the SNMPv3 authentication password in the Authentication Password field.
4 Individual IP device discovery d. Enter the SNMPv3 authentication password in the Authentication Password field. The password can be from 8 through 16 characters long, case sensitive, and allows all printable ASCII characters. The password display as asterisks. e. Select one of the following privacy protocol types from the Privacy Protocol list: • None • CBC-DES • CFB_AES-128 If you select a privacy protocol, the selected protocol encrypts the SNMP request and response packets. f.
Individual IP device discovery 4 9. Configure the Read/Write credentials by completing the following steps. a. Click the Read/Write Credentials tab. FIGURE 43 b. Read/Write credentials Enter the unique user name in the Login Prompt User Name field. The user name can be from 1 through 200 characters long, case sensitive, and allows all printable ASCII characters. c. Enter the password in the Login Prompt Password field.
4 Individual IP device discovery 3. Click Edit. The Edit product dialog box displays. 4. Select one of the following options: • Try only configured Discovery SNMP settings — Select to use the SNMP settings configured in the Global Settings tab to contact the device. • Also try these settings — Select to use specific SNMP settings to contact the device.
Individual IP device discovery e. 4 Select one of the following privacy protocol types from the Privacy Protocol list: • None • CBC-DES • CFB_AES-128 If you select a privacy protocol, the selected protocol encrypts the SNMP request and response packets. f. Enter the privacy password in the Privacy Password field. The password can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. The password display as asterisks. 6.
4 Individual IP device discovery FIGURE 45 b. SNMPv1/v2c settings Enter the unique community string in the Community field. The community string can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. The string displays as asterisks. NOTE If you do not enter a community string in the field, discovery uses the "public" and "private" community strings to probe the devices. 8.
Individual IP device discovery c. 4 Change the unique user name in the Login Prompt User Name field. The user name can be from 1 through 200 characters long, case sensitive, and allows all printable ASCII characters. d. Change the password in the Login Prompt Password field. The password can be from 1 through 200 characters long, case sensitive, and allows all printable ASCII characters. The password display as asterisks. e. Change the unique user name in the Enable Prompt User Name field.
4 Individual IP device discovery 11. Change the Read Only credentials by completing the following steps. NOTE These credentials are not applicable for DCB, VDX, or VCS devices. a. Click the Read Only Credentials tab. FIGURE 48 a. Read Only credentials Change the unique user name in the Login Prompt User Name field. The user name can be from 1 through 16 characters long, case sensitive, and allows all printable ASCII characters. b. Change the password in the Login Prompt Password field.
Host discovery 4 Deleting IP devices from discovery To delete one or more IP devices from discovery, complete the following steps. 1. Select Discover > IP Products. The Discover Setup - IP dialog box displays. 2. Select the IP devices you want to remove from discovery in the Discovered Products table. Select multiple devices by holding down the CTRL key and clicking more than one device. NOTE You cannot delete an active member from a VCS fabric. 3. Click Delete.
4 Host discovery FIGURE 49 Discover Host Adapters dialog box 2. Click Add. The Add Host Adapters dialog box displays. FIGURE 50 Add Host Adapters dialog box 3. (Optional) Enter a discovery request name (such as, Manual 06/12/2009) in the Discovery Request Name field. 4. Select Network Address from the list. 5. Enter the IP address (IPv4 or IPv6 formats) or host name in the Network Address field. 6. Click Add. The IP address or host name of the Host displays in the Host List.
Host discovery 7. 4 Configure Host credentials by choosing one of the following options: • To configure HCM agent credentials, select the HCM agent option. Go to step 9. • To configure CIM server credentials, select the CIM server (ESXi only) option. Continue with step 8. If you do not need to configure Host credentials, skip to step 13. 8. Configure discovery authentication by choosing one of the following options: • To configure discovery with authentication, select the HTTPS from the Protocol list.
4 Host discovery FIGURE 51 Add Host Adapters dialog box 3. Enter a discovery request name (such as, MyFabric) in the Discovery Request Name field. 4. Click Import. The Open dialog box displays. 5. Browse to the CSV file location. The CSV file must meet the following requirements: • Comma separated IP address or host names • No commas within the values • No escaping supported For example, XX.XX.XXX.XXX, XX.XX.X.XXX, computername.company.com 6. Click Open.
Host discovery 4 10. Enter the port number in the Port field. HCM agent default is 34568. CIM server HTTPS default is 5989. CIM server HTTP default is 5988. 11. Enter your username in the User ID field. HCM agent default is admin. Leave this field blank for the CIM server. 12. Enter your password Password field. HCM agent default is password. Leave this field blank for the CIM server. 13. Click OK on the Add Host Adapters dialog box. If an error occurs, a message displays.
4 Host discovery 6. Click Add. All hosts which are part of a managed fabric and have a registered host name display in the list. If no host with a registered host name exists, an error message displays. Click OK to close the error message. 7. Configure Host credentials by choosing one of the following options: • To configure HCM agent credentials, select the HCM agent option. Go to step 9. • To configure CIM server credentials, select the CIM server (ESXi only) option. Continue with step 8.
Host discovery FIGURE 53 4 Add Host Adapters dialog box 3. Enter a discovery request name (such as, MyVMManager) in the Discovery Request Name field. 4. Select Hosts from VM Manager from the import by list. 5. Select All VM or an individual VM from the list. 6. Click Add. All hosts which are part of a discovered VM manager and have a registered host name display in the list. If no host with a registered host name exists, an error message displays. Click OK to close the error message. 7.
4 Host discovery 12. Click OK on the Add Host Adapters dialog box. If an error occurs, a message displays. Click OK to close the error message and fix the problem. A Host Group displays in Discovered Hosts table with pending status. To update the status from pending you must close and reopen the Discover Host Adapters dialog box. 13. Click Close on the Discover Host Adapters dialog box. Editing Host adapter credentials To edit Host credentials, complete the following steps. 1.
Host discovery 4 Removing a host from active discovery If you decide you no longer want the Management application to discover and monitor a specific host, you can delete it from active discovery. Deleting a host also deletes the host data on the server (both system collected and user-defined data) except for user-assigned names for the device port, device node, and device enclosure information. To delete a host from active discovery, complete the following steps. 1. Select Discover > Host Adapters.
4 Host discovery Viewing the host discovery state The Management application enables you to view device discovery status through the Discover Host Adapters dialog box. To view the discovery status of a device, complete the following steps. 1. Select Discover > Host Adapters. The Discover Host Adapters dialog box displays. 2. Right-click the Hosts node select Expand All to show all devices. The Name field displays the discovery status icons in front of the device name.
VM Manager discovery 4 2. If the host is responding to ping, but discovery still fails, verify that HCM agent is up or not by browsing to the following URL: https://Host_IP_Address:34568/JSONRPCServiceApp/JSON-RPC If HCM agent is running and reachable, you should receive a prompt of credentials and then show an Error 500 (No Reason) result page. 3. Verify that firewall port 34568 is open. There are firewall issues with the HCM Agent on Windows 2008 and VMware systems.
4 VM Manager discovery FIGURE 55 Discover VM Managers dialog box 2. Click Add. The Add VM Manager dialog box displays. FIGURE 56 Add VM Manager dialog box 3. Enter the IP address or host name in the Network Address field. 4. Enter the VM manager port number in the Port field. 5. Enter the VM manager username in the User ID field. 6. Enter the VM manager password Password field. 7.
VM Manager discovery 4 8. Select the Forward event to vCenter check box to enable event forwarding from the Management application to vCenter. Clear to disable event forwarding. 9. Click OK on the Add VM Manager dialog box. If an error occurs, a message displays. Click OK to close the error message and fix the problem. A VM manager displays in Discovered VM Managers table with pending status. To update the status from pending you must close and reopen the Discover VM Managers dialog box. 10.
4 VM Manager discovery 8. Click OK on the Edit VM Manager dialog box. If an error occurs, a message displays. Click OK to close the error message and fix the problem. 9. Refresh the Discover VM Managers list by clicking Refresh. 10. Click Close on the Discover VM Managers dialog box. Excluding a host from VM manager discovery To exclude host from VM manager discovery complete the following steps. 1. Select Discover > VM Managers. The Discover VM Managers dialog box displays. 2.
VM Manager discovery 4 Rediscovering a previously discovered VM manager To return a VM manager to active discovery, complete the following steps. 1. Select Discover > VM Managers. The Discover VM Managers dialog box displays. 2. Select the VM manager you want to return to active discovery in the Previously Discovered Addresses table. 3. Click Discover. 4. Click OK on the confirmation message. The rediscovered VM manager displays in the Discovered VM Managers table. 5.
4 IP Rediscovery The following are samples of actual ESX host status messages: • • • • Active Discovery pending, Excluded, Conflict – Existing Host 3. Refresh the Discover VM Managers list by clicking Refresh. 4. Click Close on the Discover VM Managers dialog box. Troubleshooting VM manager discovery If you encounter discovery problems, complete the following checklist to ensure that discovery was set up correctly. Verify IP connectivity by issuing a ping command to the switch. 1.
IP Rediscovery 4 For VCS devices, rediscovery depends on what part of the fabric you select to rediscover. • If you select the VCS fabric, rediscovery refreshes the membership information. • If you select a VCS member, rediscovery refreshes the asset data for the selected member. • If you select a missing VCS member, rediscovery triggers the discovery of a new fabric (VCS-enabled) or a standalone VDX switch (VCS-disabled). 3. Click Rediscover. The Rediscover product dialog box displays.
4 IP Rediscovery Rediscovering a group To rediscover all devices in a group, complete the following steps. 1. Select the IP tab. 2. Select the group you want to rediscover in the Product List. You can select one group at a time. 3. Click Rediscover on the Product List toolbar. The Rediscover product dialog box displays. If you selected more than 10 devices, the client only sends the first 10 devices to the server.
Chapter Management Groups 5 In this chapter • Management groups overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 • Product group overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150 • Port Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
5 Product group overview • To filter the Network Objects Product List, refer to “Filtering devices in the Network Objects Product List” on page 413. • To update device configuration information on the Network Object view, refer to “IP Rediscovery” on page 146. Product group overview Once devices display in the Network Object view, you can associate the devices with a group. Product groups allow you to monitor and manage multiple devices at one time.
Product group overview 5 Product Type Serial # Status Vendor Model Firmware Build Label Location Contact Description User_defined_property1 (up to 3) Static product groups You can define a static product group by selecting the product you want to include in the group. Creating a static product group To create a product group, complete the following steps. 1. Select Network Objects from the view list on the Product List toolbar. 2.
5 Product group overview 6. Add products to the group by selecting the product in the Available Products list and clicking the right arrow button. NOTE You can add a standalone VDX product or a VCS fabric to a user-defined Product Group; however, the VCS fabric members are not included with the group. The selected products move from the Available Products list to the Selected Products list. 7.
Product group overview 5 Duplicating a static product group To duplicate a product group, complete the following steps. 1. Select Network Objects from the view list on the Product List toolbar. 2. Right-click the product group you want to duplicate in the Product List and select Duplicate Group. The Add Product Group dialog box displays. 3. Edit the name for the product group in the Name field. 4. Edit the description for the product group in the Description field. 5.
5 Product group overview Creating a dynamic product group To create a dynamic product group, complete the following steps. 1. Select Network Objects from the view list on the Product List toolbar. 2. Select Add Product Group > Dynamic from the Grouping list on the Product List toolbar. The Add Product Group - Dynamic dialog box displays. FIGURE 59 Add Product Group - Dynamic dialog box 3. Enter a unique name for the product group in the Name field. 4.
Product group overview • • • • • 5 Build Label Location Contact Description User_defined_property1 (up to 3) 8. Select one of the following from the Operator list. • Equals (valid for Regular Expression or Value type) • Not Equals (valid for Regular Expression or Value type) • Starts With (only valid for Value type) Not available if you select Status or Product Type from the Property list.
5 Product group overview 10. Select Value or Regular Expression from the Type list To enter another set of criteria, click Insert. A new row displays in the Group Criteria table. Continue with step 11. To test the group criteria, click Test. The Management application uses the group criteria to search the available products in your AOR. The products that meet the criteria display in the Test Results. table. For detailed information about the test results, refer to “Viewing test results” on page 157.
Product group overview 5 Duplicating a dynamic product group To copy a dynamic product group, complete the following steps. 1. Select Network Objects from the view list on the Product List toolbar. 2. Right-click the product group you want to edit in the Product List and select Duplicate Group. The Add Product Group - Dynamic dialog box displays. 3. Change the name for the product group in the Name field. 4. Change the description for the product group in the Description field. 5.
5 Product group overview • Description — The description of the product. • User_defined_property1 (up to 3) — A user-defined product property value. You can create up to 3 user-defined properties (refer to “Properties customization” on page 1990). Viewing product group properties To view group properties, complete the following steps. 1. Select Network Objects from the view list on the Product List toolbar. 2.
Port Groups 5 TABLE 28 Field/Component Description Firmware The firmware version of the product. Build Label The firmware build number. Location The physical location of the product. Contact The name of the person or group you should contact about the product. Description The description of the product. Connected AP Count The number of connected AP. User_defined_property (up to 3) A user-defined product property value.
5 Port Groups Creating a port group To create a port group, complete the following steps. 1. Select Network Objects from the view list on the Product List toolbar. 2. Select Add Port Group from the Grouping list on the Product List toolbar. The Add Port Group dialog box displays. 3. Enter a unique name for the port group in the Name field. 4. Enter a description for the port group in the Description field. 5. Select one of the following options: • All Ports — Select to display all ports.
Port Groups 5 5. Select one of the following options: • All Ports — Select to display all ports. • Ports Connected to APs — Select to display only ports connected to an access point (AP). 6. Add ports to the group by selecting the port in the Available Ports list and clicking the right arrow button. NOTE The Management port, peri port, and stack ports are not included in the Available Ports list. The selected ports move from the Available Ports list to the Selected Ports list.
5 Port Groups 6. Add ports to the group by selecting the port in the Available Ports list and clicking the right arrow button. NOTE The Management port, peri port, and stack ports are not included in the Available Ports list. The selected ports move from the Available Ports list to the Selected Ports list.
Port Groups 5 TABLE 29 Field/Component Description MAC Address The MAC Address of the port. Port Status The status of the port. Port State The state of the port. Type The port type. Speed The Speed of the port. L2/Tag Mode Indicates whether L2 tag mode is enabled or disabled. If enabled, indicates whether the port is tagged, untagged, or dual. Untagged VLAN ID The untagged VLAN identifier of the port. Duplex Mode The duplex mode of the port, such as auto-sense, full-duplex, or none.
Chapter 6 Application Configuration In this chapter • Server Data backup. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Server Data restore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN display settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN End node display . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6 Configurable preferences • SAN End Node Display — Use to display (or turn off display of) end nodes on the Connectivity map for newly discovered fabrics. Disabling end node display limits the Connectivity map to switch members only. For more information, refer to “SAN End node display” on page 176. • SAN Ethernet Loss Events — Use to enable events for a loss of ethernet connection to SAN switches. For more information, refer to “SAN Ethernet loss events” on page 177.
Server Data backup 6 Server Data backup The Management application helps you to protect your data by backing it up automatically. Backup is a service process that periodically copies and stores application files to an output directory. The output directory is relative to the server and must use a network share format to support backup to the network. The data can then be restored, as necessary. NOTE Backing up data takes some time.
6 Server Data backup Back up directory structure overview The Management server backs up data to two alternate folders. For example, if the backup directory location is D:\Backup, the backup service alternates between two backup directories, D:\Backup\Backup and D:\Backup\BackupAlt. The current backup is always D:\Backup and contains a complete backup of the system. The older backup is always D:\BackupAlt. If a backup cycle fails, the cause is usually a full CD-RW.
Server Data backup 6 • Select the Include Technical Support directory check box, if necessary. Only available if the Include FTP Root directory check box is clear. • Select the Include Upload Failure Data Capture directory check box, if necessary. Only available if the Include FTP Root directory check box is clear. 5. Enter the time (using a 24-hour clock) you want the backup process to begin in the Next Backup Start Time Hours and Minutes fields. 6.
6 Server Data backup 9. Back up data to a CD by completing the following steps. NOTE This is not recommended on a permanent basis. CDs have a limited life, and may only last a month. An error message occurs if your Management application can no longer back up to the disc. a. Verify that the CD backup directory is correct (default directory is D:\Backup). It is assumed that drive D is a CD-RW drive. You can change the directory or use the Browse button to select another directory. b.
Server Data backup 6 3. Clear the Enable Backup check box. 4. Click Apply or OK. Viewing the backup status The Management application enables you to view the backup status at a glance by providing a backup status icon on the Status Bar. The following table illustrates and describes the icons that indicate the current status of the backup function. TABLE 30 Icon Backup status Description Backup in Progress — displays the following tooltip: “Backup started at hh:mm:ss, in progress...
6 Server Data backup Starting immediate backup NOTE You must have backup privileges to use the Backup Now function. For more information about privileges, refer to “User Privileges” on page 1935. To start the backup process immediately, complete one of the following procedures: Using the Backup Icon, right-click the Backup icon and select Backup Now. The backup process begins immediately. OR 1. Select Server > Options. The Options dialog box displays. 2. Select Server Backup in the Category list. 3.
Server Data restore 6 Server Data restore NOTE You cannot restore data from a previous version of the Management application. NOTE You cannot restore data from a higher or lower configuration (Trial or Licensed version) of the Management application. NOTE You cannot restore data from a different package of the Management application. The Management application helps you to protect your data by backing it up automatically. The data can then be restored, as necessary.
6 SAN display settings 5. Browse to the backup location. Browse to the location specified in the Output Directory field on the Options dialog box Backup pane. 6. Click Restore. Upon completion, a message displays the status of the restore operation. Click OK to close the message and the Server Management Console. For the restored data to take effect, re-launch the Configuration Wizard using the instructions in “Launching the Configuration Wizard” on page 5.
SAN display settings FIGURE 61 6 Options dialog box (SAN Display pane) 3. Click Set Up FICON Display. Any table that contains end device descriptions move the following nine columns to the beginning of the table: Attached Port #, FC Address, Serial #, Tag, Device Type, Model, Vendor, Port Type, and WWN. 4. Click Apply or OK to save your work. Resetting your display You can reset your system to display the default display settings for all fabrics.
6 SAN End node display To reset the Management application to the default display and view settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select SAN Display in the Category list. 3. Click Reset Display. 4. Click Yes on the reset confirmation message. The display and view settings are immediately reset to the default display settings (as detailed in the Default display settings table (Table 31). 5. Click Apply or OK to save your work.
SAN Ethernet loss events 6 SAN Ethernet loss events An Ethernet event occurs when the Ethernet link between the Management Server and the managed SAN device is lost. You can configure the application to enable events when the Ethernet connection is lost. Enabling SAN Ethernet loss events The Options dialog box enables you to configure the Management application to generate an Ethernet event after a device is offline for a specific period of time.
6 Event storage settings Event storage settings You can configure the maximum number of historical events save to the repository, how long the events will be retained, as well as whether to store historical events to a file before purging them from the repository. Configuring event storage To configure event storage, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Event Storage in the Category list (Figure 64).
Flyover settings 6 Storing historical events purged from repository To store historical events purged from the repository, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Event Storage in the Category list. 3. Select the Yes option. 4. Click OK. Purged events from the master log table are stored in the Install_Home\data\archive\events directory using the format event_MMDDYYY.zip (for example, event_04052011.zip.
6 Flyover settings FIGURE 65 Options dialog box (Flyovers pane, Product tab) a. Select the protocol type (FC or IP) from the Type list, if necessary. b. Select each property you want to display in the product flyover from the Available Properties table. The default protocol is Fibre Channel (FC).
Flyover settings c. Click the right arrow to move the selected properties to the Selected Properties table. d. Use the Move Up and Move Down buttons to reorder the properties in the Selected Properties table, if necessary. 6 The properties displayed in the Selected Properties table appear in the flyover display. 6. Remove product properties you do not want to display on flyover by selecting the property in the Selected Properties table and clicking the left arrow. 7.
6 Flyover settings FC (default) • • • • • • • • • • • • • Active FC4 Types Address Attached Port# Blocked Configuration Class of Service Device Type Fabric FC Address IP Address Master Port # Max Frame Size (bytes) Name Name (port) • • • • • • • • • • • • • Node WWN Operational State OS Device Name Port # Port Blocked Reason Port State Port Type Port WWN Speed Configured (Gbps) Speed Supported (Gbps) Symbolic Name Supported FC4 Types Zone Alias • • • Port# Port Type FCoE Index # FCoE • • • Name N
Name settings 6 Name settings You can use Names as a method of providing familiar simple names to products and ports in your SAN. Using your Management application you can: • Set names to be unique or non-unique. • Fix duplicate names. • Associate a name with a product, port WWN, or Fabric Assigned WWN currently being discovered. • Add a WWN and an associated name for a product or port that is not yet being discovered. • Remove or disassociate a name from a WWN.
6 Name settings Fixing duplicate names To fix duplicated names, complete the following steps. 1. Select Configure > Names. The Configure Names dialog box displays. 2. Click Fix Duplicates. The Duplicated Names dialog box displays (Figure 67). FIGURE 67 Duplicated Names dialog box The Duplicated Names dialog box contains the following information: • Description — A description of the device. • Duplicate Names table — Every instance of duplicate names. 184 Fabric — The fabric name.
Name settings 6 3. Select one of the following options. • If you select Append Incremental numbers for all repetitive names, the names are edited automatically using incremental numbering. • If you select I will fix them myself, edit the name in the Name field. 4. Click OK on the Duplicated Names dialog box. 5. Click OK to close the Configure Names dialog box. 6. Click OK on the confirmation message. Viewing names To view names associated with devices, complete the following steps. 1.
6 Name settings • Display table — This table displays the following information: Description–A description of the device. Name–The name of the device. Enter a name for the device. Operational Status–The operational status of the device (discovered, operational, and unknown). Type–The type of device (port, node, Fabric Assigned WWN, and unknown). WWN–The world wide node (WWN) of the device. Enter a WWN for the device. Click a column head to sort the list.
Name settings 6 4. Double-click in the Name column for the selected device or port and enter a name for the device or port. If you set names to be unique on the Options dialog box and the name you entered already exists, the entry is not accepted. To search for the device already using the name, refer to “Searching for a device by name” on page 189 or “Searching for a device by WWN” on page 190 in the Configure Names dialog box or “Searching for a device” on page 393 in the connectivity map.
6 Name settings 4. Click OK on the Apply Names dialog box. 5. Click OK on the Configure Names dialog box. Removing a name from a device 1. Select Configure > Names. The Configure Names dialog box displays. 2. In the Display table, select the name you want to remove. 3. Click Remove. An application message displays asking if you are sure you want clear the selected name. 4. Click Yes. 5. Click OK to close the Configure Names dialog box. 6. Click OK on the confirmation message.
Name settings 6 4. Enter a name for the file and click Save. 5. Click OK to close the Configure Names dialog box. Importing Names If the name length exceeds the limitations detailed in the following table, you must edit the name (in the CSV file) before import. Names that exceed these limits will not be imported. If you migrated from a previous version, the .properties file is located in the Install_Home\migration\data folder. TABLE 32 Device Character limit Fabric OS switch 6.
6 Name settings 4. Enter the name you want to search for in the Search field. You can search on partial names. NOTE To search for a device, the device must be discovered and display in the topology. 5. Click Search. All devices with the specified name (or partial name) are highlighted in the Display table. You may need to scroll to see all highlighted names. If the search finds no devices, a ‘no item found’ message displays. 6. Click OK to close the Configure Names dialog box.
Miscellaneous security settings 6 Miscellaneous security settings You can configure the Server Name, login banner, modify whether or not to allow clients to save passwords, and modify whether or not to enforce the MD5 checksum during import. When the login banner is enabled, each time a client connects to the server, the login banner displays with a legal notice provided by you. The client's users must acknowledge the login banner to proceed, otherwise they are logged out.
6 Miscellaneous security settings 4. Click OK on the confirmation message. 5. Click Apply or OK to save your work. Enforcing MD5 file during import NOTE The MD5 checksum file is required when you load Fabric OS firmware into the Management application version 12.0 or later. You can configure the Management application to enforce the MD5 checksum file import during the import of the Fabric OS image into the firmware repository.
Syslog Registration settings 6 4. Enter the message you want to display every time a user logs into this server in the Banner Message field. This field contains a maximum of 2048 characters. 5. Click Apply or OK to save your work. Disabling the login banner To disable the login banner display, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Security Misc in the Category list. 3. Clear the Display login banner upon client login check box.
6 SNMP Trap Registration settings Configuring the Syslog listing port number 1. Select Server > Options. The Options dialog box displays. 2. Select Syslog Registration in the Category pane. The Syslog Registration pane displays (Figure 70). 3. Enter the Syslog listening port number of the Server in the Syslog Listening Port (Server) field, if necessary. The default Syslog listening port number is 514 and is automatically populated.
SNMP Trap forwarding credential settings 6 3. Enter the SNMP listening port number of the Server in the SNMP Listening Port (Server) field, if necessary. The default SNMP listening port number is 162 and is automatically populated. 4. Click Apply or OK to save your work. SNMP Trap forwarding credential settings You can configure SNMP credentials for the traps forwarded by the server. Configuring SNMP v1 and v2c credentials To configure a SNMP v1 or v2c credentials, complete the following steps. 1.
6 Software Configuration Configuring SNMP v3 credentials To configure a SNMP v1 or v2c credentials, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Trap Forwarding Credentials in the Category pane. The Trap Forwarding Credentials pane displays (Figure 72). 3. Enter the SNMP v3 name (case sensitive, 1 to 16 characters) to identify the credentials in the User Name field. Allows all printable ASCII characters. 4.
Software Configuration 6 Certificates Certificate management allows you to enable certificate validation between the Management application server and products when HTTPS is enabled and between server and client when SSL is enabled on server. For more information about product communication, refer to “Product communication settings” on page 221. Certificate management also allows you to manage the Management application server truststore as well as the Management application client truststore.
6 Software Configuration FIGURE 73 Options dialog box (Certificates pane) The Certificates pane contains the following fields and components: • Enable certificate validation check box — Select to enable certificate validation. Clear to disable certificate validation • Keystore Certificates drop-down list — Select one of the following options: View — Click to view the keystore certificate details. For more information, refer to “Viewing a truststore certificate” on page 199.
Software Configuration 6 Delete button — Click to delete the certificate. For more information, refer to “Deleting a truststore certificate” on page 200. Password button — Click to change the password for the trusstore. For more information, refer to “Changing the password for the truststore repository” on page 200. 3. Click Apply or OK to save your work. Viewing a truststore certificate 1. Select Server > Options. The Options dialog box displays. 2. Select Certificates to in the Category list.
6 Software Configuration Subject — Name of the entity whose public key the certificate identifies. Signature — Digital signature of the certificate. MD5 Fingerprint — MD5 fingerprint used to authenticate the public key. SHA1 Fingerprint — SHA1 fingerprint used to authenticate the public key Right-side text box — Displays the value for the field selected in the table above. • 5. Click Close. 6. Click OK on the Options dialog box. Importing a truststore certificate 1. Select Server > Options.
Software Configuration 6 3. Select a truststore in the Truststore Certificates table. 4. Click Password. The Truststore Password dialog box displays. 5. Enter the current password in the Old Password field. 6. Enter the new password in the New Password and Confirm New Password fields. The password can be from 6 through 256 characters long, case sensitive, and allows all printable ASCII characters. The password displays as asterisks. 7. Click OK. The password is cached locally in the client. 8.
6 Software Configuration Exporting a keystore certificate 1. Select Server > Options. The Options dialog box displays. 2. Select Certificates to in the Category list. The Certificates pane displays. 3. Select Export from the Keystore Certificate list. The Export Keystore Certificate - Name dialog box displays. 4. Browse to the location to which you want to export the certificate. 5. Click OK. 6. Click Apply or OK to save your work.
Software Configuration 6 Changing the keystore password NOTE Changes to this option take effect after an application restart. 1. Select Server > Options. The Options dialog box displays. 2. Select Certificates to in the Category list. The Certificates pane displays. 3. Select Change Password from the Keystore Certificate list. The Keystore Password dialog box displays. 4. Enter the current password in the Old Password field. 5. Enter the new password in the New Password and Confirm New Password fields.
6 Software Configuration Client export port settings You can configure a port for communication between the client and server. Configuring the client export port To configure client export port settings, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Client Export Port to assign a communications port between the client and server in the Category list. The Client Export Port pane displays (Figure 75).
Software Configuration 6 Client/Server IP You can configure connections between the client or switches and the Management application server. Configuring the server IP address If your Operating System is IPv4-enabled or IPv6-enabled (running in dual mode), the server binds using an IPv4 address. IPv6 only mode does not support server to client communication (the IPv6 address cannot be bound to the server).
6 Software Configuration FIGURE 76 Options dialog box (Client/Server IP option) 3. Choose one of the following options in the Server IP Configuration list. • Select All. Go to step 4. • Select a specific IP address. Continue with step 5. • Select localhost. Continue with step 5. When Server IP Configuration is set to All, you can select any available IP address as the Return Address. If you select a specific IP address, the Return Address list shows the same IP address and you cannot change it. 4.
Software Configuration 6 Configuring an explicit server IP address If you selected a specific IP address from the Server IP Configuration screen during installation and the selected IP address changes, you will not be able to connect to the server. To connect to the new IP address, you must manually update the IP address information. To change the IP address, complete the following steps. 1. Choose one of the following options: • On Windows systems, select Start > Programs > Management_Application 12.X.
6 Software Configuration 8. Verify the IP address on the Server Configuration Summary screen and click Next. 9. Click Finish on the Start Server screen. 10. Click Yes on the restart server confirmation message. 11. Choose one of the following options: • If you configured authentication to CAC, enter your PIN in the CAC PIN field. • If you configured authentication to the local database, an external server (RADIUS, LDAP, or TACACS+), or a switch, enter your user name and password.
Software Configuration 6 3. Choose one of the following options in the Server IP Configuration list. • Select All. Go to step 4. • Select a specific IP address. Continue with step 5. • Select localhost. Continue with step 5. 4. Select the return IP address in the Client - Server IP Configuration Return Address list. When Server IP Configuration is set to All, you can select any available IP address as the Return Address.
6 Software Configuration Configuring change manager preferences 1. Select Server > Options. The Options dialog box displays. 2. Select IP Preferences from the Software Configurations list in the Category pane. The IP Preferences pane displays (Figure 78). FIGURE 78 Options dialog box (IP Preferences pane) 3. Select the ConfigReadFlash check box to obtain configuration back up from flash. Clear to obtain configuration back up from DRAM. Default is clear (disabled). 4.
Software Configuration 6 8. Select the DoPostdeploymentBackup check box to turn on product configuration backup after a payload is deployed using the Configuration Wizard. 9. Select the DoPredeploymentBackup check box to turn on product configuration backup before a payload is deployed using the Configuration Wizard. 10. Enter the number of days to keep product configuration backup files on the server in the KeepDataForDays field. Minimum duration is 7 days. Maximum duration is 365. Default is 30.
6 Software Configuration 3. Enter the number of Deployment Executions to show in a Deployment Report in the NumberOfDeploymentExecutionsToDisplay field. Minimum is 10. Maximum is 10000. Default is 50. 4. Click Apply or OK to save your work. Configuring IP device manager preferences This configuration is only applicable to the Ethernet router series switch running firmware version 5.4 or later. 1. Select Server > Options. The Options dialog box displays. 2.
Software Configuration 6 Configuring MPLS polling service preferences 1. Select Server > Options. The Options dialog box displays. 2. Select IP Preferences from the Software Configurations list in the Category pane. 3. Enter the frequency of MPLS polling in the PollingIntervalInSeconds field. Default is 180 seconds. 4. Select the PollingState check box to enable MPLS polling. 5. Click Apply or OK to save your work. Configuring name service preferences 1. Select Server > Options.
6 Software Configuration 4. Enter the maximum number of rows to display in the log report in the MaxRowsToShow field. Default is 200. 5. Click Apply or OK to save your work. Configuring sFlow data collector preferences 1. Select Server > Options. The Options dialog box displays. 2. Select IP Preferences from the Software Configurations list in the Category pane. 3.
Software Configuration 6 • RST — Reset connection bit • SYN — Synchronize sequence number bit • FIN — No more data from sender 8. Click Apply or OK to save your work. Configuring SSL certificates preferences 1. Select Server > Options. The Options dialog box displays. 2. Select IP Preferences from the Software Configurations list in the Category pane. 3. Enter a number of days to display a warning for an expiring certificate in the DaysUntilExpiryWarning field.
6 Software Configuration Configuring TFTP preferences 1. Select Server > Options. The Options dialog box displays. 2. Select IP Preferences from the Software Configurations list in the Category pane. 3. Enter the number of retries before aborting a read or write transfer in the maxRetries field. 4. Enter the time-out period in milliseconds between retry attempts in the timeout field. 5. Click Apply or OK to save your work.
Software Configuration FIGURE 79 6 Options dialog box (Memory Allocation pane) 3. (Enterprise only) In the SAN Network Size is list, complete the following steps: For other editions, the SAN Network size is small. You cannot change the SAN size. NOTE The SAN + IP version is not supported on a 32-bit Windows system. a. Select the size of the SAN (small, medium, or large) you want to configure. Product and Port recommended counts change to the new default values when you change the SAN Network size.
6 Software Configuration 4. (Enterprise only) In the IP Network Size is list, complete the following steps: For other editions, the IP Network size is medium. You cannot change the IP size. a. Select the size of the IP (small, medium, or large) you want to configure. Product recommended counts change to the new default values when you change the IP Network size.
Software Configuration TABLE 33 6 Server Heap Size for 32-bit Linux Server Small LAN Medium LAN Large LAN Medium SAN Enterprise 1024 MB 1024 MB 1400 MB Large SAN Enterprise 1200 MB 1400 MB 1500 MB For all 64-bit servers, the default minimum Server Heap Size for all network sizes is 2048 MB. NOTE There is no restriction on the maximum value for Server Heap Size in a 64-Bit Server. The correct server heap size value must be given according to the RAM present in the server. 7.
6 Software Configuration 4. Enter how often you want to check for state changes in the If no state change, Poll switch every field. Valid values are from 1 through 3,600 seconds. Default values are as follows: • Small (Professional): 120 seconds • Medium: 900 seconds • Large: 1800 seconds 5. Click Apply or OK to save your work. NOTE Changes to this option take effect after an application restart.
Software Configuration 6 Product communication settings You can configure HTTP or HTTPS connections between the products and the Management application server. Configuring SAN communication To configure connections between the SAN devices and the Management application server, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2. Select Product Communication from the Software Configurations list in the Category pane.
6 Software Configuration 6. Click Apply or OK to save your work. Changes to this option take effect after an application restart. 7. Click OK on the “changes take effect after application restart” message. Configuring the preferred IP format To configure the preferred IP format for the Management application server to connect with Fabric OS and Network OS devices, complete the following steps. 1. Select Server > Options. The Options dialog box displays. 2.
Software Configuration 6 3. To connect to products using SSH, complete the following steps. a. Select the SSH only option. b. Enter the connection port number in the SSH Port field. Go to step 6. The default SSH port number is 22. 4. To connect to products using Telnet, select the Telnet only option. Go to step 6. 5. To connect to products using SSH then Telnet, complete the following steps. a. Select the SSH then Telnet option. b. Enter the connection port number in the SSH Port field.
6 Software Configuration NOTE SCP is supported on Fabric OS devices running 5.3 and later. SSH File Transfer Protocol (SFTP) is a network protocol used to transfer data from one computer to another over a secure channel. You must configure SCP on your machine to support Technical Support and firmware management. NOTE SFTP is supported on Fabric OS devices running 7.0 and later. The built-in SCP/SFTP servers use the port 22 by default.
Software Configuration 6 5. Change your password by entering a new password in the Password and Confirm Password fields. The default password is passw0rd (where 0 is a zero). 6. Click Test to test the FTP server. An “FTP Server running successfully” or an error message displays. If you receive an error message, make sure your credentials are correct, the server is running, the remote directory path exists, and you have the correct access permission; then try again. 7. Click Apply or OK to save your work.
6 Software Configuration 7. Click Test to test the server.An “SCP/SFTP Server running successfully” or an error message displays. If you receive an error message, make sure your credentials are correct, the SCP/SFTP server is stopped, the remote directory path exists, and you have the correct access permission; then try again. 8. Click Apply or OK to save your work.
Software Configuration c. Enter a user name in the Remote Host User Name field. d. Enter the path to the remote host in the Remote Directory Path field. 6 Use a slash (/) or period (.) to denote the root directory. e. Enter the password in the Password Required for FTP field. 5. To configure an external SCP server, complete the following steps. a. Select the SCP Server check box to configure the external SCP server. All fields are mandatory. b.
6 Software Configuration 3. Choose one or more of the following options: • If you are using the internal FTP server, select the Use built-in FTP/SCP/SFTP Server option. For step-by-step instructions about configuring the built-in server, refer to “Configuring an internal FTP server” on page 224. • If you are using the external FTP server, select the Use external FTP/SCP/SFTP Server option.
Software Configuration 6 4. Enable HTTP redirection to HTTPS by selecting the Redirect HTTP Requests to HTTPS check box. When you enable HTTP redirection, the server uses port 80 to redirect HTTP requests to HTTPS. Make sure that port 80 is available before you enable HTTP redirection. 5. Enter a port number in the Starting Port # field. The default is 24600. For Professional, the server requires 15 consecutive free ports beginning with the starting port number.
6 Software Configuration 4. Select the Log server support data - Log Level list, and select the type of log data you want to configure. Log level options include: All, Fatal, Error, Warn, Info, Debug, Trace, and Off. Default is Info. 5. Click Apply or OK to save your work. NOTE Changes to the server log levels reset to the default (INFO) after a server restart. NOTE Changes to the Log client support data log level is persisted on all clients launched from the same machine for the same server. client.
FIPS Support 6 3. Select the maximum number of days to retain the server log file in the Log Purging Limit field. Valid values are 1 through 90. Default is 14. The log files are purged at 1:00 AM on the day after the retention period ends. 4. Click Apply or OK to save your work.
6 Fabric tracking Enabling fabric tracking 1. Enable fabric tracking by choosing one of the following options: • Select a fabric on the Product List or Connectivity Map and select Monitor > Track Fabric Changes. • Right-click a fabric on the Product List or Connectivity Map and select Track Fabric Changes. The accept changes summary message displays.
Fabric tracking 6 • Device Ports — This table shows a brief summary of the device ports including status (whether the device port will be added ( ) or removed ( ) from the fabric), reason (why the device is missing), product type, port, fabric name, port WWN, node WWN, and attached port number.
6 Fabric tracking • Connections — This table shows a brief summary of the switch connections including the status (whether the device port will be added ( ) or removed ( ) from the fabric), reason (why the connection is missing), and connection type as well as the fabric name, WWN, domain ID, IP address, and port number of the connected switches. 2. Click Yes to accept changes. Accepting changes for all fabrics 1.
Fabric tracking 6 • Connections — This table shows a brief summary of the switch connections including the status (whether the device port will be added ( ) or removed ( ) from the fabric), reason (why the connection is missing), and connection type as well as the fabric name, WWN, domain ID, IP address, and port number of the connected switches. 2. Click Yes to accept changes. Accepting changes for a switch, access gateway, or phantom domain 1.
Chapter 7 User Account Management In this chapter • Users overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • User accounts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Roles. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Areas of responsibility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
7 Users overview Viewing configured users To view configured users, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Click the Users tab, if necessary. FIGURE 89 Users dialog box - Users tab The Users dialog box contains the following fields and components: • Authentication-Primary — The primary authentication server type configured through the Server Management Console.
Users overview 7 • Users table — The configured users. User ID — The unique name used to identity a user. Full Name — The user’s full name. Roles — List of Roles the user belongs to separated by comma. Area Of Responsibility — List of AORs the user belongs to separated by comma. E-mail Notification — Whether e-mail notification is enabled for user. Account Enabled — Whether the user account status is enabled. Policy Violations — Whether there is a current policy violation for the user.
7 Users overview Default system roles for IP only environments include: - IP System Administrator Network Administrator Report User Group Default system roles for SAN plus IP environments include: SAN System Administrator IP System Administrator Network Administrator Security Administrator Zone Administrator Operator Security Officer Host Administrator Report User Group Description — A description of the role. Add button — Click to add a new role (refer to “Creating a new role” on page 247).
User accounts 7 User accounts NOTE You must have User Management Read and Write privileges to add new accounts, set passwords for accounts, and apply roles to the accounts. For a list of privileges, refer to “User Privileges” on page 1935. Management application user accounts contain the identification of the Management application user, as well as privileges, roles, and AORs assigned to the user. Privileges provide access to the features in Management application.
7 User accounts 4. Enter a password for the user in the Password and Confirm Password fields. Passwords displays as dots (.). For password policy details, refer to “Viewing your password policy” on page 266. 5. Select the Account Status - Enable check box to enable the account of the user. Account Status is enabled by default. 6. (Optional) Enter the full name of the user in the Full Name field. 7. (Optional) Enter a description for the user in the Description field. 8.
User accounts 7 Editing a user account To make changes to an existing user account, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Select the user account you want to edit and click Edit under the Users table. The Edit User dialog box displays. 3. Complete step 3 through step 13 in “Creating a new user account” on page 241. 4. Click OK to save the user account and close the Edit User dialog box.
7 User accounts Copying and pasting user preferences Enables you to copy user preference settings, such as window and dialog box sizes, table column and sort order, as well as other customizations, and all the user-defined views (including fabrics and hosts) from the selected user account to one or more other user accounts. If the fabric and hosts from the original user account are not included in the other user's AOR, then the copied fabrics and hosts do not display in the other user's views.
User accounts 7 4. Click OK to save the user account and close the Edit User dialog box. If you make changes to the user’s role or AOR while the user is logged in, a confirmation message displays. When you click OK on the confirmation message, the user is logged out and must log back in to see the changes. 5. Click Close to close the Users dialog box. Removing roles and areas of responsibility from a user account To remove roles and AORs from an existing user account, complete the following steps. 1.
7 User accounts Enabling a user account To re-activate a user account, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Select the disabled user account you want to enable in the Users table and click Enable. 3. Click Yes on the confirmation message. 4. Click Close to close the Users dialog box. Deleting a user account NOTE You cannot delete the default "Administrator" user account.
Roles 7 Roles NOTE You must have User Management Read and Write privileges to view, add, modify, or delete roles. A role is a group of Management application tasks or privileges that can be assigned to several users who have similar functions. When you create a role, it immediately becomes available in the Users dialog box. Creating a new role To create a new role, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Click Add under the Roles table.
7 Roles 6. Click OK to save the new role and close the Add Role dialog box. The new role displays in the Roles list of the Users dialog box. To add users to this role, follow the instructions in “Assigning roles and areas of responsibility to a user account” on page 244. 7. Click Close to close the Users dialog box Editing a role To make changes to an existing role, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2.
Roles 7 Deleting a role To delete a role, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Select the role you want to delete in the Roles table and click Delete. 3. Click Yes on the confirmation message. 4. Click Close to close the Users dialog box. Adding privileges to a role Each option under the Management application main menu corresponds to a privilege.
7 Areas of responsibility Removing privileges from a role You remove privileges from the Edit or Duplicate Users dialog boxes. To remove privileges from role, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Select the role you want to edit in the Roles table and click Edit or Duplicate under the Roles table. The Edit Roles or Duplicate Roles dialog box displays. 3.
Areas of responsibility 7 Creating an AOR When creating an AOR, you assign devices or groups to that AOR. After you save the AOR, it can be assigned to one or more user account. Users of those accounts can then view the devices or groups in their assigned AOR. Users can deploy configurations and payloads only to devices in assigned AORs. When you create an AOR, it immediately becomes available in the Users dialog box. To create an AOR, complete the following steps. 1. Select Server > Users.
7 Areas of responsibility Editing an AOR NOTE You cannot edit system AORs. To make changes to an existing AOR, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Select the AOR you want to edit in the AOR table and click Edit. The Edit AOR dialog box displays. 3. Complete step 3 through step 5 in “Creating an AOR” on page 251. 4. Click OK to save the AOR and close the Edit AOR dialog box.
Areas of responsibility 7 Deleting an AOR NOTE You cannot delete system AORs. To delete an AOR, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Select the AOR you want to delete in the AOR table and click Delete. 3. Click Yes on the confirmation message. 4. Click Close to close the Users dialog box. Assigning products to an AOR You can assign fabrics, hosts, and IP products to an AOR from the Add, Edit, or Duplicate AOR dialog box.
7 Areas of responsibility • (Application products only) Select the Application_Product Group you want to assign to the AOR in the Available IP Products table and click the right arrow button to move the group to the Selected Products table. Select multiple products by holding down the CTRL key and clicking more than one product. NOTE You must include the Application product to which the real or virtual servers in the AOR for the complete association to display in VIP manager.
Password policies 7 Password policies NOTE You must have User Management Read and Write privileges to configure password policy. Passwords are an important aspect of computer security. They are the front line of protection for user accounts. The purpose of the password policy is to establish a standard for the creation of strong passwords, the protection of those passwords, and the frequency of change.
7 Password policies b. Enter the number of days to warn the user prior to password expiration in the Warning Period field. Only enabled when the Password Age value is greater than zero. Valid values are 0 through 998. The default is 0. The Warning Period value must be less than the Password Age value. 4. Enter the number of unique passwords you must use before you can reuse a password in the History Count field. Valid values are 1 through 24. The default is 1.
Password policies 7 6. Configure the password lockout support by completing the following steps. a. Enter the number of failed login attempts allowed before the user account is locked out in the Lockout Threshold field. Valid values are 0 through 999. The default is 0 (disabled). b. Enter the time frame after which the account automatically unlocks and resumes normal operation in the Lockout Duration field. Only enabled when the Lockout Threshold is greater than zero.
7 Authentication Server Groups on the Management server 4. Review the password policy violator details. The View Policy Violators dialog box includes the following details: • User ID — Displays the identifier of the user who violated the password policy. • Full Name — Displays the full name of the user who violated the password policy. • Reason — Displays the reason the user violated the password policy. 5. Click Close on the View Policy Violators dialog box. 6. Click Close on the Users dialog box.
Authentication Server Groups on the Management server FIGURE 94 7 Users dialog box - Authentication Server Groups tab 3. Select the roles and AORs you want to assign to the AD group in the Available Roles / AORs table. Select multiple roles and AORs by holding down the CTRL key and clicking more than one role and AOR. 4. Select the AD group to which you want to assign the selected roles and AORs in the Active Directory Groups table.
7 Authentication Server Groups on the Management server Removing roles and AORs from an AD group To remove roles and AORs from an AD group, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Click the Authentication Server Groups tab. 3. Select the roles and AORs you want to remove in the Active Directory Groups table. Select multiple roles and AORs by holding down the CTRL key and clicking more than one role and AOR. 4. Click the left arrow button.
Authentication Server Groups on the Management server 7 Deleting an AD group Deleting an AD group deletes the roles and AORs assigned to the group and removes the group from the Active Directory Groups table. To delete an AD group, complete the following steps. 1. Select one or more AD groups that you want to delete from the Active Directory Groups table. 2. Click Delete. 3. Click Yes on the confirmation message. 4. Click OK on the deletion successful message. 5. Click OK to save your work.
7 Authentication Server Groups on the Management server Defining user accounts on the external LDAP server If you configure the external LDAP server as the primary authentication server in the server management console, you must define roles and AORs in the external LDAP server to match the Management application roles and AORs. Configuring roles and AORs on the external LDAP server Open the Management console on the Active Directory installed server and complete the following steps. 1.
User profiles 7 Configuring authorization details on the external LDAP server Open the ADSI Edit dialog box on the Active Directory installed server. 1. Select Start > Run. 2. Type adsiedit.msc and press Enter. 3. Right-click CN=User_Name in the CN=Users directory and select Properties. Where User_Name is the name of the user you created in “Creating an AD user account” on page 261. 4. Select NmAors in the Attributes list and click Edit. 5.
7 User profiles Viewing your user profile To view your user profile, complete the following steps. To edit your user profile, refer to “Editing your user profile” on page 265. 1. Select Server > User Profile. The User Profile dialog box displays the following information: • User ID — Displays your user identifier. • Full Name — Displays the name if entered while adding a user; otherwise, this field is blank. • Password — Displays your password as dots (.).
User profiles 7 Editing your user profile To edit your user profile, complete the following steps. 1. Select Server > User Profile. The User Profile dialog box displays. 2. Change your name in the Full Name field. 3. Change your password in the Password and Confirm Password fields. Passwords display as dots (.). 4. Change your user profile description in the Description field. 5. Change your phone number in the Phone Number field. 6.
7 User profiles If your password expires or your current password violates the password policy, you will be prompted to change your password from the Change Password dialog box. To view your password policy, click Password Policy - View. To change your password from the Change Password dialog box, complete the following steps. 1. Enter your current password in the Existing Password field. 2. Enter your new password in the New Password and Confirm Password fields. Passwords display as dots (.). 3.
User profiles 7 Resetting optional messages To reset all Management application optional messages to their default behaviors, complete the following steps. 1. Select Server > User Profile. The User Profile dialog box displays. 2. Click Optional Messages Reset. The Password Policy dialog box displays. 3. Click Yes on the confirmation message. A successful reset message displays. 4. Click OK on the User Profile dialog box.
7 User profiles 3. Enter the user name for the product in the Product Login Account - Username field. 4. Enter the password for the product in the Product Login Account - Password field. NOTE If Telnet is used to log in to the device and Telnet only requires a password, then enter the password in the Password field and leave the Username field blank. 5. (IronWare only) Enter the user name assigned to management privilege levels on the device in the Product Enable Account - Username field. 6.
Chapter 8 Dashboard Management In this chapter • Dashboard overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Default dashboards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Status widgets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Monitoring and Alerting Policy Suite widgets. . . . . . . . . . . . . . . . . . . . . . . . • Performance monitors . . . . . . . .
8 Dashboard overview FIGURE 95 Dashboard tab 1. Menu bar — Lists commands you can perform on the dashboard. For a list of Dashboard tab menu commands, refer to “Dashboard main menus” on page 1887. The dashboard also provides a shortcut menu to reset the dashboard back to the defaults. Reset the dashboard back to the default settings by right-clicking in the white space and selected Reset to Default. 2. Toolbar — Provides buttons that enable quick access to dialog boxes and functions.
Dashboard overview 8 9. Status bar — Displays the connection, port, product, fabric, special event, Call Home, and backup status, as well as Server and User data. For more information about the status bar, refer to “Status bar” on page 379. Dashboard toolbar The toolbar (Figure 96) is located beneath the menu bar and provides icons and buttons to perform various functions. FIGURE 96 Toolbar The toolbar contains the following icons and buttons: 1.
8 Dashboard overview Dashboard messages The dashboard message bar (Figure 97) only displays when the Network Scope or Time Scope has changed. You can also view all dashboard messages and clear them. FIGURE 97 Dashboard message bar The toolbar contains the following fields and components: 1. Details button — Use to view dashboard messages. 2. Close button — Use to close the dashboard message bar.
Dashboard overview 8 General dashboard functions The Management application also provides the following general functions which are applicable to all widgets and monitors: • Preference persistence — Any customization you make to the dashboards are persisted in that dashboard.
8 Dashboard overview Filtering the dashboards list You can filter the list of dashboards to only display dashboard you need. 1. Click the Dashboards expand navigation bar. 2. Enter your filter criteria in the Filter text box. 3. To make the filter case sensitive or insensitive, choose one of the following options from the filter icon list: • Case sensitive — Select to make the filter case sensitive. • Case insensitive — Select to make the filter case insensitive. 4.
Dashboard overview 8 4. Select the Copy active dashboard widgets to include all widget in the current dashboard to this dashboard. 5. Click OK. The new dashboard displays in the Dashboards expand navigation bar and becomes the active dashboard. Deleting a user-defined dashboard You can delete a user-defined dashboard. 1. Click the Dashboards expand navigation bar. 2. Select the dashboard you want to delete and click Delete. 3. Click Yes on the confirmation message.
8 Dashboard overview 4. Click the Performance tab (Figure 99). The preconfigured performance monitors display. You can create up to 100 performance monitors; however, you can only display up to 30 performance monitors. For more information about performance monitors, refer to “Performance monitors” on page 304. FIGURE 99 Customize Dashboard dialog box, Performance tab 5. Select the Display check box in the Performance Monitors list for each performance monitor you want to add to the dashboard.
Dashboard overview 8 Exporting the dashboard display You can export the current dashboard display (all widgets and monitors) or a selected widget or monitor in a .png format. 1. Select one of the following options from the Export list: • Dashboard — Exports the current dashboard. • Name — Exports the selected widget (where Name is the name of the widget or monitor on the dashboard). The Export Dashboard to PNG File or Export Name to PNG File dialog box displays. 2.
8 Dashboard overview Setting the network scope You can configure the dashboard to display all objects in your area of responsibility (AOR) or a subset of objects (fabrics, devices, or groups). NOTE Network scope does not affect the Events widget. The Events widget always includes all objects in your AOR. From the dashboard, select a network from the Network Scope list.
Dashboard overview 8 FIGURE 100 Edit Scopes dialog box 2. Click Add. A new network scope displays in the Network Scopes list. 3. Enter a name for the scope in the Name field. 4. Select one of the following options: • Fabrics — Select to create your network from one or more fabrics. • Products — Select to create your network from one or more products or product groups. • Ports — Select to create your network from one or more ports or port groups. 5.
8 Dashboard overview 4. To add objects, select one or more the objects you want to include in the network from the Available Targets list and click the right arrow button. The objects display in the Selected Targets list. 5. To remove an object from the Selected Targets list, select it and click the left arrow button. 6. Click OK to save your changes and close the Edit Scope dialog box. Deleting a user-defined network scope You can edit any user-defined network scope. 1.
Default dashboards 8 Default dashboards The Management application provides preconfigured dashboards which provide high-level overview of the network, the current states of managed devices, and performance of devices, ports, and traffic on the network.
8 Status widgets IP Port Health The IP Ports Health dashboard provides the following preconfigured performance monitors: • • • • • • • • • Top Port Errors monitor Top Port CRC Errors monitor Top Port Discards monitor Top Port Receive EOF monitor Top Port Underflow Errors monitor Top Port Overflow Errors monitor Top Port Runtime Errors monitor Top Port Too Long Errors monitor Top Port Alignment Errors monitor Status widgets The Management application provides the following preconfigured status widgets:
Status widgets 8 Access Point Status widget The Access Point Status widget displays the access point (AP) status as a pie chart. FIGURE 101 Access Point Status widget The Access Point Status widget includes the following data: • Severity icon/product count/widget title — The color of the worst status followed by the product count with that status displays before the widget title. • Show list — A list of available managed AP products.
8 Status widgets Accessing additional data from the Access Point Status widget Double-click a section in the Access Point Status widget to navigate to a filtered view of the AP Products report. Bottlenecked Ports widget The Bottlenecked Ports widget (Figure 102) displays the bottlenecked port violations for the specified fabric and time range in a table. There are four bottlenecked port widgets: All, ISL, Initiator, and Target.
Status widgets 8 • Type — The port type. • Identifier — The port identifier, such as port name, number, address, WWN, user port number, or zone alias. • Port Number — The port number. • State — Whether the port is online or offline. • Status — Whether the port is online or offline. Customizing the Bottlenecked Ports widget You can customize the widget to display data for a specific fabric and duration. • To display data for a specific fabric or group, refer to “Setting the network scope” on page 278.
8 Status widgets • Bar chart — The event severity using the color-codes in Table 36: TABLE 36 Event severity color codes Color Red ( Severity ) Emergency Brick Red( ) Alert Brick Red ( ) Critical Brick Red ( ) Error Gold ( ) Warning Grey ( ) Notice Blue ( ) Info • Network Scope — The network scope does not affect the Events widget. The Events widget always includes all objects in your AOR. • Time Scope — The time scope.
Status widgets 8 • Include Syslog information (default) on the Event Summary pane by selecting the Show Syslog check box. To exclude Syslog information, clear the Show Syslog check box. Accessing additional data from the Events widget Double-click a bar in the Events widget to navigate to an event custom report (HTML) that displays the events corresponding to the event type selected. For information about report details, refer to “Fault Management” on page 1707.
8 Status widgets Customizing the Host Adapter Inventory widget You can customize the Host Adapter Inventory widget to display product inventory for a specific grouping. The group type and number of products in the group displays to the left of the associated bar; for example, 2.3.0.005 [3], where 2.3.0.005 is the driver number and [3] is the number of products running that driver level.
Status widgets 8 IP Inventory widget The IP Inventory widget (Figure 105) displays the IP products inventory as stacked bar graphs. For a VCS fabric, each VCS fabric is counted as an individual product. FIGURE 105 IP Inventory widget The IP Inventory widget includes the following data: • Severity icon/product count/widget title — The color of the worst severity followed by the IP product count with that severity displays before the widget title.
8 Status widgets Customizing the IP Inventory widget You can customize the IP Inventory widget to display product inventory for a specific grouping. The group type and number of products in the group displays to the left of the associated bar; for example, v04.1.00a [3], where v04.1.00a is the firmware number and [3] is the number of products running that firmware level.
Status widgets 8 IP Status widget The IP Status widget (Figure 106) displays the device status as a pie chart. If you discover a DCB switch from the IP tab, the switch status only displays in the IP Status widget. However, if you discover a DCB switch from the SAN tab, the switch status displays in both the SAN Status and IP Status widgets.
8 Status widgets Accessing additional data from the IP Status widget Double-click a section in the IP Status widget to navigate to the IP Products - Status dialog box (where Status is the status of the section you selected). For more information, refer to “Viewing additional IP product data” on page 292 NOTE It takes a few moments to populate newly discovered products in the IP Products - Status dialog box (where Status is the section of the widget you selected). Viewing additional IP product data 1.
Status widgets 8 SAN Inventory widget The SAN Inventory widget (Figure 107) displays the SAN products inventory as stacked bar graphs. FIGURE 107 SAN Inventory widget The SAN Inventory widget includes the following data: • Severity icon/product count/widget title — The color of the worst severity followed by the number of products with that severity displays before to the widget title. • Group By list — Use to customize this widget to display a specific group of products.
8 Status widgets Customizing the SAN Inventory widget You can customize the SAN Inventory widget to display the product inventory for a specific group. The group type and number of devices in the group displays to the left of the associated bar; for example, v7.0.0 [3], where v7.0.0 is the firmware number and [3] is the number of devices running that firmware level. • Change the grouping by selecting one of the following from the Group By list: - Firmware — The product inventory by firmware release.
Status widgets 8 SAN Status widget The SAN Status widget (Figure 108) displays the device status as a pie chart. If you discover a DCB switch from the SAN tab, the switch status displays in both the SAN Status and IP Status widgets. However, if you discover a DCB switch from the IP tab, the switch status only displays in the IP Status widget.
8 Status widgets Accessing additional data from the SAN Status widget Double-click a section in the SAN Status widget to navigate to the SAN Products - Status dialog box (where Status is the section of the widget you selected). For more information, refer to “Viewing additional SAN product data” on page 296. NOTE It takes a few moments to populate newly discovered products in the SAN Products - Status dialog box (where Status is the section of the widget you selected).
Status widgets 8 Status widget The Status widget (Figure 109) displays the number of products managed and the number of events within the selected event time range, as well as various IP management processes and their current state. FIGURE 109 Status widget The Status widget displays the following items for each product license: • • • • • • • • • • Fibre Channel Fabrics — The number of managed fabrics. SAN Switches — The number of managed SAN switches.
8 Status widgets VM Alarms widget NOTE ]Enabling the VM Alarms widget requires discovery of vCenters. The VM Alarms widget displays the vCenter alarms for the specified fabric and time range in a table. The VM Alarms widget includes the following data: • • • • Severity icon/widget title — The worst severity of the data shown next to the widget title. VM — Virtual Machine name. Host — Host name.
Monitoring and Alerting Policy Suite widgets 8 Monitoring and Alerting Policy Suite widgets NOTE MAPS is only supported on a licensed version of the Management application with SAN management. NOTE MAPS is only supported on FC and DCB devices running Fabric OS 7.2.0 or later with the Fabric Vision license.
8 Monitoring and Alerting Policy Suite widgets Out of Range Violations widget The Out of Range Violations widget (Figure 110) displays the number of violations for each MAPS category and the number of network objects (such as ports, trunks, switches, and circuits) with that MAPS violation based on the selected fabric and a specified time range. By default, this widget refreshes every minute.
Monitoring and Alerting Policy Suite widgets 8 • Network Object Count — The number and network object type (such as, switch, virtual machine, port, trunk, and so on) with a MAPS violation for each category. Always displays whether or not there is a violation. NOTE For FCIP Health, the Network Object Count is based on the number of VE-port and Circuit combinations with a MAPS violation.
8 Monitoring and Alerting Policy Suite widgets Port Health Violations widget The Port Health Violations widget (Figure 111) displays the number of violations for each product based on the selected fabric and a specified time range. There are four port health violation widgets: All, ISL, Initiator, and Target.
Monitoring and Alerting Policy Suite widgets 8 • C3TXTO — The number of Class 3 discards frames because of timeouts. • State changes — The state of the port has changed for one of the following reasons: - The port has gone offline. - The port has come online. - The port is faulty. • SFP Current — The amount of supplied current to the SFP transceiver. • SFP Receive Power — The amount of incoming laser, in µwatts, to help determine if the SFP transceiver is in good working condition.
8 Performance monitors Performance monitors The Performance Dashboard provides a high-level overview of the performance on the network. This allows you to easily check the performance of devices, ports, and traffic on the network. The Performance Dashboard also provides several features to help you quickly access performance metrics and reports. The dashboards update every ten minutes regardless of the currently selected tab (SAN, IP, or Dashboard) or the SAN or LAN size.
Performance monitors TABLE 37 8 Preconfigure performance monitors Monitor title Description Data collectors Top Port Traffic Table view of the traffic measure All SAN FCIP tunnel collector, All SAN FC port collector, port throughput collector, All SAN TE port collector, Wireless ports collector Top Port Underflow Errors Table view of the underflow errors measure All SAN TE port collector Top Port Utilization Percentage Table view of the port utilization percentage measure.
8 Performance monitors Top Port Alignment Errors monitor The Top Port Alignment Errors performance monitor displays the top ports with alignmenet errors in a table. The Top Port Alignment Errors performance monitor includes the following data: • Threshold icon/object count/monitor title — The color associated with the threshold and number of objects within that threshold displays next to the monitor title. • Port — The port affected by this monitor.
Performance monitors 8 Top Port C3 Discards monitor The Top Port C3 Discards monitor (Figure 112) displays the top ports with Class 3 frames discarded in a table. There are four port widgets: All, ISL, Initiator, and Target. FIGURE 112 Top Port C3 Discards monitor The Top Port C3 Discards monitor includes the following data: • Severity icon/monitor title — The worst severity of the data based on the error count shown next to the monitor title. • Port — The port affected by this monitor.
8 Performance monitors To customize the monitor to display data by a selected time frame as well as customize the display options, refer to “Editing a preconfigured performance monitor” on page 332. Accessing additional data from the Top Port C3 Discards monitor • Right-click a row in the monitor to access the shortcut menu available for the associated device. For more information about shortcut menus, refer to “SAN shortcut menus” on page 1905.
Performance monitors 8 • C3 Discards RX TO — The number (error count) of Class 3 frames received at this port and discarded at the transmission port due to timeout errors for the duration specified in the monitor. • • • • • • • Product — The product affected by this monitor. Type — The type of port (for example, U-Port). Identifier — The port identifier. Port Number — The port number. State — The port state (for example, Enabled). Status — The port status (for example, Up).
8 Performance monitors The Top Port CRC Errors monitor includes the following data: • Severity icon/monitor title — The worst severity of the data based on the error count shown next to the monitor title. • Port — The port affected by this monitor. • Connected_Port_Link (where Connected_Port_Link is Connected Port, Initiator, or Target) — Displays one of the following: - Connected Port — The ISL or IFL port on the connected device. Click to launch the switch port properties dialog box.
Performance monitors 8 Top Port Discards monitor The Top Port Discards monitor (Figure 115) displays the top ports with receive and transmit discards in a table. FIGURE 115 Top Port Discards monitor The Top Port Discards monitor includes the following data: • Severity icon/monitor title — The worst severity of the data based on the error count shown next to the monitor title. • Port — The port affected by this monitor.
8 Performance monitors • Status — The port status (for example, Up). • Refreshed — The time of the last update for the monitor. To customize the monitor to display data by a selected time frame as well as customize the display options, refer to “Editing a preconfigured performance monitor” on page 332. Accessing additional data from the Top Port Discards monitor • Right-click a row in the monitor to access the shortcut menu available for the associated device.
Performance monitors 8 • Encode Error Out/sec — The number (error rate) of encoding errors outside of frames per second for the duration specified in the monitor. • Encode Error Out — The number (error count) of encoding errors outside of frames for the duration specified in the monitor. • • • • • • • Product — The product affected by this monitor. Type — The type of port (for example, U-Port). Identifier — The port identifier. Port Number — The port number.
8 Performance monitors The Top Port Errors monitor includes the following data: • Severity icon/monitor title — The worst severity of the data based on the error count shown next to the monitor title. • Port — The port affected by this monitor. • Connected_Port_Link (where Connected_Port_Link is Connected Port, Initiator, or Target) — Displays one of the following: - Connected Port — The ISL or IFL port on the connected device. Click to launch the switch port properties dialog box.
Performance monitors 8 Top Port Link Failures monitor The Top Port Link Failures monitor (Figure 118) displays the top ports with link failures in a table. FIGURE 118 Top Port Link Failures monitor The Top Port Link Failures monitor includes the following data: • Severity icon/monitor title — The worst severity of the data based on the error count shown next to the monitor title. • Port — The port affected by this monitor.
8 Performance monitors • Status — The port status (for example, Up). • Refreshed — The time of the last update for the monitor. To customize the monitor to display data by a selected time frame as well as customize the display options, refer to “Editing a preconfigured performance monitor” on page 332. Accessing additional data from the Top Port Link Failures monitor • Right-click a row in the monitor to access the shortcut menu available for the associated device.
Performance monitors 8 • RX Link Resets /sec — The number (error rate) receive link reset errors per second for the duration specified in the monitor. • RX Link Resets — The number (error count) of receive link reset errors. • TX Link Resets/sec — The number (error rate) of transmit link reset errors for the duration specified in the monitor. • • • • • • • • TX Link Resets — The number (error count) of transmit link reset errors. Product — The product affected by this monitor.
8 Performance monitors The Top Port Overflow Errors performance monitor includes the following data: • Threshold icon/object count/monitor title — The color associated with the threshold and number of objects within that threshold displays next to the monitor title. • Port — The port affected by this monitor. • Connected_Port_Link (where Connected_Port_Link is Connected Port, Initiator, or Target) — Displays one of the following: - Connected Port — The ISL or IFL port on the connected device.
Performance monitors 8 • Receive EOF/sec — The number (rate) of end of frames received per second for the duration specified in the monitor. • • • • • • • Product — The product affected by this monitor. Type — The type of port (for example, U-Port). Identifier — The port identifier. Port Number — The port number. State — The port state (for example, Enabled). Status — The port status (for example, Up). Refreshed — The time of the last update for the monitor.
8 Performance monitors Top Port Sync Losses monitor The Top Port Sync Losses monitor (Figure 121) displays the top ports with synchronization failures in a table. FIGURE 121 Top Port Sync Losses monitor The Top Port Sync Losses monitor includes the following data: • Severity icon/monitor title — The color of the worst severity of the data shown next to the monitor title. • Port — The port affected by this monitor.
Performance monitors 8 Accessing additional data from the Top Port Link Resets monitor • Right-click a row in the monitor to access the shortcut menu available for the associated device. For more information about shortcut menus, refer to “Application menus” on page 1887. • Double-click a row to navigate to the Custom: Historical Performance Graphs dialog box. For more information, refer to “Performance Data” on page 1459.
8 Performance monitors Top Port Traffic monitor The Top Port Traffic monitor (Figure 122) displays the top ports with receive and transmit traffic in a table. FIGURE 122 Top Port Traffic monitor The Top Port Traffic monitor includes the following data: • Severity icon/monitor title — Displays the worst severity of the data shown next to the monitor title. • Port — The port affected by this monitor.
Performance monitors 8 Accessing additional data from the Top Port Traffic monitor • Right-click a row in the monitor to access the shortcut menu available for the associated device. For more information about shortcut menus, refer to “Application menus” on page 1887. • Double-click a row to navigate to the Historical Graphs/Tables dialog box. For more information, refer to “Performance Data” on page 1459.
8 Performance monitors Top Port Utilization Percentage monitor The Top Port Utilization monitor (Figure 123) displays the top port utilization percentages in a table. FIGURE 123 Top Port Utilization monitor The Top Port Utilization monitor includes the following data: • Severity icon/monitor title — The worst severity of the data shown next to the monitor title. • Port — The port affected by this monitor.
Performance monitors 8 Accessing additional data from the Top Port Utilization monitor • Right-click a row in the monitor to access the shortcut menu available for the associated device. For more information about shortcut menus, refer to “Application menus” on page 1887. • Double-click a row to navigate to the Historical Graphs/Tables dialog box. For more information, refer to “Performance Data” on page 1459.
8 Performance monitors • State — The port state (for example, Enabled). • Status — The port status (for example, Up). • Refreshed — The time of the last update for the monitor. To customize the monitor to display data by a selected time frame as well as customize the display options, refer to “Editing a preconfigured performance monitor” on page 332.
Performance monitors • • • • • • • • 8 Tag — The product tag. Serial # — The serial number of the product. Model — The product model. Port Count — The number of ports on the product. Firmware — The firmware level running on the product. Location — The location of the product. Contact — A contact name for the product. Refreshed — The time of the last update for the monitor.
8 Performance monitors • • • • • • • • • • • • • Max — The maximum value of the measure in the specified time range. Fabric — The fabric to which the device belongs. Product Type — The type of product (for example, switch). State — The product state (for example, Offline). Status — The product status (for example, Reachable). Tag — The product tag. Serial # — The serial number of the product. Model — The product model. Port Count — The number of ports on the product.
Performance monitors 8 The Top Product Response Time monitor includes the following data: • Severity icon/response time/monitor title — The worst severity of the data and the response time displays next to the monitor title. • • • • • • • • • • • • • • • • Product — The product affected by this monitor. Min — The minimum value of the measure in the specified time range. Response Time (ms) — The top response time in milliseconds. Max — The maximum value of the measure in the specified time range.
8 Performance monitors Top Product Temperature monitor The Top Product Temperature monitor (Figure 128) displays the top product temperature in a table. FIGURE 128 Top Product Temperature monitor The Top Product Temperature monitor includes the following data: • Severity icon/temperature/monitor title — The worst severity of the data and the temperature displays next to the monitor title. • • • • • • • • • • • • • • • • Product — The product affected by this monitor.
Performance monitors 8 Accessing additional data from the Top Product Temperature monitor • Right-click a row in the monitor to access the shortcut menu available for the associated device. For more information about shortcut menus, refer to “Application menus” on page 1887. • Double-click a row to navigate to the Historical Graphs/Tables dialog box. For more information, refer to “Performance Data” on page 1459.
8 Performance monitors • Location — The location of the product. • Contact — A contact name for the product. • Refreshed — The time of the last update for the monitor. To customize the monitor to display data by a selected time frame as well as customize the display options, refer to “Editing a preconfigured performance monitor” on page 332.
User-defined performance monitors 8 • To specify a color based on hue, saturation, and lightness, click the HSL tab. Specify the hue (0 through 360 degrees), saturation (0 through 100%), lightness (0 through 100%), and transparency (0 through 100%). • To specify a color based on values of red, green, and blue, click the RGB tab. Specify the values for red (0 through 255), green (0 through 255), blue (0 through 255), and alpha (0 through 255).
8 User-defined performance monitors Measures Depending on the object (products, ports, traffic) you want to monitor, you can choose from the following measures: • Product - Memory Utilization Percentage — The memory utilization percentage for the product. - CPU Utilization Percentage — The CPU utilization percentage for the product. - Temperature — The temperature in Celsius for the product. - Fan Speed — The fan speed in RPM for the product.
User-defined performance monitors - FCIP - Compression Ratio — The compression ratio for the FCIP tunnel. Latency — The latency for the FCIP tunnel. Dropped Packets — The number of dropped packets. Link Retransmits — The number of retransmitted links. Timeout Retransmits — The number of retransmits due to timeout. Fast Retransmits — The number of fast retransmits triggered. Duplicate Ack Received — The number of duplicate acknowledgements received.
8 User-defined performance monitors - Frame Transmit Frame Count (frames) — The transmit frame count as reported in the last data point received for the flow. Receive Frame Count (frames) — The received frame count as reported in the last data point received for the flow. Transmit Frame Rate (f/s) — The transmit frame rate per second as reported in the last data point received for the flow.
User-defined performance monitors 8 The top or bottom product performance monitor includes the following data: • Threshold icon/object count/monitor title — The color associated with the threshold and number of objects within that threshold displays next to the monitor title. • Product — The product affected by this monitor. • Min — The minimum value of the measure in the specified time range. • Measure_Type — The percentage bar of the selected measure.
8 User-defined performance monitors Top or bottom port performance monitors The top or bottom port performance monitors (Figure 131) display the top or bottom number of ports (for example, bottom 10 ports) for the selected measure in a table.
User-defined performance monitors 8 • State — The port state (for example, Enabled). • Status — The port status (for example, Up). • Refreshed — The time of the last update for the monitor. To configure a port performance monitor, refer to “Configuring a user-defined port performance monitor” on page 345.
8 User-defined performance monitors TABLE 38 • • • • • Product measures types Memory Utilization Percentage CPU Utilization Percentage Temperature (C) Fan Speed (rpm) Response Time (s) TABLE 39 • • • • System Up Time (days) Ports Not In Use Ping Packet Loss Percentage AP Client Count Port measures types Common • Port Utilization Percentage • Traffic • CRC Errors FC • Link Resets • Signal Losses • Sync Losses • Link Failures • Sequence Errors • Invalid Transmissions • C3 Discards • C3 Discards TX T
User-defined performance monitors 8 Time series performance monitors The time series performance monitors (Figure 133) display the selected measures in a chart. FIGURE 133 Time series performance monitor example The time series performance monitor includes the following data: • • • • • Monitor title — The user-defined monitor title. Value (y-axis) — The number of objects affected by this monitor. Time (x-axis) — The date and time the monitor collected the data.
8 User-defined performance monitors Top sFlows performance monitors The top sFlows performance monitors display the top sFlow measures based on available flow data in a table. The top sFlow performance monitor includes the following data: • MACs, IP Addresses, VMs, or VLANs — The number of products and associated ports affected by this monitor. • • • • • Port In — The in port number. Port Out — The out port number. MBytes — The port speed. Frames — The number of frames.
User-defined performance monitors 7. 8 Select the product measure for the monitor in the Measure area: • • • • • • • • • Memory Utilization Percentage CPU Utilization Percentage Temperature Fan Speed Response Time System Up Time Ports Not In Use Ping Packet Loss Percentage AP Client Count (not available for Time Series monitors) 8. (Top N and Bottom N monitors only) Select the number products to include in a selected measure by entering a number in the For Top N, Bottom N Monitors, N= field.
8 User-defined performance monitors • To specify a color based on values of red, green, and blue, click the RGB tab. Specify the values for red (0 through 255), green (0 through 255), blue (0 through 255), and alpha (0 through 255). • To specify a color based on values of cyan, magenta, yellow, and black, click the CMYK tab. Specify the values for cyan (0 through 255), magenta (0 through 255), yellow (0 through 255), black (0 through 255), and alpha (0 through 255).
User-defined performance monitors 8 8. Click Add beneath the Targets table. The Performance Dashboard Monitor Targets dialog box displays. Depending on the type of measure you select, you can add IP products/ports, SAN products/ports, and FCIP tunnels to the list of targets. If you selected a product measure, continue with step 9. If you selected a SAN or IP port measure, continue with step 9. If you selected a FC IP port measure, go to step 15. 9. Click the SAN tab. 10.
8 User-defined performance monitors • Distribution — Select to monitor the selected measure for five defined distribution percentages. • Time Series — Select to monitor a selected measure for a range of time and specified targets. 6.
User-defined performance monitors 8 (Distribution monitors only) The increasing order defaults are as follows: 0 through 20 displays green, 21 through 40 displays blue, 41 through 60 displays yellow, 61 through 80 displays orange, and 81 through 100 displays red. a. (Top N and Bottom N monitors only) Select the check box. b. Enter a number in the field. c. Click the color square to launch the Color dialog box. • To pick a color from a swatch, select the Swatches tab. Select a color from the display.
8 User-defined performance monitors • (IP ports) In a Top N or Bottom N monitor, double-click a row or right-click a row and select Show Graph/Table to navigate to the Historical Graphs/Tables dialog box for the selected measures. For more information, refer to “Performance Data” on page 1459. • In a Top N sFlow monitor, double-click a device row to navigate to the sFlow Monitor Report dialog box. For more information, refer to “Interpreting an sFlow traffic report” on page 1563.
User-defined performance monitors 8 Accessing additional data from user-defined sFlow performance monitors • In a Top N sFlow monitor, double-click a device row to navigate to the sFlow Monitor Report dialog box. For more information, refer to “Interpreting an sFlow traffic report” on page 1563.
8 User-defined performance monitors Viewing port distribution data details Each bar on the port distribution graph maps directly to one of the five percentage ranges defined for the distribution monitor (refer to “Distribution performance monitors” on page 339). 1. Double-click a bar in the graph. The Monitor_Title Data Details dialog box displays. 2. Review the data. The port distribution data details include the following fields and components: • Port — The port affected by the selected measure.
User-defined performance monitors Timeout Retransmits — The number of retransmits due to timeout. Fast Retransmits — The number of fast retransmits triggered. Duplicate Ack Received — The number of duplicate acknowledgements received. Window Size RTT — The window size round trip time. TCP Out of Order Segments — The number of segments received out of order. Slow Start Status — The number of slow starts. Errors — The number of errors. Discards — The number of discarded frames.
8 Traffic flow dashboard monitors 3. Enter a unique name for the monitor and click OK. 4. Click OK on the confirmation message. Traffic flow dashboard monitors NOTE Traffic flow monitors are only supported on devices running Fabric OS 7.2 and later with the Fabric Vision license. You can use the dashboard to monitor traffic flows. To monitor a flow, you must first create and activate the flow in Flow Vision (refer to //link to flow vision//.
Traffic flow dashboard monitors 8 • Frame - Transmit Frame Count (frames) — The transmit frame count as reported in the last data point received for the flow. - Receive Frame Count (frames) — The received frame count as reported in the last data point received for the flow. - Transmit Frame Rate (f/s) — The transmit frame rate per second as reported in the last data point received for the flow.
8 Traffic flow dashboard monitors Traffic flow performance graph monitor The traffic flow performance monitors display (Figure 134) the selected measures in a chart. FIGURE 134 Traffic flow performance graph monitor example The traffic flows performance monitor includes the following data: • • • • Monitor title — The user-defined monitor title. Value (y-axis) — The number of objects affected by the selected measure. Time (x-axis) — The time the monitor collected the data.
Traffic flow dashboard monitors 8 Top or bottom traffic flow performance monitor The top or bottom traffic flow performance monitors display (Figure 135) the top or bottom number of flows for the selected measure in a table. FIGURE 135 Top traffic flow monitor example The top or bottom flows performance monitor includes the following data: • Threshold icon/object count/monitor title — The color associated with the threshold and number of objects within that threshold displays next to the monitor title.
8 Traffic flow dashboard monitors Accessing additional data from traffic flow performance monitors • Right-click a row in the table to access the shortcut menu and select one of the following options: - Show Graph/Table — Launches the Flow Graphing dialog box with the selected measures (sub-flows) to be plotted. - Locate — Move the focus to the SAN tab with the associated switch highlighted. Monitor — Launches the Monitor - Flow Vision dialog box with the selected sub-flows in the Active Flows list.
Traffic flow dashboard monitors 8 Configuring a traffic flows monitor from a performance graph 1. Configure the performance graph. To configure traffic flows performance graph, refer to //link to flow vision//. 2. Click Publish to create a monitor of the graph data for the dashboard. The Historical Chart Monitor - Date_Time dialog box displays (where Date_Time is the is the date and time the monitor was created). 3. Modify the title, if necessary, and click OK. 4. Click OK on the message.
8 Traffic flow dashboard monitors 6. Select the traffic measure for the monitor in the Measure area: For Time Series monitors, you can select more than one measure. SCSI • • • • • • • • 7.
Traffic flow dashboard monitors 8 • To specify a color based on values of red, green, and blue, click the RGB tab. Specify the values for red (0 through 255), green (0 through 255), blue (0 through 255), and alpha (0 through 255). • To specify a color based on values of cyan, magenta, yellow, and black, click the CMYK tab. Specify the values for cyan (0 through 255), magenta (0 through 255), yellow (0 through 255), black (0 through 255), and alpha (0 through 255).
8 Traffic flow dashboard monitors • Feature — The active feature for the sub flow definition. Valid values include: Generator, Monitor, or Mirror. • LUN — The LUN values defined in the flow. • Bi-direction — Whether or not the flow is bi-directional. Valid values are Yes or No. 9. Select the flow targets from the Available Flow list and click the right arrow button to move the targets to the Selected Flow list.
Chapter 9 View Management In this chapter • SAN tab overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • IP tab overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Icon legend. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Customizing the main window . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
9 SAN tab overview SAN tab overview The SAN tab displays the Product List, Topology Map, Master Log, Utilization Legend, and Minimap. NOTE When you launch the Management application or navigate to a new view, the SAN tab displays with a gray screen over the Product List and Topology Map while data is loading. You can change the default size of the display by placing the cursor on the divider until a double arrow displays. Click and drag the adjoining divider to resize the window.
SAN tab overview 9 6. View All list — Enables you to create, copy, or edit a view, select to how to view the Product list (All Levels, Products and Ports, Products Only, or Ports Only) and to select which view you want to display in the main window. For more information, refer to “View All list” on page 364. For step-by-step instruction about creating a view, refer to “Creating a customized view” on page 400. 7.
9 SAN tab overview 6. Track Fabric Changes — Select to turn track fabric changes on or off for the selected device or group. 7. View Utilization — Displays or hides the utilization legend. 8. View Report — Displays the View Reports dialog box. Use to view available reports. 9. Domain ID/Port # — Use to set the domain ID or port number to display as decimal or hex in the Product List. 10. Product Label — Use to set the product label for the devices in the Connectivity Map and Product List. 11.
SAN tab overview 9 Port Display buttons The Port Display buttons are located at the top right of the Product List and enable you to configure how ports display. You have the option of viewing connected (or occupied) product ports, unoccupied product ports, or attached ports. Not enabled until you discover a fabric or host. NOTE Occupied/connected ports are those that originate from a device, such as a switch. Attached ports are ports of the target devices that are connected to the originating device.
9 SAN tab overview Product List The Product List, located on the SAN tab, displays an inventory of all discovered devices and ports. The Product List is a quick way to look up product and port information, including serial numbers and IP addresses. To display the Product List, select View > Show Panels > Product List or press F9. You can edit information in the Product List by double-clicking in a field marked with a green triangle. You can sort the Product List by clicking a column heading.
SAN tab overview • • • • • • 9 Symbolic Name — Displays the symbolic name for the port. TAG — Displays the tag number of the product. Vendor — Displays the name of the product’s vendor. WWN — Displays the world wide name of the product or port. Zone Alias — Displays the zone alias of the product or port. User-defined property labels — Displays the user-defined property labels. You can create up to three user-defined property labels. Product List functions • Customize — Customize the Product list.
9 SAN tab overview Connectivity Map functions • Two-way selection — When you select an icon on the Topology Map, that device is highlighted in the Product List and vice versa. • • • • Device double-click — Double-click a device to launch Web Tools for the selected device. Zoom In/Zoom Out — Click the appropriate button to zoom in or out on the Topology Map. Tool tips — Mouse over a device or connection to view information. Right-click menus — Right-click a device to view the menu.
IP tab overview 9 IP tab overview The IP tab displays the Product List, Topology Map, Master Log, and Minimap. You can change the default size of the display by placing the cursor on the divider until a double arrow displays. Click and drag the adjoining divider to resize the window. You can also show or hide an area by clicking the left or right arrow on the divider. The following graphic illustrates the various areas, and descriptions of them are listed below. NOTE Some areas may be hidden by default.
9 IP tab overview 7. Topology Map toolbar — Provides tools for viewing the Topology Map as well as exporting the Topology Map as an image. Does not display until you discover a device or network. For more information, refer to “Topology Map toolbar” on page 372. 8. Product List — Lists the products discovered in the Management application. For more information, refer to “IP Product List” on page 373. 9. Topology Map — Displays the topology, including discovered and monitored devices and connections.
IP tab overview 9 11. Legend — Use to view the topology legend. For more information, refer to “Topology map elements” on page 421. 12. Product List Search — Use to search for a device in the product list. 13. Help — Displays the Online Help. Product List toolbar This toolbar is located at the top of the product list and provides lists, links, and buttons to perform various functions. The items on this toolbar vary based on what you select from the Type list.
9 IP tab overview Host Product List toolbar The Port Display buttons are located at the top right of the Product List and enable you to configure how ports display. You have the option of viewing connected (or occupied) product ports, unoccupied product ports, or attached ports. Not enabled until you discover a fabric or host. NOTE Occupied/connected ports are those that originate from a device, such as a switch. Attached ports are ports of the target devices that are connected to the originating device.
IP tab overview 7. 9 Reset zoom list — Use to reset the zoom (Actual Size, Fit Content, 25%, 50%, 75%, 100%, 125%, 150%, 200%, or 500%) of the Topology Map. 8. Zoom In icon — Use to zoom in on the Topology Map. Host topology map toolbar The Host Topology map toolbar is located at the top right side of the View window and provides tools to export the topology, to zoom in and out of the Topology Map, collapse and expand groups, and fit the topology to the window. Not enabled until you discover a host.
9 IP tab overview • Status — Displays the status for the produc, such as Reachable, Marginal, Degraded Link, or Not Reachable. • • • • • • • • • • State (Ethernet Fabrics only) — Displays the Ethernet Fabric state, such as online or offline. Vendor — Displays the name of the product’s vendor. Model — Displays the model number of the product. Port Count — Displays the number of ports on the product. Firmware — Displays the firmware version of the product.
IP tab overview 9 Topology Map The Topology map displays the topology, including discovered and monitored devices and connections. For more information about topology maps, refer to “IP topology view manager” on page 411. FIGURE 149 Topology Map Topology Map functions • Two-way selection — Select an icon on the topology map and that device is highlighted in the Product List and vice versa. For more information about icons, refer to “Icon legend” on page 380.
9 IP tab overview Topology map keyboard shortcuts For the L2, Ethernet Fabrics, IP, and VLAN topologies, you can use the keystrokes shown in the table below to perform common topology map functions. TABLE 41 Topology keyboard shortcuts Keyboard Shortcut Description Number Pad + Zoom in on the topology. Number Pad - Zoom out on the topology. Control + 0 Set the zoom level to 100%. Control + P Launch the Print dialog box. Control + E Launch the Export dialog box.
IP tab overview • • • • • • • • • Last Event Server Time — The time and date the event last occurred on the server. • • • • • • First Event Product Time — The time and date the event first occurred on the product. 9 Count — The number of times the event occurred. Module Name — The name of the module on which the event occurred. Message ID — The message ID of the event. Product Address — The IP address of the product on which the event originated.
9 IP tab overview FIGURE 151 IP Minimap Anchoring or floating the Minimap You can anchor or float the Minimap to customize your main window. • To float the Minimap and view it in a separate window, click the Detach icon ( ) in the upper right corner of the Minimap. • To anchor the Minimap and return the Minimap to its original location on the main window, do one of the following steps: - Click the Attach icon ( Click the Close icon ( ) in the upper right corner of the Minimap.
IP tab overview 9 Status bar The status bar displays at the bottom of the main window. The status bar provides a variety of information about the SAN and the application. The icons on the status bar change to reflect different information, such as the current status of products, fabrics, and backup. FIGURE 152 Status Bar The icons on your status bar will vary based on the licensed features on your system. 1. Connection Status — Displays the Server-Client connection status.
9 Icon legend 9. Policy Monitor Status — Displays whether or not a policy monitor has failed or partially failed. Click to launch the Policy Monitor dialog box. For more information about policy monitors, refer to “Viewing policy monitor status” on page 1671. 10. Special Events — Displays whether or not a special event has been triggered. Click to launch the Special Events dialog box. For more information about special events, refer to “Creating an event action definition” on page 1732. 11.
Icon legend 9 TABLE 42 Icon Description Icon Description VC module Multi-fabric VC module iSCSI Target iSCSI Initiator IP product icons The following table lists the manageable IronWare and Network OS product icons that display on the topology. Manageable devices display with blue icons. Unmanageable devices display with gray icons. Some of the icons shown only display when certain features are licensed.
9 Icon legend Host product icons The following table lists the manageable Host product icons that display on the topology. Fabric OS manageable devices display with blue icons. Unmanageable devices display with gray icons. Some of the icons shown only display when certain features are licensed.
Icon legend 9 Host group icons The following table lists the manageable Host product group icons that display on the topology. TABLE 46 Icon Description Icon Description Host Group IP group icons The following table lists the manageable IP product group icons that display on the topology. TABLE 47 Icon Description Icon Description Switch Group, Product Group SAN port icons The following table lists the port icons that display in the Product List.
9 Icon legend IP port icons The following table lists the port icons that display in the Product List. TABLE 49 Icon Description IP Port Virtual IP Port IP Port Group SAN product status icons The following table lists the product status icons that display on the topology.
Icon legend 9 TABLE 51 Icon Status Not Reachable Unknown/Link Down Unhealthy Event icons The following table lists the event icons that display on the topology and Master Log. For more information about events, refer to “Fault Management” on page 1707.
9 Customizing the main window Customizing the main window You can customize the main window to display only the data you need by displaying different levels of detail on the Connectivity Map (topology) or Product List. Zooming in and out of the Connectivity Map You can zoom in or out of the Connectivity Map to see products and ports. Zooming in To zoom in on the Connectivity Map, use one of the following methods: • Click the zoom-in icon ( ) on the Connectivity Map toolbar.
Customizing the main window 9 Showing levels of detail on the Connectivity Map You can configure different levels of detail on the Connectivity Map, making device management easier. Viewing fabrics To view only fabrics, without seeing groups, products, or ports, select View > Show> Fabrics Only. Viewing groups To view only groups and fabrics, without seeing products, or ports, select View > Show> Groups Only. Viewing products To view products, groups, and fabrics, select View > Show> All Products.
9 Customizing the main window • • • • Export information from the table Search for information Expand the table to view all information Collapse the table Displaying columns To only display specific columns, complete the following steps. 1. Right-click anywhere in the table and select Customize or Table > Customize. The Customize Columns dialog box displays. FIGURE 154 Customize Columns dialog box 2. Choose from the following options: • Select the check box to display a column.
Customizing the main window 9 Changing the order of columns To change the order in which columns display, choose from one of the following options. Rearrange columns in a table by dragging and dropping the column to a new location. OR 1. Right-click anywhere in the table and select Customize or Table > Customize. The Customize Columns dialog box displays. 2. Select the name of the column you want to move and use the Move Up button and Move Down button to move it to a new location. 3. Click OK.
9 Customizing the main window Exporting table information You can export the entire table or a specific row to a text file. 1. Choose from one of the following options: • Right-click anywhere in the table and select Table > Export Table. • Select the table row that you want to export and select Table > Export Row. The Save table to a tab delimited file dialog box displays. 2. Browse to the location where you want to save the file. 3. Enter the file name in the File Name field. 4. Click Save.
Product List customization 9 Product List customization NOTE Properties customization requires read and write permissions to the Properties - Add / Delete Columns privilege. You can customize the Product List by creating user-defined fabric, product, and port property labels. You can also edit or delete user-defined property labels, as needed. You can create up to three user-defined property labels from the Product List for each of the following object types: fabric, product, and port properties.
9 Search Editing a property label You can only edit labels that you create on the Product List. To edit a user-defined property label (column heading), complete the following steps. 1. Right-click the column heading on the Product List for the property you want to edit and select Edit Column. The Edit Property dialog box displays. 2. Change the label and description for the property, as needed. The label must be unique and can be up to 30 characters. The description can be up to 126 characters.
Search 9 The Search features contains a number of components. The following graphic illustrates the various areas, and descriptions of them are listed below. 1 2 3 4 1. Text field — Enter the text or unicode regular expression for which you want to search. 2. Search list — Select one of the following options: • Text option — Select this option if you entered a text string in the text field.
9 Search Restricting a search by node When a device is assigned to a product group, it may be listed in the Product node, as well as Product Groups node. Therefore the search results include the device under both the Product node and the Product Group node. NOTE To search for a device, the device must be discovered and display in the topology. To restrict the search only to specific nodes, complete the following steps. 1. Select the Product node or Product Group node that you want to search. 2.
Address Finder 9 3. Press Ctrl and click the search icon. The search results display highlighted. Example If you search for IP address “192.1.1.101” and then press CTRL and click the search icon, the application only highlights “192.1.1.101”. This search does not highlight "SI-101 [192.1.1.101]". If you search for port "1/2" and then press CTRL and click the search icon, the application only highlights port “1/2”. This search does not highlight ports "1/2", "1/20", "1/21", "1/22", and so forth.
9 Address Finder Finding IP addresses NOTE Address Finder is only supported on Network OS products running 3.0 or later. When searching for an IP address, Address Finder sends a couple of packets to the target IP address to prime Address Resolution Protocol (ARP) caches. It then looks in the Management application database to find all the Layer 3 devices on the target subnet, and then queries the ARP table of each one to find the target IP address.
Address Finder 9 4. Select the Find only in the selected products check box to limit the search to selected products. When you access Address Finder from the Element Manager interface (refer to “Element Manager interface overview” on page 1209), the Find only in the selected products check box is selected by default to limit the search to the selected Ethernet router device. 5. Select the product you want to include in the search in the Available Products list. 6.
9 Address Finder Finding MAC addresses NOTE MAC address search is supported on Network OS products running 2.1.0 or later. To find a MAC address, Address Finder searches the learned MAC address tables of each device that is in the database. To find a IP address, refer to “Finding IP addresses” on page 396. To find a MAC address, complete the following steps. 1. Click the IP tab. 2. Select Tools > Address Finder. The Address Finder dialog box displays. FIGURE 157 Address Finder dialog box 3.
Address Finder 9 4. Select the Find only in the selected products check box to limit the search to selected products. When you access Address Finder from the Element Manager interface (refer to “Element Manager interface overview” on page 1209), the Find only in the selected products check box is selected by default to limit the search to the selected Ethernet router device. 5. Select the product you want to include in the search in the Available Products list. 6.
9 SAN view management overview 8. Click Port Properties to launch the Port Properties dialog box for the device. 9. Click Close to close the Address Finder dialog box. SAN view management overview You can customize the topology by creating views that include certain fabrics or devices and then switch between the views to see specific information about those fabrics or devices.
SAN view management overview 9 2. Enter a name (128-character maximum) in the Name field and a description (126-character maximum) in the Description field for the view. NOTE You cannot use the name “View” or “View All” in the Name field. NOTE You cannot use an existing name in the Name field. 3. Click the Fabrics tab. 4. In the Available Fabrics table, select the fabrics you want to include in the view and click the right arrow button to move your selections to the Selected Fabrics and Hosts table.
9 SAN view management overview Editing a customized view You can only edit customized views that you have created. 1. Select View > Manage View > Edit View > View_Name. The Edit View dialog box displays. FIGURE 160 Edit View dialog box - Fabrics tab 2. Click the Fabrics tab. 3. In the Available Fabrics table, select the fabrics you want to include in the view and use the right arrow button to move your selections to the Selected Fabrics and Hosts table.
SAN view management overview 9 5. In the Available Hosts table, select the fabrics you want to include in the view and use the right arrow button to move your selections to the Selected Fabrics and Hosts table. The Available Hosts table displays the name, IP address, network address of the available hosts and the fabric in which the host is located. If this table is blank, it may be because all hosts have been selected and are displayed in the Selected Fabrics and Hosts table.
9 SAN view management overview 2. Enter a name (128-character maximum) in the Name field and a description (126-character maximum) in the Description field for the view. NOTE You cannot use the name “View” or “View All” in the Name field. NOTE You cannot use an existing name in the Name field. 3. In the Available Fabrics table, select the fabrics you want to include in the view and use the right arrow button to move your selections to the Selected Fabrics and Hosts table.
SAN topology layout 9 SAN topology layout You can customize various parts of the topology, including the layout of devices and connections and groups’ background colors, to easily and quickly view and monitor devices in your SAN. The following menu options are available on the View menu. Use these options to customize the topology layout. • Map Display. Select to specify a new layout for the desktop icons, background color for groups, and line type for connections between icons. • Domain ID/Port #.
9 SAN topology layout Customizing the layout of devices on the topology You can customize the layout of devices by group type or for the entire Connectivity Map. Customizing the layout makes it easier to view the SAN and manage its devices. Group types include Fabric, Host, Storage, Router and Switch groups. 1. Right-click a group or the Connectivity Map and select Map Display. The Map Display Properties dialog box displays.
SAN topology layout 9 3. Select the Set as Default Layout check box. 4. Click OK on the Map Display Properties dialog box to change the device layout on the topology. Customizing the layout of connections on the topology You can change the way inter-device connections display on the topology. 1. Right-click a group or the Connectivity Map and select Map Display. The Map Display Properties dialog box displays. 2. Select one of the following options from the Line Type list: • Straight.
9 SAN topology layout • To specify a color based on hue, saturation, and lightness, click the HSL tab. Specify the hue (0 to 360 degrees), saturation (0 to 100%), lightness (0 to 100%), and transparency (0 to 100%). • To specify a color based on values of red, green, and blue, click the RGB tab. Specify the values for red (0 to 255), green (0 to 255), blue (0 to 255), and alpha (0 to 255) or enter a color code in the Color Code field.
Grouping on the topology 9 • Port WWN. Displays the port world wide name as the port label. • User Port #. Displays the user’s port number as the port label. • Zone Alias. Displays the zone alias as the port label. All port labels within the fabric to which the selected item belongs change to the selected port label type. Changing the port display You have the option of viewing connected (or occupied) product ports, unoccupied product ports, or attached ports.
9 Grouping on the topology Expanding groups To expand a group on the topology, do one of the following: • Double-click the group icon. • Right-click the group icon and select Expand from the shortcut menu. To expand all groups on the topology by one level, click the Expand button on the Connectivity Map toolbar ( ).
IP topology view manager 9 Deleting a custom connection configuration NOTE Active zones must be available on the fabric. To delete a custom connection configuration, complete the following steps. 1. Select a fabric on the topology and select View > Connected End Devices > Custom. The Connected End Devices - Custom display for Fabric dialog box displays. 2. Select the configuration you want to delete in the Application list. 3. Click Delete. 4. Click OK on the confirmation message. 5.
9 Network Objects view Displaying topology views To display a topology view, select the one of the following view types from the view list on the Product List toolbar: • • • • • • Network Objects — For more information, refer to “Network Objects view” on page 412. IP Topology — For more information, refer to “IP Topology view” on page 414. L2 Topology — For more information, refer to “L2 Topology view” on page 414. Ethernet Fabrics — For more information, refer to “Ethernet Fabrics view” on page 415.
Network Objects view 9 Network Object view functions • Sort — Click a column head to sort the list. Click a column head again to reverse the sort orders. • Node/Device double-click — Double-click a node (subnet) to display the devices beneath it. Double-click a device to display the Properties dialog box for the selected device. For more information, refer to “IP device properties” on page 1976. • User-defined properties — User-defined properties display in the Product List.
9 IP Topology view 6. Remove a category or object from the filter by selecting the category or object in the Selected Categories list and clicking the left arrow button. 7. Click OK. The updated Product List contains only the selected categories and objects. The Filter check box displays with a check mark. Clearing the Network Objects Product List filter To clear the filter and display all discovered devices in the Network Objects Product List, clear the Filter check box.
Ethernet Fabrics view 9 For more information about the components and customization of the topology map, refer to the following sections: • “IP topology map components” on page 420. • “Topology map elements” on page 421. • “Topology map layout” on page 423. For more information about functions you can perform on the topology map, refer to “Topology Map functions” on page 375. Ethernet Fabrics view The Ethernet Fabrics view displays a map of the traffic for VCS devices on your network.
9 VLAN Topology view VLAN Topology view The VLAN Topology view displays a map of the VLAN traffic for devices on your network. You can also view primary, isolated, and community PVLAN in the VLAN Topology and Product List. You can access the STP or RSTP Topology from this view. To display topologies for VLANs, you must have the Main Display - VLAN privilege in your user role. For more information about privileges, refer to “User Privileges” on page 1935.
VLAN Topology view 9 Table 53 displays the elements of the STP Topology map. TABLE 53 STP/RSTP Topology map elements Element Description Device name IP address Bridge ID Each device on the map displays its device name, IP address and bridge ID. [Root] The root bridge. The bridges on the topology in normal operating state. solid line The port is in a forwarding state and has the root port role. link with arrow head The port is in a blocking state or discarding.
9 VLAN Topology view Exporting an STP/RSTP Report To export an STP/RSTP report, complete the following steps. 1. Select VLAN Topology from the view list on the Product List toolbar. Mouse over the STP button. A tool tip appears, indicating whether STP is on or off. 2. If STP is off, click STP to turn it on. 3. Select a VLAN or PVLAN from the VLAN Product List. 4. Right-click a device on the topology map and select STP Report from the list. The STP/RSTP Report displays. 5. Click Export.
Host Topology view 9 Host Topology view The Host Topology view displays a list of discovered hosts in a table (Product List). This view allows you to manage user authentications and permissions on discovered devices. The following columns (presented here in alphabetical order) are included in the Product List: • Additional Port Info. Displays additional port information. • All Levels. Displays all discovered fabrics, groups, devices, and ports as both text and icons.
9 IP topology map components • Zone Alias. Displays the zone alias of the product or port. • User-defined property labels — Displays the user-defined property labels. You can create up to three user-defined property labels. For more information about the components and customization of the topology map, refer to the following sections: • “IP topology map components” on page 420. • “Topology map elements” on page 421. • “Topology map layout” on page 423.
IP topology map components 9 Topology map elements Topology maps are comprised of nodes and connections. To display the topology legend, click the Legend button on the main toolbar. The Legend dialog box displays. FIGURE 165 Legend dialog box Table 54 displays the elements included in the topology.
9 IP topology map components TABLE 54 Icon Legend components Description Icon Description Down Unhealthy IP Subnet Layer 2 Clouds Normal Connection Trunk Logical Connections Missing The following list describes the basic elements included in a topology map. • IP devices — This node displays as a blue box. To view all IP product icons, refer to “IP product icons” on page 381. Double-click a product icon to display the Properties dialog box.
IP topology map components 9 Topology map layout The Management application provides several layouts for the IP Topology, Ethernet Fabrics, L2 Topology, and VLAN Topology views, so that you can determine which one provides the best display of your network topology. When selecting a layout, keep the following in mind: • When you first open a Topology view, the Topology Map uses the layout option specified in the Topology Display dialog box.
9 IP topology map components Organic The Organic layout distributes the nodes evenly, makes connection lengths uniform, minimizes crisscrossing of connections, and tries to prevent nodes from touching each other. This layout is best for the visualization of highly connected backbone regions with attached peripheral ring or star structures.
IP topology map components 9 Orthogonal (Merge Lines) The Orthogonal (Merge Lines) layout displays the nodes in a concise tree-like structure using vertical and horizontal line segments. Hierarchical The Hierarchical layout is best for a complex map. This layout might have a start point and end point, with some overall flow between those points.
9 IP topology map components Circular The Circular layout distributes all nodes in a circle, with equal spacing between each neighbor node. Free Form This layout is the one you customize by repositioning the nodes on the map. Selecting a topology map layout To change the topology layout, complete the following steps. 1. Select one of the following view types from the view list on the Product List toolbar.
IP topology map components 9 2. Click the Topology Display icon on the Topology Map toolbar. The Topology Display dialog box displays. FIGURE 166 Topology Display dialog box 3. Select one of the following topology layouts in the Layout area. • • • • • • Organic Orthogonal Orthogonal (Merge Lines) Hierarchical Circular Free Form 4. Click Recompute Layout Now. The Management application redraws the Topology Map. 5. Click OK on the Topology Display dialog box.
9 IP topology map components a. Use Ctrl + click to select one or more nodes or click in an empty part of the topology and drag a box around the nodes you want to move. b. Select one of the highlighted nodes and drag the selected nodes to a new position on the map. 3. Repeat step 2 until you have repositioned all nodes. Navigation to another view topology or tab or exiting the application automatically saves your changes.
IP topology map components 9 1. Open the topology_data.txt (located in Install_Home\conf\discovery\ip) file in a text editor. 2. Add the link using the following format: Device_One_IP_Address|Interface_Name Device_Two_IP_Address|Interface_Name where Device_One_IP_Address is the IP address for the device at one end of the link, Interface_Name the is the exact format returned by the ifName MIB variable for the device, and Device_Two_IP_Address is the IP address for the device at the other end of the link.
9 IP topology map components • To specify a color based on values of red, green, and blue, click the RGB tab. Specify the values for red, green, blue, and alpha (0 to 255) or enter a color code in the Color Code field. • To specify a color based on values of cyan, magenta, yellow, and black, click the CMYK tab. Specify the values for cyan, magenta, yellow, black, and alpha (0 to 255). c. Click OK on the Choose a Color dialog box. 3.
IP topology map components 9 1. Click the Topology Display icon on the Topology Map toolbar. The Topology Display dialog box displays with the name of the current background image in the Image list. The Image lists includes all imported background images. 2. Click Import. The Open dialog box displays. 3. Browse to the map image. 4. Click Open. The imported image displays in the Image list. 5.
9 IP topology map components Exporting the topology To export a Topology Map as an image file, complete the following steps. 1. Click the Export icon on the Topology Map tool bar. The Export dialog box displays. 2. Browse to the location where you want to save the map image. 3. Enter a name for the map in the File Name field. 4. Select the export file type in the File of Type list. Options include: PNG, GIF, JPG, BMP, PDF, and EMF. 5. Click Save.
Port actions i. Select a color for the title from the Text Color list. j. Enter a title in the Text area. k. Enter the font size in the Font size field. l. Click the Footer tab. 9 m. Enter a footer in the Text field. n. Select a color for the footer from the Footer Color list. o. Select a color for the title from the Text Color list. p. Enter a title in the Text area. q. Enter the font size in the Font size field. r. Click OK on the Print Options dialog box. 6. Click Print.
9 Port actions 4. Select Enable from the Port Actions list. NOTE If the VDX FC Port is enabled through the Properties dialog box, the Port Status displays as "No_Light”. To obtain the updated value, re-open the Properties dialog box after the next collection cycle. 5. Click OK to close the dialog box. Disabling port actions To disable port actions, complete the following steps. 1. Select one of the following view types from the view list on the Product List toolbar.
Port actions 9 5. Select Display Attached Port Properties from the Port Actions list. 6. Click OK to close the dialog box. The VCS_Name Properties dialog box displays with the attached ports highlighted in the Ports tab. Accessing performance monitoring To access performance monitoring dialog boxes, complete the following steps. 1. Select one of the following view types from the view list on the Product List toolbar. • • • • • Network Object IP Topology L2 Topology Ethernet Fabrics VLAN Topology 2.
Chapter 10 MRP Topology In this chapter • MRP Topology overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing a MRP Topology map . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing a MRP ring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring the application to show a dashed line . . . . . . . . . . . . . . . . . . . • Selecting a topology map layout. . . . . . . . . . . . . . .
10 Viewing a MRP Topology map - FastIron CX switches running FCX software release 04.0.00 and later. FastIron GS, FastIron LS, and FastIron WS running FGS software release 04.0.00 and later. You can use the CLI Configuration Manager to deploy MRP configurations to devices. You can also configure MRP using the device CLI. You can use the Element Manager to access the device or go directly to the device CLI.
Viewing a MRP ring 10 • Topology Map — The right pane displays the devices in a MRP ring using graphic elements (icons). Links between devices running FDP or LLDP display automatically on the topology maps. When you select a device on the Topology Map, the application highlights the device in the Product List. Viewing a MRP ring To view a MRP ring, click a ring in the Product List. The selected ring displays in the Topology Map.
10 Viewing a MRP ring TABLE 55 MRP Topology map elements Element Description The port is in a pre-forwarding or forwarding state and shows the direction of the packet flow. link with arrow head The port is in a blocking state or discarding. link with block MRP is disabled on the port. link with solid black circle # or # / # The forwarding or receiving port number of slot/port number.
Configuring the application to show a dashed line 10 • Save button. Use to save changes to the MRP Topology map. For more information about layout types, refer to “Creating a customized layout” on page 445. • Map button. Use to add a background image to the Topology Map. For more information about adding a background image, refer to “Adding a background image to a map” on page 430. • • • • • • Options button. Use to configure topology options. Fit Window icon.
10 Selecting a topology map layout Selecting a topology map layout To change the topology layout, select one of the following topology layouts from the layout type list on the Topology Map toolbar. • Fast Organic The Fast Organic layout is a variation on the Organic layout; however, connections are drawn closer to the nodes. The time it takes to draw the Fast Organic layout is proportional to the number of nodes squared. Generally, this layout is best for smaller networks.
Selecting a topology map layout 10 • Organic The Organic layout distributes the nodes evenly, makes connection lengths uniform, minimizes criss-crossing of connections, and tries to prevent nodes from touching each other. • Hierarchical The Hierarchical layout is best for a complex map. This layout might have a start point and end point, with some overall flow between those points.
10 Selecting a topology map layout • Self Organizing The Self Organizing layout distributes nodes and connections evenly on the display area in a linear layout. • Circular The Circular layout distributes all nodes in a circle, with equal spacing between each neighbor node.
Creating a customized layout 10 • Saved This layout is the one you customized by repositioning the nodes on the map. If you have not customized the layout, this Saved option is disabled. Also, if you select the Saved Layout Preferred check box on the Topology Options dialog box, this layout takes precedence over the default layout. The Management application redraws the MRP Topology map. For more information about layout types, refer to “Topology map layout” on page 423.
10 Customizing the MRP Topology map Customizing the MRP Topology map To customize the MRP Topology map, complete the following steps. 1. Click Options on the MRP Topology map tool bar. The MRP Topology Options dialog box displays. FIGURE 170 Topology Options dialog box 2. Change the background color by completing the following steps: a. Click the ellipsis button in the Background Color row. b. Select the color you want. c. Click OK. 3.
Refreshing MRP Topology data 10 8. Select the Saved Layout Preferred check box to set the customized layout as the default for the topology group. This parameter supersedes the Layout parameter. If you select this parameter, the Saved layout displays even if a different layout is indicated in the Layout parameter. 9. Click Close on the MRP Topology Options dialog box. Refreshing MRP Topology data To refresh the MRP Topology data, click Refresh.
10 Viewing MRP properties • Secondary Port — The secondary port of the device. • Secondary Port Active — The port number receiving RHPs. • Secondary Port State — The state (Pre-forwarding, Forwarding, Blocking, or Disabled) of the secondary port. • • • • Secondary Port Type — The secondary port type (Regular or Tunnel). State — Whether MRP is enabled or disabled on the device. State Changed — The number of MRP interface state changes that have occurred.
Chapter 11 Call Home In this chapter • Call Home overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing Call Home configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Showing a Call Home center. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Hiding a Call Home center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Editing a Call Home center . . . . . . . . . . . . . . .
11 Call Home overview Call Home overview NOTE Call Home is supported on Windows systems for all modem and e-mail Call Home centers and is supported on UNIX for the e-mail Call Home centers. Call Home notification allows you to configure the Management application server to automatically send an e-mail alert or dial in to a support center to report system problems on specified devices (Fabric OS, IronWare, and Network OS switches, routers, and directors).
Viewing Call Home configurations 11 Call Home allows you to perform the following tasks: • Assign devices to and remove devices from the Call Home centers. • Define filters from the list of events generated by Fabric OS, IronWare, and Network OS devices. • Edit and remove filters available in the Call Home Event Filters table. • Apply filters to and remove filters from the devices individually or in groups.
11 Viewing Call Home configurations The Call Home dialog box contains the following fields and components: • Products List — Displays all discovered products. The list allows for multiple selections and manual sorting of columns. This list displays the following information: Product Icon — The status of the products’ manageability. Name — The name of the product. IP Address — The IP address (IPv4 or IPv6 format) of the product. Node WWN — The node world wide name of the product.
Viewing Call Home configurations 11 • Left arrow button (bottom) — Click to remove the selected event filter (refer to “Removing all event filter from a Call Home center” on page 468 or “Removing an event filter from a device” on page 468) from the selected Call Home center or product. Disabled when no event filter, product, or Call Home center is selected in the Call Home Centers list.
11 Showing a Call Home center Showing a Call Home center To show a Call Home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Click Show/Hide Centers (beneath the Call Home Centers list). The Centers dialog box displays with a predefined list of Call Home centers (Figure 172). FIGURE 172 Centers dialog box 3. Select the check boxes of the Call Home centers you want to display. Clear the check box to hide the Call Home center.
Editing a Call Home center 11 Editing a Call Home center To edit a Call Home center, select from the following procedures: • Editing the IBM Call Home center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Editing an e-mail Call Home center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Editing the EMC Call Home center . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Editing the HP LAN Call Home center. . . . . . . . . . . . . . . . . . . . . . . . . .
11 Editing a Call Home center 8. Enter how often you want to retry the heartbeat interval in the Retry Interval field. The default is 10 seconds. 9. Enter the maximum number of retries in the Maximum Retries field. The default is 3. 10. Enter the primary phone number or extension of the Call Home center in the Call Home Center - Primary Connection field. 11. Enter the backup phone number or extension of the Call Home center in the Call Home Center - Backup Connection field. 12.
Editing a Call Home center 11 FIGURE 174 Configure Call Home Center dialog box (Brocade, IBM, NetApp, or Oracle E-mail option) 4. Make sure the Call Home center type you selected displays in the Call Home Centers list. If the Call Home center type is incorrect, select the correct type from the list. 5. Select the Enable check box to enable this Call Home center. 6. Enter your contact name in the Customer Details - Name field. 7. Enter your company name in the Customer Details - Company field. 8.
11 Editing a Call Home center 16. Enter an e-mail address in the E-mail Notification Settings - Send To Address field. For Brocade E-mail Call Home centers, enter callhomeemail@brocade.com. 17. Click Send Test to test the mail server. The selected Call Home center must be enabled to test the mail server. A faked event is generated and sent to the selected Call Home center. You must contact the Call Home center to verify that the event was received and in the correct format.
Editing a Call Home center - Source — Details about the product. Includes the following data: - Event Time Event Severity Event Reason Code FRU Code/Event Type Event Description Event Data — Information about the triggered event.
11 Editing a Call Home center Editing the EMC Call Home center To edit an EMC Call Home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Select the EMC Call Home center you want to edit in the Call Home Centers list. 3. Click Edit Centers (beneath the Call Home Centers list). The Configure Call Home Center dialog box displays (Figure 175). FIGURE 175 Configure Call Home Center dialog box (EMC option) 4.
Editing a Call Home center 11 13. Click OK. The Call Home dialog box displays with the Call Home center you edited highlighted in the Call Home Centers list. 14. Click OK to close the Call Home dialog box. Editing the HP LAN Call Home center To edit an HP LAN Call Home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Select the HP LAN Call Home center you want to edit in the Call Home Centers list. 3.
11 Enabling a Call Home center 8. Click Send Test to test the address. The selected Call Home center must be enabled to test the IP address. A faked event is generated and sent to the selected Call Home center. You must contact the Call Home center to verify that the event was received and in the correct format. NOTE The HP LAN Call Home alert displays the directory separation characters with a double backslash (\\) instead of a single backslash (\). 9. Click OK to close the “Test Event Sent” message.
Testing the Call Home center connection 11 Testing the Call Home center connection Once you add and enable a Call Home center, you should verify that Call Home is functional. To verify Call Home center functionality, complete the following steps. 1. Select Monitor > Event Notification > Call Home. 2. Click Edit Centers (beneath the Call Home Centers list). The Configure Call Home Center dialog box displays. 3. Select the Call Home center you want to check in the Call Home Centers list. 4.
11 Viewing Call Home status Viewing Call Home status You can view Call Home status from the main Management application window or from the Call Home Notification dialog box. The Management application enables you to view the Call Home status at a glance by providing a Call Home status icon on the status bar. Table 57 illustrates and describes the icons that indicate the current status of the Call Home function.
Assigning a device to the Call Home center 11 Assigning a device to the Call Home center Discovered devices (switches, routers, and directors) are not assigned to a corresponding Call Home center automatically. You must manually assign each device to a Call Home center before you use Call Home. To assign a device or multiple devices to a Call Home center, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2.
11 Defining an event filter 3. Click the left arrow button. A confirmation message displays. 4. Click OK. All devices assigned to the selected Call Home center display in the Products List. Any assigned filters are also removed. 5. Click OK to close the Call Home dialog box. Defining an event filter To define an event filter, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Click Add beneath the Call Home Event Filter list.
Assigning an event filter to a Call Home center 11 Assigning an event filter to a Call Home center Event filters allow Call Home center users to log in to a Management server and assign specific event filters to the devices. This limits the number of unnecessary or “acknowledge” events and improves the performance and effectiveness of the Call Home center. You can only select one event filter at a time; however, you can assign the same event filter to multiple devices or Call Home centers.
11 Overwriting an assigned event filter Overwriting an assigned event filter A device can only have one event filter at a time; therefore, when a new filter is applied to a device that already has a filter, you must confirm the new filter assignment. To overwrite an event filter, complete the following steps. 1. Select Monitor > Event Notification > Call Home. The Call Home dialog box displays. 2. Select the event filter you want to apply in the Call Home Event Filters list.
Removing an event filter from the Call Home Event Filters list 11 • Select an event filter assigned to a device and click the left arrow button. Press CTRL and click to select multiple event filters assigned to multiple devices. All event filters assigned to the device are removed. 3. Click OK to close the Call Home dialog box. Removing an event filter from the Call Home Event Filters list To remove an event filter from the Call Home Event Filters list, complete the following steps. 1.
Chapter 12 Third-party tools In this chapter • About third-party tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Starting third-party tools from the application . . . . . . . . . . . . . . . . . . . . . . • Launching a Telnet session . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Launching an Element Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Launching Web Tools. . . . . . . . . . . . . . . . . . . .
12 Starting third-party tools from the application Starting third-party tools from the application You can open third-party tools from the Tools menu or a device’s shortcut menu. Remember that you cannot open a tool that is not installed on your computer. You must install the tool on your computer and add the tool to the Tools menu or the device’s shortcut menu. NOTE Installing tools is only available with the Trial and Licensed version versions. To open an application, complete the following steps. 1.
Launching an Element Manager 12 1. Select the switch to which you want to connect. 2. Select Tools > Product Menu > Telnet. The Telnet session window displays. NOTE On Linux systems, you must use CTRL + BACKSPACE to delete text in the Telnet session window. Launching an Element Manager Element Managers are used to manage Fibre Channel switches and directors. You can open a device’s Element Manager directly from the application. To launch a device’s Element Manager, complete the following steps.
12 Launching Web Tools Launching Web Tools Use Web Tools to enable and manage Fabric OS access gateway, switches, and directors. You can open Web Tools directly from the application. For more information about Web Tools, refer to the Web Tools Administrator’s Guide. For more information about Fabric OS access gateway, switches, and directors, refer to the documentation for the specific device. To launch a device’s Element Manager, complete the following steps.
Launching FCR configuration 12 Launching FCR configuration Use FCR Configuration to launch the FC Routing module, which enables you to share devices between fabrics without merging the fabrics. You can open the FC Routing module directly from the Management application. For more information about FC Routing, refer to the Web Tools Administrator’s Guide. The FCR Configuration option is available only for the following devices with Fabric OS 5.
12 Launching Name Server Launching Name Server Use Name Server to view entries in the Simple Name Server database. You can open the Name Server module directly from the Management application. For more information about Name Server, refer to the Web Tools Administrator’s Guide. NOTE You must have Element Manager - Product Administration privileges for the selected device to launch Web Tools.
Launching Fabric Watch 12 1. Select a Fabric OS HBA or CNA. 2. Select Configure > Element Manager > HCM. HCM Agent displays. Launching Fabric Watch Use Fabric Watch as an health monitor that allows you to enable each switch to constantly monitor its SAN fabric for potential faults and automatically alerts you to problems long before they become costly failures.. For more information about Fabric Watch, refer to the Fabric Watch Administrator’s Guide.
12 Entering the server IP address of a tool FIGURE 177 Define Tools dialog box 4. Type the tool’s name in the Tool Name field as you want it to appear on the Tools menu. 5. Type or browse to the path of the executable file in the Path field. 6. Type or browse to the path of the folder that you want to set as your working folder in the Working Folder field. 7. Click Add to add the tool. The Setup Tools dialog box displays with the new tool added to the Tools Menu Item table.
Adding an option to the Tools menu 12 5. Click Edit. NOTE You must click Edit before clicking OK; otherwise, your changes will be lost. 6. Click OK to save your work and close the Setup Tools dialog box. Adding an option to the Tools menu You can add third-party tools to the Tools menu which enables you to launch tools directly from the application. To add a option to the tools menu, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays. 2. Click the Tools Menu tab.
12 Changing an option on the Tools menu 7. Click Add. The new tool displays in the Tool Menu Items table. NOTE You must click Add before clicking OK; otherwise, the new menu option is not created. 8. Click OK to save your work and close the Setup Tools dialog box. The tool you configured now displays on the Tools menu. Changing an option on the Tools menu You can edit parameters for third-party tools that display on the Tools menu. To edit a option to the tools menu, complete the following steps. 1.
Adding an option to a device’s shortcut menu 12 4. Click Remove. If the tool is not being utilized, no confirmation message displays. 5. Click Update to remove the tool. 6. Click OK to save your work and close the Setup Tools dialog box. Adding an option to a device’s shortcut menu You can add an option to a device’s shortcut menu. To add an option to the device’s shortcut menu, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays. 2. Click the Product Menu tab.
12 Changing an option on a device’s shortcut menu 10. Click Add to add the new menu item. It displays in the Product Popup Menu Items table. NOTE You must click Add before clicking OK; otherwise, your changes will be lost. 11. Click OK to save your work and close the Setup Tools dialog box. Changing an option on a device’s shortcut menu You can change the parameters for a tool that displays on a device’s shortcut menu. To edit an option to the device’s shortcut menu, complete the following steps. 1.
Removing an option from a device’s shortcut menu 12 11. Click Edit. NOTE You must click Edit before clicking OK; otherwise, your changes will be lost. 12. Click OK to save your work and close the Setup Tools dialog box. Removing an option from a device’s shortcut menu You can remove a tool that displays on a device’s shortcut menu. To remove an option to the device’s shortcut menu, complete the following steps. 1. Select Tools > Setup. The Setup Tools dialog box displays. 2. Click the Product Menu tab.
12 Microsoft System Center Operations Manager (SCOM) plug-in The SCOM plug-in is supported on the following configurations: • SCOM 2007 R2 or SCOM 2012 • Professional Plus and Enterprise Trial and Licensed version 11.0.0 and later SCOM plug-in requirements • Make sure you import the Management application management pack (Management_Application_Name.FabricView.xml) to the SCOM Server prior to registering the SCOM Plug-in. The management pack is located in the following directory: Install_Home\scom.
Microsoft System Center Operations Manager (SCOM) plug-in 12 Editing a SCOM server To edit the SCOM server, complete the following steps. 1. Select Tools > Plug-in for SCOM. The Plug-in for SCOM dialog box displays. 2. Select the server you want to edit and click Edit. The Edit SCOM Server dialog box displays. The Host field is not editable in the Edit SCOM Server dialog box. 3. Edit the domain name in the Domain field. 4. Enter your user ID and password. 5. Click OK. 6. Click Close.
Chapter 13 Server Management Console In this chapter • Server Management Console overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Services tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Ports tab. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • AAA Settings tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Restore tab. . . .
13 Services tab Launching the SMC on Linux NOTE The Server Management Console is a graphical user interface and should be launched from the XConsole on Linux systems. Perform the following steps to launch the Server Management Console on Linux systems. 1. On the Management application server, go to the following directory: Install_Directory/bin 2. Type the following at the command line: .
Services tab 13 3. Review the following information for each available service. • • • • Name — The name of the server; for example, FTP Server or Database Server. Process Name — The name of the process; for example, postgres.exe (Database Server). Status — The status of the service; for example, started or stopped. Start Time — The date and time the service started. The Start Time for Service Location Protocol displays as ‘Not Available’. 4. Click Close to close the Server Management Console.
13 Services tab Starting all services NOTE The Start button restarts running services in addition to starting stopped services which causes client-server disconnect. To start all services, complete the following steps. 1. Launch the Server Management Console. 2. Click the Services tab. 3. Click Start to start all services. NOTE If the server is configured to use an external FTP server, the Server Management Console does not attempt to start the built-in FTP service. 4.
Ports tab 13 6. Select the database user name for which you want to change the password in the User Name field. Options include dcmadmin and dcmuser. Changing the dcmadmin password requires all Management application services, except for the database server, to be stopped and then re-started. Changing the dcmuser password requires all ODBC remote client sessions to be restarted. 7. Enter your current password in the Old Password field. 8.
13 AAA Settings tab AAA Settings tab Authentication enables you to configure an authentication server and establish authentication policies. You can configure the Management application to authenticate users against the local database (Management application server), an external server (RADIUS, LDAP, CAC or TACACS+), or a switch. Authentication is configured to the local database by default.
AAA Settings tab 13 1. Select the AAA Settings tab (Figure 180). FIGURE 180 AAA Settings tab 2. Select Radius Server from the Primary Authentication list. 3. Add or edit a Radius server by referring to “Configuring a Radius server” on page 494. 4. Rearrange the Radius servers in the table by selecting a server and click the Up or Down button to move it. 5. Delete a Radius server by selecting the server and click Delete. 6. Test the established active connection with the Radius server by clicking Test.
13 AAA Settings tab Configuring a Radius server To add or edit a Radius server, complete the following steps. 1. Choose one of the following options from the AAA Settings tab: • Click Add. • Select an existing Radius server and click Edit. The Add or Edit Radius Server dialog box displays (Figure 181). FIGURE 181 Add or Edit Radius Server 2. Enter the radius server’s IP address in the IP Address field. 3. Enter the TCP port, if necessary, used by the Radius server in the TCP Port field. Default is 1812.
AAA Settings tab 13 Configuring LDAP server authentication NOTE You cannot configure multiple Active Directory groups (domains) for the LDAP server. NOTE You cannot enter Domain\User_Name in the Management application dialog box for LDAP server authentication. If you are using an LDAP server for authentication, make the following preparations first: • Make sure that the LDAP server you want to use is on the network that the Management application manages. • Have the IP address of the server available.
13 AAA Settings tab If you configure the external LDAP server as the primary authentication server, make the following preparations first: • Make sure that the external LDAP server and its user accounts have been properly configured (refer to “Creating an AD user account” on page 261). For example, you must define roles and areas of responsibility (AOR) in the external server to match the Management application roles and AOR.
AAA Settings tab 13 10. Set the authorization preference by selecting one of the following options from the Authorization Preference list: • Local Database Use the LDAP server for authentication and the Management application local database for authorization. The user name in the local database must match the LDAP user name (password does not need to match) and must have the appropriate roles and AORs.
13 AAA Settings tab FIGURE 183 Add or Edit LDAP server 4. Enter the LDAP server’s hostname in the Network address field. If DNS is not configured in your network, provide an IP address instead of the hostname. 5. Enable security by selecting the Security Enabled check box. When you enable security, the TCP port number automatically changes to port 636 and you must enable certificate services on the LDAP server. 6. Enter the TCP port used by the LDAP server in the TCP Port field.
AAA Settings tab 13 FIGURE 184 AAA Settings tab - TACACS+ server 3. Add or edit a TACACS+ server by referring to “Configuring a TACACS+ server” on page 500. 4. Rearrange the TACACS+ servers in the table by selecting a server and click the Up or Down button to move it. 5. Delete a TACACS+ server by selecting the server and click Delete. 6. Test the established active connection with the TACACS+ server by clicking Test. The Test Authentication dialog box displays. 7.
13 AAA Settings tab Configuring a TACACS+ server To add or edit a TACACS+ server, complete the following steps. 1. Choose one of the following options from the AAA Settings tab: • Click Add. • Select an existing TACACS+ server and click Edit. The Add or Edit TACACS+ Server dialog box displays (Figure 183). FIGURE 185 Add or Edit TACACS+ Server 2. Enter the TACACS+ server’s hostname in the Network Address field. If DNS is not configured in your network, provide an IP address instead of the hostname. 3.
AAA Settings tab 13 Configuring Common Access Card authentication NOTE Common Access Card (CAC) authentication does not support SMI Agent and launch-in-context dialog boxes. NOTE CAC authentication is only supported on Windows systems. Common Access Card (CAC) authentication requires the following preparations: • Make sure to connect the CAC reader to the Management application client workstation. • Make sure to obtain and install the active client library on the client workstation.
13 AAA Settings tab FIGURE 186 AAA Settings tab - CAC server 3. Set the authorization preference by selecting one of the following options from the Authorization Preference list: • Local Database — Uses the AD server for authentication and the Management application local database for authorization. • Primary Authentication Server — Uses the AD server for authentication and authorization.
AAA Settings tab 13 Configuring switch authentication Switch authentication enables you to authenticate a user account against the switch database and the Management application server. You can configure up to three switches and specify the fall back order if one or more of the switches is not available. NOTE Switch authentication is only supported on Fabric OS devices. To configure switch authentication, complete the following steps. 1. Select the AAA Settings tab. 2.
13 AAA Settings tab 1. Select the AAA Settings tab. 2. For Primary Authentication, select Windows Domain. 3. Enter the domain name in the Windows Domain Name field. 4. Set secondary authentication by selecting one of the following options from the Secondary Authentication list: • Local Database • None 5. Click Test. The Test Authentication dialog box displays. 1. In the User ID field, choose one of the following options: • To authenticate a user account against the current domain, enter your user name.
Restore tab 13 Displaying the client authentication audit trail All responses to authentication requests coming from clients are logged to an audit trail log file. This file is automatically backed up on the first day of every month. 1. Select the AAA Settings tab. 2. Click Display next to Authentication Audit Trail. The Login dialog box displays. 3. Enter your username and password in the appropriate fields and click OK. The defaults are Administrator and password, respectively.
13 Technical Support Information tab FIGURE 187 Restore tab 4. Click Browse to select the path (defined in the Output Directory field on the Options dialog box - Backup pane) to the database backup location. 5. Click Restore. Upon completion, a message displays the status of the restore operation. Click OK to close the message and the Server Management Console. For the restored data to take effect, re-launch the Configuration Wizard using the instructions in “Launching the Configuration Wizard” on page 5.
Technical Support Information tab 13 FIGURE 188 Technical Support Information tab 2. Select the Include database check box to capture database server support save files and choose one of the following options: • Select the Partial option to exclude historical data and events from the database capture. • Select the Full option to include historical data and events from the database capture. NOTE It is recommended that you only capture the partial database.
13 HCM Upgrade tab HCM Upgrade tab The HCM Upgrade tab enables you to upgrade the Management application to include a new version of HCM. Upgrading HCM on the Management server To upgrade HCM, complete the following steps. 1. Select the HCM Upgrade tab. FIGURE 189 HCM Upgrade tab 2. Click Browse to select the HCM installation folder location (for example, C:\Program Files\BROCADE\Adapter on Windows systems and /opt/brocade/adapter on Linux systems). 3. Click Upgrade. 4. Click Close.
SMI Agent Configuration Tool 13 • Certificate Management tab — enables you to import Client and Indication certificates, export Server certificates, as well as view and delete current certificates. • Summary tab — enables you to view the CIMOM server configuration and current configuration. Launching the SMIA configuration tool on Windows NOTE All Management application services must be running before you can log into the SMIA Configuration Tool.
13 SMI Agent Configuration Tool FIGURE 191 SMIA Configuration Tool dialog box Launching the SMIA configuration tool on Unix NOTE All Management application services must be running before you can log into the SMIA Configuration Tool. To start the Management application services, click Start on the Server Management Console dialog box. Perform the following steps to launch the Server Management Console on Unix systems. 1.
SMI Agent Configuration Tool 13 Launching a remote SMIA configuration tool To launch a remote SMIA configuration tool, complete the following steps. 1. Open a web browser and enter the IP address of the Management application server in the Address bar. If the web server port number does not use the default (443 if is SSL Enabled; otherwise, the default is 80), you must enter the web server port number in addition to the IP address. For example, IP_Address:Web_Server_Port_Number.
13 SMI Agent Configuration Tool • slptool program can be used to verify whether SLP is operating properly or not. A different slptool exists for UNIX and Windows. By default, the Management application SMI Agent is configured to advertise itself as a Service Agent (SA). The advertised SLP template shows its location (IP address) and the WBEM Services it supports.
SMI Agent Configuration Tool 13 • slptool findattrs service:wbem:https://IP_Address:Port NOTE Where IP_Address:Port is the IP address and port number that display when you use the slptool findsrvs service:wbem command. Use this command to verify that Management application SMI Agent SLP service is properly advertising its WBEM SLP template over the HTTP protocol. Example output: Install_Home\cimom\bin>slptool findattrs service:wbem:http://10.24.35.61:5988 (template-type=wbem),(template-version=1.
13 SMI Agent Configuration Tool SLP on UNIX systems This section describes how to verify the SLP daemon on UNIX systems. SLP file locations on UNIX systems • SLP log — Install_Home/cimom /cfg/slp.log • SLP daemon — Install_Home/cimom /cfg/slp.conf You can reconfigure the SLP daemon by modifying this file. • SLP register — Install_Home/cimom /cfg/slp.reg You can statically register an application that does not dynamically register with SLP using SLPAPIs by modifying this file.
SMI Agent Configuration Tool 13 Verifying SLP service installation and operation on Windows systems 1. Launch the Server Management Console from the Start menu. 2. Click Start to start the SLP service. 3. Open a command window. 4. Type cd c:\Install_Home\cimom \bin and press Enter to change to the directory where slpd.bat is located. 5. Type > slptool findsrvs service:service-agent and press Enter to verify the SLP service is running as a Service Agent. 6.
13 SMI Agent Configuration Tool Accessing Management application features To access Management application features such as, fabric and host discovery, role-based access control, application configuration and display options, server properties, as well as the application name, build, and copyright, complete the following steps. 1. Click the Home tab, if necessary. 2. Select from the following to access the feature or dialog box.
SMI Agent Configuration Tool 13 1. Click the Authentication tab. FIGURE 192 Authentication tab 2. Select the Enable Client Mutual Authentication check box, as needed. If the check box is checked, CIM client mutual authentication is enabled. If the check box is clear (default), client mutual authentication is disabled. 3. Select the Enable Indication Mutual Authentication check box, as needed. If the check box is checked, indication mutual authentication is enabled.
13 SMI Agent Configuration Tool Configuring CIMOM server authentication CIMOM server authentication is the authentication mechanism between the CIM client and the CIMOM Server. You can configure the CIMOM server to allow the CIM client to query the CIMOM server without providing credentials; however, the CIMOM server requires the Management application credentials to connect to the Management application server to retrieve the required data.
SMI Agent Configuration Tool 13 CIMOM tab NOTE You must have SAN - SMI Operation Read and Write privileges to view or make changes on the CIMOM tab. For more information about privileges, refer to “User Privileges” on page 1935. The CIMOM tab enables you to configure the CIMOM server port, the CIMOM Bind Network Address, and the CIMOM log. Configuring the SMI Agent port number To configure the SMI Agent port number, complete the following steps. 1. Click the CIMOM tab. FIGURE 193 CIMOM tab 2.
13 SMI Agent Configuration Tool 4. Click Apply. NOTE Changes on this tab take effect after the next CIMOM server restart. NOTE You can only restart the server using the Server Management Console (Start > Programs > Management_Application_Name 12.X.X > Server Management Console). If you disabled SSL, a confirmation message displays. Click Yes to continue. 5. Click Close to close the SMIA Configuration Tool dialog box.
SMI Agent Configuration Tool 13 Configuring the CIMOM log NOTE You must have SAN - SMI Operation Read and Write privileges to view or make changes on the CIMOM tab. For more information about privileges, refer to “User Privileges” on page 1935. To configure the CIMOM log, complete the following steps. 1. Click the CIMOM tab. 2. Select a log category from the Log Level list to start logging support data for the server. Options include the following: • Off — select to turn off logging support data.
13 SMI Agent Configuration Tool Certificate Management tab NOTE You must have SMI Operation Read and Write privileges to view or make changes on the Certificate Management tab. For more information about privileges, refer to “User Privileges” on page 1935. The Certificate Management tab enables you to manage your CIM client and Indication authentication certificates.
SMI Agent Configuration Tool 13 5. Click Import. The new certificate displays in the Certificates list and text box. If the certificate location is not valid, an error message displays. Click OK to close the message and reenter the full path to the certificate location. If you did not enter a certificate name, an error message displays. Click OK to close the message and enter a name for the certificate. If the certificate file is empty or corrupted, an error message displays.
13 SMI Agent Configuration Tool Deleting a certificate NOTE You must have SMI Operation Read and Write privileges to view or make changes to the Certificate Management tab. For more information about privileges, refer to “User Privileges” on page 1935. To delete a certificate, complete the following steps. 1. Click the Certificate Management tab. 2. Select Client or Indication from the Authentication list. The appropriate certificates display in the Certificates list. 3.
SMI Agent Configuration Tool 13 1. Click the Summary tab. FIGURE 195 Summary tab 2. Review the summary. NOTE When the CIMOM server is stopped, the server configuration information does not display on the Summary tab. The following information is included in the summary. TABLE 58 Field/Component Description Client Mutual Authentication Displays whether or not the client mutual authentication is enabled or disabled for the Server Configuration and the Current Configuration.
13 SMI Agent Configuration Tool TABLE 58 Field/Component Description Log Level Displays the log level for the Server Configuration and the Current Configuration. Options include the following: • 10000 — Off • 1000 — Severe • 900 — Warning • 800 — Info (default) • 700 — Config • 500 — Fine • 400 — Finer • 300 — Finest • 0 — All Managed Ports Displays the number of managed ports. For more information about managed port count rules, refer to “Managed count” on page 29.
Chapter 14 SAN Device Configuration In this chapter • Configuration repository management . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enhanced group management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Firmware management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Frame viewer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Ports . . . . . . . . . . . . . . . . . . . .
14 Configuration repository management Saving switch configurations on demand NOTE Save switch configuration is only supported on Fabric OS switches. NOTE This feature requires a Trial or Licensed version. NOTE To save switch configuration on more than one switch at a time, you must have the Enhanced Group Management license.
Configuration repository management 14 4. Click OK. Configuration files from the selected switches are saved to the repository. 5. (Professional only) Browse to the location where you want to save the switch configuration. 6. (Professional only) Click Save Configuration. Configuration files from the selected switches are saved to the selected location. You can use this file to restore the saved configuration through the device’s Element Manager.
14 Configuration repository management Scheduling switch configuration backup NOTE This feature requires a Trial or Licensed version. NOTE The Enhanced Group Management (EGM) license must be activated on a switch to perform this procedure and to use the supportSave module. You can schedule a backup of one or more switch configurations. If a periodic backup is scheduled at the SAN level, that backup will apply to all switches from all fabrics discovered.
Configuration repository management 14 FIGURE 198 Schedule backup of switch configurations 2. Click the Enable scheduled backup check box. 3. Set the Schedule parameters. These include the following: - The desired Frequency for backup operations (daily, weekly, monthly). The Day you want back up to run. If Frequency is Daily, the Day list is grayed out. If Frequency is Weekly, choices are days of the week (Sunday through Saturday). If Frequency is Monthly, choices are days of the month (1 through 31).
14 Configuration repository management • Fabric Name — The world wide name of the fabric selected for backup configuration. • Status — The status of the fabric selected for backup configuration; for example, unknown or marginal. • # of Switches — The number of switches that are configured on the fabric selected for backup configuration. If any switches do not have the EGM license, a messages displays. Click OK to enable backup on the switches with the EGM license. 5. Click OK.
Configuration repository management 14 • Backup Date/Time — The date and time the last backup occurred. This is the backup that will be restored. • Fabric Name — The name of the fabric to which the selected switch belongs. • Name — The name of the switch that will be restored. • Configuration Type — The type of configuration for the switch (FC, DCB-running, or DCB-startup). • IP Address — The IP address of the switch that will be restored. • WWN — The world wide name of the switch that will be restored.
14 Configuration repository management FIGURE 200 Configuration file content 3. Click Close to close the dialog box. 4. Click Yes on the message. Searching the configuration file content NOTE This feature requires a Trial or Licensed version. To search the configuration file content, complete the following steps. 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays. 2. Click View.
Configuration repository management 14 FIGURE 201 Configuration file content 4. Click Close to close the dialog box. 5. Click Yes on the message. Deleting a configuration NOTE This feature requires a Trial or Licensed version. 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository. The Switch Configuration Repository dialog box displays. 2. Select the configuration you want to delete, and click Delete.
14 Configuration repository management 3. Use the file chooser to select the location into which you want to export the configuration. 4. Click Export. The configuration is automatically named (Device_Name_Date_and_Time) and exported to the location you selected. Importing a configuration NOTE This feature requires a Trial or Licensed version. 1. Right-click a device in the Product List or the Connectivity Map, and select Configuration > Configuration Repository.
Configuration repository management 14 Replicating configurations NOTE This feature requires a Trial or Licensed version. You can replicate a switch SNMP configuration, the Fabric Watch configuration, Trace Destination configuration, or the entire configuration. Select Configure > Configuration > Replicate > Configuration. A wizard is launched to guide you through the process. The first step of the wizard, Overview, displays. There are seven steps in the Replicate Switch Configuration: 1.
14 Configuration repository management TABLE 60 Step 3. Source Location Field/Component Description Configuration Repository option Select to replicate the entire configuration repository to the destination switches. Configuration from the switch option Select to assign a designated switch to the destination switch.
Configuration repository management TABLE 61 14 Step 4. Source Configuration (Continued) Field/Component Description Name The name of the switch. Port # The number of the port. Port Count The total number of ports. Port Type The type of port (for example, expansion port, node port, or NL_port). Product Type The type of product. Protocol The protocol for the port. Serial # The serial number of the switch. Speed Configured (Gbps) The actual speed of the port in Gigabits per second.
14 Configuration repository management TABLE 62 Step 5. Destination Switches (Continued) Field/Component Port # The number of the port. Port Count The total number of ports. Port Type The type of port (for example, expansion port, node port, or NL_port). Product Type The type of product. Protocol The protocol for the port. Serial # The serial number of the switch. Speed Configured (Gbps) The actual speed of the port in Gigabits per second.
Configuration repository management 14 Replicating security configurations NOTE This feature requires a Trial or Licensed version. You can replicate an AD/LDAP Server, DCC, IP, RADIUS Server, or SCC security policy. Select Configure > Configuration > Replicate > Security. A wizard is launched to guide you through the process. The first step of the wizard, Overview, displays. There are seven steps in the Replicate Switch Security Policy Configuration wizard: 1. Overview, which describes the wizard. 2.
14 Configuration repository management TABLE 66 Description Switch IP Address The IP address of the source switch to be replicated. Switch WWN The world wide name of the source switch to be replicated. Name The name of the selected switch. Device Type The type of device port. Tag The tag number of the port Serial # The serial number of the switch. WWN The switch port’s world wide name. IP Address The switch port’s IP address.
Enhanced group management TABLE 67 14 Step 4. Select Destination Switches (Continued) Field/Component Description Description A description of the customer site. State The port state, for example, online or offline. Status The operational status of the port; for example, unknown or marginal. Right and left arrow buttons Click to move the switches back and forth between the Available Switches table and the Selected Switches table.
14 Firmware management Firmware management A firmware file repository (Windows systems only) is maintained on the server in the following location: C:\Program Files\Install_Directory\data\ftproot\Firmware\Switches\7.0\n.n.n\n.n.n The firmware repository is used by the internal FTP, SCP, or SFTP server that is delivered with the Management application software, and may be used by an external FTP server if it is installed on the same platform as the Management application software.
Firmware management 14 FIGURE 202 Firmware download 3. Select one or more switches from the Available Switches table. The Available Switches table lists the switches that are available for firmware download. 4. Click the right arrow to move the switches to the Selected Switches table. If you selected any switches that do not support firmware download, a message displays. Click OK on the message. The switches that support firmware download display in the Selected Switches table.
14 Firmware management • Select the SCP Server option to download from the external SCP server. Continue with step 7. NOTE The Management application only supports WinSSHD as the third-party Windows external SCP server. Firmware upgrade and downgrade through WinSSHD is only supported on devices running Fabric OS 6.0 or later. • Select the SFTP Server option to download from the external SFTP server. Continue with step 7.
Firmware management 14 Displaying the firmware repository The firmware repository is available on the Firmware Management dialog box. The Management application supports .zip and .gz compression file types for firmware files. Initially, the firmware repository is configured to use the built-in FTP, SCP, or SFTP server. To use an external FTP server, refer to “Configuring an external FTP, SCP, or SFTP server” on page 226.
14 Firmware management • Release Notes View button — Click to view the release notes, if imported, which contain information about downloading firmware. For internal built-in FTP, SCP, or SFTP servers or external SCP or SFTP servers running on the same system as the Management application, if there is a space in the release note file name, you will not be able to view the release notes.
Firmware management 14 5. (Optional) Enter or browse to the location of the release notes. The Management application supports .pdf and .txt file types for release notes. For internal built-in FTP, SCP, or SFTP servers or external SCP or SFTP servers running on the same system as the Management application, if there is a space in the release note file name, you can import the file. However, you will not be able to view the release notes. 6. Enter or browse to the location of the MD5 file (.md5 file type).
14 Frame viewer Frame viewer NOTE Frame viewer is only supported on Fabric OS devices running 7.1.0 or later. Frame viewer enables you to view a list of devices with discarded frames due to c3 timeout, destination unreachable, and not routable. You can also view a summary of discarded frames for each device and clear the discarded frame log on the device. Viewing discarded frames from a device 1. Select a Fabric OS device running 7.1.0 or later and select Monitor > Discarded Frames.
Frame viewer 14 3. Select a device in the top table to view detailed data about the discarded frames on that device. • Discarded Frame History for the Selected Product table — Summary of the discarded frames for the selected device. Count – Number of discarded frames logged in the frame log with the same timestamp, Tx Port, Rx Port, SID, DID, SFID, and DFID. The maximum number of duplicate frames stored for any 1 second timestamp is 20.
14 Frame viewer Viewing discarded frames from a port 1. Select a port on a Fabric OS device running 7.1.0 or later and select Monitor > Discarded Frames. The Discarded Frames dialog box displays. 2. Review the data for the discarded frames from the selected port. • Discarded Frame History for the Selected Product table — Summary of the discarded frames for the selected port.
Ports 14 3. Click Close. Clearing the discarded frame log 1. Open the Discarded Frames dialog box (refer to “Viewing discarded frames from a device” on page 550 or “Viewing discarded frames from a port” on page 552). 2. Select one of the following options: • If you are in switch view, select a device in the upper table and click Clear to clear the discarded frames from the frame log. • If you are in port view, click Clear to clear the discarded frames from the frame log. 3. Click Close.
14 Ports FIGURE 206 Port Connectivity View dialog box The following details the information located (in default order) on the Port Connectivity View dialog box. • Fabric / Switch Name — If launched from a fabric, displays the fabric name. If launched from a switch, displays the fabric name and the switch name. • Filter check box / link — Select to filter results (refer to “Filtering port connectivity” on page 557) in the Port Connectivity View dialog box.
Ports 14 - FC Address — The Fibre Channel address. Each FC port has both an address identifier and a world wide name (WWN). - Port WWN — The world wide name of the port. - Status — The port’s status; for example, Enabled, Faulty, Healthy, Unknown, and so on. - Long Distance — Whether the connection is considered to be normal or longer distance. - Device FC Address — The port FC address of the connected Host or target device. - Device Node WWN — The world wide name of the device node.
14 Ports - Unit Type — The switch unit type. - Vendor — The hardware vendor’s name. - Switch Status — The operational status. There are four possible operation status values: Capability — The device capability of the connected device port. The value is mapped depending on whether it is a name server (NS) or a FICON device. Host Name — The name of the Host. Switch IP — The switch’s IP address. Switch Version — The switch’s version number.
Ports 14 Refreshing the port connectivity view To obtain configuration changes that occurred since the Port Connectivity View dialog box opened, click Refresh. Enabling a port To enable a port from the port connectivity view, right-click the port you want to enable from the Port Connectivity View dialog box and select Disable/Enable Port > Enable.
14 Ports 4. Define a filter by entering a value that corresponds to the selected property in the Value column. 5. Repeat steps 2 through 4 as needed to define more filters. 6. Click OK. The Port Connectivity View dialog box displays. If filtering is already enabled, only those ports that meet the filter requirements display. To enable the filter, select the Filter check box. Resetting the filter Reset immediately clears all existing definitions. You cannot cancel the reset.
Ports 14 FIGURE 208 Port Details dialog box 2. Review the port information. For the list of fields on the Port Details dialog box, refer to “Viewing port properties” on page 1970. 3. Sort the results by clicking on the column header. 4. Rearrange the columns by dragging and dropping the column header. 5. Click the close (X) button to close this dialog box. Viewing ports To view ports on the Connectivity Map, right-click a product icon and select Show Ports.
14 Ports Port types On the Connectivity Map, right-click a switch icon and select Show Ports. The port types display showing which ports are connected to which products. NOTE Show Ports is not applicable when the map display layout is set to Free Form (default). NOTE This feature is only available for connected products. On bridges and CNT products, only utilized Fibre Channel ports display. IP ports do not display. TABLE 70 Port types Port Type Description D A port in diagnostic mode.
Ports 14 Viewing port connection properties You can view the information about products and ports on both sides of the connection. 1. Right-click the connection between two end devices on the Connectivity Map and select Properties. OR Double-click the connection between two devices on the Connectivity Map. The Connection Properties dialog box displays.
14 Ports TABLE 71 Port connection properties (Continued) Field Description 2-Port Type The port type of the second switch. 2-WWPN The world wide port number of the second switch. 2-MAC Address The MAC address of the second switch. 2-IP Address The IP address of the second switch. 2-Trunk Whether there is a trunk on the second switch. 2-Speed (Gbps) The speed of the second switch. 2-Tunnel ID The tunnel ID of the second switch. 2-Circuit ID The circuit ID of the second switch.
Ports TABLE 71 14 Port connection properties (Continued) Field Description GE Port # The GE port number of the switch. InBand Management State Whether inband management is enabled or disabled. iSCSI Capable Whether the switch is iSCSI capable or not. L2 Mode Whether the switch is in L2 mode or not. LAG ID The LAG identifier. Locked Port Type The port type of the locked product. Long Distance Setting Whether the connection is considered to be normal or longer distance.
14 Ports TABLE 71 Port connection properties (Continued) Field Description Tunnel Count The number of tunnels on the switch. Tunnel ID The tunnel ID number of the switch. User Port # The user port number of the switch. VLAN ID The VLAN identifier. VPWWN State Whether the VPWWN state is enabled or disabled. VPWWN Type The VPWWN type: Auto or User. Auto VPWWN The automatically generated VPWWN. User VPWWN The user-defined VPWWN. 3. Click Close to close the dialog box.
Ports 14 Viewing port optics NOTE QSFP ports do not display in the Port Optics dialog box. Enables you to view port optics for FC, TE, GE, and XGE ports. To view port optics, complete the following steps. 1. Right-click the switch for which you want to view port optic information on the Connectivity Map and select Port Optics (SFP). The Port Optics (SFP) dialog box displays (Figure 209). FIGURE 209 Port Optics dialog box 2. Review the port optics information.
14 Ports Unknown icon — The port is not a 16 Gbps capable port or the device is running Fabric OS 6.4.X or earlier. Error icon — Unable to retrieve status of the supported port. Slot/Port # — The slot and port number of the selected fabric. The port number includes the type of port (FC, TE, GE, or XGE). • • FC Address — The Fibre Channel address of the port. • TX Power — The power transmitted to the SFP in dBm and uWatts. NOTE The uWatts display requires devices with Fabric OS 6.1.0 and later.
Port commissioning overview 14 Refreshing port optics To refresh port optics, click Refresh. The Management application retrieves updated port optic information. Port commissioning overview NOTE Port commissioning is only supported on Fabric OS devices running Fabric OS 7.1 or later. Port commissioning provides an automated mechanism to remove an E-Port or F-Port from use (decommission) and to put it back in use (recommission).
14 Port commissioning overview FIGURE 210 Port Commissioning Setup dialog box The Port Commissioning Setup dialog box has two main areas. The Add/Edit Systems and Credentials area enables you to register CIMOM servers (system and credentials) one at a time and contains the following fields and components: • Network Address — Enter the IP address (IPv4 or Ipv6 format) or host name of the CIMOM server in the field. • Description — (Optional) Enter a description of the CIMOM server in the field.
Port commissioning overview 14 Credentials Updated — Credentials changed, connectivity not tested yet. Credentials Failed — CIMOM server contact failed with current credentials. Not Reachable — CIMOM server not reachable. Wrong Namespace — CIMOM server namespace is incorrect. Last Contacted — The last time you contacted the system. Updates when you test the reachability of the CIMOM server and when you contact the CIMOM server to respond to the F-Port decommission or recommission request. • 2.
14 Port commissioning overview 9. Select the new CIMOM server in the System List and click Test to check connectivity. When testing is complete, the updated status displays in the Status column of the Systems List for the selected CIMOM server. 10. Click OK or Apply to save your work and save the CIMOM server details in the database. Editing CIMOM server credentials 1. Select Configure > Port Commissioning > Setup. The Port Commissioning Setup dialog box displays (Figure 210). 2.
Port commissioning overview 14 3. Browse to the location of the file (.csv format) and click Open. The imported CIMOM servers display in the Systems List. 4. Click OK or Apply to save your work and save the CIMOM server details in the database. Exporting CIMOM servers and credentials 1. Select Configure > Port Commissioning > Setup. The Port Commissioning Setup dialog box displays (Figure 210). 2. Click Export to export CIMOM server information to a file. The Export Files dialog box displays. 3.
14 Port commissioning overview Testing CIMOM server credentials You should validate the CIMOM server credentials before you decommission or recommission ports. During the decommission or recommission of an F-Port, the Management application validates the CIMOM server credentials. 1. Select a device and select Configure > Port Commissioning > Setup. The Port Commissioning Setup dialog box displays (Figure 210). 2. Select one or more CIMOM servers from the System List table and click Test.
Port commissioning overview 14 Decommissioning an F-Port NOTE You must configure at least one CIMOM server (refer to “Registering a CIMOM server” on page 569) before you can decommission an F-Port. NOTE Fabric tracking must be enabled (refer to “Enabling fabric tracking” on page 232) to maintain the decommissioned port details (such as port type, device port wwn, and so on). Do not accept changes in the Management application client. 1.
14 Port commissioning overview Decommissioning an E-Port NOTE You must enable Lossless DLS on both the source and destination switches before you decommission an E-Port. NOTE Fabric tracking must be enabled (refer to “Enabling fabric tracking” on page 232) to maintain the decommissioned port details (such as port type, device port wwn, and so on). Do not accept changes in the Management application client.
Port commissioning overview 14 2. Choose one of the following options: • Apply Default Settings (default) — Select to have the Management application perform one of the following actions: The Management application contact all registered CIMOM servers within the fabric affected by the action and obtains the status from each CIMOM server. If all CIMOM servers are okay, the Management application sends a CAL Request to decommission the port. If even one CIMOM server is not okay, decommissioning fails.
14 Port commissioning overview 2. Choose one of the following options: • Apply Default Settings (default) — Select to have the Management application perform one of the following actions: The Management application contact all registered CIMOM servers within the fabric affected by the action and obtains the status from each CIMOM server. If all CIMOM servers are okay, the Management application sends a CAL Request to decommission the port. If even one CIMOM server is not okay, decommissioning fails.
Port commissioning overview 14 Recommissioning all ports on a blade NOTE All ports on the blade must be managed by the Management application. Select a port on the blade for which you want to recommission all ports, then select Configure > Port Commissioning > Recommission > All Ports on the Switch/Blade. NOTE You can only recommission ports from the logical switch, not the physical chassis. While recommissioning is in progress, an up arrow icon displays next to the port icon in the Product List.
14 Administrative Domain-enabled fabric support Administrative Domain-enabled fabric support The Management application provides limited support for AD-enabled fabrics. An Administrative Domain (Admin Domain or AD) is a logical grouping of fabric elements that defines which switches, ports, and devices you can view and modify. An Admin Domain is a filtered administrative view of the fabric. NOTE If you do not implement Admin Domains, the feature has no impact on users and you can ignore this section.
Administrative Domain-enabled fabric support 14 • If you try to enable Virtual Fabrics on an AD-enabled switch, that operation fails with the following message: “Failed to enable Virtual Fabric feature for Chassis (Remove All ADs before attempting to enable VF).” • Performs performance management (including Advance Performance Monitoring and Top Talkers) data collection and reports in a physical fabric context.
14 Administrative Domain-enabled fabric support TABLE 72 Feature support for AD-enabled fabrics (Continued) Feature AD context ADO AD255 Not supported All AD User interface impact Performance Management > Configure Thresholds End-to-End Monitors Clear Counters X Filters AD-enabled fabric from the Fabrics list. Port Auto Disable X Filters AD-enabled fabric from the dialog box. Port Connectivity X Disables menu for a switch in an AD-enabled fabric.
Port Auto Disable 14 Port Auto Disable NOTE Port Auto Disable requires devices running Fabric OS 6.3 or later. Port Auto Disable (PAD) allows you to enable and disable Port Auto Disable on individual FC_ports or on all ports on a selected device, as well as unblock currently blocked ports.
14 Port Auto Disable FIGURE 211 Port Auto Disable dialog box 2. Select a fabric from the Fabric list. An information message displays the number of block ports for the fabric, if any. 3. Select one of the following from the Show list to determine what ports to display: • • • • All Ports (default) Disabled PAD Ports Enabled PAD Ports Blocked Ports 4. Review the port information: • Products/Ports tree — Displays devices and associated ports.
Port Auto Disable • • • • • • • • 14 Port # — Displays the port number. Port WWN — Displays the port world wide name. Port Name — Displays the port name. User Port # — Displays the user port number. PID — Displays the port identifier. Connected Port # — Displays the connected port number. Connected Port WWN — Displays the connected port world wide name. Connected Port Name — Displays the connected port name. 5. Click OK on the Port Auto Disable dialog box.
14 Port Auto Disable Enabling Port Auto Disable on individual ports NOTE Port Auto Disable requires devices running Fabric OS 6.3 or later. To enable PAD on individual ports, complete the following steps. 1. Select Monitor > Port Auto Disable. The Port Auto Disable dialog box displays. 2. Select the fabric on which you want to configure PAD from the Fabric list. 3. Choose one of the following options from the Show list to filter the port list: • All Ports (default) — Displays all ports in the fabric.
Port Auto Disable 14 Disabling Port Auto Disable on individual ports NOTE Port Auto Disable requires devices running Fabric OS 6.3 or later. To disable port auto disable on individual ports, complete the following steps. 1. Select Monitor > Port Auto Disable. The Port Auto Disable dialog box displays. 2. Select the fabric on which you want to configure PAD from the Fabric list. 3.
14 Port Auto Disable Stopping Port Auto Disable on a device NOTE Port Auto Disable requires devices running Fabric OS 7.2 or later. You can disable PAD at the device level. This allows you stop PAD for the device regardless of the individual port setting. To stop PAD on a device, complete the following steps. 1. Select Monitor > Port Auto Disable. The Port Auto Disable dialog box displays. 2. Select the fabric on which you want to configure PAD from the Fabric list. 3.
Port Auto Disable 14 Unblocking ports NOTE Port Auto Disable requires devices running Fabric OS 6.3 or later. To unblock ports, complete the following steps. 1. Select Monitor > Port Auto Disable. The Port Auto Disable dialog box displays. 2. Select the fabric on which you want to unblock ports from the Fabric list. 3. Select Blocked Ports from the Show list. 4. Select the device on which you want to unblock ports. 5. Click Unblock (under Port). 6. Click OK on the Port Auto Disable dialog box.
Chapter 15 Host Port Mapping In this chapter • Host port mapping overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Creating a new Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Renaming an HBA Host. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Deleting an HBA Host . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing Host properties . . . . . . . .
15 Creating a new Host Creating a new Host To create a new Host, complete the following steps. 1. Right-click an HBA icon in the Fabric topology and select Host Port Mapping. The Host Port Mapping dialog box displays. FIGURE 212 Host Port Mapping dialog box The Host Port Mapping dialog box includes the following details: • HBAs table — All unassigned HBAs. Lists the following information for all available HBAs. You can sort the table by clicking once on any of the column titles.
Renaming an HBA Host 15 Renaming an HBA Host To rename a Host, complete the following steps. 1. Right-click an HBA icon in the Fabric topology and select Host Port Mapping. The Host Port Mapping dialog box displays. 2. Click the Host you want to rename in the Hosts table, wait a moment, and then click it again. The Host displays in edit mode. 3. Type a new name for the Host. The name of the Host appears in the Hosts table in alphabetical order with the new name.
15 Associating an HBA with a Host Associating an HBA with a Host ATTENTION Discovered information overwrites your user settings. To associate an HBA with a Host, complete the following steps. 1. Right-click an HBA icon in the Fabric topology and select Host Port Mapping. The Host Port Mapping dialog box displays. 2. Select the Host to which you want to assign HBAs in the Hosts table or click New Host to create a new Host. 3. Select the HBA from the HBAs table on the left and click the right arrow.
Importing HBA-to-Host mapping 15 4. Click Open on the Import dialog box. The file imports, reads, and applies all changes line-by-line and performs the following: • Checks for correct file structure and well-formed WWNs, and counts number of errors. If more than 5 errors occur, import fails and a ‘maximum error count exceeded’ message displays. Edit the Host port mapping file and try again. • Checks for duplicate HBAs. If duplicates exist, a message displays with the duplicate mappings detailed.
15 Removing an HBA from a Host Removing an HBA from a Host To remove an HBA from a Host, complete the following steps. 1. Right-click an HBA icon in the Fabric topology and select Host Port Mapping. The Host Port Mapping dialog box displays. 2. Select the HBA from the Hosts table on the right and click the left arrow. The HBA you selected is removed from the Hosts table and the HBA is no longer associated with the Host.
Exporting Host port mapping 15 4. Browse to the location where you want to save the export file. Depending on your operating system, the default export location are as follows: • Desktop\My documents (Windows) • \root (Linux) 5. Enter a name for the files and click Save. 6. Click OK to close the Host Port Mapping dialog box.
Chapter 16 Storage Port Mapping In this chapter • Storage port mapping overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Creating a storage array . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Adding storage ports to a storage array. . . . . . . . . . . . . . . . . . . . . . . . . . . . • Unassigning a storage port from a storage array . . . . . . . . . . . . . . . . . . . . • Reassigning mapped storage ports . . . . . . . . . . . . . . . .
16 Creating a storage array Creating a storage array To create a storage array, complete the following steps. 1. Select a storage port icon in the topology view, then select Discover > Storage Port Mapping. The Storage Port Mapping dialog box displays with the following information. • Storage Ports table — Lists the following information for all available storage ports. You can sort the table by clicking once on any of the column titles. Fabric Name — The fabric name.
Unassigning a storage port from a storage array 16 4. Click the right arrow. The storage port is added to the Storage Array. 5. Click OK to save your work and close the Storage Port Mapping dialog box. If the storage device is part of more than one fabric, a message displays: The selected Storage_Name/Storage_WWN is part of more than one fabric. The port nodes associated with the other fabrics will automatically be moved to the storage array. Click OK to close the message.
16 Editing storage array properties 6. Click the right arrow button. The storage port moves from the Storage Ports table to the selected storage array. 7. Click OK to save your work and close the Storage Port Mapping dialog box. Editing storage array properties To edit storage array properties, complete the following steps. 1. Select a storage port icon in the topology view, then select Discover > Storage Port Mapping. The Storage Port Mapping dialog box displays. 2.
Viewing storage array properties 16 4. Review the properties. 5. Click OK on the Properties dialog box. 6. Click OK on the Storage Port Mapping dialog box. Viewing storage array properties To view storage array properties, complete the following steps. 1. Select a storage port icon in the topology view, then select Discover > Storage Port Mapping. The Storage Port Mapping dialog box displays. 2. Select a storage array from the Storage Array list. 3. Click Properties. The Properties dialog box displays.
16 Importing storage port mapping 4. Click Open on the Import dialog box. The file imports, reads, and applies all changes line-by-line and performs the following: • Checks for correct file structure (first entry must be the storage node name (WWN) and second entry must be the storage array name), well formed WWNs, and counts number of errors If more than 5 errors occur, import automatically cancels. Edit the storage port mapping file and try again.
Exporting storage port mapping 16 Exporting storage port mapping The Storage Port Mapping dialog box enables you to export a storage port array. The export file uses the CSV format. The first row contains the headers (Storage Node Name (WWNN), Storage Array Name) for the file. Example Storage Node Name (WWNN), Storage Array Name 20000004CFBD7100,New Storage Array 20000004CFBD896E,New Storage Array 20000037E19CED,New Storage Array To export a storage port array, complete the following steps. 1.
Chapter 17 Wireless Management In this chapter • Wireless management overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Wireless devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Wireless device discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Wireless devices on the dashboard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Port groups. . . . . . . . . . . . . . . . . .
17 Wireless devices Wireless devices The Management application supports three models of wireless controllers. TABLE 75 Wireless controller models Device Name Firmware required RFS 4000 Mobility 5.3 or later RFS 6000 Mobility 5.3 or later RFS 7000 Mobility 5.3 or later The Management application supports four models of wireless access points. TABLE 76 Wireless access points Device Name Firmware required AP 650 Mobility 4.1.1 (standalone mode) Mobility 5.
Wireless devices on the dashboard 17 Wireless devices on the dashboard Wireless controllers and standalone access points display in the following dashboard widgets: • • • • IP Inventory IP Status AP Status Status NOTE Wireless access points in adaptive mode do not display in the dashboard.
17 View management View management Wireless controllers and standalone access points display in the Network Objects, L2 Topology, IP Topology, and VLAN Topology views. NOTE Wireless access points in adaptive mode do not display in the topology.
Element Manager 17 Browser and system requirements The Element Manager requires a browser supporting Adobe Flash Player 10. The system accessing the Element Manager should have a minimum of 512Mb RAM for the Element Manager to display and function properly. The following browsers have been validated with the Element Manager: • Firefox 3.6 • Internet Explorer 7.x • Internet Explorer 8.x NOTE Leading and trailing spaces are not allowed in any text fields in the Element Manager.
17 Configuration repository and backup management 4. Enter your password in the Password field. The default password admin123. 5. Click Login. The Element Manager displays. OR 1. Select Reports > Wired Products from the main menu. The Wired Products report displays. 2. Click the IP address of a product in the IP Address column. The Element Manager displays. Launching a Telnet session NOTE Wireless access points in adaptive mode do not display in the Management application.
CLI configuration management • • • • • • 17 “Exporting a configuration to a text file” on page 1230 “Comparing configuration snapshots” on page 1235 “Generating a configuration snapshot report” on page 1236 “Viewing the pre- and post-configuration snapshot” on page 1238 “Saving a configuration snapshot” on page 1239 “Scheduling a configuration backup” on page 1241 CLI configuration management CLI configuration provides a text-based interface that allows you to enter command line interface (CLI) commands
17 Cluster mode Cluster mode A cluster is a set of wireless controllers working collectively to provide redundancy and load sharing. You can discover wireless controllers in cluster mode. To verify that the wireless controller is in cluster mode, check the following: 1. Check the Properties dialog box. Right-click the wireless controller and select Properties. The Properties dialog box displays. • If the controller is the active controller, the Access Points tab is included.
Performance management 17 Performance management NOTE Wireless access points in adaptive mode do not display in the Management application. Historical performance enables you to collect data from managed wireless devices. You can use the provided data collectors or create your own data collectors. Instructions for collecting historical performance data are detailed in “IP historical performance monitoring” on page 1517.
17 AP Products report AP Products report The AP Products report displays general and detailed configuration information about AP products that are under the management server. The information on the report comes from the software image version that is in the management application for that product. To ensure that the latest configuration information is in the management application, run the Discovery process or resynchronize the product.
AP Products report 17 The Detailed AP Products report contains the fields and components detailed in Table 78. TABLE 78 Detailed AP Products report Field/Component Description Status Whether the AP is online (green icon), offline (red icon), or pending adoption (gray icon). Name The device name used to identify AP. MAC Address The AP device MAC. Model The model of the AP. Serial Number The serial number of the AP. Firmware version The firmware level of the AP.
Chapter 18 VCS Management In this chapter • VCS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Logical chassis cluster operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Serial firmware update and activation for Network OS devices . . . . . . . . . • Support for Network OS VDX 2740 embedded switch . . . . . . . . . . . . . . . . • Network OS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
18 VCS VCS mode types Beginning with Network OS 4.0, VCS mode encompasses two mode types: • Fabric cluster mode (shown in Figure 213)—The data path for nodes is distributed, but the configuration path is not distributed. Each node maintains its configuration database independently. • Logical chassis cluster mode (shown in Figure 214)—Both the data and configuration paths are distributed. The entire cluster can be configured from the principal node. Logical chassis mode requires Network OS 4.0 or later.
Logical chassis cluster operations 18 Ethernet Fabrics view management The Ethernet Fabrics view displays a map of the traffic for VCS devices on your network. To view the fabric members and Transparent Interconnection of Lots of Links (TRILL) connections for a fabric, double-click the fabric in the Product List. To display the topology map for Ethernet Fabrics, you must have the Main Display - Ethernet Fabric privilege. For more information about privileges, refer to “User Privileges” on page 1935.
18 Logical chassis cluster operations • If the cluster is configured with a virtual IP address after it is discovered by the Management application, the virtual IP address is collected and saved in the database for the next lazy polling or next adaptive collection. • If another switch becomes the principal switch, the Management application sets the cluster IP address to that of the new principal switch at the next lazy polling or next adaptive collection.
Logical chassis cluster operations 18 FIGURE 216 Discover Setup - IP dialog box before removal of node Figure 217 shows the Discover Setup - IP dialog box after the administrator has removed the node with the IP address of 172.26.5.130 from its logical chassis cluster. FIGURE 217 Discover Setup - IP dialog box after disabling the node from logical chassis cluster Figure 218 shows the Discover Setup - IP dialog box after The Management application has performed rediscovery.
18 Serial firmware update and activation for Network OS devices Serial firmware update and activation for Network OS devices With Network OS release 4.0, you can update and activate firmware on an entire cluster (either logical chassis mode or fabric cluster mode), on selected nodes in the cluster, or on nodes in standalone mode, by performing the following steps. 1. Click the IP tab in the upper-left corner of the Management application. 2.
Network OS 18 Network OS Network OS is a scalable network operating system available for the Network OS data center switching portfolio products, including the VDX product line.
18 VCS product groups VCS product groups The standalone Network OS switches and the VCS fabric are treated as a single Layer 2 (L2) switch for both static and dynamic product groups. The product group membership cannot contain fabric members. The standalone Network OS VDX switches are shown in Table 79. TABLE 79 Network OS-supported hardware Device name Firmware level required Network OS VDX 2730 10 Gbps connection blade v2.1.1_fuj Network OS VDX 2740 switch nos4.0.
Port profiles 18 Port profiles A port profile is a collection of network policies supported by the switch. By configuring port profiles on the Network OS VDX switch (refer to Table 79 for a list of supported VDX switches), the virtual machine (VM) that is configured on the virtual network interface card (vNIC) can migrate to any other port on that switch, but still retain the same network policies.
18 Port profiles Life of a port profile A port profile during creation goes through multiple states. Port profiles go through the following states: • Created — This state specifies that a port profile is created but may not be complete when the port profile is created or modified. • Activated — This state specifies that a port profile is activated and is available for MAC address-to-port profile association. If the created port profile is not complete, the activation fails.
Port profiles TABLE 80 18 AMPP behavior and failure descriptions (Continued) AMPP event Applicable behavior and failures Deleting a port profile An in-use error is generated if the port profile is in an activated state. AMPP forces you to de-activate the profile before deleting. If the port profile is in an inactive state, then deletion of the port profile removes all the MAC address associations as well.
18 Port profiles Assigning MAC addresses to a port profile Use the Assign MACs dialog box to select discovered Media Access Control (MAC) addresses and assign them to the selected port profiles. A maximum of 16,000 MAC addresses can be assigned to a port profile. NOTE MAC addresses cannot be added until the profile is activated. You must use the command line interface to activate the port profile. Refer to the Network OS Command Reference for instructions. 1.
Port profiles 18 Managing offline MAC addresses To add unique MAC addresses to the Discovered MACs list where you can assign them to a port profile, complete the following steps. 1. Select a VCS-capable switch from the device tree. 2. Right-click and select Properties. The Fabric Properties dialog box displays. 3. Click the Port Profiles tab. 4. In the Selected Profile Details area, click the Associated MACs tab. 5. Click Add. The Assign MACs dialog box displays. 6. Click Add Offline MACs.
18 Port profiles Comparing port profiles To summarize differences between the original port profiles and profiles on other switches, complete the following steps. NOTE A MAC address can be associated with only one profile at a time. 1. Select a VCS-capable switch from the device tree. 2. Right-click and select Properties. The Fabric Properties dialog box displays. 3. Click the Port Profiles tab. 4. In the Selected Profile Details area, click the Associated MACs tab.
Port profiles 18 6. Select a product from the Available Products with Profiles list and click one of the following match options as the comparison criteria. You can select multiple switches and fabrics. • MAC Match — Compares the MAC addresses in the reference profile to the MAC addresses contained in the target profile (one profile at a time). The MAC address comparison displays the following possible values: Same — The MAC addresses in the reference and matched profiles are the same.
18 Port profiles TABLE 81 Profile Comparison Summary list (Continued) Field/Component Description QoS Settings • • • • • • • • ACL Settings FCoE Settings NOTE: FCoE sub-profiles can be applied on default port profiles only and are supported on Network OS version 2.1 and later. You can view the FCoE profile association on Network Advisor version 11.3.0 and later. • • • • • • • • • • • • Mode — The mode of Quality of Service (QoS) assigned to the port Flow Control — Non-DCB mode.
System Monitor support on Network OS VDX platforms 18 FIGURE 224 Deploy Port Profiles to Products dialog box 5. Select an available target from the Available Targets list and click the right arrow button to move the target selected for configuration deployment to the Selected Targets list. NOTE If a fabric is selected and moved in a VCS fabric, all members are moved to the Selected Targets list. Individual members of a VCS fabric can be added and removed from the Selected Targets list. 6. Click OK.
18 System Monitor support on Network OS VDX platforms FRU monitoring System Monitor monitors the health of each component of the switch.
System Monitor support on Network OS VDX platforms 18 Resource monitoring System Monitor monitors CPU and memory usage of the system and alerts the user when configured thresholds are exceeded. When the CPU usage exceeds the limit, a system monitor alert is triggered. The default CPU limit is 75 percent. When configuring memory, the limit specifies a usage limit as a percentage of available resources.
18 System Monitor support on Network OS VDX platforms Security monitoring System Monitor monitors all attempts to breach your SAN security, helping you fine-tune your security measures. If there is a security breach, System Monitor sends a RASlog alert. The following security areas are monitored: • Telnet violation, which occurs when a Telnet connection request reaches a secure switch from an unauthorized IP address. • Login violation, which occurs when a secure fabric detects a login failure.
Ethernet fabric traceroute 18 Ethernet fabric traceroute NOTE All nodes in the VCS cluster must have the NETCONF interface availability for L2TraceRoute and must be running Network OS 3.0.0 or later. Traceroute diagnostics enables you to determine the connectivity, path, and reachability of the Ethernet fabric between a source port and a destination port within an individual VCS fabric.
18 Ethernet fabric traceroute 4. Choose one of the following options: • Assign appropriate RBridge ID—To use Address Finder to identify the RBridge ID of the source. The Management application finds the RBridge ID on which the MAC address is learned. • Select RBridge ID —To select an RBridge ID from a list of the RBridge IDs currently present in the cluster, select this option and select and RBridge ID from the list.
Ethernet fabric traceroute 18 13. Enter a value with which to increment the source and destination port numbers on each repeated request in the Increment field. Valid values are from 0 through 1000. The default is 1. If you do not want to increment the port on each repeated request, enter 0. For example, if you configure the source port to 5, the destination port to 7, the repeat count to 5, and the increment ports to 5, the port numbers shown in Table 84 are sent on each traceroute request.
18 Ethernet fabric traceroute • Outgoing Port: The port numbers in the path to the destination RBridge from the source RBridge. • Round Trip Delay: The round trip delay in microseconds. NOTE The round trip delay for the starting RBridge (edge) is always 0 microseconds for a successful trace as this represents a self-loop. • Status: Whether the traceroute succeeded or failed.
Chapter 19 Host Management In this chapter • Host management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Brocade adapters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • HCM software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Host adapter discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • VM Manager. . . . . . . . . .
19 Brocade adapters HCM supports management for individual adapters (4/8/16 Gbps HBAs), 10 Gbps CNAs, 10 Gbps or 16 Gbps Fabric Adapters, and other devices, such as the host, DCB ports, FCoE ports, and Ethernet ports. The Management application, in conjunction with HCM, provides end-to-end management capability. For information about configuring, monitoring, and managing individual adapters using the HCM GUI or the Brocade Command Utility (BCU), refer to the Adapters Administrator’s Guide.
Brocade adapters 19 Converged Network Adapters Table 86 describes available Brocade Converged Network Adapters (CNAs) for PCIe x 8 host bus interfaces, hereafter referred to as Brocade CNAs. These adapters provide reliable, high-performance host connectivity for mission-critical SAN environments.
19 HCM software AnyIOTM technology Although the Brocade 1860 Fabric Adapter can be shipped in a variety of small form-factor pluggable (SFP) transceiver configurations, you can change port function to the following modes using Brocade AnyIOTM technology, provided the correct SFP transceiver is installed for the port: • HBA or Fibre Channel mode — This mode utilizes the Brocade Fibre Channel storage driver. An 8 or 16 Gbps Fibre Channel SFP transceiver can be installed for the port.
HCM software 19 HCM features Common HBA and CNA management software features include the following: • Discovery using the agent software running on the servers attached to the SAN, which enables you to contact the devices in your SAN. • Configuration management, which enables you to configure local and remote systems.
19 Host adapter discovery Host adapter discovery The Management application enables you to discover individual hosts, import a group of hosts from a CSV file, or import host names from discovered fabrics. The maximum number of host discovery requests that can be accepted is 1000. Host discovery requires HCM Agent 2.0 or later. ESXi host adapter discovery requires the Brocade HBA CIM provider to be installed on the ESXi host.
HCM and Management application support on ESXi systems 7. 19 Click OK. The VMM discovery process begins. When complete, the vCenter server and all ESX and ESXi hosts managed by that vCenter display in the Host product tree. Editing a VM Manager The fields in the Edit VM Manager dialog box are identical to the fields in the Add VM Manager dialog box except for the Network Address field, which you cannot edit. 1. Click Edit on the Discover VM Managers dialog box. The Edit VM Manager dialog box displays.
19 HCM and Management application support on ESXi systems • Fault Management CIM Indication Listener Port — This port is used to listen for CIM indications from ESXi hosts managed through the Management application’s host adapter discovery. The two ports described above are part of the range of ports reserved for use by the Management application server, configurable during installation from the Server Configuration wizard.
Connectivity map 19 Connectivity map The Connectivity Map, which displays in the upper right area of the main window, is a grouped map that shows physical and logical connectivity of Fabric OS components, including discovered and monitored devices and connections. These components display as icons in the Connectivity Map.
19 Adapter software FIGURE 229 Adapter Software dialog box, Driver tab 2. Select one or more hosts from the Available Hosts list and click the right arrow button to move the selected hosts to the Selected Hosts list. The Available Host list displays the following information for hosts that are discovered through the HCM agent with driver version 2.3.0.0 or later: • Hosts — The IP address of the host. • Name — The name of the host.
Adapter software 19 4. Select the host’s corresponding driver to update from the Driver to Update list. Once the driver has been selected for each host, click Update . Alternatively, you can select one or more hosts from the Selected Hosts list and click Select Latest to automatically select the latest operating system-specific driver for each selected host. If you want to import a driver from another location, follow the instructions in “Driver repository” on page 651.
19 Adapter software Deleting a driver file from the repository 1. Select one or more driver files from the Available Driver Files list on the Driver Repository dialog box. 2. Click Delete. The driver file is removed from the Driver Repository dialog box. NOTE Windows drivers (.exe files) cannot be imported into the server repository when the Management application server is running on Linux or Solaris platforms.
Adapter software 19 3. From the Boot Image Management dialog box, click the Repository button. The Boot Image Repository dialog box, shown in Figure 232, displays. FIGURE 232 Boot Image Repository dialog box 4. Click Import on the Boot Image Repository dialog box. 5. The Import Boot Image dialog box displays. 6. Locate the boot image file using one of the following methods: • Search for the file you want from the Look In list. Boot image files version 2.0.0.0 and 2.1.0.0 are .
19 Bulk port configuration 3. From the Boot Image Management dialog box, click the Update button to download a boot image to one or more selected hosts. One of the following download status messages displays in the Status column of the Selected Hosts list: • • • • Ready Queued In progress Failed — If the download failed, the failure reason displays in the Message column of the Selected Hosts list; for example, failed to connect to HCM agent, a checksum error occurred, or the file is invalid.
Bulk port configuration 19 Configuring host adapter ports To create, edit, duplicate, or delete port configurations, complete the following steps. Select Host > Adapter Ports from the Configure menu. The Configure Host Adapter Ports dialog box, shown in Figure 233, displays.
19 Bulk port configuration Adding a port configuration The Add Port Configuration dialog box allows you to create a maximum of 50 customized port configurations which you can then select and assign to ports. 1. Click Add on the Configure Host Adapter Ports dialog box. The Add Port Configuration dialog box, shown in Figure 234, displays. FIGURE 234 Add Port Configuration dialog box 2. Enter a name for the port configuration in the Configuration Name field.
Bulk port configuration - 19 Target Rate Limiting — Enable the Target Rate Limiting feature to minimize congestion at the adapter port. Limiting the data rate to slower targets ensures that there is no buffer-to-buffer credit back-pressure between the switch due to a slow-draining target. NOTE NOTE: Target Rate Limiting and QoS cannot be enabled at the same time.
19 Bulk port configuration - vNIC Configuration — Enables you to configure a single physical CNA Ethernet port into multiple virtual Network Interface Cards (vNICs). • Enter the maximum allowable output bandwidth in increments of 100 Mbps in the vNIC Max Bandwidth (Mbps) box. The maximum bandwidth is 10 Gbps and this is the default. • Enter the minimum allowable output bandwidth in the Min Bandwidth (Mbps) box. The minimum bandwidth is 0 Mbps.
Adapter port WWN virtualization 19 Adapter port WWN virtualization Adapter port world wide name (WWN) virtualization enables the adapter port to use a switch-assigned WWN rather than the physical port WWN for communication, allowing you to preprovision the server with the following configuration tasks: • Create the zones with the Fabric Assigned WWN (FAWWN) before the servers and devices are connected to the switches, before they are exposed to the SAN network.
19 Adapter port WWN virtualization Enabling the FAWWN feature on a switch or AG ports 1. Select Configure > Fabric Assigned WWN. or Right-click the switch and select Fabric Assigned WWN. The Configure Fabric Assigned WWNs dialog box displays. 2. Select a switch port from the Fabric Assigned WWN - Configuration list. 3. Click the Enable button. The selected switch’s port status is enabled. 4. Click OK. The Fabric Assigned WWN Confirmation and Status dialog box displays. 5.
Adapter port WWN virtualization 19 Manually assigning a FAWWN to a switch or AG port 1. Select Configure > Fabric Assigned WWN. or Right-click the switch and select Fabric Assigned WWN. The Configure Fabric Assigned WWNs dialog box displays. 2. Select a switch port or AG port from the Fabric Assigned WWN - Configuration list. 3. Click the Auto button. If the switch port does not have an Auto FAWWN map type and the FAWWN feature is not yet enabled on the port, a To Be Generated message displays. 4.
19 Adapter port WWN virtualization FAWWNs on attached AG ports The Configure Fabric Assigned Assigned WWNs dialog box, shown in Figure 236, enables you to configure the Fabric Assigned WWN feature on a selected attached Access Gateway (AG) port. 1. Select Configure > Fabric Assigned WWN. or Right-click the switch and select Fabric Assigned WWN. The Configure Fabric Assigned WWNs dialog box displays. 2. Click the Attached AG Ports tab.
Adapter port WWN virtualization 19 5. Enter a valid world wide name (WWN), with or without colons, for the Access Gateway node. Optionally, you can select an existing AG Node WWN from the list. The AG Node WWN box includes all discovered AG Node WWNs that are connected to the selected switch. 6. Enter a port or a port range using numbers or a hyphen (-). For example, you can enter a range as 1-6 or you can separate values with a comma; for example: 1, 2, 5, 7-10, 20. 7.
19 Role-based access control Role-based access control The Management application enables you to create resource groups and assign users to the selected role within that group. This enables you to assign users to a role within the resource group. The Management application provides one preconfigured resource group (All Fabrics). When you create a resource group, all available roles are automatically assigned to the resource group.
Host performance management 19 Host performance management Real-time performance enables you to collect data from managed HBA and CNA ports. You can use real-time performance to configure the following options: • Select the polling rate from 20 seconds up to 1 minute. • Select up to 32 ports total from a maximum of 10 devices for graphing performance. • Choose to display the same Y-axis range for both the Tx MBps and Rx MBps measure types for easier comparison of graphs.
19 Host security authentication TABLE 88 Counters (Continued) FC port measures HBA port measures CNA port measures Transmitted FCoE pause frames Received FCS error frames Transmitted FCS error frames Received alignment error frames Received length error frames Received code error frames Instructions for generating real-time performance data are detailed in “Generating a real-time performance graph” on page 1467.
Host security authentication 19 FIGURE 237 Fibre Channel Security Protocol Configuration dialog box 3. Configure the following parameters on the Fibre Channel Security Protocol Configuration dialog box: a. Select the Enable Authentication check box to enable the authentication policy. If authentication is enabled, the port attempts to negotiate with the switch. If the switch does not participate in the authentication process, the port skips the authentication process. b.
19 supportSave on adapters supportSave on adapters Host management features support capturing support information for managed Brocade adapters, which are discovered in the Management application. You can trigger supportSave for multiple adapters at the same time. supportSave cannot be used to collect support information for ESXi hosts managed by a CIM Server. Refer to the Brocade Adapters Administrator’s Guide for information about supportSave on ESXi hosts.
Host fault management 19 Filtering event notifications The Management application provides notification of many different types of SAN events. If a user wants to receive notification of certain events, you can filter the events specifically for that user. NOTE The e-mail filter in the Management application is overridden by the firmware e-mail filter.
19 Backup support Backup support The Management application helps you to protect your data by backing it up automatically. The data can then be restored, as necessary. Configuring backup to a hard drive NOTE Configuring backup to a hard drive requires a hard drive. The drive should not be the same physical drive on which your operating system or the Management application is installed. To configure the backup function to a hard drive, complete the following steps. 1. Select Server > Options.
Backup support 19 Enabling backup Backup is enabled by default. However, if it has been disabled, complete the following steps to enable the function. 1. Select Server > Options. The Options dialog box displays. 2. Select Server Backup in the Category list. 3. Select the Enable Backup check box. 4. Click Apply or OK. Disabling backup Backup is enabled by default. If you want to stop the backup process, you must disable backup. To disable the backup function, complete the following steps. 1.
Chapter 20 Fibre Channel over Ethernet In this chapter • FCoE overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enhanced Ethernet features. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • FCoE protocols supported. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • FCoE licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
20 Enhanced Ethernet features DCBX protocol Data Center Bridging Exchange (DCBX) protocol allows enhanced Ethernet devices to convey and configure their DCB capabilities and ensures a consistent configuration across the network. DCBX protocol is used between DCB devices, such as a converged network adapter (CNA) and an FCoE switch, to exchange configuration with directly connected peers.
FCoE protocols supported 20 Ethernet jumbo frames The basic assumption underlying FCoE is that TCP/IP is not required in a local data center network and the necessary functions can be provided with Enhanced Ethernet. The purpose of an “enhanced” Ethernet is to provide reliable, lossless transport for the encapsulated Fibre Channel traffic. Enhanced Ethernet provides support for jumbo Ethernet frames and in-order frame delivery.
20 FCoE licensing FCoE licensing The FCoE license enables Fibre Channel over Ethernet (FCoE) functionality on the following supported DCB switches: • • • • • Network OS 10 GbE 24-port 8 GbE 8 FC port switch Network OS VDX 6710, 6720, and 6730 switches Network OS VDX 6740 and 6740T switches Network OS VDX 8770-series switches Network OS VDX 2730 10 GbE connection blade for the Fujitsu PRIMERGY BX900 and BX400 Blade Servers Without the FCoE license, the DCB switches are pure Layer 2 Ethernet switches and
Saving running configurations 20 FIGURE 238 Save Running to Startup dialog box 2. Highlight a discovered DCB switch from the Available Switches list, and click the right arrow button to move the switch to the Selected Switches list. 3. Highlight the selected switch and click OK to start the configuration. The running configuration is saved to the selected switch, effective on the next system startup.
20 DCB configuration management DCB configuration management Depending on the platform, the DCB switch has one of the configurations shown in Table 89.
Switch policies 20 Switch policies You can configure and enable a number of DCB policies on a switch, port, or link aggregation group (LAG). The following switch policy configurations apply to all ports in a LAG: • DCB map and Traffic Class map • Link Layer Discovery Protocol (LLDP) The switch policies are described in the following sections.
20 DCB configuration DCB configuration To launch the DCB Configuration dialog box, select Configure > DCB from the menu bar. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. NOTE For FOS DCB devices, the Protocol Down Reason column, shown in Figure 239, displays the values only for the external ports of embedded platforms but not for the internal ports.
DCB configuration 20 For more information about fabric cluster mode and logical chassis cluster mode, refer to the Network OS Administrator’s Guide and the Network OS Command Reference, versions 4.0 or later. The term VCS mode refers to both fabric cluster mode and logical chassis cluster mode unless otherwise indicated. NOTE In the Management application, a logical chassis cluster is shown without all its members; a fabric cluster is shown with all its members.
20 DCB configuration 5. Configure the following DCB Map parameters in the DCB Map area: • Name - Enter a name to identify the DCB map. • Precedence - Enter a value from 1 through 100. This number determines the map’s priority. • Priority Flow Control check box - Check to enable priority-based flow control on individual priority groups. • CoS - Click the CoS cell to launch the Edit CoS dialog box, where you can select and assign one or more priorities (PG ID 15.0 through 15.7).
DCB configuration 20 FIGURE 241 Edit Switch dialog box - LLDP-DCBX tab 4. Select the Global Configuration LLDP profile in the LLDP Profiles list. 5. Click the left arrow button to edit. 6. Select the FCoE Application and FCoE Logical Link check boxes in the Advertise list to advertise them on the network. 7. Click OK after changing the attributes of the current deployment. The Deployment Status dialog box displays. 8. Click Start on the Deployment Status dialog box to save the changes to the switch. 9.
20 DCB configuration 8. Select the DCB map you created in “Creating a DCB map to carry the LAN and SAN traffic” on page 681 from the Available DCB Maps list. 9. Click the LLDP-DCBX tab and select the Enable LLDP-DCBX on Te Port Number check box. 10. Select Assign the Global Configuration. 11. Click OK. The Deploy to Ports dialog box displays. 12. Click OK after changing the attributes of the current deployment. The Deployment Status dialog box displays. 13.
DCB configuration 20 Creating and activating VLAN classifiers on the DCB interface NOTE You can complete this procedure using the Management application for Fabric OS versions 7.0 and later. For Fabric OS versions earlier than Fabric OS 7.0, you must use the CLI. To create and activate the VLAN classifiers on the DCB interface, complete the following steps. 1. Log in to the switch and enter global configuration mode. switch:>cmsh switch#configure terminal 2.
20 DCB configuration 2. Select the DCB switch or one or more DCB ports from the Products/Ports list to add to a link aggregation group (LAG). 3. Click Add LAG or Edit LAG. The Add LAG or Edit LAG dialog box displays, as shown in Figure 242. FIGURE 242 Add LAG dialog box 4. Configure the following LAG parameters: NOTE Ports with 802.1x authentication or ports that are enabled in L2 mode or L3 mode are not supported in a LAG. • LAG ID - Enter the LAG identifier, using a value from 1 through 63.
DCB configuration 20 5. Select at least one available DCB port from the Available Members list and click the right arrow button to move it to the LAG Members list. The DCB ports are now part of the link aggregation group. 6. Continue to configure the following LAG parameters. These parameters are always enabled. • Type - Sets the limit on the size of the LAG. The type values include Standard, where the LAG is limited to 16 ports, and Brocade LAG, where the LAG is limited to 4 ports.
20 DCB configuration FIGURE 243 Edit Switch dialog box 4. Configure the policies for the Edit Switch dialog box tabs, which are described in the following sections: • • • • • “QoS configuration” on page 693 “FCoE provisioning” on page 700 “VLAN classifier configuration” on page 702 “LLDP-DCBX configuration” on page 706 “802.1x authentication” on page 710 5. When you have finished configuring the policies, apply the settings to the switch.
DCB configuration 20 Editing a DCB port 1. Select Configure > DCB. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. 2. Select a DCB port from the Products/Ports list. 3. Click Edit. The Edit Port dialog box displays, as shown in Figure 244. FIGURE 244 Edit Port dialog box 4. Modify the following DCB port parameters as required: • Interface Mode - Select None or L2. For external ports, the L3 interface mode displays in addition to None or L2.
20 DCB configuration 5. When you have finished configuring the policies, apply the settings to the DCB port. NOTE Clicking Cancel when there are pending changes launches a pop-up dialog box. 6. Click OK when you have finished modifying the DCB port parameters. The Deploy to Ports dialog box displays. 7. Click OK after changing the attributes of the current deployment. The Deployment Status dialog box launches. 8.
DCB configuration 20 FIGURE 245 Edit LAG dialog box 4. Configure the following LAG parameters, as required: NOTE Ports with 802.1x authentication or ports that are enabled in L2 mode or L3 mode are not supported in a LAG. • LAG ID - The LAG identifier, which is not an editable field. • Status - Click the Enable check box to enable the LAG. You must enable the LAG to use the DCB functionality. • Interface Mode - Select None or L2.
20 DCB configuration 5. Continue to configure the following LAG parameters. These parameters are disabled until you add a DCB port to the LAG Members list. • Mode - The ports that are LAG members are in either Static or Dynamic mode. You cannot change the mode on existing members of a LAG. If the mode is set as Dynamic, you can change the dynamic mode type (to Active or Passive) only for newly-added ports, not for existing port members of a LAG.
QoS configuration 20 Deleting a LAG You can only delete a link aggregation group (LAG) that is selected from a single switch. If you select multiple switches or multiple ports from two or more switches, the Delete button is disabled. NOTE Deleting a LAG is not supported for Network OS products. You must use the command line interface to delete a LAG for Network OS products. Refer to the Network OS Command Reference for more information. 1. Select Configure > DCB.
20 QoS configuration Priority-based flow control Priority-based flow control (PFC) is an enhancement to the existing pause mechanism in Ethernet. PFC creates eight separate virtual links on the physical link and allows any of these links to be paused and restarted independently, enabling the network to create a no-drop Class of Service (CoS) for an individual virtual link. Table 90 shows examples of how priority grouping might be allocated in a 15-priority group scenario.
QoS configuration 20 FIGURE 246 QoS, Create DCB Map dialog box 4. Select DCB from the Map Type list. 5. Configure the following DCB map parameters in the DCB Map area: • Name - Enter a name to identify the DCB map. Only one DCB map (the default) is supported on Fabric OS version 6.3.1_dcb and version 7.0.0 and later. • Precedence - Enter a value from 1 through 100. This number determines the map’s priority.
20 QoS configuration 6. Click the right arrow button to add the map to the DCB Maps list. If a DCB map exists with the same name, a validation dialog box launches and you are asked if you want to overwrite the map. 7. Click OK. 8. When you have finished the configuration, click OK to launch the Deploy to Products dialog box. Editing a DCB map 1. Select Configure > DCB. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. 2.
QoS configuration 20 3. Click the QoS tab on the Edit Switch dialog box. The QoS dialog box displays. 4. Select one or more DCB maps. 5. Click the left arrow button. The selected DCB map row is removed from the list. 6. When you have finished the configuration, click OK to launch the Deploy to Products dialog box. NOTE With Fabric OS version 7.0 and later, there is only one DCB map (default), that you cannot delete. 7. Click OK after changing the attributes of the current deployment.
20 QoS configuration • Priority Flow checkbox — Check to enable priority-based flow control on individual priority groups. • CoS — Lists the Class of Service (CoS) value that corresponds to the priority group ID rows. The CoS value must be mapped to at least one of the priority group IDs (0-7). 7. When you have finished the configuration, click OK to launch the Deploy to Ports/LAGs dialog box. Creating a Traffic Class map 1. Select Configure > DCB.
QoS configuration 20 Deleting a Traffic Class map 1. Select Configure > DCB. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. 2. Select a switch, and click Edit. 3. Click the QoS tab on the Edit Switch dialog box. The QoS dialog box displays. 4. Select a Traffic Class map that you want to delete from the Traffic Class Maps list. 5. Click the left arrow button. The selected Traffic Class map row is removed from the list. 6.
20 FCoE provisioning FCoE provisioning The Management application supports FCoE provisioning only on Fabric OS version 6.3.1_dcb. The command line interface (CLI) supports FCoE provisioning for the following versions of Fabric OS: • • • • Fabric OS 6.3.1_cee Fabric OS 6.3.1_del Fabric OS 6.4.1_fcoe Fabric OS 7.0.x Refer to the Fabric OS Command Reference for CLI procedures. FCoE provisioning simplifies the number of steps required to configure a DCB port to carry the FCoE traffic.
FCoE provisioning 20 4. Accept the default VLAN ID of 1002, or change the value. The valid VLAN ID range is from 2 through 3583. 5. Click the right arrow button to move the FCoE map parameters into the FCoE Maps list. 6. When you have finished the configuration, click OK to launch the Deploy to Products dialog box. 7. Click OK after changing the attributes of the current deployment. The Deployment Status dialog box displays. 8.
20 VLAN classifier configuration VLAN classifier configuration The Management application supports VLAN classifier management only on Fabric OS 6.3.1_dcb and Fabric OS 7.0.0. VLAN classifier rules are used to define specific rules for classifying untagged packets to selected VLANs based on protocol and MAC addresses. The classified frames are then tagged with a VLAN ID. VLAN classifier rules can be categorized into the following areas: • 802.
VLAN classifier configuration 20 FIGURE 247 Edit Switch dialog box, VLAN Classifiers tab 4. Click the Add button under the Available Rules list. The Add Rules dialog box displays, as shown in Figure 248. FIGURE 248 Add Rules dialog box The Rule ID field is pre-populated with the next available rule ID number. 5. Keep the rule ID number as it is, or change the number using a value from 1 through 256. 6. Select a rule type. Valid rule types are MAC (MAC address-based rule) and Proto (802.
20 VLAN classifier configuration 9. Click OK to add the rule to the Available Rules list on the VLAN Classifiers tab of the Edit Switch dialog box and close the Add Rules dialog box. NOTE Clicking Apply also adds the rule to the Available Rules list on the VLAN Classifiers tab of the Edit Switch dialog box, and in addition, the Add Rules dialog box remains open and clears all entries for you to define the next rule. 10.
VLAN classifier configuration 20 Creating a VLAN classifier group You can assign existing rules to a selected VLAN classifier and form a VLAN classifier group. If no rules are available, you can add rules to a selected switch using the Add Rules dialog box. 1. Select Configure > DCB from the menu bar. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. 2. Select a switch and click Edit. 3. Click the VLAN Classifiers tab on the Edit Switch dialog box.
20 LLDP-DCBX configuration LLDP-DCBX configuration Link Layer Discovery Protocol (LLDP) provides a solution for the configuration issues caused by increasing numbers and types of network devices in a LAN environment, because, with LLDP, you can statically monitor and configure each device on a network.
LLDP-DCBX configuration 20 Adding an LLDP profile NOTE When a TE port is selected to assign to an LLDP profile, a yellow banner displays with the following error message: “LLDP-DCBX is disabled on this switch. The configuration becomes functional when LLDP-DCBX is enabled on the switch.” 1. Select Configure > DCB. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. 2. Select a switch, and click Edit. 3.
20 LLDP-DCBX configuration Editing an LLDP profile 1. Select Configure > DCB. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. 2. Select a switch, and click Edit. 3. Click the LLDP-DCBX tab on the Edit Switch dialog box. The LLDP-DCBX Profile dialog box displays. 4. Select an LLDP profile in the LLDP Profile list. NOTE You can edit the profile. You cannot, however, delete or duplicate global configurations. 5.
LLDP-DCBX configuration 20 Assigning an LLDP profile to a port or ports in a LAG You create LLDP profiles using the Edit Switch dialog box, which you access from the DCB Configuration dialog box. Global configuration parameters, which is the default selection, are displayed in the Assigned Profile table. NOTE A yellow banner displayed on the LLDP-DCBX dialog box indicates that LLDP-DCBX is disabled on the switch. The configuration options become functional when LLDP-DCBX is enabled on the switch. 1.
20 802.1x authentication 802.1x authentication 802.1x is a standard authentication protocol that defines a client-server-based access control and authentication protocol. 802.1x restricts unknown or unauthorized clients from connecting to a LAN through publicly accessible ports. NOTE 802.1x is not supported for internal ports. A switch must be enabled for 802.1x authentication before you configure its parameters. See “Setting 802.1x parameters for a port” for more information. Enabling 802.
802.1x authentication 20 Setting 802.1x parameters for a port The 802.1x parameters can be configured whether or not the feature is enabled on the switch. The default parameters are initially populated when 802.1x is enabled, but you can change the default values as required. 1. Select Configure > DCB from the menu bar. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. 2. Select a port and click Edit. 3. Click the 802.
20 Switch, port, and LAG deployment • Re-authentication Interval - The number of seconds between re-authentication attempts. The value range is 1 to 4294967295. The default value is 3600 seconds. This feature is not dependent on the re-authentication state being enabled. • Port Control - Select an authorization mode from the list to configure the ports for authorization. Options include auto, force-authorized, or force-unauthorized and the default value is auto. 6.
Switch, port, and LAG deployment 20 FIGURE 251 Deploy to Products dialog box FIGURE 252 Deploy to Ports dialog box Brocade Network Advisor SAN + IP User Manual 53-1002949-01 713
20 Switch, port, and LAG deployment FIGURE 253 Deploy to LAGs dialog box 4. Click one of the following deployment options: • • • • Deploy now Save and deploy now Save deployment only Schedule 5. Click one of the following save configuration options: • Save to running • Save to running and startup • Save to running and startup then reboot The name for the scheduled product deployment is pre-populated with a “DCB-MM-DD-YYYY-HR-MIN-SS” prefix. This is an editable field. 6.
Switch, port, and LAG deployment 20 8. Select one or more of the following configurations, to be deployed on the selected targets. NOTE These configurations can be pushed to target DCB switches, FOS version 6.3.1_cee or 6.3.1_del. For switches: • • • • • • QoS, DCB Map QoS, Traffic Class Map FCoE Map VLAN Classifiers and Rules LLDP Profiles 802.1x Configuration NOTE See “Source to target switch Fabric OS version compatibility for deployment” for restrictions.
20 Switch, port, and LAG deployment Source to target switch Fabric OS version compatibility for deployment Table 91 lists the restrictions that exist when deploying source switches to target switches. TABLE 91 Source to target switch Fabric OS version compatibility Source Fabric OS version and device Target Fabric OS version supported Comments Fabric OS DCB switch and FCOE10-24 DCB blade with Fabric OS version 6.4.2 or earlier.
Network OS switches in VCS mode 20 Network OS switches in VCS mode For a Network OS switch in VCS mode or standalone mode, you can use the management application to perform the following tasks: • View Network OS switches, ports, LAGs, and vLAGs and their basic configuration details and detailed DCB configurations. • • • • • • • • Enable and disable ports, LAGs, and vLAGs. View real-time performance graphs. View historical graphs and reports. View profiled port, LAG, and vLAG configurations.
20 Network OS switches in VCS mode Viewing switches in VCS mode 1. Launch the DCB Configuration dialog box using one of the following methods: • Select Configure > DCB from the menu bar. • Right-click the DCB switch from the device tree, and select Configure > DCB. • Right-click the DCB switch from the topology map and select Configure > DCB. The DCB Configuration dialog box displays, showing the status of all DCB-related hardware and functions. 2.
Network OS switches in VCS mode TABLE 92 20 QoS configuration parameters on VCS switch DCB Map Parameters Displays the following map parameters: PG ID — Lists the priority group ID (15.0 to 15.7 and 0 to 7). % Bandwidth — Lists the bandwidth value for priority group IDs 0-7. The total of all priority groups must equal 100%. • Priority Flow — Check to enable priority flow control on individual priority groups. • CoS — Lists the Class of Service (CoS) value that corresponds to the Priority Group ID rows.
20 Network OS switches in VCS mode Viewing VLAN classifiers and rules parameters on the Network OS switch Table 94 describes the parameters that display on the View Switch dialog box - VLAN Classifiers tab. TABLE 94 VLAN classifiers and rules configuration parameters on VCS switch Field/Component Available Rules VLAN Classifiers Description Displays the following Available Rules information: Rule ID — The rule identifier. Valid rule ID values are from 1 through 256.
Network OS switches in VCS mode 20 Viewing the 802.1x parameter on the Network OS switch Table 96 describes the parameter that displays on the View Switch dialog box - QoS tab. TABLE 96 802.1x configuration parameter on VCS switch Field/Component Description 802.1x Displays the enabled or disabled status of the 802.1x configuration on the Network OS switch. Viewing ports in VCS mode 1.
20 Network OS switches in VCS mode TABLE 97 Port parameters on the Network OS switch port (Continued) Field/Component Description MTU The maximum transmission unit (MTU) in bytes. The value range is from 1522 through 9216 and the default value is 2500. iSCSI Priority The CoS priority value for iSCSI traffic. The value range is from COS 0 through COS 7 and the default value is COS 4.
Network OS switches in VCS mode 20 QoS - Non-DCB TABLE 99 QoS (non-DCB) parameters on the Network OS switch port Field/Component Description Mode The mode of Quality of Service (QoS) assigned to the port (non-DCB). Trust Indicates whether the Ethernet trust of the port is enabled or disabled. NOTE: Applicable only for standalone Network OS devices. Flow Control The Ethernet priority flow control mode of the port. The default flow control mode is Off. Possible modes are as follows: • Off • 802.
20 Network OS switches in VCS mode Viewing LLDP-DCBX parameters on the Network OS switch port Table 101 describes the LLDP profiles table (in global configuration) and the LLDP profiles. TABLE 101 LLDP-DCBX parameters on the Network OS switch port Field/Component Description LLDP-DCBX Indicates whether LLDP-DCBX feature is enabled or disabled. LLDP Profile Parameters Displays the following LLDP profile parameters: Name — The name of the LLDP profile.
Network OS switches in VCS mode TABLE 102 20 802.1x parameter on the Network OS switch port (Continued) Field/Component Description Re-authentication Interval (sec) The number of seconds between re-authentication attempts. The value range is 1 to 4294967295. The default value is 3600 seconds. This feature is not dependent on the re-authentication state being enabled. Port Control The authorization mode to configure the ports for authorization.
20 Network OS switches in VCS mode TABLE 103 LAG parameters on the Network OS switch LAG (Continued) Field/Component Description Status Indicates whether the LAG is enabled or disabled. You must enable the LAG to use the DCB functionality. Default CoS The Cost of Service (CoS) value for incoming untagged frames. Values are 0-7 or if the port is profiled. The default CoS is 0. Type Displays the limit on the size of the LAG.
Network OS switches in VCS mode TABLE 104 20 QoS (DCB) parameters on the Network OS switch LAG. (Continued) Field/Component Description Precedence This number determines the map’s priority. Valid values are from 1 through 100. DCB Map Parameters • • • • PG ID — Lists the priority group ID (15.0 to 15.7 and 0 to 7). % Bandwidth — Lists the bandwidth value for priority group IDs 0-7. The total of all priority groups must equal 100%.
20 Network OS switches in VCS mode Viewing FCoE parameters on the Network OS switch LAG Table 106 describes the parameters that displays on the View LAG dialog box - FCoE tab. NOTE The Interface mode is None and the L2 mode is empty for the FCoE-provisioned LAG. TABLE 106 FCoE configuration parameters on VCS switch Field/Component FCoE Map Note: The default FCoE map contains both the default Fabric map and the default DCB map.
DCB performance 20 DCB performance Performance monitoring provides details about the quantity of traffic and errors a specific port or device generates on the fabric over a specific time frame. You can also use Performance features to indicate the devices that create the most traffic and to identify the ports that are most congested. The Performance menu items launch either SAN or IP performance dialog boxes based on which tab you select.
20 DCB performance Generating a real-time performance graph from the IP tab To generate a real-time performance graph for a Network OS DCB or FOS switch, complete the following steps. 1. Click the IP tab. 2. Select a DCB port from the DCB Configuration dialog box, and select Real Time Graph from the Performance list. A message displays, prompting you to close the DCB Configuration dialog box. 3. Click OK to close the DCB Configuration dialog and open the Performance dialog box.
DCB performance 20 Historical performance graph The Historical Performance Graph dialog box enables you to customize how you want the historical performance information to display. Generating a historical performance graph You can generate a historical performance graph by selecting both Network OS and FOS DCB devices from the IP Tab or by selecting only Network OS DCB devices from the IP tab. 1.
20 FCoE login groups FCoE login groups The FCoE Configuration dialog box allows you to manage the FCoE login configuration parameters on the DCB switches in all discovered fabrics. FCoE login configuration is created and maintained as a fabric-wide configuration. With the FCoE license, the FCoE Configuration dialog box displays virtual FCoE port information and enables you to manage the virtual port information.
FCoE login groups 20 • Click Edit to launch the Edit Login Group dialog box, where you can edit the login group parameters. See “Editing an FCoE login group” on page 734. • Click Delete to remove the login group from the list. See “Deleting one or more FCoE login groups” on page 735. Adding an FCoE login group Complete the following steps to add switches to a login group. You can manually add ports by entering the world wide name (WWN) or select available managed CNAs from all discovered hosts.
20 FCoE login groups • Port WWN — Click to enter the world wide name (WWN) of the port to associate with the selected switch. The member port WWN text field allows a maximum of 16 digits. • Managed CNAs — Click to show a list of products and ports which can be selected as login group members. 6. Select available members from the Products/Ports list and click the right arrow button to move the available members to the Selected Members list. 7. Click OK.
FCoE login groups 20 • Rename the login group by entering the new name into the Name field. The Allow All option must be selected to rename the login group. • Select one of the following options to add or remove login members into the Available Members list. The Allow Specific option must be selected to add or remove login members. • Port WWN — Click to enter the world wide name (WWN) of the port to associate with the selected switch. The member port WWN text field allows a maximum of 16 digits.
20 Virtual FCoE port configuration 4. Click Start to apply the changes, or click Close to abort the operation. The FCoE login management feature is disabled and all login groups on the selected switch are deleted. The value in the FCoE Login Management State column for the selected switch is Disabled and no login groups appear under the switch after the FCoE Configuration dialog box refresh operation. • “FCoE login groups” Enabling the FCoE login management feature on a switch 1.
Virtual FCoE port configuration 20 The physical port and LAG details are displayed in the Switch Port column in the following circumstances: • There is a dynamic binding between the virtual FCoE port and the physical port or LAG. • There is a static binding between the virtual FCoE port and the physical port or lag and there are end devices connected to it. To view the virtual FCoE ports, complete the following steps: 1. Select Configure > FCoE from the menu bar.
20 Virtual FCoE port configuration Clearing a stale entry A stale entry is a device that logged in and logged off but, because a port went down after an FLOGI was received, the device failed to receive the message. The entry in the FCoE Connected Devices table becomes stale and you must clear it manually. NOTE Clearing a stale entry is not supported for Network OS devices. 1. Select a virtual FCoE port from the FCoE Configuration dialog box and click Connected Devices.
Chapter 21 Telemetry In this chapter • Telemetry overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 739 • Policy-based routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 739 • ACL Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
21 Policy-based routing The Management application creates an IPv4 PBR or IPv6 PBR based on the ACLs defined in the policy. • If any rule in the policy contains an IPv4 ACL, the Management application creates an IPv4 PBR applies the PBR to the ports. • If any rule in the policy contains an IPv6 ACL, the Management application creates an IPv6 PBR applies the PBR to the ports.
Policy-based routing 21 Source — Port (one or more) to which this PBR policy is bound. For PBR policies bound to multiple ports, displays all ports separated by commas. For globally applied PBR policies, displays blank. Match — L3 ACL policy associated with the rule. You can define up to 10 ACL policies (5 IPv4 and 5 IPv6) per rule. Next Hop — Destination for the packets that pass ACL filter. You can define multiple next hops. PBR selects the first next hop from the next hop list that is up.
21 Policy-based routing Adding a new policy 1. Select an Ethernet router, Ethernet core router, or Ehternet Backbone router product and select Configure > Policy Based Routing. The Product_Name PBR Configuration dialog box displays. 2. Select Add > New Policy. The PBR Policy Configuration dialog box displays. 3. Enter a name for the new policy and click OK on the PBR Policy Configuration dialog box. 4. To add one or more rules to the policy, refer to “Adding rules to a policy” on page 742. 5.
Policy-based routing 21 3. Enter a name for the rule in the Name field. The rule name can be up to 127 characters and must be unique within the policy. 4. Select one or more ACLs to use in the rule from the Available ACLs table. Each rule can match up to 10 ACLs (5 IPv4 and 5 IPv6) and can have multiple hops to a destination. The Available ACLs table displays the available IPv4 and IPv6 ACLs on this product. IPv4 and IPv6 have two separate policy lists.
21 Policy-based routing 16. Click OK on the Product_Name PBR Configuration dialog box. The Deploy to Products - PBR dialog box displays. To deploy the PBR policy, refer to “Deploying a PBR policy on demand” on page 745, “Saving a PBR policy deployment” on page 746, or “Scheduling a PBR policy deployment” on page 747. Adding policies from saved configurations 1. Select an Ethernet router, Ethernet core router, or Ehternet Backbone router product and select Configure > Policy Based Routing.
Policy-based routing 21 3. To edit the rule to the policy, refer to step 4 through step 14 in “Adding rules to a policy” on page 742. 4. Click OK on the Edit Rule - Policy_Name dialog box. 5. Click OK on the Product_Name PBR Configuration dialog box. The Deploy to Products - PBR dialog box displays. To deploy the PBR policy, refer to “Deploying a PBR policy on demand” on page 745, “Saving a PBR policy deployment” on page 746, or “Scheduling a PBR policy deployment” on page 747.
21 Policy-based routing 5. Click the Snapshot Use check box and click the ellipsis button to select the product monitoring template. NOTE The Snapshot Use check box is only available for IronWare products. The Pre-Post Snapshot Properties dialog box displays. 6. Select the product monitoring template you want to use from the CLI Template list. 7.
Policy-based routing 7. 21 Select one or more of the following to capture snapshots: • Select the Pre-deployment check box to capture a snapshot of the product’s configuration prior to deployment of the security configuration. • Select the Post-deployment check box to capture a snapshot of the product’s configuration after deployment of the security configuration.
21 Policy-based routing 7. Click OK on the Schedule Properties dialog box. 8. Click the Snapshot Use check box and click the ellipsis button to select the product monitoring template. NOTE The Snapshot Use check box is only available for IronWare products. The Pre-Post Snapshot Properties dialog box displays. 9. Select the product monitoring template you want to use from the CLI Template list. 10.
Policy-based routing 21 Configuring a daily deployment schedule To configure a daily deployment schedule, complete the following steps. 1. Select Daily from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. To finish configuring the deployment schedule, return to step 7 of “Scheduling a PBR policy deployment” on page 747.
21 ACL Accounting ACL Accounting NOTE ACL accounting is only supported on Ethernet router, Ethernet core router, or Ehternet Backbone router products running 5.4 or later. Ethernet router, Ethernet core router, or Ehternet Backbone router products monitor the number of times an ACL is used to filter incoming or outgoing traffic on an interface.
ACL Accounting 21 2. Select the Clear all counters on device check box. 3. Click OK on the ACL Accounting dialog box. Viewing ACL counters Before you can view ACL counters, you must enable ACL accounting on the product (refer to “Enabling or disabling ACL accounting” on page 750). To view ACL accounting on a product, select an Ethernet router, Ethernet core router, or Ehternet Backbone router product and select Configure > Security > Layer 2/3 ACL > Product.
Chapter 22 Security Management In this chapter • Security overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Layer 2 access control list management . . . . . . . . . . . . . . . . . . . . . . . . . . . • Layer 3 access control list policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Media Access Control (MAC) filter management. . . . . . . . . . . . . . . . . . . . . • Security configuration deployment. . . . . . . . . . . . . . .
22 Layer 2 access control list management You should configure the ACL on the device before you assign the ACL to an interface. You can create multiple ACLs and save them to the device configuration. However, the ACL does not filter traffic until you assign it to an interface. You can assign an ACL on a physical port, Virtual LAN (VLAN), or Link Aggregation Group (LAG). For IronWare OS products, you can create a standard ACL.
Layer 2 access control list management 22 FIGURE 264 Add - Layer 2 ACL Configuration dialog box 3. Enter a number for the ACL in the Number field. For IronWare 5.4 and later, ACL numbers range from 400 through 1399. For IronWare 5.3, ACL numbers range from 400 through 599. For IronWare less than 5.3, ACL numbers range from 400 through 499. 4. Select Permit or Deny from the Action list. 5.
22 Layer 2 access control list management 8. In the Ethernet Type list, select one of the following options to specify the Ethernet type being transferred in the Ethernet frame: • • • • ARP — Address Resolution Protocol IPV4-L5 — Internet Protocol, version 4-L5 IPV6 — Internet Protocol, version 6 Any — Any of the protocols 9. (Deny actions only) Select the Log Enable check box to generate a log for this configuration. 10. Click the right arrow button. The new ACL rule displays in the ACL Entries list.
Layer 2 access control list management 22 8. Click OK on the Device_Name - Layer 2 ACL Configuration dialog box. The Deploy to Products - Layer 2 ACL dialog box displays. To save the configuration, refer to “Saving a security configuration deployment” on page 821. Copying a Layer 2 ACL configuration (IronWare) To copy a Layer 2 ACL configuration, complete the following steps. 1. Select a device and select Configure > Security > Layer 2 ACL > Product.
22 Layer 2 access control list management Assigning a Layer 2 ACL configuration to an interface (IronWare) NOTE You cannot modify or delete a Layer 2 ACL that is bound to a port. To assign a Layer 2 ACL configuration to an interface, complete the following steps. 1. Select Configure > Security > Layer 2 ACL > Port. The Port Selection - Layer 2 ACL dialog box displays. FIGURE 265 Port Selection - Layer 2 ACL dialog box 2. Select a port in the Available Ports list and click the right arrow button. 3.
Layer 2 access control list management 22 FIGURE 266 Device_Name - Port_Number - Layer 2 ACL Configuration dialog box 4. (Ethernet routers only) Select a duration (1 Second, 1 Minute, 5 Minutes, or Cumulative) to track the number of times an ACL filter is used in the Hits Stats Duration list. Click Refresh to collect the hit statistics. The application updates the Hits column of the Details of Selected ACL list. 5.
22 Layer 2 access control list management 6. To assign an ACL configuration to outbound messages, select the Outbound check box and complete the following steps: NOTE You can only assign an ACL to an outbound message on an Application product. a. Select the Assign ACL option and choose one of the following options from the first Assign ACL list: • Select ACLs on this Product to assign ACLs deployed on the product to the port.
Layer 2 access control list management 22 Fabric OS Layer 2 ACL configuration This section provides procedures for configuring a standard for extended Layer 2 ACL on a device, assigning the Layer 2 ACL to an interface, as well as clearing Layer 2 ACL assignments from a device. Creating a standard Layer 2 ACL configuration (Fabric OS) To create a standard Layer 2 ACL configuration, complete the following steps. 1. Select the device and select Configure > Security > Layer 2 ACL > Product.
22 Layer 2 access control list management 10. Click OK on the Add - Layer 2 ACL Configuration dialog box. The new ACL configuration displays in the ACLs list. To create additional ACLs, repeat step 2 through step 10. 11. Click OK on the Device_Name - Layer 2 ACL Configuration dialog box. The Deploy to Products - Layer 2 ACL dialog box displays.
Layer 2 access control list management 22 3. Enter a new name for the ACL in the Name field. 4. To edit an existing ACL rule, complete the following steps. a. Select the rule you want to edit in the ACL Entries list and click the left arrow button. b. Complete step 5 through step 9 in “Creating a standard Layer 2 ACL configuration (Fabric OS)” on page 761. The updated ACL entry displays in the ACL Entries list. To edit additional ACL entries, repeat step 4. 5.
22 Layer 2 access control list management 4. Enter a name for the ACL in the Name field. 5. Enter a sequence number for the ACL in the Sequence field. 6. Select Permit or Deny from the Action list. 7. In the Source list, select one of the following options: • Any • Host • MAC Selecting MAC or Host enables the Source field. Enter the source address on which the configuration filters traffic in the Source field. 8.
Layer 2 access control list management 22 Editing an extended Layer 2 ACL configuration (Fabric OS) To edit an extended Layer 2 ACL configuration on a Fabric OS device, complete the following steps. 1. Select the device and select Configure > Security > Layer 2 ACL > Product. The Device_Name - Layer 2 ACL Configuration dialog box displays. 2. Select the ACL you want to edit in the ACLs list and click Edit. The Configuration_Name Edit Extended Layer 2 ACL Configuration dialog box displays. 3.
22 Layer 2 access control list management 5. To add a new ACL rule, complete step 4 through step 12 in “Creating an extended Layer 2 ACL configuration (Fabric OS)” on page 763. The new ACL entry displays in the ACL Entries list. To add additional ACL entries, repeat step 5. 6. To delete an existing ACL rule, select the rule you want to edit in the ACL Entries list and click the left arrow button. 7. Click OK on the Duplicate - Layer 2 ACL Configuration dialog box.
Layer 2 access control list management 22 4. Select the Assign ACL option and choose one of the following options from the first Assign ACL list: • Select ACLs on this Product to assign ACLs deployed on the product to the port. The second list is populated with the ACLs deployed on the switch or associated with a save deployment object. • Select ACLs bound to this port to assign ACLs bound to the interface to the port. The second list is populated with the ACLs bound to the interface.
22 Layer 2 access control list management 4. Click OK on the Layer 2 ACL Saved Configurations dialog box. The new ACL displays in the ACLs list. 5. Click OK on the Device_Name - Layer 2 ACL Configuration dialog box. The Deploy to Products - Layer 2 ACL dialog box displays.
Layer 2 access control list management 22 Network OS Layer 2 ACL configuration NOTE You cannot configure a Layer 2 ACL using the Management application. You must configure the Layer 2 ACL through the Network OS CLI (refer to the Network OS Command Reference). Once you configure Layer 2 ACLs through the Network OS CLI, you can use the Management application to view Layer 2 ACL configurations for a VCS fabric or standalone device.
22 Layer 2 access control list management • Details of Selected ACLs list — Displays the details of the ACL selected in the ACLs list. The Details of Selected ACLs table includes the following details: Sequence — The Layer 2 ACL entry sequence number. Action — Whether the ACL permits or denies traffic. Source — The source MAC address on which the ACL filters traffic. Destination (Extended only) — The destination MAC address on which the ACL filters the traffic.
Layer 2 access control list management 22 2. Review the Layer 2 ACL configuration details. • ACLs list — Displays the ACLs to be deployed for this configuration. The ACLs list includes the following details: Operation — Displays the ACL operation (no action) during deployment. Name — The name of the ACL. Type — The ACL type. Options include: Extended or Standard. Details of Selected ACLs list — Displays the details of the ACL selected in the ACLs list.
22 Layer 3 access control list policy FIGURE 272 Device/Fabric_Name - Port_Number - Layer 2 ACL Configuration dialog box 4. Review the Layer 2 ACL configuration details. Details of Selected ACL table — Displays the details of the ACL selected in the ACLs list.The Details of Selected ACL table includes the following details: • • • • Sequence — The Layer 2 ACL entry sequence number. Action — Whether the ACL permits or denies traffic. Source — The source MAC address on which the ACL filters traffic.
Layer 3 access control list policy 22 You can create two types of ACLs: • Standard ACL — Use to permit and deny traffic based on the source IP address, host name, or network. You should use standard ACLs when you only need to filter traffic based the source. You can create up to 99 standard ACLs ranging from 1 through 99. For more information, refer to “Creating a standard L3 ACL configuration” on page 773.
22 Layer 3 access control list policy FIGURE 274 Add - L3 ACL Configuration (Standard) dialog box 3. Select Standard from the Type list. 4. Enter a name or number for the ACL in the ACL Name/Number field. 5. Select Permit or Deny from the Action list. 6. Enter a description for the ACL in the Remarks field. 7. Choose one of the following options from the Source list: • To enter an IP address, select IP Address and complete the following steps: a.
Layer 3 access control list policy 22 12. Click OK on the Add - L3 ACL Configuration dialog box. The Device_Name - L3 ACL Configuration dialog box displays. 13. To set the configuration type and operations, refer to “Configuring the ACL configuration type and operations” on page 788. 14. (Ethernet routers only) To set the hit statistics duration, refer to “Configuring hit statistics” on page 788. 15. To deploy the configuration, click OK on the Device_Name - L3 ACL Configuration dialog box.
22 Layer 3 access control list policy b. Complete step 5 through step 10 in “Creating a standard L3 ACL configuration” on page 773. The updated ACL rule displays in the ACL Entries list. To update additional rules for the same ACL, repeat step 4. 5. To add a new rule, complete step 5 through step 10 in “Creating a standard L3 ACL configuration” on page 773. The updated ACL rule displays in the ACL Entries list. To update additional rules for the same ACL, repeat step 5. 6.
Layer 3 access control list policy 22 6. To add a new rule, complete step 5 through step 10 in “Creating a standard L3 ACL configuration” on page 773. The updated ACL rule displays in the ACL Entries list. To update additional rules for the same ACL, repeat step 5. 7. To delete an existing rule, select the rule you want to delete in the ACL Entries list and click the left arrow button. 8. Use the Up and Down arrow buttons to rearrange the ACLs in the ACL Entries list. 9.
22 Layer 3 access control list policy 4. Enter a name or number for the ACL in the ACL Name/Number field. 5. Select Permit or Deny from the Action list. 6. Enter a description for the ACL in the Remarks field. 7. Choose one of the following options from the Source list: • To enter an IP address, select IP Address and complete the following steps: a. Enter the source IP address on which the ACL filters traffic in the IP Address list and text field. b.
Layer 3 access control list policy 22 13. Use the Up and Down arrow buttons to rearrange the ACLs in the ACL Entries list. 14. View the advanced settings for an ACL by selected the ACL in the ACL Entries list and clicking View. The L3 ACL Advanced Settings dialog box displays. 15. Click Close on the L3 ACL Advanced Settings dialog box to close. 16. Click OK on the Add - L3 ACL Configuration dialog box. The new ACL displays in the ACLs list. 17.
22 Layer 3 access control list policy 8. Click Close on the L3 ACL Advanced Settings dialog box to close. 9. Click OK on the Edit - L3 ACL Configuration dialog box. The updated ACL displays in the ACLs list. 10. To set the configuration type and operations, refer to “Configuring the ACL configuration type and operations” on page 788. 11. (Ethernet routers only) To set the hit statistics duration, refer to “Configuring hit statistics” on page 788. 12.
Layer 3 access control list policy 22 10. Click OK on the Duplicate - L3 ACL Configuration dialog box. The new ACL displays in the ACLs list. 11. To set the configuration type and operations, refer to “Configuring the ACL configuration type and operations” on page 788. 12. (Ethernet routers only) To set the hit statistics duration, refer to “Configuring hit statistics” on page 788. 13. To deploy the configuration, click OK on the Device_Name - L3 ACL Configuration dialog box.
22 Layer 3 access control list policy 6. Choose one of the following options from the Source list: • To enter an IP address, select IP Address and complete the following steps: a. Enter the source IP address on which the ACL filters traffic in the IP Address list and text field. You can enter the IPv6 address in compressed (for example, you can compress 2001:db8:0:0:0:0:2:1 can be shortened to 2001:db8::2:1) or raw format. b. Enter the prefix length (1 through 128) in the Prefix Length field.
Layer 3 access control list policy 22 To configure additional settings, refer to “Configuring L3 ACL advanced settings” on page 789. 11. Click the right arrow button. The new ACL displays in the ACL Entries list. 12. Repeat step 4 through step 11 to add additional entries. 13. Use the Up and Down arrow buttons to rearrange the ACLs in the ACL Entries list. 14. View the advanced settings for an ACL by selected the ACL in the ACL Entries list and clicking View.
22 Layer 3 access control list policy 9. Click OK on the Edit - L3 ACL (IPv 6) Configuration dialog box. The updated ACL displays in the ACLs list. 10. To set the configuration type and operations, refer to “Configuring the ACL configuration type and operations” on page 788. 11. (Ethernet routers only) To set the hit statistics duration, refer to “Configuring hit statistics” on page 788. 12. To deploy the configuration, click OK on the Device_Name - L3 ACL Configuration dialog box.
Layer 3 access control list policy 22 6. To delete an existing ACL entry, select the ACL you want to delete in the ACL Entries list and click the left arrow button. 7. Use the Up and Down arrow buttons to rearrange the ACLs in the ACL Entries list. 8. Select an ACL in the ACL Entries list and click View to the L3 ACL Advanced Settings dialog box for the ACL. 9. View the advanced settings for an ACL by selected the ACL in the ACL Entries list and clicking View.
22 Layer 3 access control list policy 3. Click OK. The Device_Name - Port_Number - ACL Port Configuration dialog box displays. FIGURE 279 Device_Name - Port_Number - ACL Port Configuration dialog box 4. (Ethernet routers only) Select a duration (1 Second, 1 Minute, 5 Minutes, or Cumulative) to track the number of times an ACL filter is used in the Hits Stats Duration list. Click Refresh to collect the hit statistics. The application updates the Hits column of the Details of Selected ACL list. 5.
Layer 3 access control list policy 22 6. To assign an ACL configuration to outbound messages, select the Outbound check box and complete the following steps: NOTE You can only assign an ACL to an outbound message on an Application product. a. Select the Assign ACL option and choose one of the following options from the first Assign ACL list: • Select ACLs on this Product to assign ACLs deployed on the product to the port.
22 Layer 3 access control list policy 5. To clear outbound messages, complete the following steps: a. Select the Outbound check box. b. Select the Clear ACL Assignment option. 6. Click OK on the Device_Name - Port_Number - Layer 3 ACL Configuration dialog box. The Deploy to Ports - L3 ACL dialog box displays.
Layer 3 access control list policy 22 3. Click Refresh to refresh the hit statistics. The Refresh Time field displays the last time the Management application client successfully collected the hit statistics. Configuring L3 ACL advanced settings You configure L3 ACL advanced settings for extended L3 ACL device configurations.
22 Layer 3 access control list policy • Max-throughput (4) — Select to have the ACL filters packets that match the maximum throughput TOS. The decimal value is 4. • Min-delay (8) — Select to have the ACL filter packets that match the minimum delay TOS. The decimal value is 8. 4. Select one of the following protocols from the Protocol list to filter the packet by protocol.
Layer 3 access control list policy b. 22 Enter a port number or select a port application name from the Start list. If you selected range from the Operator list, enter the port number or name of the lower numbered port in the range. Click the ellipsis button to launch the Service dialog box to see a list of services and service groups. For more information about services and service groups, refer to “Service configuration” on page 802. c.
22 Layer 3 access control list policy b. Choose one of the following code types: The available code types vary depending on the selected message type.
Layer 3 access control list policy 22 14. Click OK on the Advanced Settings dialog box.
22 Layer 3 access control list policy 1. Click the Networks tab. FIGURE 281 Network dialog box, Networks tab 2. Review the List of Networks table: • Name — The user-defined network name. • Subnet — The IP address of the subnet. • Mask — The IP address of the mask. 3. Click Close on the Network dialog box. To finish configuring the ACL, return to one of the above procedures. Creating a network You can access the Network dialog box when configuring a standard or extended L3 ACL device configuration.
Layer 3 access control list policy 22 3. Enter a name for the network in the Name field. 4. Enter a valid IP address (IPv4 format) in the Subnet field. 5. Enter a valid IP address in the Mask field. If you use the ACL Network as the source IP address, the Subnet mask from the ACL Network will be converted to Wildcard mask when deploying the ACL to the device. The Network dialog box only accepts subnet mask. 6. Click OK on the Add Network dialog box. 7. Click Close on the Network dialog box.
22 Layer 3 access control list policy Copying a network You can access the Network dialog box when configuring a standard or extended L3 ACL device configuration.
Layer 3 access control list policy 22 3. Click Yes on the confirmation message. 4. Click Close on the Network dialog box. To finish configuring the ACL, return to one of the above procedures. Network group configuration The Management application allows you to filter traffic from a specific network group. A network group is made up of one or more devices, networks, or network groups.
22 Layer 3 access control list policy 2. Review the List of Network Groups table: • • • • • Name — The user-defined network group name. Host Names — The name of each host in the network group. Address Range — The range of IP addresses for the network group. Networks — The name of each network in the network group. Network Groups — The name of each network group in the network group. 3. Click Close on the Network dialog box. To finish configuring the ACL, return to one of the above procedures.
Layer 3 access control list policy 22 4. To add a host to the network group, complete the following steps. a. Enter a valid host name in the Host Name field. b. Click the right arrow button to move the host name to the Selected table. 5. To add an address range to the network group, complete the following steps. a. Enter an IP address for the start of the range in the Start field. b. Enter an IP address for the end of the range in the End field. c.
22 Layer 3 access control list policy 5. To edit an address range to the network group, complete the following steps. a. Select the range you want to edit in the Selected table and click the left arrow button. b. Change the IP address for the start of the range in the Start field. c. Change the IP address for the end of the range in the End field. d. Click the right arrow button to move the address range back to the Selected table. 6.
Layer 3 access control list policy 22 5. To add a host to the network group, complete the following steps. a. Enter a valid host name in the Host Name field. b. Click the right arrow button to move the host name to the Selected table. 6. To edit an address range to the network group, complete the following steps. 7. a. Select the range you want to edit in the Selected table and click the left arrow button. b. Change the IP address for the start of the range in the Start field. c.
22 Layer 3 access control list policy To delete a network group, complete the following steps. 1. Click the Network Groups tab. 2. Select one or more network groups that you want to delete in the List of Network Groups table and click Delete. 3. Click Yes on the confirmation message. 4. Click Close on the Network dialog box. To finish configuring the ACL, return to one of the above procedures.
Layer 3 access control list policy 22 FIGURE 285 Service dialog box, Services tab 2. Review the List of Services table: • • • • Name — The service name. Protocol — Whether the service uses the TCP or UDP protocol. Port — The port number. User-defined — Whether the service is user-defined or not. 3. Click Close on the Network dialog box. To finish configuring the advanced settings, refer to “Configuring L3 ACL advanced settings” on page 789.
22 Layer 3 access control list policy FIGURE 286 Add Service dialog box 3. Enter a name for the service in the Name field. 4. Select one of the following protocol options: • TCP • UDP 5. Enter a port number in the Port field. 6. Click OK on the Add Service dialog box. 7. Click Close on the Service dialog box. To finish configuring the advanced settings for the ACL, refer to “Configuring L3 ACL advanced settings” on page 789.
Layer 3 access control list policy 22 Copying a service You can access the Service dialog box when configuring an extended L3 ACL device configuration.
22 Layer 3 access control list policy 4. Click Close on the Service dialog box. To finish configuring the advanced settings for the ACL, refer to “Configuring L3 ACL advanced settings” on page 789. Service group configuration The Management application allows you to filter traffic from a specific service group. A service group is made up of one or more port ranges, services, or service groups.
Layer 3 access control list policy 22 2. Review the List of Service Groups table: • • • • Name — The service group name. Port Range — The range (1 — 65535) of port numbers. Services — The name of each service in the service group. Service Groups — The name of each service group in the service group. 3. Click Close on the Service dialog box. To finish configuring the advanced settings for the ACL, refer to “Configuring L3 ACL advanced settings” on page 789.
22 Layer 3 access control list policy a. Enter the starting port number in the Start Port field. b. Enter the ending port number in the End Port field. c. Click the right arrow button to move the address range to the Selected table. 5. To add a service to the group, complete the following steps. a. Select one or more services to add to the group in the Services table. b. Click the right arrow button to move the selected services to the Selected table. 6.
Layer 3 access control list policy 22 5. To add a service group to the group, complete the following steps. a. Select one or more service groups to add to the group in the Services table. b. Click the right arrow button to move the selected service groups to the Selected table. 6. Click OK on the Edit Service Group dialog box. The Service dialog box, Service Group tab displays with the new group in the List of Service Groups table. 7. Click Close on the Service dialog box.
22 Media Access Control (MAC) filter management 8. Click Close on the Service dialog box. To finish configuring the advanced settings for the ACL, refer to “Configuring L3 ACL advanced settings” on page 789. Deleting a service group You can access the Service dialog box when configuring an extended L3 ACL device configuration.
Media Access Control (MAC) filter management 22 • Destination MAC address • Encapsulation type and Ethertype You can configure and manage MAC filters at the device or interface (port/trunk) level. NOTE You can only apply MAC filters inbound traffic. When you configure MAC filters on a device, the MAC filter does not execute until you deploy it on an interface.
22 Media Access Control (MAC) filter management FIGURE 290 Add MAC Filter dialog box 3. Enter a MAC filter number in the MAC Filter # field. MAC filter numbers range from 1 through 1024. 4. (Optional) Enter a description of the MAC filter in the Description field. The description is saved to the Management application database only. It is not saved to the switch. 5. Select Permit or Deny from the Action list. 6.
Media Access Control (MAC) filter management 22 9. In the Operator list, select one of the following to specify a binary operator: • • • • = (equal to) != (not equal to) > (greater than) < (less than). This field is not available when the Ethernet Type is none. 10. Enter the type of frame in the Frame Type field. This ia 2 byte hexadecimal value. Valid values include 0600 to FFFF. This field is not available when the Ethernet Type is none. 11. Click OK on the Add MAC Filter dialog box.
22 Media Access Control (MAC) filter management 4. Click OK on the MAC Filter Saved Configurations dialog box. The Device_Name - MAC Filter Configuration dialog box displays with the selected MAC filters in the MAC Filters table. If you selected a saved deployment configuration, all MAC filters associated with the saved deployment configuration display in the MAC Filters table. 5. Click OK on the Device_Name - MAC Filter Configuration dialog box. The Deploy to Products - MAC Filter dialog box displays.
Media Access Control (MAC) filter management 22 6. In the Destination Address list, select one of the following options: • Any • MAC Selecting MAC enables the Destination Address and Destination Mask fields. 7. a. Enter the destination MAC address on which the configuration filters traffic in the Destination Address field. b. Enter the mask associated with the destination MAC address in the Destination Mask field.
22 Media Access Control (MAC) filter management 4. Enter a description of the MAC filter in the Description field. 5. Select Permit or Deny from the Action list. 6. In the Source Address list, select one of the following options: • Any • MAC Selecting MAC enables the Source Address and Source Mask fields. 7. a. Enter the source MAC address on which the configuration filters traffic in the Source Address field. b. Enter the mask associated with the source MAC address in the Source Mask field.
Media Access Control (MAC) filter management 22 Deleting a MAC filter 1. Select Configure > Security > MAC Filter > Product. The Device_Name - MAC Filter Configuration dialog box displays. 2. Select the MAC filter you want to delete in the MAC Filters table and click Delete. 3. Click Yes on the confirmation message. 4. Click OK on the Device_Name - MAC Filter Configuration dialog box. NOTE The MAC Filter is not deleted from the switch until you deploy the configuration to the switch.
22 Media Access Control (MAC) filter management Clearing MAC filter assignments To clear a MAC filter assignment from a port or product, complete the following steps. 1. Select Configure > Security > MAC Filter > Port. The Port Selection - MAC Filter dialog box displays. 2. Select the port you want to clear the MAC filter from in the Available Ports list and click the right arrow button. You can select more ports or products from the Deploy to Ports - MAC Filter dialog box. 3.
Security configuration deployment 22 Security configuration deployment Figure 293 shows the standard interface used to deploy security configurations. FIGURE 293 Deploy to Product/Ports dialog box Before you can deploy a security configuration, you must create the security configuration.
22 Security configuration deployment Deploying a security configuration on demand To deploy a security configuration immediately, complete the following steps. FIGURE 294 Deploy to Product/Ports dialog box 1. Choose one of the following options: • Deploy now — Select to deploy the configuration immediately on the product or port without saving the deployment definition.
Security configuration deployment 7. 22 Select one or more of the following to capture snapshots: • Select the Pre-deployment check box to capture a snapshot of the product’s configuration prior to deployment of the security configuration. • Select the Post-deployment check box to capture a snapshot of the product’s configuration after deployment of the security configuration.
22 Security configuration deployment 5. Click the Snapshot Use check box and click the ellipsis button to select the product monitoring template. NOTE The Snapshot Use check box is only available for IronWare products. The Pre-Post Snapshot Properties dialog box displays. 6. Select the product monitoring template you want to use from the CLI Template list. 7.
Security configuration deployment 22 2. Choose one of the following options: • Select New from the Add list. The Add - Layer 2 ACL Configuration dialog box displays. • Select an ACL in the list and click Edit. The Edit - Layer 2 ACL Configuration dialog box displays. 3. Configure the Layer 2 ACL and click OK on the Add/Edit - Layer 2 ACL Configuration dialog box. 4. Click OK on the Device_Name - Layer 2 ACL Configuration dialog box. The Deploy to Products - Layer 2 ACL dialog box displays. 5.
22 Security configuration deployment Configuring a one-time deployment schedule To configure a one-time schedule, complete the following steps. 1. Select One Time from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 3. Click the Date list to select a date from the calendar.
Security configuration deployment 22 Configuring a monthly deployment schedule To configure a monthly schedule, complete the following steps. 1. Select Monthly from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 3. Select the day you want deployment to run from the Day of the Month list (1 through 31).
Chapter 23 FC-FC Routing Service Management In this chapter • Devices that support Fibre Channel routing . . . . . . . . . . . . . . . . . . . . . . . . • Fibre Channel routing overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Guidelines for setting up Fibre Channel routing . . . . . . . . . . . . . . . . . . . . . • Connecting edge fabrics to a backbone fabric . . . . . . . . . . . . . . . . . . . . . . • Configuring routing domain IDs . . . . . . . . . . . . . . . . . . . .
23 Fibre Channel routing overview • Any of the following blades on a Backbone chassis: - 4 Gbps Router, Extension Blade - FC 8 GB 16-port Blade - FC 8 GB 32-port Blade - FC 8 GB 32-port Enhanced Blade (16 Gbps 4-slot or 16 Gbps 4-slot Backbone Chassis only) - FC 8 GB 48-port Blade - The shared ports area (ports 16-47) cannot be used as EX_Ports.
Guidelines for setting up Fibre Channel routing 23 Figure 297 on page 829 shows a metaSAN with a backbone fabric and three edge fabrics. The backbone consists of one 4 Gbps Router, Extension Switch connecting hosts in Edge fabrics 1 and 3 with storage in Edge fabric 2 and the backbone fabric.
23 Connecting edge fabrics to a backbone fabric Connecting edge fabrics to a backbone fabric The following procedure explains how to set up FC-FC routing on two edge fabrics connected through an FC router using E_Ports and EX_Ports. NOTE To configure an EX_Port, switches running Fabric OS 7.0.0 or earlier must have an FCR license. Switches running Fabric OS 7.0.1 or later configured in Brocade Native mode (IM0) or Brocade NOS mode (IM5) do not require an FCR license.
Connecting edge fabrics to a backbone fabric 23 FIGURE 298 Router Configuration-Connect Edge Fabric dialog box 3. Select the FC router from the Available Routers list. 4. Click the right arrow button to move the FC router you selected to the Selected Router list. 5. Select a valid fabric ID from the Fabric ID list. You can choose any unique fabric ID as long as it is consistent for all EX_Ports that connect to the same edge fabric.
23 Configuring routing domain IDs 9. Configure LSAN zones in each fabric that will share devices. For specific instructions, refer to “Configuring LSAN zoning” on page 1073. Configuring routing domain IDs Logical (phantom) domains are automatically created to enable routed fabrics. Two types of logical domains are created: • A front domain is created in edge fabrics for every interfabric link (IFL). • A translate (Xlate) domain is created in routed fabrics that share devices.
Chapter Virtual Fabrics 24 In this chapter • Virtual Fabrics overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 833 • Virtual Fabrics requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 834 • Configuring Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
24 Virtual Fabrics requirements Terminology for Virtual Fabrics Table 108 lists definitions of Virtual Fabrics terms. TABLE 108 Virtual Fabrics terms Term Definition Physical chassis The physical switch or chassis from which you create logical switches and fabrics. Logical switch A collection of ports that act as a single Fibre Channel (FC) switch. When Virtual Fabrics is enabled on the chassis, there is always at least one logical switch: the default logical switch.
Virtual Fabrics requirements 24 • Discover a Virtual Fabrics-enabled seed physical chassis running Fabric OS 6.2.0 or later with Virtual Fabrics enabled, and at least one logical switch defined on the core switch. The physical chassis displays as a virtual switch. • Upgrade a physical chassis already in your SAN to Fabric OS 6.2.0 or later. Virtual Fabrics is disabled by default. This switch displays as a legacy switch. Once upgraded, you must enable Virtual Fabrics.
24 FICON best practices for Virtual Fabrics TABLE 110 Logical switch Base switch Blade and port types supported on logical switches for backbone chassis (Continued) • • • • • • • • • • Extension Blade — GE_Ports and VE_Ports FC 8 GB Port Blade — E_Ports and F_Ports FC 16 GB Port Blade — E_Ports and F_Ports 8 Gbps Extension Blade - FC ports: E_Ports, F_Ports, and VE_Ports - GE ports: VE_Ports 8-slot and 4-slot Backbone Chassis — ICL ports Extension Blade — GE_Ports and VEX_Ports FC 8 GB Port Blade — E_
FICON best practices for Virtual Fabrics 24 - Disable Device Probing – When selected, third-party software, except for CUP, is prohibited from managing the switch. This check box should be selected unless otherwise advised by your switch service provider. - Long Distance Fabric – This parameter sets E_Ports to LD mode (increases BB credits for long distance performance). Select this check box only when ISLs between the switch and a connected device exceed 10 Km.
24 Configuring Virtual Fabrics • Create at least one logical switch for FICON connections. • Fibre Channel ports on the 8 Gbps Extension Blade can be placed in any logical switch. The default switch should only be used for FICON connections when FC ports on a 4 Gbps Router, Extension blade are required for FICON. FICON connections are not supported in the default switch for 48-port blades in a 4-slot or 8-slot Backbone Chassis.
Configuring Virtual Fabrics d. 24 Enable all logical switches in each chassis. Right-click each logical switch in the Connectivity Map or Product List and select Enable/Disable > Enable. The logical fabric is formed. Enabling Virtual Fabrics For a list of platforms that are Virtual Fabrics-capable, refer to “Virtual Fabrics requirements” on page 834. ATTENTION If the physical chassis is participating in a fabric, the affected fabric will be disrupted. 1.
24 Configuring Virtual Fabrics FIGURE 301 Logical Switches dialog box 2. Select the physical chassis from which you want to create a logical switch in the Chassis list. You can display all logical switches from all chassis by selecting the Show Logical Switches from all Chassis check box. 3.
Configuring Virtual Fabrics 24 FIGURE 302 New Logical Switch dialog box 5. Click the Fabric tab and enter fabric-wide parameters. a. Enter a fabric identifier in the Logical Fabric ID field. This assigns the new logical switch to a logical fabric. If the logical fabric does not exist, this creates a new logical fabric as well as assigning the new logical switch. b. Enter new values for the fabric-wide parameters or leave the parameters unchanged to accept the current values.
24 Configuring Virtual Fabrics e. (Optional) For Backbone Chassis only, select an option in the 256 Area Limit list to use 256-area addressing mode (zero-based or port-based) or to disable this mode (default). The 256-area addressing mode can be used in FICON environments, which have strict requirements for 8-bit area FC addresses. 6. Click the Switch tab and enter switch parameters. a. Enter a name for the logical switch in the Name field. b.
Configuring Virtual Fabrics 24 Assigning ports to a logical switch When you create a logical switch, it has no ports and you must explicitly assign ports to it. When you assign a port to a logical switch, it is removed from the original logical switch and assigned to the new logical switch. All ports are initially assigned to the default logical switch. A port can be assigned to only one logical switch. 1. Select Configure > Virtual Fabric > Logical Switches. The Logical Switches dialog box displays. 2.
24 Configuring Virtual Fabrics 10. Click Start to send these changes to the affected chassis. NOTE Most changes to logical switches will disrupt data traffic in the fabric. The status of each change is displayed in the Status column and Status area in the dialog box. 11. When the changes are complete, click Close. Removing ports from a logical switch 1. Select Configure > Virtual Fabric > Logical Switches. The Logical Switches dialog box displays. 2.
Configuring Virtual Fabrics 24 9. Click Start to send these changes to the affected chassis. NOTE Most changes to logical switches will disrupt data traffic in the fabric. The status of each change is displayed in the Status column and Status area in the dialog box. 10. When the changes are complete, click Close. Deleting a logical switch 1. Select Configure > Virtual Fabric > Logical Switches. The Logical Switches dialog box displays. 2.
24 Configuring Virtual Fabrics Configuring fabric-wide parameters for a logical fabric When you create a logical switch, you must assign it to a fabric and configure fabric-wide parameters. All the switches in a fabric must have the same fabric-wide settings. Instead of configuring these settings separately on each logical switch, you can create a logical fabric template, which defines the fabric-wide settings for a logical fabric.
Configuring Virtual Fabrics 24 All of the logical fabric templates have the same name, “NewFabric”. You can differentiate among the templates by the FID number. You can now create logical switches using the fabric-wide settings in the logical fabric template. To assign logical switches, refer to “Creating a logical switch or base switch” on page 839. NOTE When you close the Logical Switches dialog box, the logical fabric templates are automatically deleted.
24 Configuring Virtual Fabrics Moving a logical switch to a different fabric You can move a logical switch from one fabric to another by assigning a different fabric ID. 1. Select Configure > Virtual Fabric > Logical Switches. The Logical Switches dialog box displays. 2. Right-click anywhere in the Existing Logical Switches list and select Table > Expand All. 3. Select the logical switch you want to move to another logical fabric. 4. Click Edit. The Edit Properties dialog box displays. 5.
Configuring Virtual Fabrics 24 Changing a logical switch to a base switch The Base Switch column in the Existing Logical Switches list indicates whether a logical switch is a base switch. 1. Select Configure > Virtual Fabric > Logical Switches. The Logical Switches dialog box displays. 2. Right-click anywhere in the Existing Logical Switches list and select Table > Expand All. 3. Select the logical switch you want to change to a base switch. 4. Click Edit. The Edit Properties dialog box displays. 5.
Chapter SAN Encryption Configuration 25 In this chapter • Encryption Center features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 852 • Encryption user privileges. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 853 • Smart card usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 854 • Network connections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
25 Encryption Center features • Using the Encryption Targets dialog box . . . . . . . . . . . . . . . . . . . . . . . . . . • Redirection zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Disk device decommissioning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Rekeying all disk LUNs manually . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Thin provisioned LUNs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Encryption user privileges 25 • “Blade processor links” on page 865 describes the steps for interconnecting encryption switches or blades in an encryption group through a dedicated LAN. This must be done before the encryption engines are enabled. Security parameters and certificates cannot be exchanged if these links are not configured and active.
25 Smart card usage TABLE 111 Encryption privileges (Continued) Privilege Storage Encryption Security Read/Write • • • • • • • • • • • • Launch the Encryption center dialog box. View switch, group, or engine properties. View Encryption Group Properties Security tab. View LUN centric view. View all rekey sessions. View encryption targets, hosts, and LUNs. Create a master key. Backup a master key. Edit smart card.
Smart card usage 25 • Establishing a trusted link with the NetApp LKM/SSKM key vault. • Decommissioning a LUN. When a quorum of authentication cards is registered for use, authentication must be provided before you are granted access. Registering authentication cards from a card reader To register an authentication card or a set of authentication cards from a card reader, have the cards physically available.
25 Smart card usage 3. Locate the Authentication Card Quorum Size and select the quorum size from the list. The quorum size is the minimum number of cards necessary to enable the card holders to perform the security sensitive operations listed above. The maximum quorum size is five cards. The actual number of authentication cards registered is always more than the quorum size, so if you set the quorum size to five, for example, you will need to register at least six cards in the subsequent steps.
Smart card usage 25 Registering authentication cards from the database Smart cards that are already in the Management program’s database can be registered as authentication cards. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2. Select an encryption group from the Encryption Center Devices table, then select Group > Security from the menu task bar to display the Encryption Group Properties dialog box.
25 Smart card usage Deregistering an authentication card Authentication cards can be removed from the database and the switch by deregistering them. Complete the following procedure to deregister an authentication card. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
Smart card usage 25 Using system cards System cards are smart cards that can be used to control activation of encryption engines. You can choose whether the use of a system card is required or not. Encryption switches and blades have a card reader that enables the use of a system card. System cards discourage theft of encryption switches or blades by requiring the use of a system card at the switch or blade to enable the encryption engine after a power off.
25 Smart card usage Enabling or disabling the system card requirement To use a system card to control activation of an encryption engine on a switch, you must enable the system card requirement. If a system card is required, it must be read by the card reader on the switch. You access the system card GUI from the Security tab. Complete the following procedure to enable or disable the system card requirement. 1.
Smart card usage 25 Deregistering system cards System cards can be removed from the database by deregistering them. Use the following procedure to deregister a system card: 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2. Select the switch from the Encryption Center Devices table, then select Switch > System Cards from the menu task bar. The System Cards dialog box displays. (Refer to Figure 308 on page 859.) 3.
25 Smart card usage FIGURE 309 Smart Card Asset Tracking dialog box The Smart Cards table lists the known smart cards and the details for the smart cards. These details include the following: • Card ID: Lists the smart card ID, prefixed with an ID that identifies how the card id used. For example, rc.123566b700017818, where rc stands for recovery card. • Card Type: Options are: System card, Authentication card, and Recovery set. • Usage: Usage content varies based on the card type.
Smart card usage 25 NOTE You can remove smart cards from the table to keep the Smart Cards table at a manageable size, but removing the card from the table does not invalidate it; the smart card can still be used. • Save As button: Saves the entire list of smart cards to a file. The available formats are comma-separated values (.csv) and HTML (.html). • Card Details table: Card details vary based on the card type.
25 Smart card usage Editing smart cards Smart cards can be used for user authentication, master key storage and backup, and as a system card for authorizing use of encryption operations. 1. From the Encryption Center dialog box, select Smart Card > Edit Smart Card from the menu task bar to display the Edit Smart Card dialog box. (Refer to Figure 310.) FIGURE 310 Edit Smart Card dialog box 2. Insert the smart card into the card reader. 3.
Network connections 25 Network connections Before you use the encryption setup wizard for the first time, you must have the following required network connections: • The management ports on all encryption switches and DCX Backbone Chassis CPs that have Encryption Blades installed must have a LAN connection to the SAN management program, and must be available for discovery.
25 Encryption node initialization and certificate generation Configuring blade processor links To configure blade processor links, complete the following steps: 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2. Select the encryption engine from the Encryption Center Devices table, then select Engine > Blade Processor Link from the menu task bar to display the Blade Processor Link dialog box. (Refer to Figure 311.
Key Management Interoperability Protocol 25 Setting encryption node initialization Encryption nodes are initialized by the Configure Switch Encryption wizard when you confirm a configuration. Encryption nodes may also be initialized from the Encryption Center dialog box. 1. Select a switch from the Encryption Center Devices table, then select Switch > Init Node from the menu task bar. 2. Select Yes after reading the warning message to initialize the node.
25 Key Management Interoperability Protocol Configuration parameters The encryption group object has three additional properties that can be configured when the key vault (KV) type is KMIP. These additional properties must be set by the user: • High availability • User credentials • Certificate type High availability The KMIP Key Authentication Center (KAC) adapter provides configurable HA support. HA for the key vault should be set before you register the key vault.
Key Management Interoperability Protocol 25 Key vault type and vendor The key vault type for any KMIP-compliant key vault is shown on the switch as “KMIP” in the groupcfg output. The key vault vendor or key manager name is displayed under “Server SDK Version”.
25 Supported encryption key manager appliances Authentication Quorum Size: 0 Authentication Cards not configured NODE LIST Total Number of defined nodes: Group Leader Node Name: Encryption Group state: Crypto Device Config state: Encryption Group Config state: 2 10:00:00:05:1e:53:ae:4c CLUSTER_STATE_CONVERGED In Sync In Sync Node Name 10:00:00:05:1e:b6:68:80 EE Slot: SP state: IP address 10.37.36.128 10:00:00:05:1e:53:ae:4c EE Slot: SP state: 10.37.39.
Steps for connecting to a DPM appliance 25 Steps for connecting to a DPM appliance All switches that you plan to include in an encryption group must have a secure connection to the RSA Data Protection Manager (DPM). The following is a suggested order of steps needed to create a secure connection to the DPM. NOTE The switch uses the manual enrollment of identities with client registration to connect with DPM 3.x servers. Client registration is done automatically when you upgrade to Fabric OS 7.1.
25 Steps for connecting to a DPM appliance 4. Do one of the following: • If a CSR is present, click Export. • If a CSR is not present, select a switch from the Encryption Center Devices table, then select Switch > Init Node from the menu task bar. This generates switch security parameters and certificates, including the KAC CSR. 5. Save the file. The default location for the exported file is in the Documents folder. NOTE The CSR is exported in Privacy Enhanced Mail (.pem) format.
Steps for connecting to a DPM appliance 25 In the example above, the certificate validity is active until “Dec 4 18:03:14 2010 GMT.” After the KAC certificate has expired, the registration process must be redone. NOTE In the event that the signed KAC certificate must be re-registered, you will need to log in to the key vault web interface and upload the new signed KAC certificate for the corresponding switch Identity.
25 Steps for connecting to a DPM appliance 7. Open another web browser window, and start the RSA management user interface. You will need the URL, and have the proper authority level, user name, and password. NOTE The Identity Group name used in the next step might not exist in a freshly installed DPM. To establish an Identity Group name, click the Identity Group tab, and create a name. The name Hardware Retail Group is used as an example in the following steps. 8. Select the Key Classes tab.
Steps for connecting to a DPM appliance 25 Uploading the KAC certificate onto the DPM appliance (manual identity enrollment) NOTE The switch will not use the Identity Auto Enrollment feature supported with DPM 3.x servers. You must complete the identity enrollment manually to configure the DPM 3.x server with the switch as described in this section. You need to install the switch public key certificate (KAC certificate). For each encryption node, manually create an identity as follows: 1.
25 Steps for connecting to an LKM/SSKM appliance . FIGURE 313 Encryption Group Properties with Key Vault Certificate 2. Select Load from File and browse to the location on your client PC that contains the downloaded CA certificate in .pem format. Steps for connecting to an LKM/SSKM appliance The NetApp Lifetime Key Manager (LKM) resides on an FIPS 140-2 Level 3-compliant network appliance. The encryption engine and LKM appliance communicate over a trusted link.
Steps for connecting to an LKM/SSKM appliance 25 Launching the NetApp DataFort Management Console The NetApp DataFort Management Console (DMC) must be installed on your PC or workstation to complete certain procedures described in this chapter. Refer to the appropriate DMC product documentation for DMC installation instructions. After you install the DMC, complete the following steps: 1. Launch the DMC. 2. Click the Appliance tab on the top panel. 3.
25 Steps for connecting to an LKM/SSKM appliance Obtaining and importing the LKM/SSKM certificate Certificates must be exchanged between the LKM/SSKM appliance and the encryption switch to enable mutual authentication. You must obtain a certificate from the LKM/SSKM appliance and import it into the encryption Group Leader. The encryption Group Leader exports the certificate to other encryption group members. To obtain and import an LKM/SSKM certificate, complete the following steps: 1.
Steps for connecting to an LKM/SSKM appliance 25 Exporting and registering the switch KAC certificates on LKM/SSKM 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2. Select a switch from the Encryption Center Devices table, then select Switch > Export Certificate from the menu task bar.
25 Steps for connecting to an LKM/SSKM appliance Data Encryption Keys The following sections describe Data Encryption Key (DEK) behavior during DEK creation, retrieval, and updates as they relate to disk keys and tape pool keys, and tape LUN and DF-compatible tape pool support: Disk keys and tape pool keys (Brocade native mode support) Data Encryption Key (DEK) creation, retrieval, and update for disk and tape pool keys in Brocade native mode are as follows: • DEK creation: The DEK is archived into the
Steps for connecting to an ESKM/SKM appliance 25 LKM/SSKM key vault deregistration Deregistration of either the primary or secondary LKM/SSKM key vault from an encryption switch or blade is allowed independently. • Deregistration of Primary LKM/SSKM: You can deregister the Primary LKM/SSKM from an encryption switch or blade without deregistering the backup or secondary LKM/SSKM for maintenance or replacement purposes.
25 Steps for connecting to an ESKM/SKM appliance • Enable an SSL connection. Refer to “Enabling SSL on the Key Management System (KMS) Server” on page 887. • Configure a cluster of ESKM/SKM appliances for high availability.
Steps for connecting to an ESKM/SKM appliance 25 Registering the ESKM/SKM Brocade group user name and password The Brocade group user name and password you created when configuring a Brocade group on ESKM/SKM must also be registered on each encryption node. NOTE This operation can be performed only after the switch is added to the encryption group. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
25 Steps for connecting to an ESKM/SKM appliance • Different user names and passwords can never be used within the same encryption group, but each encryption group may have its own user name and password. • If you change the user name and password, the keys created by the previous user become inaccessible. The Brocade group user name and password must also be changed to the same values on ESKM/SKM to make the keys accessible.
Steps for connecting to an ESKM/SKM appliance 25 FIGURE 316 Creating an HP ESKM/SKM local CA 5. Under Certificates & CAs, select Trusted CA Lists to display the Trusted Certificate Authority List Profiles. 6. Click on Default under Profile Name. 7. In the Trusted Certificate Authority List, click Edit. 8. From the list of Available CAs in the right panel, select the CA you just created. Repeat these steps any time another local CA is needed.
25 Steps for connecting to an ESKM/SKM appliance 3. Enter the required information under Create Certificate Request. - Enter a Certificate Name and Common Name. The same name may be used for both. Enter your organizational information. Enter the E-mail Address where you want messages to the Security Officer to go. Enter the Key Size. HP recommends using the default value: 1024. 4. Click Create Certificate Request.
Steps for connecting to an ESKM/SKM appliance 25 Enabling SSL on the Key Management System (KMS) Server The KMS Server provides the interface to the client. Secure Sockets Layer (SSL) must be enabled on the KMS Server before this interface will operate. After SSL is enabled on the first appliance, it will be enabled automatically on the other cluster members. To configure and enable SSL, complete the following steps: 1. Select the Device tab. 2.
25 Steps for connecting to an ESKM/SKM appliance Copying the local CA certificate for a clustered ESKM/SKM appliance Before adding an ESKM/SKM appliance to a cluster, you must obtain the local CA certificate from the original ESKM/SKM or from an ESKM/SKM that is already in the cluster. 1. Select the Security tab. 2. Select Local CAs under Certificates & CAs. 3. Select the name of the local CA from the Local Certificate Authority list. The CA Certificate Information is displayed. 4.
Steps for connecting to an ESKM/SKM appliance 25 15. Click Browse, then select the Cluster Key File you saved. 16. Enter the cluster password, then click Join. 17. After adding all members to the cluster, delete the cluster key file from the desktop. 18. Create and install an ESKM/SKM server certificate. Refer to “Creating and installing the ESKM/SKM server certificate” on page 885 for a description of this procedure.
25 Steps for connecting to an ESKM/SKM appliance Importing a signed KAC certificate into a switch After a KAC CSR has been submitted and signed by a CA, the signed certificate must be imported into the switch. NOTE This operation can be performed only after the switch is added to the encryption group. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 1.
Steps for connecting to an ESKM/SKM appliance 25 Data Encryption Keys The following sections describe Data Encryption Key (DEK) behavior during DEK creation, retrieval, and updates as they relate to disk keys and tape pool keys, and tape LUN and DF-compatible tape pool support: Disk keys and tape pool keys support Data Encryption Key (DEK) creation, retrieval, and update for disk and tape pool keys are as follows: • DEK creation: The DEK is first archived using the session list available for the configu
25 Steps for connecting to a TEKA appliance ESKM/SKM key vault deregistration Deregistration of either the primary or secondary ESKM/SKM key vault from an encryption switch or blade is allowed independently. • Deregistration of primary ESKM: You can deregister the primary ESKM/SKM from an encryption switch or blade without deregistering the backup or secondary ESKM/SKM for maintenance or replacement purposes.
Steps for connecting to a TEKA appliance 25 Setting up TEKA network connections Communicating to TEKA is enabled over an SSL connection. Two IP addresses are needed. One IP address is used for the management interface, and a second IP address is used for communication with clients. These IP addresses are typically assigned during the initial setup of the TEKA appliance. 1. Log in to the Thales management program as admin and select the Network tab. (Refer to Figure 318.
25 Steps for connecting to a TEKA appliance Creating a client on TEKA This step assumes the group brocade has been created by an administrator. If the group brocade does not exist, you must log in to TEKA as officer and create the group, then assign the group to a manager. 1. From the Encryption Center Devices table, select a switch that needs to have a TEKA client, then select Properties. 2. Click Key Vault User Name. The Key Vault User Information dialog box displays. (Refer to Figure 319.
Steps for connecting to a TEKA appliance 25 6. Click Add Client. 7. Enter the user name from step 3 in the Name field. 8. Enter a password in the Password and Verify Password fields. 9. Select the group brocade from the group pull-down menu, then click Add Client. A TEKA client user is created and is listed in the table. Establishing TEKA key vault credentials on the switch The credentials established for the TEKA client must be presented to TEKA by the switch.
25 Steps for connecting to a TEKA appliance 4. Click OK. The following rules apply for TEKA: • The key vault user name and user group name are generated on the switch. To view those values, select Switch > Properties, then click Key Vault User Name. • The generated user name and user group name are registered with TEKA and are used for administering TEKA clients. • The password is established when the TEKA client is created.
Steps for connecting to a TKLM appliance 25 Importing a signed KAC certificate into a switch After a KAC CSR has been submitted and signed by a CA, the signed certificate must be imported into the switch. 1. From the Encryption Center, select Switch > Import Certificate. The Import Signed Certificate dialog box displays. (Refer to Figure 322.) FIGURE 322 Import Signed Certificate dialog box 2. Browse to the location where the signed certificate is stored, then click OK.
25 Steps for connecting to a TKLM appliance 8. Import the node KAC certificates. Refer to “Importing the Fabric OS encryption node KAC certificates to TKLM” on page 899. 9. Export the server CA certificate to a LINUX or Windows host. Refer to “Exporting the TKLM self-signed server certificate” on page 900. 10. Add encryption group members as needed. The first node added to an encryption group functions as the Group Leader. It is valid to have only one node in an encryption group. 11.
Steps for connecting to a TKLM appliance 25 Adding a device to the device group After you have established a default key store and Fabric OS device group on TKLM, add a Fabric OS device to the device group. 1. Select Tivoli Key Lifecycle Manager > Welcome. The device group BRCD_ENCRYPTOR you just created is displayed in the Administration panel. 2. Click Go. The Configure Keys page displays. This page identifies this step as Step Two: Identify Drives. 3.
25 Steps for connecting to a TKLM appliance 6. Click Import. 7. Verify that the imported certificate is valid and active. Exporting the TKLM self-signed server certificate The TKLM self-signed server certificate must be exported in preparation for importing and registering the certificate on a Fabric OS encryption Group Leader node. 1. Enter the TKLM server wsadmin CLI. For Linux (in ./wsadmin.sh): /IBM/tivoli/tiptklmV2/bin/wsadmin.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 Importing the TKLM certificate into the group leader The TKLM certificate must be imported from the location on the host to the encryption Group Leader node. The encryption Group Leader exports the certificate to group member switches. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure 6. Register the user name and password. (Refer to “Registering the KeySecure Brocade group user name and password” on page 911.) 7. Export and sign the encryption node certificate signing requests. (Refer to “Signing the encryption node KAC CSR on KMIP” on page 912.) 8. Import the signed certificates into the encryption node. (Refer to “Importing a signed KAC certificate into a switch” on page 914.) 9.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 Creating a local CA 1. From the KeySecure Management Console, select the Security tab, then select CAs & SSL Certificates > Local CAs. The Certificate and CA Configuration page displays. (Refer to Figure 325.) FIGURE 325 KeySecure Certificate and CA Configuration page - Create Local Certificate Authority 2. Under Create Local Certificate Authority, enter the organization information in the fields provided, then click Create.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure Creating a server certificate 1. From the Security tab, select CAs & SSL Certificates > SSL Certificates. The Certificate and CA Configuration page displays. (Refer to Figure 327.) FIGURE 327 KeySecure Certificate and CA Configuration page 2. Under Create Certificate Request, enter your organization information in the fields provided, then click Create Certificate Request.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 FIGURE 328 KeySecure Certificate and CA Configuration page - Certificate List 3. Verify the server certificate status is shown as Request Pending. 4. Click on the server certificate name that you just created (Safenet75ServerCert), which displays the certificate contents. (Refer to Figure 329.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure 5. Copy the certificate contents. 6. From the Security tab, select CAs & SSL Certificates > Local CAs. The Certificate and CA Configuration page displays. 7. Under Local Certificate Authority List, select the CA certificate you just created (SafeNetCA), then click Sign Request. (Refer to Figure 330.) FIGURE 330 KeySecure Certificate and CA Configuration page - Local Certificate Authority List The Sign Certificate Request dialog box displays.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 8. Select Server as the Certificate Purpose and verify the Certificate Duration length. The default is 3649 days. 9. Paste the server certificate contents that you copied (refer to step 5) in the Certificate Request text box, then click Sign Request. The Certificate and CA Configuration page refreshes and the certificate information is displayed under Certificate Request Information. (Refer to Figure 332.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure FIGURE 333 KeySecure Certificate and CA Configuration page - Certificate Installation 14. After the page refreshes, the new certificate information is displayed in the Certificate List table. (Refer to Figure 334.) FIGURE 334 KeySecure Certificate and CA Configuration page - Certificate List 15. Verify the server certificate status is shown as Active.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 Creating a cluster 1. From the KeySecure Management Console, select the Device tab, then select Device Configuration > Cluster. The Cluster Configuration page displays. (Refer to Figure 335.) FIGURE 335 KeySecure Cluster Configuration page 2. Under Create Cluster, enter a user-defined password in the fields provided, then click Create. The Cluster Configuration page refreshes; the new cluster information is listed in the Cluster Members table.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure FIGURE 336 KeySecure Cluster Configuration page - Cluster Members 4. Under Cluster Settings, click Download Cluster Key. (Refer to Figure 337.) You are prompted to enter a local file name. FIGURE 337 KeySecure Cluster Configuration page - Cluster Settings Configuring a Brocade group on the KeySecure A Brocade group is configured on the KeySecure for all keys created by encryption switches and blades.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 3. Select Local Users & Groups under Users & Groups. 4. Select Add under Local Users. 5. Create a Brocade user name and password. 6. Select the User Administration Permission and Change Password Permission check boxes, then click Save. 7. Select Add under Local Groups. 8. Add a Brocade group under Group, then click Save. 9. Select the new Brocade group name, then select Properties. The Local Group Properties and a User List are displayed.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure FIGURE 339 Key Vault Credentials dialog box The dialog box contains the following information: • Primary Key Vault: Primary Key Vault is preselected. KMIP key vaults are clustered, so only one set of credentials is needed. • • • • • Secondary Key Vault: (TEKA key vault only). Shown as inactive. User Name: Enter a user name for the group leader. User Group Name: Displays the selected User Group Name.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 6. The Certificate and CA Configuration page displays. 7. Under Local Certificate Authority List, select the local CA name, and verify that its CA Status is shown as Active. 8. Click Sign Request. The Sign Certificate Request page displays. (Refer to Figure 340.) FIGURE 340 Certificate and CA Configuration page - Sign Certificate Request 9. Select the local CA from the Sign with Certificate Authority drop-down list.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure Importing a signed KAC certificate into a switch After a KAC CSR has been submitted and signed by a CA, the signed certificate must be imported into the switch. NOTE This operation can be performed only after the switch is added to the encryption group. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 Backing up the certificates 1. From the KeySecure Management Console, select the Device tab, then select Maintenance > Backup & Restore > Create Backup. The Backup and Restore page displays. (Refer to Figure 342.) FIGURE 342 Backup and Restore page 2. Select the server certificate from the list. The example is using Safenet75ServerReq. 3. Select the local CA from the list. The example is using SafeNetCA. 4.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure FIGURE 343 Backup and Restore page - Device items 5. Select the items for backup, then click Continue. The Create Backup page displays, which is used for setting backup details. (Refer to Figure 344.) FIGURE 344 Backup and Restore page - Backup details 6. Enter backup details in the fields provided, then click Backup to initiate the backup process. 7. 916 Restore this backup file on the Secondary clustered KeySecure server.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 Configuring the KMIP server 1. From the KeySecure Management Console, select the Device tab, then select Device Configuration > Key Server > Key Server. The Cryptographic Key Server Configuration page displays. (Refer to Figure 345.) FIGURE 345 KeySecure Cryptographic Key Server Configuration page 2. Under Cryptographic Key Server Settings, select KMIP as the protocol. 3. Ensure that the Use SSL check box is selected. 4.
25 Steps for connecting to a KMIP-compliant SafeNet KeySecure Adding a node to the cluster Perform the following steps on the secondary KeySecure node when adding it to the cluster. 1. From the KeySecure Management Console, select the Device tab, then select Device Configuration > Cluster. The Cluster Configuration page displays. (Refer to Figure 346.) FIGURE 346 KeySecure Cluster Configuration page 2. Under Join Cluster, enter the cluster information that you configured for the primary KeySecure node.
Steps for connecting to a KMIP-compliant SafeNet KeySecure 25 FIGURE 347 KeySecure Cluster Configuration page - Cluster Members 6. Verify that both KeySecure nodes are shown as Active. 7. From the Devices tab, select Maintenance > Backup and Restore > Restore Backup. The Backup and Restore page displays. (Refer to Figure 348.
25 Steps for connecting to a KMIP-compliant keyAuthority 8. Under Restore Backup, select Upload from browser, then enter a file name or browse to the file location. 9. Enter the Backup Password in the field provided, then click Restore. 10. After the certificate is restored to the secondary node from the previously backed-up primary node, select Maintenance > Services. The Services Configuration page displays. (Refer to Figure 349.
Encryption preparation 25 Encryption preparation Before you use the encryption setup wizard for the first time, you should have a detailed configuration plan in place and available for reference. The encryption setup wizard assumes the following: • You have a plan in place to organize encryption devices into encryption groups.
25 Creating a new encryption group Creating a new encryption group The following steps describe how to start and run the encryption setup wizard and create a new encryption group. NOTE When a new encryption group is created, any existing tape pools in the switch are removed. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 350.) FIGURE 350 Encryption Center dialog box - No group defined 2.
Creating a new encryption group 25 FIGURE 351 Configure Switch Encryption wizard - welcome screen 4. From the Configure Switch Encryption welcome screen, click Next to begin. The Designate Switch Membership dialog box displays (Figure 352).
25 Creating a new encryption group 5. For this procedure, verify that Create a new encryption group containing just this switch is selected, then click Next. NOTE If you are adding a switch to an encryption, refer to “Adding a switch to an encryption group” on page 959. The Create a New Encryption Group dialog box displays. (Refer to Figure 353.
Creating a new encryption group 7. 25 Click Next. The Select Key Vault. dialog box displays. (Refer to Figure 354.) FIGURE 354 Select Key Vault dialog box Using this dialog box, you can select a key vault for the encryption group that contains the selected switch. Prior to selecting your Key Vault Type, the selection is shown as None.
25 Creating a new encryption group - Thales e-Security keyAuthority (TEKA): If an encryption group contains mixed firmware nodes, the Encryption Group Properties Key Vault Type name is based on the firmware version of the Group Leader. For example, If a switch is running Fabric OS 7.1.0 or later, the Key Vault Type is displayed as “Thales e-Security keyAuthority (TEKA).”If a switch is running a Fabric OS version prior to v7.1.0, Key Vault Type is displayed as “Thales Key Manager (TEMS)”.
Creating a new encryption group 25 - For ESKM/SKM key vault setting instructions, see “Configuring key vault settings for HP Enterprise Secure Key Manager (ESKM/SKM)” on page 938. - For TEKA key vault setting instructions, see “Configuring key vault settings for Thales e_Security keyAuthority (TEKA)” on page 943. - For TKLM key vault setting instructions, see “Configuring key vault settings for IBM Tivoli Key Lifetime Manager (TKLM)” on page 948.
25 Creating a new encryption group FIGURE 356 Specify Certificate Signing Request File Name dialog box 5. Enter the filename in which you want to store the certificate information, or browse to the file location. The certificate stored in this file is the switch’s Switch Certificate Signing file. You will need to know this path and file name to install the switch’s Switch Certificate Signing file on the key management appliance. 6. Click Next. The Specify Master Key File Name dialog box displays.
Creating a new encryption group 25 FIGURE 357 Specify Master Key File Name dialog box 7. Enter the location of the file where you want to store back up master key information, or browse to the desired location. 8. Enter the passphrase, which is required for restoring the master key. The passphrase can be between eight and 40 characters, and any character is allowed. 9. Re-enter the passphrase for verification, then click Next. The Select Security Settings dialog box displays. (Refer to Figure 358.
25 Creating a new encryption group FIGURE 358 Select Security Settings dialog box 10. Set quorum size and system card requirements. The quorum size is the minimum number of cards necessary to enable the card holders to perform the security sensitive operations listed above. The maximum quorum size is five cards.
Creating a new encryption group 25 FIGURE 359 Confirm Configuration dialog box The Configuration Status dialog box displays. (Refer to Figure 360.) FIGURE 360 Configuration Status dialog box 12. Review the post-configuration instructions, which you can copy to a clipboard or print for later, then click Next. The Next Steps dialog box displays. (Refer to Figure 361.) Instructions for installing public key certificates for the encryption switch are displayed.
25 Creating a new encryption group FIGURE 361 Next Steps dialog box 13. Review the post-configuration instructions, which you can copy to a clipboard or print for later, then click Finish to exit the wizard. Configuring key vault settings for NetApp Link Key Manager (LKM/SSKM) The following procedure assumes you have already configured the initial steps in the Configure Switch Encryption wizard. If you have not already done so, go to “Creating a new encryption group” on page 922.
Creating a new encryption group 25 FIGURE 362 Select Key Vault dialog box for LKM/SSKM 1. Enter the IP address or host name for the primary key vault. 2. Enter the name of the file that holds the primary key vault’s public key certificate, or browse to the desired location. 3. If you are using a backup key vault, enter the IP address or host name, and the name of the file holding the backup key vault’s public key certificate, then click Next.
25 Creating a new encryption group FIGURE 363 Specify Public Key Certificate (KAC) File Name dialog box 4. Specify the location of the file where you want to store the public key certificate that is used to authenticate connections to the key vault. The certificate stored in this file is the switch’s public key certificate. You will need to know this path and file name to install the switch’s public key certificate on the key management appliance. 5. Click Next.
Creating a new encryption group 25 FIGURE 364 Select Security Settings dialog box 6. Set quorum size and system card requirements. The quorum size is the minimum number of cards necessary to enable the card holders to perform the security sensitive operations listed above. The maximum quorum size is five cards.
25 Creating a new encryption group FIGURE 365 Confirm Configuration dialog box The Configuration Status dialog box displays. (Refer to Figure 366.) FIGURE 366 Configuration Status dialog box All configuration items have green check marks if the configuration is successful. A red stop sign indicates a failed step. A message displays below the table, indicating the encryption switch was added to the group you named, and the public key certificate is stored in the location you specified.
Creating a new encryption group 25 After configuration of the encryption group is completed, the Management application sends API commands to verify the switch configuration. See “Understanding configuration status results” on page 959 for more information. 8. Verify the information is correct, then click Next. The Next Steps dialog box displays. (Refer to Figure 367.) Instructions for installing public key certificates for the encryption switch are displayed.
25 Creating a new encryption group Configuring key vault settings for HP Enterprise Secure Key Manager (ESKM/SKM) The following procedure assumes you have already configured the initial steps in the Configure Switch Encryption wizard. If you have not already done so, go to “Creating a new encryption group” on page 922. Figure 368 shows the key vault selection dialog box for ESKM/SKM. FIGURE 368 Select Key Vault dialog box for ESKM/SKM 1. Enter the IP address or host name for the primary key vault. 2.
Creating a new encryption group 25 FIGURE 369 Specify Certificate Signing Request File Name dialog box 6. Enter the location of the file where you want to store the certificate information, or browse to the desired location, then click Next. The Specify Master Key File Name dialog box displays. (Refer to Figure 370.) FIGURE 370 Specify Master Key File Name dialog box 7. Enter the passphrase, which is required for restoring the master key.
25 Creating a new encryption group 8. Re-enter the passphrase for verification, then click Next. The Select Security Settings dialog box displays. (Refer to Figure 371.) FIGURE 371 Select Security Settings dialog box 9. Set quorum size and system card requirements. The quorum size is the minimum number of cards necessary to enable the card holders to perform the security sensitive operations listed above. The maximum quorum size is five cards.
Creating a new encryption group 25 FIGURE 372 Confirm Configuration dialog box The Configuration Status dialog box displays. (Refer to Figure 373.) FIGURE 373 Configuration Status dialog box All configuration items have green check marks if the configuration is successful. A red stop sign indicates a failed step. A message displays below the table, indicating the encryption switch was added to the group you named, and the public key certificate is stored in the location you specified.
25 Creating a new encryption group After configuration of the encryption group is completed, the Management application sends API commands to verify the switch configuration. See “Understanding configuration status results” on page 959 for more information. 11. Review important messages, then click Next. The Next Steps dialog box displays. (Refer to Figure 374.) Instructions for installing public key certificates for the encryption switch are displayed. FIGURE 374 Next Steps dialog box 12.
Creating a new encryption group 25 Configuring key vault settings for Thales e_Security keyAuthority (TEKA) The following procedure assumes you have already configured the initial steps in the Configure Switch Encryption wizard. If you have not already done so, go to “Creating a new encryption group” on page 922. Figure 375 shows the key vault selection dialog box for TEKA. FIGURE 375 Select Key Vault dialog box for TEKA 1. Enter the IP address or host name for the primary key vault. 2.
25 Creating a new encryption group FIGURE 376 Specify Master Key File Name dialog box 6. Enter the name of the file used for backing up the master key or browse to the desired location. 7. Enter the passphrase, which is required for restoring the master key. The passphrase can be between eight and 40 characters, and any character is allowed. 8. Re-enter the passphrase for verification, then click Next. The Select Security Settings dialog box displays. (Refer to Figure 377.
Creating a new encryption group 25 9. Set quorum size and system card requirements. The quorum size is the minimum number of cards necessary to enable the card holders to perform the security sensitive operations listed above. The maximum quorum size is five cards. The actual number of authentication cards registered is always more than the quorum size, so if you set the quorum size to five, for example, you will need to register at least six cards in the subsequent steps.
25 Creating a new encryption group FIGURE 379 Configuration Status dialog box All configuration items have green check marks if the configuration is successful. A red stop sign indicates a failed step. A message displays below the table, indicating the encryption switch was added to the group you named, and the public key certificate is stored in the location you specified.
Creating a new encryption group 25 FIGURE 380 Next Steps dialog box 12. Review the post-configuration instructions, which you can copy to a clipboard or print for later. 13. Click Finish to exit the Configure Switch Encryption wizard. 14. Refer to “Understanding configuration status results” on page 959.
25 Creating a new encryption group Configuring key vault settings for IBM Tivoli Key Lifetime Manager (TKLM) The following procedure assumes you have already configured the initial steps in the Configure Switch Encryption wizard. If you have not already done so, go to “Creating a new encryption group” on page 922. Figure 381 shows the key vault selection dialog box for TKLM. FIGURE 381 Select Key Vault dialog box for TKLM 1. Enter the IP address or host name for the primary key vault. 2.
Creating a new encryption group 25 FIGURE 382 Specify Public Key Certificate (KAC) File Name dialog box 5. Enter the name of the file where the switch’s public key certificate is stored, or browse to the desired location, then click Next. The Specify Master Key File Name dialog box displays. (Refer to Figure 383.) FIGURE 383 Specify Master Key File Name dialog box 6. Enter the name of the file used for backing up the master key, or browse to the desired location.
25 Creating a new encryption group 7. Enter the passphrase, which is required for restoring the master key. The passphrase can be between eight and 40 characters, and any character is allowed. 8. Re-enter the passphrase for verification, then click Next. The Select Security Settings dialog box displays. (Refer to Figure 384.) FIGURE 384 Select Security Settings dialog box 9. Set quorum size and system card requirements.
Creating a new encryption group 25 FIGURE 385 Confirm Configuration dialog box The Configuration Status dialog box displays. (Refer to Figure 386.) FIGURE 386 Configuration Status dialog box All configuration items have green check marks if the configuration is successful. A red stop sign indicates a failed step. A message displays below the table, indicating the encryption switch was added to the group you named, and the public key certificate is stored in the location you specified.
25 Creating a new encryption group After configuration of the encryption group is completed, the Management application sends API commands to verify the switch configuration. 11. Click Next. The Next Steps dialog box displays. (Refer to Figure 387.) Instructions for installing public key certificates for the encryption switch are displayed. These instructions are specific to the key vault type. FIGURE 387 Next Steps dialog box 12.
Creating a new encryption group 25 • With the introduction of Fabric OS 7.2.0, KMIP with TEKA 4.0 is also supported, but must be configured using the CLI. All nodes in a keyAuthority encryption group must be running Fabric OS 7.2.0 or later. For configuration instructions, refer to the Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments. Figure 388 shows the key vault selection dialog box for KMIP.
25 Creating a new encryption group • Username: Activates the Primary and Backup Key Vault User Names for completion. • None: Deactivates Primary and Backup Key Vault User Names and password fields. 6. Select the Certificate Type. Options are: • CA Signed: The switch KAC certificate is signed by a CA, imported back on the switch and registered as a KAC certificate. The CA will be registered as a key vault certificate on the switch.
Creating a new encryption group 25 FIGURE 390 Specify Master Key File Name dialog box 9. Enter the name of the file used for backing up the master key, or browse to the desired location. 10. Enter the passphrase, which is required for restoring the master key. The passphrase can be between eight and 40 characters, and any character is allowed. 11. Re-enter the passphrase for verification, then click Next. The Select Security Settings dialog box displays. (Refer to Figure 391.
25 Creating a new encryption group FIGURE 391 Select Security Settings dialog box 12. Set quorum size and system card requirements. The quorum size is the minimum number of cards necessary to enable the card holders to perform the security sensitive operations listed above. The maximum quorum size is five cards.
Creating a new encryption group 25 FIGURE 392 Confirm Configuration dialog box 14. Confirm the encryption group name and switch public key certificate file name you specified are correct, then click Next. The Configuration Status dialog box displays. (Refer to Figure 393.
25 Creating a new encryption group All configuration items have green check marks if the configuration is successful. A red stop sign indicates a failed step. A message displays below the table, indicating the encryption switch was added to the group you named, and the public key certificate is stored in the location you specified. After configuration of the encryption group is completed, the Management application sends API commands to verify the switch configuration. 15. Click Next.
Adding a switch to an encryption group 25 Understanding configuration status results After configuration of the encryption group is completed, the Management application sends API commands to verify the switch configuration. The CLI commands are detailed in the encryption administrator’s guide for your key vault management system. 1. Initialize the switch. If the switch is not already in the initiated state, the Management application performs the cryptocfg --initnode command. 2.
25 Adding a switch to an encryption group FIGURE 395 Configure Switch Encryption wizard - welcome screen 3. Click Next. The Designate Switch Membership dialog box displays. (Refer to Figure 396.
Adding a switch to an encryption group 25 4. For this procedure, select Add this switch to an existing encryption group, then click Next. The Add Switch to Existing Encryption Group dialog box displays. (Refer to Figure 397.) The dialog box contains the following information: • Encryption Groups table: Enables you to select an encryption group in which to add a switch. • Member Switches table: Lists the switches in the selected encryption group.
25 Adding a switch to an encryption group FIGURE 398 Specify Public Key Certificate (KAC) File Name dialog box 6. Enter the location where you want to store the public key certificate that is used to authenticate connections to the key vault, or browse to the desired location, then click Next. The Confirm Configuration dialog box displays. (Refer to Figure 399.) Confirm the encryption group name and switch public key certificate file name you specified are correct, then click Next.
Adding a switch to an encryption group 25 The Configuration Status dialog box displays. (Refer to Figure 400.) FIGURE 400 Configuration Status dialog box All configuration items have green check marks if the configuration is successful. A red stop sign indicates a failed step. A message displays below the table, indicating the encryption switch was added to the group you named, and the public key certificate is stored in the location you specified. 7. Review important messages, then click Next.
25 Adding a switch to an encryption group FIGURE 401 Error Instructions dialog box 8. Review the post-configuration instructions, which you can copy to a clipboard or print for later. 9. Click Finish to exit the Configure Switch Encryption wizard.
Replacing an encryption engine in an encryption group 25 Replacing an encryption engine in an encryption group To replace an encryption engine in an encryption group with another encryption engine within the same DEK Cluster, complete the following steps: 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
25 High availability clusters High availability clusters A high availability (HA) cluster consists of exactly two encryption engines configured to host the same CryptoTargets and to provide Active/Standby failover and failback capabilities in a single fabric. One encryption engine can take over encryption and decryption tasks for the other encryption engine if that member fails or becomes unreachable.
High availability clusters 25 Creating HA clusters For the initial encryption node, perform the following procedure. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2. Select an encryption group from the Encryption Center Devices table, then select Group > HA Cluster from the menu task bar. NOTE If groups are not visible in the Encryption Center Devices table, select View > Groups from the menu task bar.
25 High availability clusters 3. Click the right arrow to add the encryption engine to the selected HA cluster. 4. Click OK. Removing engines from an HA cluster Removing the last engine from an HA cluster also removes the HA cluster. If only one engine is removed from a two-engine cluster, you must either add another engine to the cluster, or remove the other engine. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
Configuring encryption storage targets 25 Failback option The Failback option determines the behavior when a failed encryption engine is restarted. When the first encryption engine comes back online, the encryption group’s failback setting (auto or manual) determines how the encryption engine resumes encrypting and decrypting traffic to its encryption targets. • In auto mode, when the first encryption engine restarts, it automatically resumes encrypting and decrypting traffic to its encryption targets.
25 Configuring encryption storage targets 5. Confirmation 6. Configuration Status 7. Important Instructions Adding an encryption target 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2. Select a group, switch, or engine from the Encryption Center Devices table to which to add the target, then select Group/Switch/Engine > Targets from the menu task bar.
Configuring encryption storage targets 25 FIGURE 405 Configure Storage Encryption wizard - welcome screen 4. Click Next. The Select Encryption Engine dialog box displays. (Refer to Figure 406.
25 Configuring encryption storage targets • Encryption engine: The name of the encryption engine. The list of engines depends on the scope being viewed: - If an encryption group was selected, the list includes all engines in the group. If a switch was selected, the list includes all encryption engines for the switch. If a single encryption engine was selected, the list contains only that engine.
Configuring encryption storage targets 25 6. Select a target from the list. (The Target Port WWN and Target Node WWN fields contain all target information that displays when using the nsShow command.) You can also enter WWNs manually, for example, to specify a target that is not on the list. 7. Select a target type from the Type list, then click Next. The Select Hosts dialog box displays. (Refer to Figure 408.) You can configure hosts for selected target device ports.
25 Configuring encryption storage targets • Port WWN text box: Type a world wide name for a host port. NOTE You must enter the host node world wide name before clicking Add, to add the WWN to the Selected Hosts table. • Node WWN text box: Type a world wide name for a host node. NOTE You must also enter the host port world wide name before clicking Add to add the node WWN to the Selected Hosts table. • Device Type: The device type indicated by the fabric’s name service.
Configuring encryption storage targets 25 FIGURE 409 Name Container dialog box 10. Enter the container name. The container name is a logical encryption name to specify a name other than the default. You can use a maximum of 31 characters. Letters, digits, and underscores are allowed. 11. Click Next. The Confirmation screen displays. (Refer to Figure 410.) The confirmation screen confirms and completes configuration of encryption engines, targets, and hosts.
25 Configuring encryption storage targets • Encryption Engine: The slot location of the encryption engine. • Container Name: The logical encryption name used to map storage targets and hosts to virtual targets and virtual initiators. • • • • Target Device Port: The world wide name of the target device port. Host Node WWN: The world wide name of the host node. Host Port WWN: The world wide name of the host port. Host Name: The name of the host. 12.
Configuring encryption storage targets 25 13. Review any post-configuration instructions or messages, which you can copy to a clipboard or print for later, then click Next. The Next Steps screen displays. (Refer to Figure 412.) Post-configuration instructions for installing public key certificates for the encryption switch are displayed. These instructions are specific to the key vault type.
25 Configuring hosts for encryption targets Configuring hosts for encryption targets Use the Encryption Target Hosts dialog box to edit (add or remove) hosts for an encrypted target. NOTE Hosts are normally selected as part of the Configure Switch Encryption wizard, but you can also edit hosts later using the Encryption Target Hosts dialog box. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
Configuring hosts for encryption targets 25 FIGURE 414 Encryption Target Hosts dialog box NOTE Both the Hosts in Fabric table and the Selected Hosts table now contain a Port ID column to display the 24-bit PID of the host port. 4. Select one or more hosts in a fabric using either of the following methods: a. Select a maximum of 1024 hosts from the Hosts in Fabric table, then click the right arrow to move the hosts to the Selected Hosts table.
25 Adding target disk LUNs for encryption Adding target disk LUNs for encryption You can add a new path to an existing disk LUN or add a new LUN and path by launching the Add New Path wizard. NOTE Before you can add a target disk LUN for encryption, you must first configure the Storage Arrays. For more information, see “Configuring storage arrays” on page 985. Complete the following steps to add a target disk LUN: 1.
Adding target disk LUNs for encryption - 25 Fabric State Thin Provision LUN Encryption Mode Encrypt Existing Data Key ID • Remove button: Removes a selected entry from the table. 3. Click Add to launch the Add New Path wizard. The Select Target Port dialog box displays. (Refer to Figure 416.) FIGURE 416 Select Target Port dialog box The dialog box is used to select a target port when configuring multiple I/O paths to a disk LUN.
25 Adding target disk LUNs for encryption FIGURE 417 Select Initiator Port dialog box The dialog box is used to select an initiator port when configuring multiple I/O paths to a disk LUN. The dialog box contains the following information: • Storage Array: Displays the storage array that was selected from the LUN view prior to launching the wizard. • Host: The host selected from the LUN view prior to launching the wizard.
Adding target disk LUNs for encryption 25 FIGURE 418 Select LUN dialog box The dialog box is used to select a LUN when configuring multiple I/O paths to a disk LUN. The dialog box contains the following information: • Storage Array: The storage array selected from the LUN view prior to launching the Add New Path wizard. • Host: The host elected from the LUN view prior to launching the Add New Path wizard.
25 Adding target disk LUNs for encryption 9. Click Finish. The new LUN path is added to the Encryption Disk LUN View table. 10. Click OK on the LUN view to commit the operation. NOTE With the introduction of Fabric OS v7.1.0, the maximum number of uncommitted configuration changes per disk LUN (or maximum paths to a LUN) is 512 transactions. The 512 LUN operations can be for the same LUN or be subjected to 25 distinct LUNs.
Adding target disk LUNs for encryption 25 Configuring storage arrays The storage array contains a list of storage ports that will be used later in the LUN centric view. You must assign storage ports from the same storage array for multi-path I/O purposes. On the LUN centric view, storage ports in the same storage array are used to get the associated CryptoTarget containers and initiators from the database.
25 Adding target disk LUNs for encryption SRDF pairs Remote replication is implemented by establishing a synchronized pair of SRDF devices connected by FC or IP links. A local source device is paired with a remote target device while data replication is taking place. While the SRDF devices are paired, the remote target device is not locally accessible for read or write operations. When the data replication operation completes, the pair may be split to enable normal read/write access to both devices.
Adding target tape LUNs for encryption 25 Note the following when using the New LUN option: • Both LUNs that form an SRDF pair must be added to their containers using the New LUN option. • For any site, all paths to a given SRDF device must be configured with the New LUN option. • All LUNs configured with the New LUN option will report three blocks less than the actual size when host performs READ CAPACITY 10/READ CAPACITY 16.
25 Adding target tape LUNs for encryption FIGURE 421 Encryption Targets dialog box 3. Select a target tape storage device from the Encryption Targets table, then click LUNs. The Encryption Target Tape LUNs dialog box displays. (Refer to Figure 422.) FIGURE 422 Encryption Target Tape LUNs dialog box 4. Click Add. The Add Encryption Target Tape LUNs dialog box displays. (Refer to Figure 423.) A table of all LUNs in the storage device that are visible to hosts is displayed.
Adding target tape LUNs for encryption 25 FIGURE 423 Add Encryption Target Tape LUNs dialog box 5. Select a host from the Host list. Before you encrypt a LUN, you must select a host, then either discover LUNs that are visible to the virtual initiator representing the selected host, or enter a range of LUN numbers to be configured for the selected host. When you select a specific host, only the LUNs visible to that host are displayed.
25 Moving targets • Enable Write Early Ack: When selected, enables tape write pipelining on this tape LUN. Use this option to speed long serial writes to tape, especially for remote backup operations. • Enable Read Ahead: When selected, enables read pre-fetching on this tape LUN. Use this option to speed long serial read operations from tape, especially for remote restore operations. NOTE The Select/Deselect All button allows you to select or deselect all available LUNs. 8.
Configuring encrypted tape storage in a multi-path environment 25 Configuring encrypted tape storage in a multi-path environment This example assumes one host is accessing one storage device using two paths: • The first path is from Host Port A to Target Port A, using Encryption Engine A for encryption. • The second path is from Host Port B to Target Port B, using Encryption Engine B for encryption. Encryption Engines A and B are in switches that are already part of Encryption Group X.
25 Tape LUN write early and read ahead Tape LUN write early and read ahead The tape LUN write early and read ahead feature uses tape pipelining and prefetch to speed serial access to tape storage. These features are particularly useful when performing backup and restore operations, especially over long distances. You can enable tape LUN write early and read ahead while adding the tape LUN for encryption, or you can enable or disable these features after the tape LUN has been added for encryption.
Tape LUN write early and read ahead 25 FIGURE 425 Encryption Target Tape LUNs dialog box - Setting tape LUN read ahead and write early 4. In the Enable Write EarlyAck and Enable Read Ahead columns, when the table is populated, you can set these features as desired for each LUN: • • • • To enable write early for a specific tape LUN, select Enable Write Early Ack for that LUN. To enable read ahead for a specific LUN, select Enable Read Ahead for that LUN.
25 Tape LUN statistics Tape LUN statistics This feature enables you to view and clear statistics for tape LUNs. These statistics include the number of compressed blocks, uncompressed blocks, compressed bytes and uncompressed bytes written to a tape LUN. The tape LUN statistics are cumulative and change as the host writes more data on tape. You can clear the statistics to monitor compression ratio of ongoing host I/Os.
Tape LUN statistics 25 FIGURE 427 Tape LUN Statistics dialog box The dialog box contains the following information: • LUN #: The number of the logical unit for which statics are displayed. • Tape Volume/Pool: The tape volume label of the currently-mounted tape, if a tape session is currently in progress. • • • • • • • • Tape Session #: The number of the ongoing tape session. Uncompressed blocks: The number of uncompressed blocks written to tape.
25 Tape LUN statistics 3. Select a tape target storage device, then click LUNs. The Target Tape LUNs dialog box displays. (Refer to Figure 428.) A list of the configured tape LUNs is displayed. FIGURE 428 Target Tape LUNs dialog box 4. Select the LUN or LUNs for which to display or clear statistics, then click Statistics. The Tape LUN Statistics dialog box displays. (Refer to Figure 429.) The statistic results based on the LUN or LUNs you selected is displayed. Tape LUN statistics are cumulative.
Tape LUN statistics 25 • Host Port WWN: The WWN of the host port that is being used for the write operation. • A Refresh button updates the statistics on the display since the last reset. • A Clear button resets all statistics in the display. 5. Do either of the following: a. Click Clear to clear the tape LUN statistics, then click Yes to confirm. b. Click Refresh to view the current statistics cumulative since the last reset.
25 Encryption engine rebalancing FIGURE 431 Tape LUN Statistics dialog box The dialog box contains the following information: • LUN #: The number of the logical unit for which statics are displayed. • Tape Volume/Pool: The tape volume label of the currently-mounted tape, if a tape session is currently in progress. • • • • • • Tape Session #: The number of the ongoing tape session. Uncompressed blocks: The number of uncompressed blocks written to tape.
Master keys 25 During rebalancing operations, be aware of the following: • You might notice a slight disruption in Disk I/O. In some cases, manual intervention may be needed. • Backup jobs to tapes might need to be restarted after rebalancing is completed. To determine if rebalancing is recommended for an encryption engine, check the encryption engine properties. Beginning with Fabric OS 6.4, a field is added that indicates whether or not rebalancing is recommended.
25 Master keys When you create a new master key, the former active master key automatically becomes the alternate master key. The new master key cannot be used (no new data encryption keys can be created, so no new encrypted LUNs can be configured), until you back up the new master key. After you have backed up the new master key, it is strongly recommended that all encrypted disk LUNs be rekeyed.
Master keys 25 Master key actions NOTE Master keys belong to the group and are managed from Group Properties. Master key actions are as follows: • Backup master key: Enabled any time a master key exists. Selecting this option launches the Backup Master Key for Encryption Group dialog box. You can back up the master key to a file, to a key vault, or to a smart card.
25 Master keys 3. Select Backup Master Key as the Master Key Action. The Master Key Backup dialog box displays, but only if the master key has already been generated. (Refer to Figure 432.) FIGURE 432 Master Key Backup dialog box - Backup Destination to file 4. Select File as the Backup Destination. 5. Enter a file name, or browse to the desired location. 6. Enter the passphrase, which is required for restoring the master key.
Master keys 25 3. Select Backup Master Key as the Master Key Action. The Backup Master Key for Encryption Group dialog box displays. (Refer to Figure 433.) FIGURE 433 Backup Master Key for Encryption Group dialog box - Backup Destination to key vault 4. Select Key Vault as the Backup Destination. 5. Enter the passphrase, which is required for restoring the master key. The passphrase can be between eight and 40 characters, and any character is allowed. 6.
25 Master keys FIGURE 434 Backup Master Key for Encryption Group dialog box - Backup Destination to smart cards 4. Select A Recovery Set of Smart Cards as the Backup Destination. 5. Enter the recovery card set size. 6. Insert the first blank card and wait for the card serial number to appear. 7. Run the additional cards through the reader that are needed for the set. As you read each card, the card ID displays in the Card Serial# field. Be sure to wait for the ID to appear. 8.
Master keys 25 Overview of saving a master key to a smart card set A card reader must be attached to the SAN Management application PC to save a master key to a recovery card. Recovery cards can only be written once to back up a single master key. Each master key backup operation requires a new set of previously unused smart cards. NOTE Windows operating systems do not require smart card drivers to be installed separately; the driver is bundled with the operating system.
25 Master keys FIGURE 435 Restore Master Key for Encryption Group dialog box - Restore from file 4. Choose the active or alternate master key for restoration, as appropriate. 5. Select File as the Restore From location. 6. Enter a file name, or browse to the desired location. 7. Enter the passphrase. The passphrase that was used to back up the master key must be used to restore the master key. 8. Click OK.
Master keys 25 FIGURE 436 Restore Master Key for Encryption Group dialog box - Restore from key vault 4. Choose the active or alternate master key for restoration, as appropriate. 5. Select Key Vault as the Restore From location. 6. Enter the key ID of the master key that was backed up to the key vault. 7. Enter the passphrase. The passphrase that was used to back up the master key must be used to restore the master key. 8. Click OK.
25 Master keys FIGURE 437 Restore Master Key for Encryption Group dialog box - Restore from smart cards 4. Choose the active or alternate master key for restoration, as appropriate. 5. Select A Recovery Set of Smart Cards as the Restore From location. 6. Insert the recovery card containing a share of the master key that was backed up earlier, and wait for the card serial number to appear. 7. Enter the password that was used to create the card.
Security settings 25 Security settings Security settings help you identify if system cards are required to initialize an encryption engine and also determine the number of authentication cards needed for a quorum. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2. Select a group from the Encryption Center Devices table, then select Group > Security from the menu task bar.
25 Zeroizing an encryption engine • If the encryption engine was part of an HA cluster, targets fail over to the peer, which assumes the encryption of all storage targets. Data flow will continue to be encrypted. • If there is no HA backup, host traffic to the target will fail as if the target has gone offline. The host will not have unencrypted access to the target. There will be no data flow at all because the encryption virtual targets will be offline.
Using the Encryption Targets dialog box 25 Using the Encryption Targets dialog box The Encryption Targets dialog box enables you to send outbound data that you want to store as ciphertext to an encryption device. The encryption target acts as a virtual target when receiving data from a host, and as a virtual initiator when writing the encrypted data to storage. NOTE The Encryption Targets dialog box enables you to launch a variety of wizards and other related dialog boxes.
25 Redirection zones Redirection zones It is recommended that you configure the host and target in the same zone before you configure them for encryption. Doing so creates a redirection zone to redirect the host/target traffic through the encryption engine; however, a redirection zone can only be created if the host and target are in the same zone.
Disk device decommissioning 25 Provided that the crypto configuration is not left uncommitted because of any crypto configuration changes or a failed device decommission operation issued on a encryption Group Leader node, this error message will not be seen for any device decommission operation issued serially on an encryption group member node.
25 Disk device decommissioning Displaying and deleting decommissioned key IDs With the introduction of Fabric OS 7.1.0, the ability to decommission disk LUNs is supported on all key vault platforms. Earlier releases restricted this functionality to DPM (formerly RKM) and LKM/SSKM key vaults only. When disk LUNs are decommissioned, the process includes the disabling of the key record in the key vault and indication that the key has been decommissioned.
Rekeying all disk LUNs manually 25 3. Click Delete All to delete the decommissioned keys from the switch. As a precaution, copy the keys to a secure location before deleting them from the switch. Right-click on an entry in the table to individually select a key ID. You may also copy or export a single row within the table or the entire table. To export the keys, right-click and select Export, which will export the key IDs.
25 Rekeying all disk LUNs manually • The encryption group must be in the converged state. • The target container that hosts the LUN must be online. In addition to providing the ability to launch manual rekey operations, the management application also enables you to monitor their progress. Setting disk LUN Re-key All To rekey all disk LUNs on an encryption node, complete these steps: 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box.
Rekeying all disk LUNs manually 25 . FIGURE 442 Pending manual rekey operations Viewing disk LUN rekeying details You can view details related to the rekeying of a selected target disk LUN from the LUN Re-keying Details dialog box. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
25 Rekeying all disk LUNs manually 4. Click Add. The Add Disk LUNs dialog box displays. This dialog box includes a table of all LUNs in the storage device that are visible to the hosts. 5. Click Re-keying Details. The LUN Re-keying Details dialog box displays. The dialog box contains the following information: • • • • • • Key ID: The LUN key identifier. Key ID State: The state of the LUN rekeying operation. Encryption Algorithm: The algorithm of the LUN rekeying operation.
Rekeying all disk LUNs manually 25 FIGURE 444 Re-Key Sessions Status dialog box The dialog box contains the following information: • • • • • LUN #: The LUN number. LUN Serial #: The LUN serial number. Re-Key Session #: The number assigned to the rekeying session. Percent Complete: The percentage of completion of the rekeying session.
25 Thin provisioned LUNs 3. Click Refresh periodically to update the display. Thin provisioned LUNs With the introduction of Fabric OS 7.1.0, the switch can discover if a disk LUN is a thin provisioned LUN. Support for a thin provisioned LUN is limited to disk containers only. Thin provisioned LUNs can be created with the new LUN option. NOTE Currently, thin provisioned LUN support is limited to Brocade-tested storage arrays running specific supported firmware releases.
Viewing time left for auto rekey 25 Thin Provisioning support Thin-provisioned logical unit numbers (LUNs) are increasingly used to support a pay-as-you-grow strategy for data storage capacity. Also known as dynamic provisioning, virtual LUNs, or thin LUNs, the same technology that allows storage administrators to allocate physical disk space to LUNs on an as-needed basis creates limitations around certain data-at-rest encryption operations that use the switch or blade.
25 Viewing and editing switch encryption properties FIGURE 445 Encryption Targets Disk LUNs dialog box - Time left for auto rekey Viewing and editing switch encryption properties To view switch encryption properties, complete the following steps: 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
Viewing and editing switch encryption properties 25 FIGURE 446 Encryption Switch Properties dialog box The dialog box contains the following information: • • • • Switch Properties table: A list of properties associated with the selected switch Name: The name of the selected switch Node WWN: The world wide name of the node Switch Status: The health status of the switch.
25 Viewing and editing switch encryption properties • Encryption Group: The name of the encryption group to which the switch belongs • Encryption Group Status: Status options are: - OK/Converged: the Group Leader can communicate with all members - Degraded: the Group Leader cannot communicate with one or more members.
Viewing and editing switch encryption properties 25 • Primary Key Vault Link Key Status/Backup Key Vault Link Key Status: Status options are: - Not Used: The key vault type is not LKM/SSKM. - No Link Keys, ready to establish: No access request has been sent to an LKM/SSKM, or a previous request was not accepted. - Link key requested, waiting for LKM approval: A request has been sent to LKM/SSKM and is waiting for the LKM/SSKM administrator’s approval.
25 Viewing and editing switch encryption properties • Re-Balance Recommended: Indicates if LUN rebalancing is recommended for an encryption engine that is hosting both disk and tape LUNs. Options are Yes and No. • System Card Status: The current status of system card information for the encryption engine. Options are Enabled and Disabled.
Viewing and editing encryption group properties 25 Enabling and disabling the encryption engine state from Properties To enable the encryption engine, complete the following steps: 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
25 Viewing and editing encryption group properties FIGURE 448 Encryption Group Properties dialog box The dialog box contains the following information: • • • • • General tab: For a description of the dialog box, refer to “General tab” on page 1028. Members tab: For a description of the dialog box, refer to “Members tab” on page 1032. Security tab: For a description of the dialog box, refer to “Security tab” on page 1034.
Viewing and editing encryption group properties 25 FIGURE 449 Encryption Group Properties dialog box - General tab The dialog box contains the following information: • Encryption Group Name: The name of the encryption group. • Group Status: The status of the encryption group. Options are: - OK-Converged: The Group Leader can communicate with all members. - Degraded: The Group Leader cannot contact one or more of the configured group members.
25 Viewing and editing encryption group properties • Key Vault Type: Options are: - RSA Data Protection Manager (DPM): If an encryption group contains mixed firmware nodes, the Encryption Group Properties Key Vault Type name is based on the firmware version of the Group Leader. For example, If a switch is running Fabric OS 7.1.0 or later, the Key Vault Type is displayed as “RSA Data Protection Manager (DPM).”If a switch is running a Fabric OS version prior to v7.1.
Viewing and editing encryption group properties 25 • Backup Key Vault Connection Status: The status of the backup key vault link. Options are: - Connected - Unknown/Busy - Not configured - Not responding - Failed authentication • High Availability Mode: (For KMIP key vault type.) Options are: - Opaque: Both the primary and secondary key vaults are registered on the switch. The client archives the key to a single (primary) key vault.
25 Viewing and editing encryption group properties Members tab The Members tab lists group switches, their role, and their connection status with the Group Leader. The table columns are not editable. The tab displays the configured membership for the group and includes the following: • • • • Node WWN: The member switch’s world wide name. IP Address: The switch’s IP address or host name. Node Name: The switch’s node name, if known. If unknown, this field is blank.
Viewing and editing encryption group properties 25 FIGURE 450 Encryption Group Properties dialog box - Members tab Members tab Remove button You can click the Remove button to remove a selected switch or group from the encryption group table. • You cannot remove the Group Leader unless it is the only switch in the group. If you remove the Group Leader, the Management application also removes the HA cluster, the target container, and the tape pool (if configured) that are associated with the switch.
25 Viewing and editing encryption group properties The consequences of removing the last switch in a group (which will be the Group Leader) are all switch removal consequences noted above, plus the following: • The encryption group is deleted. • All configured tape pools are deleted. Table 112 explains the impact of removing switches. TABLE 112 Switch removal impact Switch configuration Impact of removal The switch is the only switch in the encryption group. The encryption group is also removed.
Viewing and editing encryption group properties 25 FIGURE 451 Encryption Group Properties dialog box - Security tab The dialog box contains the following information: • Master Key Status: Displays the status of the master key. Possible values are: - Not used: Displays when LKM/SSKM is the key vault. - Required but not created: Displays when a master key needs to be created. - Created but not backed up: Displays when the master key needs to be backed up.
25 Viewing and editing encryption group properties • Registered Authentication Cards table: Lists the registered authentication cards. - Group Card #: The number of cards that are registered. - Card ID: The card serial number. - First Name and Last Name: The first and last name of the person assigned to the card. The names are identified when the authentication card is first registered. - Notes: An optional entry of information.
Viewing and editing encryption group properties 25 • Non-HA Encryption Engines table: Displays a list of encryption engines that are not configured for high-availability clustering • High-Availability Clusters table: A list of encryption engines that have been selected for high-availability clustering. • Right and left arrow buttons: You can select an encryption engine in the Non-HA Encryption Engines table and click the right arrow button to add the encryption engine to the High-Availability Clusters.
25 Viewing and editing encryption group properties Link Keys tab NOTE The Link Keys tab displays only if the key vault type is NetApp LKM/SSKM. Connections between a switch and an NetApp LKM/SSKM key vault require a shared link key. Link keys are used only with LKM/SSKM key vaults. Link keys are used to protect data encryption keys in transit to and from the key vault. There is a separate link key for each key vault for each switch.
Viewing and editing encryption group properties 25 FIGURE 453 Encryption Group Properties dialog box - Link Keys tab Tape Pools tab Tape pools are managed from the Tape Pools tab. From the Tape Pools tab, you can add, modify, and remove tape pools. • To add a tape pool, click Add, then complete the Add Tape Pool dialog box. • To remove an encryption switch or engine from a tape pool, select one or more tape pools listed in the table, then click Remove.
25 Viewing and editing encryption group properties FIGURE 454 Encryption Group Properties dialog box - Tape Pools tab Tape pools overview Tape cartridges and volumes can be organized into a tape pool (a collection of tape media). The same data encryption keys are used for all cartridges and volumes in the pool. Tape pools are used by backup application programs to group all tape volumes used in a single backup or in a backup plan.
Viewing and editing encryption group properties 25 Adding tape pools A tape pool can be identified by either a name or a number, but not both. Tape pool names and numbers must be unique within the encryption group. When a new encryption group is created, any existing tape pools in the switch are removed and must be added. 1. Select Configure > Encryption from the menu task bar to display the Encryption Center dialog box. (Refer to Figure 303 on page 852.) 2.
25 Viewing and editing encryption group properties 5. Select the Encryption Mode. Options are Clear Text, DF-Compatible Encryption, and Native Encryption. Note the following: • DF-Compatible Encryption is valid only when LKM/SSKM is the key vault. • The Key Lifespan (days) field is editable only if the tape pool is encrypted. • If Clear Text is selected as the encryption mode, the key lifespan is disabled. NOTE You cannot change the encryption mode after the tape pool I/O begins.
Encryption-related acronyms in log messages 25 FIGURE 457 Encryption Group Properties Dialog Box - Engine Operations Tab NOTE You cannot replace an encryption engine if it is part of an HA cluster. Encryption-related acronyms in log messages Fabric OS log messages related to encryption components and features may have acronyms embedded that require interpretation. Table 113 lists some of those acronyms.
Chapter 26 Zoning In this chapter • Zoning overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zone database size . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Zoning configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • LSAN zones . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • LSAN tagging . . . . . . . . . . . . . . . .
26 Zoning overview Blue Zone Server 2 Server 1 Storage 2 Red Zone Storage 1 RAID Green Zone Storage 3 Server 3 FIGURE 458 Zoning NOTE A Network OS fabric supports zoning only if all devices in the fabric are running Network OS v2.1.0 or later. NOTE Zone objects based on physical port number or port ID (D,I ports) are not supported in Network OS fabrics.
Zoning overview 26 • LSAN zones Provide device connectivity between fabrics without merging the fabrics. Refer to “LSAN zones” on page 1072 for more information. • QoS zones Assign high or low priority to designated traffic flows. Quality of Service (QoS) zones are standard zones with additional QoS attributes that you select when you create the zone. • Traffic Isolation zones (TI zones) Isolate inter-switch traffic to a specific, dedicated path through the fabric.
26 Zone database size • You want to analyze the impact of changes to storage access before applying the changes. For example, if you deploy a new server and want to ensure that the zoning changes result in only the new server gaining access to specific storage devices and nothing else. Refer to “Comparing zone databases” on page 1085. Zoning naming conventions The naming rules for zone names, zone aliases, and zone configuration names vary with the type of fabric.
Zoning configuration 26 The Professional Edition does not support large zone databases. In the Professional Edition, the maximum size of the zone database without zone aliases is 32 KB. If the zone database contains aliases, the maximum size is less than 32 KB. Zoning configuration At a minimum, zoning configuration entails creating zones and zone members. However, you can also create zone aliases, zone configurations, and zone databases.
26 Zoning configuration Creating a zone 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Click New Zone. A new zone displays in the Zones list. 5. Type the name for the zone.
Zoning configuration 26 6. Click OK to close the Zone Properties dialog box. Adding members to a zone Use this procedure to add a member to a zone when the member is listed in the Potential Members list of the Zone DB tab. Enterprise and Professional Plus editions: For instructions to add a member to a zone when the member is not listed in the Potential Members list, refer to the procedure “Creating a member in a zone” on page 1052. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays.
26 Zoning configuration 8. For offline zone databases only, complete the following steps to save the zone configuration into the switch from the offline zone database: a. Select Save to Switch from the Zone DB Operation list. b. Click Yes on the confirmation message. The selected zone database is saved to the fabric without enabling a specific zone configuration. 9. Click OK or Apply to save your changes. Any zones or zone configurations you have changed are saved in the zone database.
Zoning configuration 26 9. For offline zone databases only, complete the following steps to save the zone configuration into the switch from the offline zone database: a. Select Save to Switch from the Zone DB Operation list. b. Click Yes on the confirmation message. The selected zone database is saved to the fabric without enabling a specific zone configuration. 10. Click OK or Apply to save your changes. Any zones or zone configurations you have changed are saved in the zone database.
26 Zoning configuration 4. Right-click the name of the zone you want to change in the Zones list and select Rename. 5. Type the new name for the zone. For zone name requirements and limitations, refer to “Zoning naming conventions” on page 1048. 6. Press Enter to save the new name. For FC and Network OS fabrics, if an invalid name is entered for a zone or zone configuration, the application displays a warning message.
Zoning configuration 26 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Select one or more zones in the Zones list that you want to duplicate, then right-click and select Duplicate. The duplicated zone or zones display in the Zones list. 5. (Optional) Type a new name for the zone and press Enter to save the name.
26 Zoning configuration Enabling or disabling the default zone for fabrics 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Select the zoning database you want from the Zone DB list. 5. Click Zoning Policies.
Zoning configuration 26 6. Type a name for the alias in the Alias Name field. Refer to “Zoning naming conventions” on page 1048 for rules about zone alias names. 7. (Optional) Select an option from the Type list to choose how to display the objects in the Potential Members list. 8. (Optional) Show all discovered fabrics in the Potential Members list by right-clicking in the Potential Members list and selecting Display All.
26 Zoning configuration 7. Remove members from the alias by completing the following steps. a. Select one or more members that you want to remove from the alias in the Selected Member(s) list. (Press SHIFT or CTRL and click each member to select more than one member.) b. Click the left arrow between the Potential Members list and the Selected Member(s) list to remove the selected members from the alias. 8. Click OK or Apply on the Edit Alias dialog box to save your changes. 9.
Zoning configuration 26 Renaming a zone alias 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list. 4. Select Alias from the Type list. 5. Right-click the zone alias you want to rename and select Rename. 6. Edit the name and press Enter. Refer to “Zoning naming conventions” on page 1048 for rules about zone alias names. 7.
26 Zoning configuration Creating a zone configuration 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Click New Configuration. A new configuration displays in the Zone Configurations list. 5. Enter a name for the zone configuration.
Zoning configuration 26 Adding zones to a zone configuration 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Select one or more zone configurations to which you want to add zones in the Zone Configurations list.
26 Zoning configuration Activating a zone configuration When a zone configuration is active, its members can communicate with one another. Only one zone configuration can be active at any given time. NOTE Only one server should be run at a time (actual servers performing discovery) or logon conflicts may occur. Also, activation speeds may differ depending on the hardware vendor and type of zoning used.
Zoning configuration 26 8. Click OK to activate the zone configuration. A message displays informing you that the zones and zone configurations you change will be saved in the zone database and asking whether you want to proceed. Click Yes to confirm the activation, or click No to cancel the activation. When you click Yes, a busy window displays indicating the activation is in progress. A status field informs you whether the activation succeeded or failed.
26 Zoning configuration Renaming a zone configuration 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Right-click the name of the zone configuration you want to change in the Zone Configurations list and select Rename. 5.
Zoning configuration 26 Duplicating a zone configuration When you duplicate a zone configuration, you make a copy of it in the same zone database. The first time a zone configuration is duplicated, the duplicate is automatically given the name _copy. On subsequent duplications, a sequential number is assigned to the zone configuration name, such as _copy_1, _copy_2, and _copy_3.
26 Zoning configuration 6. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. If you want to show all discovered fabrics in the Potential Members list, right-click in the Potential Members list and select Display All. 7. Create the desired zones. For specific instructions, refer to “Creating a zone” on page 1050. 8. Add members to each zone.
Zoning configuration 26 Refreshing a zone database 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a zone database from the Zone DB list. 4. Select Refresh from the Zone DB Operation list. A message displays informing you that refresh will overwrite the selected database. Click Yes to continue. 5. Click OK. Any zones or zone configurations you have changed are saved in the zone database.
26 Zoning configuration Merging two zone databases If a zone or zone configuration is merged, the resulting zone or zone configuration includes all members that were marked for addition or removal as well as all members not otherwise marked. NOTE: You cannot merge the following zones with a Network OS fabric: • • • • • Zones with aliases (can merge with Network OS 3.0.0 and later) Zones with D,I members TI zones QoS zones Redirection zones 1. Select Configure > Zoning > Fabric.
Zoning configuration 26 5. (Optional) Merge elements (zone configurations, zones, or aliases) by completing the following steps: a. Select one or more of the same element type from the Reference Zone DB area. You can select zone configurations, zones, or aliases, but do not mix element types. b. Select the same type of element in the Editable Zone DB area. If you selected a zone configuration in the Reference Zone DB area, you must select a zone configuration in the Editable Zone DB area. c.
26 Zoning configuration Creating a common active zone configuration in two fabrics Before you can merge two fabrics, the defined and active zone configurations in both fabrics must match. Refer to “Merging two zone databases” on page 1068 for instructions on how to merge the zone databases in two fabrics. After you merge the two zone databases, you create a common active zone configuration before physically merging the fabrics. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2.
Zoning configuration 26 Exporting an offline zone database NOTE You cannot export an online zone database. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Select an offline zone database from the Zone DB list. 3. Select Export from the Zone DB Operation list. The Export Zone DB dialog box displays. 4. Browse to the location where you want to export the zone database file (.xml format). 5. Click Export Zone DB. 6. Click OK to save your work and close the Zoning dialog box.
26 LSAN zones LSAN zones Connecting to another network through a Fibre Channel (FC) router, you can create an LSAN zone to include zone objects on other fabrics. No merging takes place across the FC router when you create an LSAN zone. Figure 460 shows an example in which Server 1, which is connected to a switch in the VCS fabric, has access to local storage and to RAID storage on a Fabric OS fabric.
LSAN zones 26 Configuring LSAN zoning The following procedure provides an overview of the steps you must perform to configure LSAN zoning. 1. Select a backbone fabric from the Connectivity Map or Product List. 2. Select Configure > Zoning > LSAN Zoning (Device Sharing). The Zoning dialog box displays, with the LSAN scope. 3. Click the Zone DB tab if that tab is not automatically displayed. 4.
26 LSAN zones Creating an LSAN zone Create LSAN zones to enable communication between devices in different fabrics without merging the fabrics. 1. Select a backbone fabric from the Connectivity Map or Product List. 2. Select Configure > Zoning > LSAN Zoning (Device Sharing). The Zoning dialog box displays, with the LSAN scope. 3. Click New Zone. The prefix LSAN_ is automatically added in the text field. 4. Enter a name for the zone.
LSAN zones 26 Adding members to the LSAN zone Use this procedure to add a member to an LSAN zone when the member is listed in the Potential Members list of the Zone DB tab. LSAN zones do not support Domain,Port members. 1. Select a backbone fabric from the Connectivity Map or Product List. 2. Select Configure > Zoning > LSAN Zoning (Device Sharing). The Zoning dialog box displays, with the LSAN scope. 3. Select the member type from the Type list.
26 LSAN zones Creating a new member in an LSAN zone Use this procedure to add a member to an LSAN zone when the member is not listed in the Potential Members list of the Zone DB tab. For instructions to add a member to a zone when the member is listed in the Potential Members list, refer to the procedure “Adding members to the LSAN zone” on page 1075. 1. Select a backbone fabric from the Connectivity Map or Product List. 2. Select Configure > Zoning > LSAN Zoning (Device Sharing).
LSAN tagging 26 Activating LSAN zones 1. Select a backbone fabric from the Connectivity Map or Product List. 2. Select Configure > Zoning > LSAN Zoning (Device Sharing). The Zoning dialog box displays, with the LSAN scope. 3. Click Activate. 4. Review the information in the Activate LSAN Zones dialog box. LSAN zones that contain online members are automatically included in the Destination Fabrics list.
26 Traffic Isolation zones Traffic Isolation zones A Traffic Isolation zone (TI zone) is a special zone that isolates inter-switch traffic to a specific, dedicated path through the fabric. A TI zone contains a list of E_Ports, followed by a list of N_Ports. When the TI zone is activated, the fabric attempts to isolate all inter-switch traffic between N_Ports to only those E_Ports that have been included in the zone.
Traffic Isolation zones • • • • • • 26 8 Gbps 40-port Switch (Brocade VA-40FC) 16 Gbps 4-slot Backbone Chassis (Brocade DCX 8510-4) 16 Gbps 8-slot Backbone Chassis (Brocade DCX 8510-8) 8-slot Backbone Chassis (Brocade DCX) 4-slot Backbone Chassis (Brocade DCX-4S) 8 Gbps Encryption Switch (Brocade Encryption Switch) Enhanced TI zones are supported only if the following conditions are met: • Every switch must be one of the previously listed supported platforms. • Every switch must be running Fabric OS 6.
26 Traffic Isolation zones 8. Click OK or Apply to save your changes. The Traffic Isolation zones are saved, but are not activated. The Traffic Isolation zones are activated when you activate a zone configuration in the same zone database. Creating a Traffic Isolation zone Traffic Isolation zones are configurable only on a Fabric OS device. The seed switch must be running Fabric OS 6.1.1 or later. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2.
Traffic Isolation zones 26 4. (Optional) If you want to show all discovered fabrics in the Potential Members list, right-click in the Potential Members list and select Display All. 5. Select one or more Traffic Isolation zones to which you want to add members in the Zones list. (Press SHIFT or CTRL and click each zone name to select more than one zone.) 6. Select Domain, Port Index from the Type list. 7.
26 Traffic Isolation zones Disabling a Traffic Isolation zone NOTE Traffic Isolation zones are configurable only on a Fabric OS device. Traffic Isolation zones are enabled by default when you create them. Use this procedure to disable a Traffic Isolation zone. To apply the settings and deactivate the zone, you must activate a zone configuration in the same zone database. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2.
Boot LUN zones 26 Disabling failover on a Traffic Isolation zone NOTE Traffic Isolation zones are configurable only on a Fabric OS device. If failover is disabled, be aware of the following considerations: • Ensure that there are non-dedicated paths through the fabric for all devices that are not in a TI zone. • If you create a TI zone with E_Ports only, failover must be enabled. If failover is disabled, the specified ISLs will not be able to route any traffic.
26 Boot LUN zones Creating a Boot LUN zone 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. Boot LUN zones are not supported for Network OS fabrics. 4.
Zoning administration 26 4. Right-click the Boot LUN zone you want to modify in the Zones list and select New Boot LUN Zone. The New Boot LUN Zone dialog box displays. You can modify the storage port WWN and LUN number. 5. Select a storage port WWN from the list or enter an offline WWN. You can click the ellipsis button to display and select the storage port WWNs from a device tree with storage group. 6. Enter a 16-digit hexadecimal LUN number in the LUN # field. 7. Click Generate. 8.
26 Zoning administration To compare two zone databases, complete the following steps. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Select Compare from the Zone DB Operation list. The Compare/Merge Zone DBs dialog box displays, as shown in Figure 461. FIGURE 461 Compare/Merge Zone DBs dialog box 3. Select a database from the Reference Zone DB list. 4. Select a database from the Editable Zone DB list.
Zoning administration 26 6. Set the level of detail for the database areas by selecting one of the following options from the Tree Level list: NOTE This list is only available when you set the Comparison View to Full (Zone Configurations, Zones, and Aliases). • All Level — Displays all zone configurations, zones, and aliases. • Zone Configurations — Displays only zone configurations. • Zones — Displays only zones. 7.
26 Zoning administration Setting change limits on zoning activation Use this procedure to set a limit on the number of changes a user can make to the zone database before activating a zone configuration. If the user exceeds the limit, zone configuration activation is not allowed. By default, all fabrics allow unlimited changes. Changes include adding, removing, or modifying zones, aliases, and zone configurations. Use this procedure to set the following limits: • Set a different limit for each fabric.
Zoning administration 26 Clearing the fabric zone database ATTENTION Clearing the zone database removes all zoning configuration information, including all aliases, zones, and zone configurations, in the fabric. Clearing the fabric zone database is disruptive to the fabric. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Select a fabric from the Zoning Scope list.
26 Zoning administration Finding a member in one or more zones Use this procedure to locate all instances of a member in the Zones list on the Zone DB tab. 1. Select Configure > Zoning > Fabric. For LSAN zones, select Configure > Zoning > LSAN Zoning (Device Sharing). The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list.
Zoning administration 26 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4. Select the zone you want to find in the Zones list. (Press SHIFT or CTRL and click each zone to select more than one zone.) 5. Click Find > between the Zones list and the Zone Configurations list. If the zone is found, all instances of the zone are highlighted in the Zone Configurations list.
26 Zoning administration Listing un-zoned members Use this procedure to identify the device ports in the current fabric that are not part of the active zone configuration. You can use this procedure for standard zones as well as LSAN zones. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list.
Zoning administration 26 Replacing zone members You can replace one instance of a zone member in one zone, or all instances of the zone member in all the zones to which it belongs. 1. Select Configure > Zoning > Fabric. The Zoning dialog box displays. 2. Click the Zone DB tab if that tab is not automatically displayed. 3. Select a fabric from the Zoning Scope list. This identifies the target entity for all subsequent zoning actions and displays the zoning database for the selected entity. 4.
26 Zoning administration 5. Select WWN (default) in the corresponding Replace Using list. 6. Enter the WWN or select the name of the offline device in the corresponding Replace Value list. If the selected name has multiple device or device port WWNs assigned (names are set to non-unique in the Management application), the Device or Device Port WWN of Non-unique Name dialog box displays. The WWN list includes all device and device port WWNs assigned to the selected name. 7.
Chapter Fibre Channel over IP 27 In this chapter • FCIP services licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1096 • FCIP Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1096 • IP network considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1096 • FCIP platforms and supported features. . . . . . . . . . . . . . . . . . . . . . . . . . . 1097 • FCIP trunking . . . . . . . . .
27 FCIP services licensing FCIP services licensing Most of the FCIP extension services described in this chapter require the High Performance Extension over FCIP/FC license. FICON emulation features require additional licenses. The following features and licensing apply to the 8 Gbps Extension platforms. • FCIP Adaptive Rate Limiting requires the FTR_AE (Advanced Extension) license. • FCIP trunking requires FTR_AE license.
FCIP platforms and supported features 27 FCIP platforms and supported features The following Fabric OS platforms that support FCIP: • The 8 Gbps Extension Switch. • The 8 Gbps Extension blade (8-slot Backbone Chassis, 4-slot Backbone Chassis). NOTE The 8 Gbps Extension blade is supported in 16 Gbps Backbone and Director Chassis, IPv6 addressing is not supported in conjunction with IPsec on all platforms in Fabric OS version v7.0, but will be supported in a later version.
27 FCIP trunking The way FCIP tunnels and virtual ports map to the physical GbE ports depends on the switch or blade model. The 8 Gbps Extension Switch and 8 Gbps Extension Blade tunnels are not tied to a specific GbE port, and may be assigned to any virtual port within the allowed range. The mapping of GbE ports to tunnels and virtual port numbers is summarized in Table 116.
FCIP trunking 27 FCIP tunnel restrictions for FCP and FICON emulation features Multiple FCIP tunnels are not supported between pairs of Extension Switches and Blades when any of the FICON or FCP emulation features are enabled on the tunnel unless TI Zones or LS/LF configurations are used to provide deterministic flows between the switches. The emulation features require deterministic FC Frame routing between all initiators and devices over multiple tunnels.
27 FCIP trunking FIGURE 463 Link loss and retransmission over peer lowest metric circuit In Figure 464, circuit 1 is assigned a metric of 0, and circuit 2 is assigned a metric of 1. In this case, circuit 2 is a standby that is not used unless there are no lowest metric circuits available.
FCIP trunking 27 • If a low metric circuit becomes available again, the high metric circuits return to standby status, and the available bandwidth is updated again as each circuit comes online. For example, if circuit 0 is recovered, the available bandwidth is updated as 1 Gbps. If circuit 1 is also recovered, the available bandwidth is updated as 1.5 Gbps.
27 FCIP trunking • Consider available WAN bandwidth requirements when configuring failover circuit groups. Refer to “Bandwidth calculation during failover” on page 1100. Examples of circuit failover in groups Tables Table 117 through Table 119 provide examples of how failover occurs on circuits with different bandwidths configured in failover groups. Table 117 illustrates circuit failover in a tunnel with two failover groups, each with two circuits.
Adaptive Rate Limiting 27 • If circuit 2 fails, data is load balanced over circuit 1 and circuit 3, and no other circuit becomes active. Reason: Circuit 1 and 3 are the only active circuits since circuit 4 and 5 only become active when circuits 3 or 1 fail. • If circuit 2 and circuit 3 fail, circuit 5 becomes active and data is load balanced over circuit 1 and circuit 5. Reason: Ungrouped circuits 2 and 3 fail over to ungrouped circuit 5, which has a metric of 0.
27 QoS SID/DID priorities over an FCIP trunk • If the bandwidth is greater than or equal to 2 Gbps, the link cost is 500. • If the bandwidth is less than 2 Gbps, but greater than or equal to 1 Gbps, the link cost is 1000000 divided by the bandwidth. • If the bandwidth is less than 1 Gbps, the link cost is 2000 minus the bandwidth QoS SID/DID priorities over an FCIP trunk QoS SID/DID traffic prioritization is a capability of Fabric OS Adaptive Networking licensed feature.
QoS SID/DID priorities over an FCIP trunk 27 External User Perspective Internal Architecture VE Port Tunnel Circuit High Priority Med.
27 IPsec and IKE implementation over FCIP The Advanced Settings dialog box is displayed. This dialog box has a Transmission tab, Security tab, and FICON Emulation tab. Configure QoS percentages on the Transmission tab (Figure 466). FIGURE 466 Advanced Settings Transmission Tab 5. Click the up or down arrows by QoS High, QoS Medium, and QoS Low to increment values by 1% and override the default values of 50% (high), 30% (medium), and 20% (low). The three values must equal 100%.
IPsec and IKE implementation over FCIP 27 IPsec for the 4 Gbps platforms IPsec uses some terms that you should be familiar with before beginning your configuration. These are standard terms, but are included here for your convenience. Term Definition AES Advanced Encryption Standard. FIPS 197 endorses the Rijndael encryption algorithm as the approved AES for use by US Government organizations and others to protect sensitive information. It replaces DES as the encryption standard.
27 QOS, DSCP, and VLANs IPSec for the 8 Gbps platforms The 8 Gbps platforms use AES-GCM-ESP as a single, pre-defined mode of operation for protecting all TCP traffic over an FCIP tunnel. AES-GCM-ESP is described in RFC-4106. Key features are listed below: • Encryption is provided by AES with 256 bit keys. • The IKEv2 key exchange protocol is used by peer switches and blades for mutual authentication. • IKEv2 uses UDP port 500 to communicate between the peer switches or blades.
QOS, DSCP, and VLANs 27 DSCP quality of service Layer three class of service DiffServ Code Points (DSCP) refers to a specific implementation for establishing QoS policies as defined by RFC2475. DSCP uses six bits of the Type of Service (TOS) field in the IP header to establish up to 64 different values to associate with data traffic priority. DSCP settings are useful only if IP routers are configured to enforce QoS policies uniformly within the network.
27 Open systems tape pipelining TABLE 120 Default Mapping of DSCP priorities to L2Cos Priorities (Continued) DSCP priority/bits L2CoS priority/bits Assigned to: 47 / 101111 4 / 100 High QoS 51 / 110011 4 / 100 High QoS 55 / 110111 4 / 100 High QoS 59 / 111011 4 / 100 High QoS 63 / 111111 0 / 000 - Open systems tape pipelining Open Systems Tape Pipelining (OSTP) can be used to enhance open systems SCSI tape write I/O performance.
FICON emulation features TABLE 121 27 OSTP constraints FCIP Fastwrite Tape Acceleration Class 3 traffic is accelerated with Fastwrite. Class 3 traffic is accelerated between host and sequential device. With sequential devices (tape drives), there are 1024 initiator-tape (IT) pairs per GbE port, but 2048 initiator-tape-LUN (ITL) pairs per GbE port. The ITL pairs are shared among the IT pairs. For example: Two ITL pairs for each IT pair as long as the target has two LUNs.
27 Connecting cascaded FICON fabrics over FCIP Tape write pipelining FICON tape write pipelining improves performance for a variety of applications when writing to tape over extended distances. FICON tape write pipelining locally acknowledges write data records, enabling the host to generate more records while previous records are in transit across the IP WAN. If exception status is received from the device, the writing of data and emulation is terminated.
Connecting cascaded FICON fabrics over FCIP 27 NOTE Merging two cascaded FICON fabrics may be disruptive to current I/O operations in both fabrics, as it needs to disable and enable the switches in both fabrics. The merge process will not make any configuration changes on the primary (production) fabric that are disruptive. 3. Configure FICON Emulation features, if applicable. NOTE Consult with a qualified support specialist before implementing the FICON Acceleration feature.
27 Connecting cascaded FICON fabrics over FCIP Planning the configuration Create a drawing to summarize the following elements of your planned configuration. • IP network connections - Tunnels - Addresses - Bandwidth requirements for all circuits - Label all circuits and tunnels Determine how the IP network will be used by identifying redundant routes, network distance for each route, and minimum and maximum bandwidth requirements.
Connecting cascaded FICON fabrics over FCIP 27 Configuring IP links and merging the fabrics Use the following procedures to configure an IP connection between two Extension Switches or Blades, then merging the fabrics to which they belong. 1. Perform all tasks under “FCIP configuration guidelines” on page 1119. 2. Configure tunnels circuits between the switches by following steps under “Configuring an FCIP tunnel” on page 1120 3.
27 Connecting cascaded FICON fabrics over FCIP • FICON Acceleration features require a license. These features include FICON Tape emulation, FICON XRC emulation, and FICON teradata pipelining. • Select Populate Default Values unless recommended otherwise by a qualified Fabric OS support professional. • Only select the features you require. • Whenever selecting a FICON emulation feature, also select Enable FICON Tin Tir Emulation and Enable FICON Device Level Ack Emulation.
Connecting cascaded FICON fabrics over FCIP 27 13. Configure traffic isolation (TI) zoning. Refer to the information on TI zones under “Planning the configuration” on page 1114 and the “Traffic Isolation zones” section of Chapter 26, “Zoning”. 14. Clear error counters, which are common during switch configuration, by right-clicking the switch in the Connectivity Map or Product List and selecting Performance > Clear Counters.
27 Connecting cascaded FICON fabrics over FCIP TABLE 122 Using Fast Write for extended applications Manufacturer RDR Application Platform Type Use Fast Write IBM Global Mirror SVC Async No IBM Metro Mirror SVC Sync No EMC SRDF/A Symmetrix Async Yes EMC SRDF/S Symmetrix Sync Yes (SiRT disabled) EMC SRDF Adaptive Copy Symmetrix Async Yes EMC MirrorView CLARiiON Async Yes EMC MirrorView CLARiiON Sync Yes EMC SANcopy CLARiiON Async Yes HDS Universal Replicator (
FCIP configuration guidelines 27 FCIP configuration guidelines FCIP configuration always involves two or more Extension Switches. The following should take place first before you configure a working FCIP connection from the Management application: • • • • • The WAN link should be provisioned and tested for integrity. Cabling within the data center should be completed. Equipment should be physically installed and powered on.
27 Configuring an FCIP tunnel Configuring an FCIP tunnel When you configure an FCIP extension connection, you create FCIP tunnels and FCIP circuits, between two Extension Switches. 1. Select Configure > FCIP Tunnels. The FCIP Tunnels dialog box is displayed (Figure 469). . FIGURE 469 FCIP Tunnels dialog box (fabric selected from Product tree) The dialog box displays a tree structure of all discovered fabrics, Extension Switches, and configured tunnels.
Configuring an FCIP tunnel 27 A Circuits properties table displays at the bottom of the dialog box. For 8 Gbps platforms, this may contain columns for multiple circuits. Actual, as well as cached circuits display. You can configure circuits using the Add, Edit, Delete, Enable, and Disable circuits using the function buttons to the right of the table. For 4 Gbps platforms, the Delete, Enable, and Disable buttons do not display. In addition, the Edit operation is only supported for cached circuits.
27 Configuring an FCIP tunnel 3. To edit the configuration for an existing FCIP tunnel and circuits between two switches, follow these steps: NOTE You cannot edit an active tunnel; disable the tunnel before making changes. a. From the FCIP Tunnels dialog box (refer to step 1), select the FCIP tunnel that you want to configure under the Products tree. b. Click Edit The Edit FCIP Tunnel dialog box displays. This dialog box allows you to edit configurations on both switches on either end of the tunnel.
Adding an FCIP circuit 27 Adding an FCIP circuit When adding a new FCIP tunnel, you can add an FCIP circuit by selecting the Add button to the right of the Circuits properties table on the Add FCIP Tunnel dialog box (Figure 470 on page 1121). For 8 Gbps platforms, you can add multiple FCIP circuits to the tunnel with this button. Add circuits to existing FCIP tunnels through the Edit FCIP Tunnel dialog box.
27 Adding an FCIP circuit 3. Select the IP Address Type. The implementation is a dual IP layer operation implementation as described in RFC 4213. IPv6 addresses can exist with IPv4 addresses on the same interface, but the FCIP circuits must be configured as IPv6 to IPv6 and IPv4 to IPv4 connections. IPv6-to-IPv4 connections are not supported. Likewise, encapsulation of IPv4 in IPv6 and IPv6 in IPv4 is not supported. 4. Select the IP Address for each port.
Adding an FCIP circuit 27 9. Designate a Failover Group for the circuit from 0 to 9. A value of 0 designates the default failover group or no failover group. With Circuit Failover Groups you can better control which metric 1 circuits will be activated if a metric 0 circuit fails. For this feature, you define a set of metric 0 and metric 1 circuits that are part of the same failover group.
27 Adding an FCIP circuit FIGURE 472 FCIP Circuit Advanced Settings - Selective the Ack check box to disable selective acknowledgement. This should not be done unless your system cannot support selective acknowledgement. - Use the Keep Alive Time Out (ms) option to override the default value of 10000 ms. As shown, the range is from 500 to 7200000. - Use the Max. Retransmission Time (ms) option to override the default value of 100 ms. - Select L2CoS and DSCP priorities.
Configuring FCIP tunnel advanced settings 27 • If the user-configured logical switch is discovered and the default logical switch is not discovered: - On adding a circuit, only the GigE ports present in the logical switch will display. You cannot display or edit shared circuits of the default logical switch.
27 Configuring FCIP tunnel advanced settings FIGURE 473 Selecting a compression mode 3. Select the desired compression mode. A Standard option provides hardware compression and is available on all platforms. The 8 Gbps Extension Switch and the 8 Gbps Extension Blade provide three additional options for compression. The Moderate option enables a combination of hardware and software compression that provides more compression that hardware compression alone. This option supports up to 8 Gbps of FC traffic.
Configuring FCIP tunnel advanced settings 27 4. Click OK. Enabling Tperf test mode To enable Tperf test mode, do the following: 1. Select Advanced Settings on the Add FCIP Tunnel or Edit FCIP Tunnel dialog box to display the Advanced Settings dialog box. 2. From the Transmission tab, select the TPerf Test Mode check box. 3. Select the Tape Acceleration check box. 4. Click OK. Tperf test mode should not be enabled during normal operations. It is only used for testing and troubleshooting tunnels.
27 Configuring FCIP tunnel advanced settings FIGURE 474 Advanced Settings Security Tab for the 8 Gbps Extension Switch and Blade 3. As an option, click Ensure connecting peer switches have known WWNs. This provides an added measure of security. 4. Enter the WWN for the remote switch. 5. Assign IKE and IPsec policies. For the 4 Gbps Extension Switch and Blade, you must choose from a drop-down list of policies. The 8 Gbps Extension Switch and Blade have predefined IKE and IPsec policies.
Configuring FCIP tunnel advanced settings 7. 27 You can activate the Enable backward compatibility feature on 8 Gbps platforms if IPSec is enabled. This allows multiple 1 Gbps circuits to be created using 10 Gbps ports even if the switch at one end of the tunnel is using Fabric OS 7.0 and the switch at the other end is using Fabric OS earlier than v7.0.
27 Configuring FCIP tunnel advanced settings 4. Select Populate Default Values at the top of the dialog box to set all operational parameters for FICON emulation to default values. This option is not be enabled if existing values are configured for the tunnel. 5. Select individual operational parameters for FICON emulation. 1132 - FICON Tape Write Max Pipe defines a maximum number of channel commands that may be outstanding at a given time during write pipelining.
Viewing FCIP connection properties 27 Viewing FCIP connection properties The FCIP connection properties show properties of the blades or switches on both sides of a connection. To view FCIP connection properties, right-click the connection between two Extension Blades or Switches and select Properties (Figure 476). FIGURE 476 FCIP connection properties If the default logical switch is not discovered the dialog box for shared GbE links will display VE_Port information instead of GbE port information.
27 Viewing General FCIP properties Viewing General FCIP properties Use the following steps to view general FCIP properties for a switch or blade. 1. Right click an Extension Blade or Switch from the Fabric Tree structure or on the Connectivity Map, and select Properties. 2. Select the Properties tab. FIGURE 478 General FCIP properties tab (Extension Switch or Blade) Use the following steps to view the properties of a chassis where an Extension Blade is installed. 1.
Viewing General FCIP properties 27 FIGURE 479 General FCIP properties tab (blade chassis) Brocade Network Advisor SAN + IP User Manual 53-1002949-01 1135
27 Viewing FCIP port properties Viewing FCIP port properties Take the following steps to view FCIP FC. VE/VEX, and GbE port properties. 1. Right click an Extension Blade or Switch from the Fabric Tree structure or on the Connectivity Map, and select Properties. 2. Select the Port tab. 3. To view FC port information, select the FC from the Type drop-down list (Figure 480). FIGURE 480 FC ports properties 4. To view VE and VEX port information, select the VE/VEx from the Type drop-down list (Figure 481).
Viewing FCIP port properties 27 FIGURE 481 VE/VEx port properties 5. To view GbE (Ethernet) port information, select the GigE from the Type drop-down list (Figure 482).
27 Editing FCIP circuits Editing FCIP circuits FCIP circuit settings may be edited from the Edit FCIP Circuit dialog box. The procedure for launching this dialog box for the 4 Gbps Extension Switch and Blade is different than the procedure for the 8 Gbps Extension Switch and the 8 Gbps Extension Blade. Also note the following differences for these platforms: • The 4 Gbps Extension Switch and Blade have only one circuit per tunnel, and the circuit is edited as part of the tunnel.
Disabling FCIP tunnels 27 FIGURE 483 Edit FCIP Circuit dialog box 3. Fields and parameters are as described in “Adding an FCIP circuit”. You can edit all editable fields and parameters. Disabling FCIP tunnels 1. From the FCIP Tunnels dialog box, select the tunnel you want to disable. 2. Select Disable. A confirmation dialog box displays showing the switches on both ends of the tunnel and tunnel number. 3. Click Yes to disable the tunnel. Enabling FCIP tunnels 1.
27 Deleting FCIP tunnels Deleting FCIP tunnels 1. From the FCIP Tunnels dialog box, select the tunnel you want to delete. 2. Select the Delete. A confirmation dialog box displays, warning you of the consequences of deleting a tunnel. 3. Click OK to delete the tunnel. Disabling FCIP circuits 1. From the FCIP Tunnels dialog box, select the tunnel that contains the circuit. 2. Select Edit. The Edit FCIP Tunnel dialog box displays. 3.
Displaying FCIP performance graphs 27 4. Select Delete. 5. For tunnels with multiple circuits, select additional circuits from the table to delete and select Delete after each selection. 6. Click OK to delete the circuit(s). Displaying FCIP performance graphs You can display performance graphs by clicking the Performance button on the FCIP Tunnels dialog box. You can also display performance graphs from Properties, as described in the following sections. Displaying performance graphs for FC ports 1.
27 Displaying tunnel properties from the FCIP tunnels dialog box Displaying tunnel properties from the FCIP tunnels dialog box Tunnel properties can be displayed from the FCIP Tunnels dialog box. 1. Select a tunnel from the FCIP tunnels dialog box. 2. Select the Tunnel tab. Tunnel properties are displayed.
Displaying FCIP circuit properties from the FCIP tunnels dialog box 27 Displaying FCIP circuit properties from the FCIP tunnels dialog box Tunnel properties can be displayed from the FCIP Tunnels dialog box using the following procedure. 1. Select a tunnel from the FCIP tunnels dialog box. 2. Select the Circuit tab. Circuit properties are displayed (Figure 485).
27 Displaying switch properties from the FCIP Tunnels dialog box Displaying switch properties from the FCIP Tunnels dialog box Switch properties are displayed on the FCIP Tunnels dialog box when you select a switch (Figure 486).
Displaying fabric properties from the FCIP Tunnels dialog box 27 Displaying fabric properties from the FCIP Tunnels dialog box Fabric properties are displayed on the FCIP Tunnels dialog box when you select a fabric. (Figure 487). FIGURE 487 Fabric properties on the FCIP Tunnels dialog box Troubleshooting FCIP Ethernet connections 1. Right-click a blade an Extension Blade or Switch from the Fabric Tree structure or Connectivity Map, and select Properties. 2. Select the Port tab. 3.
Chapter Fabric Binding 28 In this chapter • Fabric Binding overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1147 • High integrity fabrics overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1152 Fabric Binding overview NOTE Fabric Binding is supported on Fabric OS 5.2 or later. The fabric binding feature enables you to configure whether switches can merge with a selected fabric.
28 Fabric Binding overview FIGURE 488 Fabric Binding dialog box 2. Review the fabric binding membership details. • Fabric List table — Lists the fabrics in your network. Fabric Name — The name of the fabric. Fabric WWN — The world wide name of the fabric. Binding Status — The binding status (enabled/disabled) of the fabric. Enable/Disable check box — Indicates whether fabric binding is enabled. Select to enable a fabric binding for the fabric.
Fabric Binding overview 28 • Membership List of Fabric_Name table — The current Fabric Membership List (FML) of the highlighted fabric, including the following details: Name — The name of the switch fabric. Node WWN — The node WWN of an available or member switch. Domain ID — The domain ID of an available or member switch. Fabric Name — The name of the fabric. Fabric WWN — The world wide name of the fabric. Attached — Whether or not the switch is attached.
28 Fabric Binding overview 2. In the Fabric List table, click the Enable/Disable check box for fabrics for which you want to configure fabric binding. For instructions on adding and removing switches from the membership list, refer to “Adding switches to the fabric binding membership list” on page 1151 and “Removing switches from fabric binding membership” on page 1152. 3. Click OK on the Fabric Binding dialog box.
Fabric Binding overview 28 Adding switches to the fabric binding membership list Once you have enabled Fabric Binding (refer to “Enabling fabric binding” on page 1149), you can add switches to the fabric binding membership list. NOTE Fabric Binding is only supported on Fabric OS 5.2 or later. To add a switch to the fabric, complete the following steps. 1. Select Configure > Fabric Binding. The Fabric Binding dialog box displays (Figure 488). 2.
28 High integrity fabrics overview Removing switches from fabric binding membership Once you have enabled Fabric Binding (refer to “Enabling fabric binding” on page 1149), you can remove switches that are not part of the fabric from the membership list. NOTE Fabric Binding is only supported on Fabric OS 5.2 or later. 1. Select Configure > Fabric Binding. The Fabric Binding dialog box displays (Figure 488). 2.
High integrity fabrics overview 28 • A policy must be set that limits connectivity to only the switches within the same fabric. Fabric binding is a security method for restricting switches that may join a fabric. For Fabric OS switches, fabric binding is implemented by defining a switch connection control (SCC) policy that prevents unauthorized switches from joining a fabric. • Dynamic Load Sharing (DLS) should be disabled.
28 High integrity fabrics overview Deactivating high integrity fabrics NOTE Deactivating high integrity fabrics is not supported in a pure Fabric OS environment. To deactivate a HIF, complete the following steps. 1. Select Configure > High Integrity Fabric. The High Integrity Fabric dialog box displays (Figure 489). 2. Select the fabric on which you want to deactivate HIF from the Fabric Name list. The HIF status displays in the High Integrity Fabric field. 3. Click Deactivate.
Chapter 29 Port Fencing In this chapter • About port fencing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Adding thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Editing thresholds . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Removing thresholds. . . . . . .
29 About port fencing Viewing port fencing configurations NOTE This feature is only available for Fabric OS devices. NOTE This feature requires a Trial or Licensed version. Port Fencing allows you to protect your SAN from repeated operational problems experienced by ports. Use Port Fencing to set threshold limits for the number of specific port events permitted during a given time period on the selected object.
About port fencing 29 • Thresholds table — List of configured thresholds based on the threshold type selected in the Violation Type list. Limit (Fabric OS) — The number of events allowed for the assigned threshold. If the object has no fencing support or no fencing changes, this field displays two hyphens separated by a space (- -). When the object is only partially managed by the management application, this field displays as inactive (grayed-out).
29 Thresholds Operational State — The operational state of the port. Blocked Configuration — The current configuration of the port (Blocked or Unblocked). Port WWN — The port world wide name of the port. Connected Product — The device label of the connected object. Connected Port # — The port number of the connected port. Connected Port WWN — The port world wide name of the connected port. Connected Port Name — The name of the connected port configured in the Element Manager.
Thresholds 29 C3 Discard Frames threshold NOTE This threshold is only available for Fabric OS devices running 6.3 or later. Use this type of threshold to block a port when a C3 Discard Frames violation meets the Fabric OS switch threshold. This threshold is only supported on directors, switches, and blades with a 4 Gbps, 8 Gbps, or 16 Gbps ASIC.
29 Thresholds Invalid CRCs threshold NOTE This threshold is only available for Fabric OS devices. Use this type of threshold to block a port when an Invalid CRCs violation meets the Fabric OS switch threshold. Invalid words threshold NOTE This threshold is only available for Fabric OS devices. Use this type of threshold to block a port when an Invalid Words violation meets the Fabric OS switch threshold. Link Reset threshold NOTE This threshold is only available for Fabric OS devices.
Adding thresholds 29 Adding thresholds NOTE This feature requires a Trial or Licensed version. The Management application allows you to create Invalid CRCs, Invalid words, Link, Link Reset, Protocol Error, Security, and Sync Loss thresholds. Adding a C3 Discard Frames threshold NOTE This threshold is only available for Fabric OS devices running 6.3 or later. Use to block a port when a C3 Discard Frames violation type meets the Fabric OS switch threshold.
29 Adding thresholds 3. Click Add. The Add C3 Discard Frames Threshold dialog box displays. FIGURE 492 Add C3 Discard Frames Threshold dialog box 4. Enter a name for the threshold in the Name field. 5. Select one of the following options: • Default — Uses device defaults. Go to step 8. • Custom — Uses your selections. Continue with step 6. 6. Enter the number of C3 discarded frames allowed for the threshold in the Threshold errors field. 7.
Adding thresholds 29 Adding an Invalid CRCs threshold NOTE This threshold is only available for Fabric OS devices. NOTE This feature requires a Trial or Licensed version. Use to block a port when an Invalid CRC violation type meets the Fabric OS switch threshold. For default threshold values for Fabric OS devices, refer to Chapter 7 of the Fabric Watch Administrator's Guide. To add an Invalid CRCs threshold, complete the following steps. 1. Select Monitor > Fabric Watch > Port Fencing.
29 Adding thresholds 8. Click OK to add the Invalid CRCs threshold to the table and close the Add Invalid CRCs Threshold dialog box. To assign this threshold to fabrics, switches, or switch ports, refer to “Assigning thresholds” on page 1169. 9. Click OK on the Port Fencing dialog box. Adding an Invalid Words threshold NOTE This threshold is only available for Fabric OS devices. NOTE This feature requires a Trial or Licensed version.
Adding thresholds 29 • Minute — the port is blocked as soon as the specified number of invalid words allowed is reached within a minute. • Hour — the port is blocked as soon as the specified number of invalid words allowed is reached within a hour. • Day — the port is blocked as soon as the specified number of invalid words allowed is reached within a day. 8. Click OK to add the Invalid Words threshold to the table and close the Add Invalid Words Threshold dialog box.
29 Adding thresholds 7. Select the time period for the threshold from the errors per list. The following choices are available: • None — the port is blocked as soon as the specified number of link resets allowed is met. • Second — the port is blocked as soon as the specified number of link resets allowed is reached within a second. • Minute — the port is blocked as soon as the specified number of link resets allowed is reached within a minute.
Adding thresholds 29 FIGURE 496 Add Protocol Error Threshold dialog box 4. Enter a name for the threshold in the Name field. 5. Select the Fabric OS check box. a. Select one of the following options: • Default — Uses device defaults. Go to step 6. • Custom — Uses your selections. Continue with step b. b. Enter the number of protocol errors allowed for the threshold from the Threshold errors field. c. Select the time period for the threshold from the errors per list.
29 Adding thresholds Adding a State Change threshold NOTE This threshold is only available for Fabric OS devices running 6.3 or later. NOTE This feature requires a Trial or Licensed version. Use to block a port when a state change violation type meets the Fabric OS switch threshold. For 4 Gbps Router, Extension Switches and Blades only, when you apply this threshold on an E Port, the threshold is also applied to the VE Ports (internally by Fabric OS).
Adding thresholds 29 • Hour — the port is blocked as soon as the specified number of state changes allowed is reached within a hour. • Day — the port is blocked as soon as the specified number of state changes allowed is reached within a day. 8. Click OK to add the state changes threshold to the table and close the Add State Change Threshold dialog box. To assign this threshold to fabrics, switches, or switch ports, refer to “Assigning thresholds” on page 1169. 9. Click OK on the Port Fencing dialog box.
29 Adding thresholds Unblocking a port The Management application allows you to unblock a port (only if it was blocked by Port Fencing) once the problem that triggered the threshold is fixed. When a port is blocked an Attention icon ( ) displays next to the port node. To unblock a port, complete the following steps. 1. Select Monitor > Fabric Watch > Port Fencing. The Port Fencing dialog box displays. 2. Right-click anywhere in the Ports table and select Expand. 3.
Editing thresholds 29 Editing thresholds The Management application allows you to edit the name, number of events needed, and time period of ISL Protocol, Link, and Security thresholds. Editing a C3 Discard Frames threshold NOTE This threshold is only available for Fabric OS devices. NOTE This feature requires a Trial or Licensed version. Use to block a port when a C3 Discard Frames violation type meets the Fabric OS switch threshold. To edit a C3 Discard Frames threshold, complete the following steps.
29 Editing thresholds 3. Select the threshold you want to change and click Edit. The Edit Invalid CRCs Threshold dialog box displays. 4. Complete step 4 through step 7 in “Adding an Invalid CRCs threshold” on page 1163. 5. Click OK on the Edit Invalid CRCs Threshold dialog box. If the threshold has already been assigned to ports, an “Are you sure you want to make the requested changes to this threshold on “X” ports?” message displays. Click OK to close.
Editing thresholds 29 Editing a Link Reset threshold NOTE This threshold is only available for Fabric OS devices. NOTE This feature requires a Trial or Licensed version. Use to block a port when the Link Reset violation type meets the Fabric OS switch threshold. To edit a Link Reset threshold, complete the following steps. 1. Select Monitor > Fabric Watch > Port Fencing. The Port Fencing dialog box displays. 2. Select Link Reset (Fabric OS only) from the Violation Type list. 3.
29 Editing thresholds 3. Select the threshold you want to change and click Edit. The Edit Protocol Error Threshold dialog box displays. 4. Complete step 4 through step 5 in “Adding a Protocol Error threshold” on page 1166. 5. Click OK on the Edit Protocol Error Threshold dialog box. If the threshold has already been assigned to ports, an “Are you sure you want to make the requested changes to this threshold on “X” ports?” message displays. Click OK to close.
Editing thresholds 29 Finding assigned thresholds The Management application allows you to find all ports with a specific threshold applied. NOTE This search is performed on the threshold name. Since Fabric OS devices do not retain the threshold name, the ability to search for a threshold on a Fabric OS device is not available in most cases. To find assigned thresholds, complete the following steps. 1. Select Monitor > Fabric Watch > Port Fencing. The Port Fencing dialog box displays. 2.
29 Removing thresholds 4. Review the Thresholds table. • • • • • • • • • # (Number) — The line number for each threshold in the table. Status — The threshold status. Directly Assigned Indicator — Whether or not the threshold was directly assigned. Name — The threshold name. Limit — The number of events required to trigger the threshold. Period — The time limit required (for the number of events) to trigger a port blocking action. Area — The threshold type. Class — The port type.
Removing thresholds 29 A directly assigned icon ( ) displays next to each object with an assigned threshold which does not inherit a threshold from higher in the tree. NOTE If you remove a threshold from All Fabrics, it removes the threshold from individual Fabrics, switches, and switch ports in all Fabrics except for a Chassis group. You must remove repeat the procedure for the Chassis group. 5. Click OK on the Port Fencing dialog box.
Chapter FICON Environments 30 In this chapter • FICON configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1179 • Configuring a switch for FICON operation . . . . . . . . . . . . . . . . . . . . . . . . 1180 • Configuring an Allow/Prohibit Matrix . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1187 • Configuring an Allow/Prohibit Matrix manually . . . . . . . . . . . . . . . . . . . .
30 Configuring a switch for FICON operation FIGURE 499 Cascaded configuration, three domains, but only two in a path Configuring a switch for FICON operation This section provides a basic guide for configuring a switch for FICON operation. Procedures assume that the switch is installed and IP addresses are assigned to the switch for discovery and access by the Management application.
Configuring a switch for FICON operation 30 Observe the following best practices: • Always check the version of firmware on a switch • Unless otherwise advised by a certified Fabric OS support professional, always load the most recently qualified firmware. • Before upgrading or downgrading firmware read the upgrade and downgrade considerations in the firmware release notes. 4. If incorporating more than one switch into a fabric, refer to planning steps in “Cascaded FICON fabric” on page 1194. 5.
30 Configuring a switch for FICON operation • Required firmware for the switch. Refer to step 3. • Port addressing. The port address is important because it is implemented in HCD or IOCP. The easiest port addressing scheme is to start from 0x00 at the bottom left of the port card, increment on ports going up the card, then continue starting numbering from the bottom right of the next column of ports. Any port addressing scheme is possible however. 6.
Configuring a switch for FICON operation 30 • Add information for the switch in the IP Address tab and click OK. FIGURE 500 Add Fabric Discovery dialog box (IP Address tab) NOTE Selecting Automatic to use the SNMPv3 profile is recommended. • To manually configure SNMP for discovery, select Manual to activate the SNMP tab, then select the SNMP tab. Fill out the fields as required. .
30 Configuring a switch for FICON operation d. Click Add License. e. Repeat steps b through d for additional licenses. f. Click Refresh to display new licenses in the License tab. 8. As an optional step, manage switch users by selecting the User tab on the Web Works Switch Administration window. Use this tab to add users, change passwords, or perform other steps to manage switch users.
Configuring a switch for FICON operation 30 FIGURE 503 Firmware download 11. Select the switches in the Available Switches panel where you want to download firmware, and then click the right arrow to move them under Selected Switches. 12. Click Download. 13. Select the Repository tab to import new firmware files for downloads. Refer to the “Firmware management” section in Chapter 14, “SAN Device Configuration” for more information on importing firmware. 14.
30 Configuring a switch for FICON operation 18. Define port fencing parameters for the switch using the following steps (optional): NOTE Although this is an optional step, best practice is to configure port fencing. a. Configure thresholds that you require for the switch using steps under the “Adding thresholds” in Chapter 29, “Port Fencing”. Following are recommend parameters for the various thresholds: • C3 Discard Frames = 2 per minute. • Invalid Words = 25 per minute.
Configuring FICON display 30 23. Enable bottleneck detection using the following Fabric OS bottlneckmon commands: • bottleneckmon --cfgcredittools -intport -recover onLrOnly - This command monitors for lost credits on links. This is necessary because occasional errors on links can cause lost credits that can result in IFCCs and poor performance over time.
30 Configuring an Allow/Prohibit Matrix manually • Double-click a configuration file. • Select a configuration file and click the right arrow. A matrix displays in the Allow/Prohibit Matrix panel. The switch ports are displayed on both the vertical axis and horizontal axis. An Allow icon ( ) indicates communication is allowed between the ports, as shown in Figure 504 on page 1188. FIGURE 504 Active Configuration in Allow/Prohibit Matrix panel 4.
Configuring an Allow/Prohibit Matrix manually 30 Two default configurations (Active and IPL) are displayed in a tree structure under the switch. Existing configurations are also displayed. 3. Choose one of the following options: • Double-click a configuration file. • Select a configuration file and click the right arrow. A matrix displays. The switch ports are displayed on both the vertical axis and horizontal axis. An Allow icon ( ) indicates communication is allowed between the ports. 4.
30 Saving or copying Allow/Prohibit Matrix configurations to another device 9. Repeat step 5 through step 8 for each allow or prohibit configuration. 10. Click OK on the Manual Allow/Prohibit dialog box. 11. When you have completed the matrix, click Save if you started with a new matrix, or Save As if you edited a copy of an existing matrix. 12. Click Analyze Zone Conflicts. This operation can be done before or after a configuration is saved.
Saving or copying Allow/Prohibit Matrix configurations to another device 30 FIGURE 506 Save As/Duplicate dialog box 4. Enter a name for the configuration. 5. Enter a description for the configuration. 6. Select the check box for the switch to which you want to save the configuration in the Selected Switch list. 7. Click OK.
30 Activating an Allow/Prohibit Matrix configuration FIGURE 507 Save As/Duplicate dialog box 4. Enter a name for the configuration. 5. Enter a description for the configuration. 6. Select the check box for the device to which you want to save the configuration in the Selected Switch list. 7. Click OK. A message displays stating that the outstanding port configuration is discarded when copying a configuration from the switch with more ports to a switch with fewer ports and vice versa.
Deleting an Allow/Prohibit Matrix configuration 30 FIGURE 508 Activate Matrix Confirmation message 4. Select the Active=Saved check box to save the active configuration as the startup configuration (IPL). 5. Click OK to confirm. If you select the Active=Saved check box, the text [=Active] is appended to the IPL file in the Configure Allow/Prohibit Matrix dialog box. The Active=Saved check box and the IPL filename represent the current state of the Active=Saved Mode (ASM) bit on the switch.
30 Changing the Allow/Prohibit Matrix display Changing the Allow/Prohibit Matrix display You can modify the matrix display on the Configure Allow/Prohibit Matrix dialog box using the Window Arrangement list above the matrix display or the Clear all port names option below the display. Changing window arrangement There are three options for the Allow/Prohibit Matrix display on the Configure Allow/Prohibit Matrix dialog box located in the Window Arrangement list above the display.
Cascaded FICON fabric 30 • Enables Dynamic Load Sharing (DLS) based on user selection and the firmware level. NOTE To enable DLS, all switches in the fabric must be 8 Gbps or faster and running Fabric OS 6.4 or later. • (Optional) Turns on FICON Management Server (FMS) mode on all switches. Consider the following information when enabling FMS mode. - If switches are running Fabric OS 7.0 and later, FMS will not be enabled unless the switches have an active CUP license.
30 Cascaded FICON fabric 2. Use the Fabric list to select the fabric you want to configure. NOTE (Fabric OS switches only) All switches in a fabric must be running Fabric OS version 5.3 or later. If a Fabric OS version earlier than version 5.3 is present in the topology, the fabric is not listed. 3. Select the FMS Mode check box to manage the fabric by a host-based management program using FICON CUP protocol. If you select FMS Mode, each switch is checked for a CUP license.
Cascaded FICON fabric merge 30 • Enabling DLS will enable IOD without Lossless DLS on all other switches, enable DLS on switches that support DLS, and disable DLS on all other switches. • DLS is only supported on the 40-port, 8 Gbps FC Switch, 80-port, 8 Gbps FC Switch, 512-port Backbone Chassis, and 4-slot Backbone Chassis. • Enabling DLS may result in dropped frames when paths fail over. It is recommended that you set the preferred IOD delay time to minimize frame drops.
30 Cascaded FICON fabric merge Consider the following information when enabling FMS mode. - If switches are running Fabric OS 7.0 and later, FMS will not be enabled unless the switches have an active CUP license. - If switches are running Fabric OS earlier than version 7.0 and do not have a CUP license, after successful configuration, you can access the Port Connectivity (Allow/Prohibit) matrix, but the host system cannot communicate with the FICON Management Server unless you install a CUP license.
Cascaded FICON fabric merge 30 Merging two cascaded FICON fabrics If you want to join two cascaded FICON fabrics, they must be merged. If the distance between fabrics is 10 km or more, an Extended Fabrics license is required, and an extra step is required to configure the connection as a long distance connection. To successfully configure a long distance connection, use the same E_Ports and cable distance values used when configuring Extended Fabrics.
30 Cascaded FICON fabric merge 8. Click Next. The Check merge screen displays. A Status details table shows progress through merge check points. A rotating arrow under Status indicates a Merge check step is in progress. A blue check mark indicates successful completion of that Merge check. A red stop sign indicates a failed step. If the configuration is successful, all configuration items have blue check marks. 9. If the merge fails, but is recoverable, click Resolve. 10.
Cascaded FICON fabric merge 30 Resolving merge conflicts You can resolve the following types of switch configuration conflicts: • • • • Domain ID TOV Buffer To Buffer Credit Disable Device Probe NOTE This test will be skipped if all primary and secondary fabric switches are found to be Fabric OS 7.0 and later. • • • • • • Route Priority Per Frame Sequence Level Switching Suppress Class F Long Distance Setting Data Field Size VC Priority Note that not all tests support resolution.
30 Port groups 5. Perform step 11 through step 14 of the procedure “Merging two cascaded FICON fabrics” on page 1199 to finish resolving a merge conflict. Port groups A port group is a group of FC ports from one or more switches within the same fabric. Port groups are user-specific; you can only view and manage port groups that you create. The ports display in the order in which you add them to the port group.
Port groups 30 FIGURE 510 Port Groups dialog box 2. Click New. 3. Enter a name for the port group in the Name field. 4. Enter a description for the port group in the Description field. 5. Select one or more ports to add to the group in the Group Type - FC Ports list. A port group must have at least one port in the Membership List. All ports must be from switches in the same fabric. 6. Click the right arrow button. The selected ports display in the Membership List. 7. Click Update.
30 Port groups If a fabric is removed from discovery, any port groups associated with that fabric are removed permanently from the Port Groups dialog box. If a device is removed from a fabric, then all ports associated with that device are automatically removed permanently from the port group. If the port group only contains ports from the removed device, then the port group is removed permanently from the Port Groups dialog box.
Swapping blades 30 Deleting a port group To delete a port group, complete the following steps. 1. Select Configure > Port Groups. The Port Groups dialog box displays. 2. Select the port group you want to delete in the Port Groups list. 3. Click Remove. The selected ports are removed from the Port Groups list. 4. Click OK. Swapping blades NOTE Blade-based port swap is mainly used for FICON and is only applicable for port blades.
30 Swapping blades 5. Select the Enable ports after swap is complete check box to enable ports on the destination blade after the swap is complete. 6. Click OK. NOTE This operation disrupts the traffic on all ports for the selected blades. 7. Click Yes on the confirmation message. Once the swap blade operation is complete, a “success” or “failure” message displays.
Chapter 31 IP Element Manager In this chapter • Element Manager overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Element Manager using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Element Manager interface overview . . . . . . . . . . . . . . . . . . . . . . . . . . . • Web Management interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Web Management interface troubleshooting . . . . . . . . . . . . . . . . . . . .
31 Element Manager using the CLI Accessing the IP Element Manager CLI The Element Manager CLI uses SNMP to query the login authentication type (for example, Telnet Login or Enable Password Login) that the device uses to create the Telnet session token. If SNMP fails, the Element Manager CLI will not work for that device. To display the Element Manager CLI, complete the following steps. 1. Right-click a device on the Network Objects list or the IP or L2 Topology views and select CLI through Server.
Element Manager interface overview 31 Element Manager interface overview The Element Manager interface provides management and monitoring functions to troubleshoot issues on the Ethernet router series switch running firmware version 5.4 or later. Element Manager is accessible from the Management application and provides the details of the switch and its ports.
31 Element Manager interface overview 6. Status bar - Displays the Auto Rediscover progress and last discovered details of the switch. NOTE The User Administrator has control over what functions individual users can see and use in the Element Manager. For information on user privileges, refer to “User Privileges” on page 1935. Switch properties The switch properties area in the Element Manager displays details of the selected switch. The fields in Table 123 are non-editable.
Element Manager interface overview 31 FIGURE 513 Properties dialog box You can enable and disable port actions as well as access performance monitoring from the Ports tab of the Properties dialog box (Figure 514). Refer to “Port actions” on page 433 for more information.
31 Element Manager interface overview FIGURE 514 Properties dialog box - Ports tab Element Manager toolbar The Element Manager toolbar (Figure 515) is located beneath the switch properties area and provides the following icons and buttons to perform various functions. FIGURE 515 Element Manager - toolbar 1. View list — Select a view (Port, Table, or VLAN) from the list. For more information, refer to “Displaying port properties” on page 1213. 2.
Element Manager interface overview 7. 31 Auto Rediscover check box — Select the check box to automatically refresh the Element Manager in every five-minute intervals. Clear the check box to stop auto-rediscovery. 8. Product List Search — Use to search for a port in the port list. For detailed instructions, refer to “Search” on page 392. 9. Help — Click to display the online help.
31 Element Manager interface overview Table 125 describes the properties of the VLAN View. TABLE 125 VLAN View - port properties Field/Component Description Identifier The identifier of the port. Name The name of the VLAN or port. Type The type of the port. Port Mode Indicates the tag mode of the port. • Tagged represents the port is in dual mode but is in the tagged state for that particular VLAN. • Untagged represents the port is untagged for that particular VLAN.
Element Manager interface overview 31 FIGURE 517 Comparing physical port properties Comparing physical and virtual port properties You can compare physical and virtual port properties. 1. From VLAN View, select one or more virtual ports and physical ports. 2. Right-click one of the selected ports, and select Properties (Figure 518).
31 Element Manager interface overview FIGURE 519 Comparing physical and virtual port properties Status indicator icons Table 126 describes the icons that are used to indicate the status of a switch, slot, or port. TABLE 126 Status icon Status indicator icons Description Indicates the port is down. Indicates the switch is not reachable. Indicates a degraded link (the switch is reachable but cannot receive SNMP). Indicates an IP slot containing a line card. Indicates an IP slot containing no line card.
Element Manager interface overview 31 Search NOTE The Search function retains your last 10 search criteria. Refer to “Search” on page 392 for more information. Table capabilities Refer to “Customizing application tables” on page 387 for information on table functions. Performance data You can use the following options to monitor the performance data of a switch.
31 Element Manager interface overview Historical performance monitoring Historical performance monitoring allows you create data collectors by choosing MIB object and by choosing or creating mathematical expressions. You can also configure a historical data graph or table to display data. 1. In the Element Manager, right-click a slot (or slots), trunk (or trunks), or port (or ports) and select Performance > Historical Graph/Table.
Web Management interface 31 Web Management interface The Element Manager allows you to access a device by connecting to its Web Management interface. NOTE You must have the Element Manager Read/Write privilege to change the device configuration through the Web Management interface. NOTE Web Management interface access must be enabled on the device.
31 Web Management interface troubleshooting Accessing the IP device front panel To display the Element Manager front panel, choose one of the following options: • Select Configure > Element Manager > Front Panel. • Right-click a device on the Network Objects list or the IP or L2 Topology views and select Element Manager > Front Panel. The Web Management interface - Front Panel displays (Figure 523). You can use the Front Panel to manage port configuration.
Chapter 32 Configuration Repository and Backup In this chapter • Configuration repository . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuration deviation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Change tracking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuration snapshots . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Schedule backup . . . . . .
32 Configuration repository FIGURE 524 Configuration Repository dialog box — Product Configurations tab The Configuration Repository dialog box displays the following information: • Product Name — The name of the backed-up product • Date — The date when the configuration file was stored in the server and the time when the last backup attempt occurred. • Version — The version of the configuration file.
Configuration repository 32 Running Config Change Trap — When a running configuration is changed for a device, the running config change trap is triggered and the configuration backup is captured. For Startup Config Change Trap and Running Config Change Trap, make the following configurations: - Enable DoBackupOnStartupConfigChangeTrap and DoBackupOnRunningConfigChangeTrap on the OPtions dialog box (refer to “Configuring change manager preferences” on page 210).
32 Configuration repository • Relative Time (mins) — Relative time from the selected backup time to the event occurred time. • User — Name of the user responsible for triggering the event. 6. Click the following buttons to access the corresponding dialog boxes: • Restore button — Select one or more configuration files from the Configurations list and click to restore to that configuration. To restore a configuration, refer to “Restoring a configuration” on page 1228.
Configuration repository 32 5. Select one of the following save options from the list: • Save Running Configuration — Select to retrieve the running configuration from the device. If there is no change in the running configuration since the latest running configuration (available in the repository), then the retrieval is skipped. • Save Startup Configuration — Select to retrieve the startup configuration from the device.
32 Configuration repository Viewing the configuration 1. Click the IP tab. 2. Select Configure > Configuration > Configuration Repository. 3. Click the Product Configurations tab. 4. Select a configuration and click View to display configuration information. The View Configuration dialog box displays details of the selected configuration. NOTE You can view only one configuration at a time. • Description — Displays a description of the device configuration.
Configuration repository 32 FIGURE 526 Compare dialog box The Compare dialog box displays the following information: • Product — The IP address of the device. • Date — The Displays the date the device configuration was taken. • Change Navigator buttons/legend — The Enabled when there is at least one change between to two compared files. Go to first change button ( ) — Click to move to the first change. Go to previous change button ( ) — Click to move to the previous change.
32 Configuration repository • Events Associated with Differences table — Only available when you select two configuration backup files for the same product. List of events (up to 100) associated with the configurations. Right-click an event and select properties to view the Event Properties dialog box (refer to “Displaying event properties from the Master Log” on page 1774).
Configuration repository 32 • Startup • Startup and Reload 6. Review the status details for accuracy. Searching the configuration repository The Search Configuration Repository dialog box allows searching for products that have a particular configuration in the management server’s repository. Use the search feature to refine the configuration repository based on the filter criteria described in this section. 1. Click the IP tab. 2. Select Configure > Configuration > Configuration Repository. 3.
32 Configuration repository 7. Enable the following options, as required: • Match Case check box - Select the check box to make the search case-sensitive. • Regular expressions check box - Select the check box to use unicode regular expressions in your search. • Search options — Specify the following types of available searches: • Latest configurations — Searches the text in the most recent configurations of the selected products.
Configuration deviation 7. 32 Browse to the location to which you want export the configuration and click Export. The default locations for the product configuration are as follows: • Windows: Desktop\My Documents • Linux: \root If you select configurations from the same product, the default text file name is IP_Address_config.txt. IPv6 addresses use dashes (-) instead of colons (:) in file naming. If you select configurations from multiple products, the default text file name is MultiProduct_config.
32 Change tracking Change tracking Use the change tracking feature to compare the latest backup configuration file with the configuration that is designated as the baseline. 1. Click the IP tab. 2. Select Configure > Configuration > Configuration Repository. 3. Click the Change Tracking tab. The Change Tracking tab of the Configuration Repository dialog box displays, as shown in Figure 528.
Configuration snapshots 32 Re-sync — Occurs when a trap is generated by the device during a startup or running configuration change, or when a user performs a manual resynchronization of the device For Network OS devices, Re-sync backup occurs after manual rediscovery of the VCS cluster member device and when a CLI configuration deployment occurs on the product.
32 Configuration snapshots FIGURE 529 Configuration Repository dialog box - Configuration Snapshots tab The Configuration Snapshots tab displays the following information: • • • • Product Name — The name of the product Product Snapshots — The product snapshots Date — The date when the snapshot file was stored in the server Snapshot Type — The type of snapshot generated. There are three types: Manual: Generated manually by clicking the Save Snapshot button on the Backup Configuration Manager.
Configuration snapshots 32 • Delete button — Select one or more snapshots from the Configuration Snapshots list and click to manually delete the snapshots from the repository of the management server. • Report button — Click to launch the Configuration Snapshot Report dialog box. Refer to “Generating a configuration snapshot report” on page 1236 for more information. Comparing configuration snapshots The Comparison dialog box allows you to display the contents of two configurations side-by-side.
32 Configuration snapshots • Change Navigator buttons/legend — The Enabled when there is at least one change between to two compared files. Go to first change button ( ) — Click to move to the first change. Go to previous change button ( ) — Click to move to the previous change. Go to next change button ( ) — Click to move to the next change. Go to last change button ( ) — Click to move to the last change. Number of changes label — Indicates the number of changes.
Configuration snapshots 32 FIGURE 531 Configuration Snapshot Report dialog box 5. Select the start date and end date of the configuration snapshots you want to view. 6. Click Find. The Management application displays the list of snapshots that match the start date and end date you specified. 7. You can expand each tree node to view details about the configuration snapshot.
32 Configuration snapshots Viewing the pre- and post-configuration snapshot You can create a device configuration payload that issues device-monitoring commands to the devices when the payload is deployed. Device-monitoring commands can be issued before (pre-configuration snapshot), after (post-configuration snapshot), or before and after (pre-payload deployment and post-payload deployment). Outputs of the device-monitoring commands are available as configuration snapshots.
Configuration snapshots • • • • 32 Reached bottom of the page icon — Displays when there are no more entries to display. Highlight grid — Click to highlight the text string. Match Case check box — Click to render the search case-sensitive. Repeats check box — Click to continue the search at the top when the bottom is reached. Saving a configuration snapshot You can select a CLI template from the Save Configuration Snapshot dialog box.
32 Configuration snapshots Searching the configuration snaphots The Search Pre/Post Snapshots dialog box allows searching for products that have a particular snapshot in the management server’s repository. Use the search feature to refine the snapshot repository based on the filter criteria described in this section. 1. Click the IP tab. 2. Select Configure > Configuration > Configuration Repository. 3. Click the Configuration Snapshots tab. 4. Click the Search button.
Schedule backup 32 • Match Case check box - Select the check box to make the search case-sensitive. • Regular expressions check box - Select the check box to use unicode regular expressions in your search. • Search options — Specify the following types of available searches: • Latest configurations — Searches the text in the most recent snapshots of the selected products. • All configurations — Searches the text in all snapshots of the selected products.
32 Schedule backup 1. Click the IP tab. 2. Select Configure > Configuration > Schedule Backup. The Schedule Backup dialog box displays, as shown in Figure 534. FIGURE 534 Schedule Backup dialog box 3. Select a backup configuration from the Backup Scheduler list. 4. Click the Edit button. The Edit Automatic Configuration Backup dialog box displays, as shown in Figure 535. FIGURE 535 Edit Automatic Configuration Backup dialog box 5.
Schedule backup 32 6. Click OK. The new schedule appears in the Backup Scheduler list of the Schedule Backup dialog box. When scheduled backups begin, the Management application polls each product to check its current configuration. NOTE Software image backup is not initiated on VDX or VCS devices. Disabling a backup schedule To disable a scheduled backup, complete the following steps. 1. Select an entry in the Backup Scheduler list of the Schedule Backup dialog box. 2. Click Edit.
Chapter 33 IP Configuration Wizard In this chapter • Configuration requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Payloads . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Creating a payload configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Duplicating a payload configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Modifying a payload configuration . . . . . . . .
33 Payloads Payloads Payloads are defined as product payloads or interface payloads. Product payloads are deployed to the devices, whereas interface payloads are deployed to ports. The available payloads are listed in Table 129. TABLE 129 Payloads available for deployment Payload name Description Product Payloads: 1246 802.1Q Tag Type Sets the tag type, or tag ID, that identifies the aggregate VLAN.
Creating a payload configuration TABLE 129 33 Payloads available for deployment (Continued) Payload name Description TACACS+ Servers Indicates which TACACS/TACACS+ servers are to be used for authentication. Telnet Sets Telnet password and idle timeout value, and enables Telnet authentication on devices for use with AAA authentication. Time Zone/SNTP Specifies the time zone and specifies whether the date and time are to be set by an SNTP server clock.
33 Creating a payload configuration FIGURE 536 Configuration dialog box - Select Payload pane 3. Select Product Payloads or Interface Payloads, and select the payloads you want to configure. You can include more than one payload in a configuration. See Table 129 on page 1246 for a brief description of the payloads. 4. Click Next. The next pane that displays depends on the payloads you are configuring. For example, Figure 537 shows the next pane for the SNMP Identification payload.
Creating a payload configuration 33 FIGURE 537 Configuration dialog box - Product Payload - SNMP Identification pane 5. Enter the required information for the payload and click Next. Click Help for detailed information on each payload you can define. After all of the payloads you have selected are configured, the Deployment Targets pane displays, as shown in Figure 538 on page 1250.
33 Creating a payload configuration FIGURE 538 Configuration dialog box - Deployment Targets pane 6. In the Available Targets list, select the products, product groups, and IP subnets to which the payload configuration is to be deployed. • To select a target, expand the entry to display the entries under it, click the target in the Available Targets list, and click the right-arrow button to move it to the Selected Targets list. If the target is not on the list, run the discovery process.
Creating a payload configuration 33 FIGURE 539 Configuration dialog box - Deployment Properties pane 8. Select one of the persistence properties. • Don’t Save to Flash or Reload Select this option if you just want to update the device running configuration. The payload configuration is not saved to the device flash memory, nor is the device rebooted when the payload configuration is deployed.
33 Creating a payload configuration 9. (Optional) Enter the following information if you want the Management application to run and save a report before or after this configuration is deployed to the device. a. Select the Pre-Deployment check box if you want the Management application to run and save a report before this configuration is deployed. b. Select the Post-Deployment check box if you want the Management application to run and save a report after this configuration is deployed. c.
Creating a payload configuration 33 12. Select Save Without Scheduling Deployment or Schedule Deployment. If you select Schedule Deployment, select the frequency, time, and date parameters for the deployment. 13. Click Next. The Summary Page pane displays, as shown in Figure 541. FIGURE 541 Configuration dialog box - Summary Page pane 14. Review the information on the Summary Page pane. • The Deployment and Targets tab shows the deployment definition and the targets in the configuration.
33 Duplicating a payload configuration Duplicating a payload configuration You can create a payload configuration by copying an existing configuration. 1. Select Configure > Configuration Wizard. 2. Select a configuration from the Product Configurations list. 3. Click Duplicate. The Copy Configuration dialog box displays. 4. Enter a name for the new payload configuration.
Modifying a payload configuration 33 FIGURE 542 Configuration dialog box - Select Payload pane for editing a configuration 4. Add or remove payloads in the configuration. • To add a payload to the configuration, select either Product Payloads or Interface Payloads, and then select the payload you want to add. • To remove a payload from the configuration, clear the check box of the payload. Note that a configuration must have at least one payload.
33 Deploying a payload configuration Deploying a payload configuration Payload configurations are deployed to targets in one of the following ways: • On a scheduled basis, if a deployment schedule has been set up for the configuration. • On demand, if Save Without Scheduling Deployment is selected in the Deployment Schedule pane of the Configuration Wizard. Configurations can be manually deployed when required.
Chapter 34 CLI Configuration Management In this chapter • CLI configuration overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing existing templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Product configuration templates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Changing product credentials. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Importing parameter values into a configuration . . . .
34 Viewing existing templates Configuration requirements Before you use the CLI Configuration, you should meet the following requirements: • Telnet or SSH (or both) must be selected on the Management application server to match the protocol(s) with the devices. For more information about configuring Telnet or SSH, refer to “Product communication settings” on page 221.
Product configuration templates 34 Product configuration templates You can create, modify, duplicate, delete, verify, and deploy a product configuration from the CLI Configuration dialog box. Product configurations allow you to create device configuration by entering a set of configuration CLI commands. To view a list of existing configurations, refer to “Viewing existing templates” on page 1258. For information about the example templates, refer to “CLI Templates” on page 1999.
34 Product configuration templates 4. Click the Target tab and complete the following steps. FIGURE 544 CLI Configuration Template dialog box - Target tab a. Select the devices to which you want the configuration deployed from the Available Targets table. The Available Targets table displays an inventory of the available product targets and includes the same detail as the Product List (refer to “IP Product List” on page 373).
Product configuration templates 34 5. Click the CLI Command tab and complete the following steps. FIGURE 545 CLI Template dialog box - CLI Commands tab a. (Configuration templates only) Select the Evaluate CLI responses check box to validate the CLI commands. You can prefix a dash (-) to a CLI command to ignore command validation even when you select the Evaluate CLI Response check box.
34 Product configuration templates c. To enter a parameter for a CLI command, select the parameter type from the CLI Commands list - Parameters folder and click the right arrow to move the parameter type to the CLI Commands text area. Parameters use the following format: $, where name is the parameter and data_type is the type of parameter.
Product configuration templates c. 34 Enter a value for each parameter in the associated field. Note that the Target column remains visible at all times in the Parameters table. Fields containing a green triangle ( ) in the lower right corner are editable. The fields only accepts valid values base on the parameter data type. Parameters include the following options: • • • • String — Enter a string with a maximum of 64 ASCII characters. Integer — Enter an integer with a maximum of 12 numeric characters.
34 Changing product credentials 11. Click OK. The Deployment Status dialog box displays, which allows you to view the progress and status of the deployment. Click Abort to stop the deployment. NOTE The abort action does not stop the tasks that have already started. When deployment is complete, click Report to view the CLI Deployments Report. 12. Click Close to close the Deployment Status dialog box. NOTE Closing the Deployment Status dialog box does not stop deployment.
Importing parameter values into a configuration 34 2. Enter the user name for the product in the Product Login Account - Username field. NOTE If Telnet is used to log in to the device and Telnet only requires a password, then enter the password in the Password field and leave the Username field blank. 3. Enter the password for the product in the Product Login Account - Password field. 4.
34 Previewing CLI commands TABLE 130 Different values for each target #Description of the template. This template provides different values for each target.. Target, LOOPBACK_INTERFACE|INTEGER, OSPF_AREA|INTEGER LOOPBACK_INTERFACE_IP|STRING 10.20.30.100, 1, 4, loopback1, 10.20.30.200, 2, 5, loopback2, Layer 2 Switch Products, 3, 6, loopback3, TABLE 131 Same value for each target #Description of the template. This template provides different values for each target..
CLI command guidelines 34 CLI command guidelines When adding CLI commands to the configuration, use the following guidelines: • Only configuration templates can be added to a template defined in the CLI Template dialog box. • Templates can be nested and the same template can be included several times as long as it does not cause a circular dependency. • Targets for deployment are only retrieved from the template you create, not any included templates.
34 CLI command guidelines • Click Deploy to deploy the configuration to the selected targets. Click Yes on the confirmation message. If you selected the Prompt for additional targets during manual deployment check box, the Target tab of the Deployment of Configuration_Name dialog box displays. Continue with step 6. If the configuration contains parameters that must be defined, the Deployment of Configuration_Name dialog box displays with a list of all parameters in the deployment. Go to step 7. 6.
Testing a configuration 34 • Click Deploy to deploy the configuration to the selected targets. Click Yes on the confirmation message. If you selected the Prompt for additional targets during manual deployment check box, the Target tab of the Deployment of Configuration_Name dialog box displays. Continue with step 6. If the configuration contains parameters that must be defined, the Deployment of Configuration_Name dialog box displays with a list of all parameters in the deployment. Go to step 7. 6.
34 Valid and invalid responses from devices 5. Edit the mode and the parameter values (refer to step 6), as needed. The Deployment Status dialog box displays detailing whether the configuration will deploy successfully. 6. Click Close to close the Deployment Status dialog box. Valid and invalid responses from devices When you deploy a configuration to a device, some commands may send responses back to the Management application.
Valid and invalid responses from devices 34 The strings on the left and the right side of the equal sign are Unicode regular expressions used for pattern matching. The expression on the left is matched against the command string, while the expression on the right is matched against the messages returned by the command that matches the pattern on the left.
34 Valid and invalid responses from devices Editing the Motorola Controller CLI responses properties file The MotorolaControllerCliResponse.properties file is under the Install_Home\conf\cli directory. Edit the file using a text editor. You can add a success response between the SUCCESS_RESPONSE_START and SUCCESS_RESPONSE_END tags using the following Unicode regular expressions format. #Success Map SUCCESS_RESPONSE_START ^su[port]*\s+s[witchd]*\s+=.*First Failure Data Capture.*enabled.
Deleting a configuration 34 Using a dash character in CLI Configuration manager You can override how the Management application treats messages without editing the CLI responses properties file. To do this, enter a dash (-) at the beginning of each configuration line. For example, to create a configuration that defines an IP address for port 3/2, enter the following commands in the CLI Configuration Manager: -interface ethernet 3/2 - ip address 192.45.6.110 255.255.255.
34 CLI configuration deployment CLI configuration deployment Deploy the configuration using one of the following methods: • At a scheduled date and time Schedule a configuration deployment in the CLI Template dialog box. For step-by-step instructions, refer to “Creating a new product configuration” on page 1259 or “Creating a monitoring configuration” on page 1275. • On demand To deploy an existing configuration on demand, refer to “Deploying a configuration on demand” on page 1274.
Monitoring configurations 34 Monitoring configurations You can create, modify, duplicate, and delete a monitoring configuration from the CLI Configuration dialog box. Monitoring configurations allow you to create device reports by entering a set of show CLI commands. To view a list of existing configurations, refer to “Viewing existing templates” on page 1258. For information about the example templates, refer to “CLI Templates” on page 1999.
34 Monitoring configurations 4. Click the Targets tab and complete the following steps. FIGURE 550 CLI Template dialog box - Target tab a. Select the devices to which you want the configuration deployed from the Available Targets table. You can deploy the configuration to individual devices, devices in a device group, or devices in an IP subnet.
Monitoring configurations 34 5. Click the CLI Command tab and complete the following steps. FIGURE 551 CLI Template dialog box - CLI Commands tab d. Enter the show commands in the CLI Commands text area. NOTE Only commands listed in the cliShowCommands.properties file can be entered for a monitoring configuration. For more information, refer to “Configuration error checking” on page 1273. For a list of guidelines to use when entering CLI commands, refer to “CLI command guidelines” on page 1267.
34 Monitoring configurations f. Edit the parameter by entering the variable or character string you want to use for the parameter in place of the name variable. NOTE Each parameter must be unique. The Management application does not check for duplicate parameters. show interface ethernet $ In the example, show interface ethernet is the CLI command, port is the parameter variable, SLOT_PORT is the parameter type, and [Slot#]/Port# is the format for the port number. g.
Monitoring configurations c. 34 Enter a value for each parameter in the associated field. Fields containing a green triangle ( ) in the lower right corner are editable. The fields only accepts valid values base on the parameter data type. Parameters include the following options: • • • • String — Enter a string with a maximum of 64 ASCII characters. Integer — Enter an integer with a maximum of 12 numeric characters. Slot/Port — Enter the slot number and port number.
34 Monitoring configurations 11. Click OK. The Deployment Status dialog box displays, which allows you to view the progress and status of the deployment. Click Abort to stop the deployment. NOTE The abort action does not stop the tasks that have already started. When deployment is complete, click Report to view the CLI Deployments Report. 12. Click Close to close the Deployment Status dialog box. NOTE Closing the Deployment Status dialog box does not stop deployment.
Monitoring configurations 34 8. Click OK. The Deployment Status dialog box displays, which allows you to view the progress and status of the deployment. Click Abort to stop the deployment. NOTE The abort action does not stop the tasks that have already started. When deployment is complete, click Report to view the CLI Deployments Report. 9. Click Close to close the Deployment Status dialog box. NOTE Closing the Deployment Status dialog box does not stop deployment.
34 CLI deployment reports 8. Click OK. The Deployment Status dialog box displays, which allows you to view the progress and status of the deployment. Click Abort to stop the deployment. NOTE The abort action does not stop the tasks that have already started. When deployment is complete, click Report to view the CLI Deployments Report. 9. Click Close to close the Deployment Status dialog box. NOTE Closing the Deployment Status dialog box does not stop deployment.
CLI configuration scheduling 34 3. Choose one of the following options: • To display a report for one device, click the IP address of the device on the list. • To display a report that includes all devices for which the report was generated, click the name of the report in the Template Name column. The Product CLI Report displays. To export a report refer to “Exporting and saving IP reports to a file” on page 1858.
34 CLI configuration scheduling Configuring a daily deployment schedule To configure a daily deployment schedule, complete the following steps. 1. Select Daily from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. To finish configuring the deployment schedule, return to step 8 of “Creating a new product configuration” on page 1259.
CLI configuration scheduling 34 Configuring a yearly deployment schedule To configure a yearly schedule, complete the following steps. 1. Select Yearly from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 3. Click the Date list to select a date from the calendar.
Chapter 35 Image Repository for IP Products In this chapter • Obtaining software files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Products supporting the image import . . . . . . . . . . . . . . . . . . . . . . . . . . • Boot image management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Software image management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Unified image management . . . . . . . . . . . . . . . . . .
35 Products supporting the image import Products supporting the image import Table 132 lists the products that support the boot images, software images, and unified images.
Boot image management 35 • Import — Opens the Import Boot Image dialog box that allows you to browse and select the boot or monitor image file you want to import into the Management application. Newly imported images are saved to the Management application. They are displayed on the Boot Images tab. • Delete — Deletes the boot or monitor image from the Management application. • Help — Provides information about the feature.
35 Boot image management c. Enter the image version in the Image Version field. d. Enter the label for the image in the either the Image Label field or the User Defined Label field. These fields are from 1 through 32 alphanumeric characters and allow the following special characters: underscore (_), period (.), and hyphen (-). The image file name excludes the file extension. For example, if the file name is M2B07504.bin, the Image Label is M2B07504.
Software image management 35 Software image management Software images are program files other than boot, monitor, or unified images. You can manage software images using the following Management application modules: • Discovery — Copies software images from IronWare and Network OS products on the network into the Management application. • Backup Scheduler — Copies software images from IronWare and Network OS products on a regularly scheduled basis.
35 Software image management 6. Click OK. After the import completes successfully, you see a message that the software image imported successfully. The Software Image table lists the image version and the image label.
Software image management 35 The Schedule Backup dialog box displays, as shown in Figure 553. FIGURE 553 Schedule Backup dialog box 3. Select the automatic software image backup task from the list, and click Edit. The Edit Automatic Software Image Backup dialog box displays, as shown in Figure 554. FIGURE 554 Edit Automatic Software Image Backup dialog box 4. Disable the scheduled backup or modify the frequency and time.
35 Unified image management Unified image management Unified images contain all images required to manage the product. Instead of upgrading each type of image separately, you can use a unified image to upgrade all image types. For example, a unified image for the BigIron RX Series contains boot, monitor, management, and interface images. When deployed, a unified image can update all image types on a product simultaneously.
Unified image management 35 The Unified Firmware Images tab contains the following buttons: • Import — Opens a dialog box that allows you to browse and select the unified image file you want to import into the Management application. Newly imported images are saved to the Management application. • Delete — Deletes the unified image from the Management application. • View — Opens a dialog box that allows you to enter the location of the release notes or search for the location of the release notes.
35 Unified image management 8. Click OK. After the import completes successfully, a message displays that the unified image imported successfully. The message also lists the image version and the image label.
Serial firmware update and activation for NOS devices 35 3. Upgrade the FPGA (pbifmetro.bin) image manually. 4. Reload the product. Deploying unified images to products The Management application stores previously imported unified images. These images can be placed in a unified image payload and deployed to products using the Configuration Wizard. NOTE Firmware images deploy to products one device at a time.
35 Serial firmware update and activation for NOS devices 8. Use the Serial Update and Firmware Activate check boxes as desired. For example: • You can select both boxes and enable the Firmware Activate check box to activate firmware on each node in a serial process. • You can leave the Serial Update check box clear and enable the Firmware Activate check box to activate firmware on each node in a parallel process.
Chapter 36 VLAN Management In this chapter • VLAN Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Port VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Spanning Tree Protocol configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . • VLAN routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
36 VLAN Manager Private VLAN NOTE PVLAN read-only support is provided. Private VLAN (PVLAN) provides device isolation through the application of Layer 2 forwarding constraints. PVLAN allows end devices to share the same IP subnet while being Layer 2 isolated. This enables network designers to employ larger subnets and thereby reduce the address management overhead.
VLAN Manager 36 Displaying a list of VLANs To view the list of VLANs that were discovered on the network, select Configure > VLANs. The VLAN View tab of the VLAN Manager dialog box displays. The VLAN Manager toolbar contains the following buttons: • • • • Add — Launches the Add VLAN dialog box. Edit — Launches the Edit VLAN dialog box. Delete — Launches the Delete VLAN dialog box. STP — Allows you to configure STP, RSTP, MSTP, PVST, or RPVST information for a product, port, or VLAN.
36 VLAN Manager VLAN Manager tabs VLAN Manager has three views: • VLAN view Displays distinct Layer 2 broadcast domains by VLAN ID. If FDP or LLDP is not enabled on a device, each VLAN from each device is displayed in separate folders by VLAN ID. If FDP or LLDP is enabled on the devices, a VLAN folder shows device connectivity on the Layer 2 broadcast domains. If there are super-aggregated VLANs that have been configured on the network, VLANs are grouped by their super-aggregated VLAN memberships.
VLAN Manager 36 Displaying VLANs in the VLAN view The VLAN View tab displays all the VLANs discovered on the network and lists them by VLAN IDs (Figure 556). FIGURE 556 VLAN Manager dialog box - VLAN View tab To view the VLANs or products in the VLAN View tab, complete the following steps. 1. Click the VLAN View tab in the VLAN Manager dialog box. 2. Expand the folder under the VLAN View tab, then double-click a super-aggregated VLAN to display its port VLANs or Products.
36 VLAN Manager 3. Select a VLAN to expand the list of products listed under that VLAN. Use the Search tool to find VLANs, products, or ports quickly. A VLAN may be listed several times. For example, the first three VLAN1s have only one product. Each product in each VLAN is in its own broadcast domain and either does not have connectivity with other products or FDP or LLDP is not enabled on that product. The fourth VLAN1 has several products listed under it.
Port VLANs 36 FIGURE 557 VLAN Manager dialog box - Product View tab 2. Expand a product to display the port VLANs that have been configured on that product. 3. Click a VLAN in the list to display the interfaces on that product that belong to the VLAN. Port VLANs VLAN Manager facilitates the creation, modification, and deletion of port VLANs on products that are known to the Management application. It also aids in the bulk deployment of these VLANs. For example, VLAN 3 can be configured on four products.
36 Port VLANs FIGURE 558 Add VLAN dialog box - Ports tab 3. Enter a VLAN ID in the Configure VLAN field. You can enter more than one ID either by range (for example, 10-20, 30-40) or by separating individual IDs with a comma (for example, 10, 45, 79, 30). For DCB products, the VLAN ID range is from 1 through 3583 and for Network OS products the range is 1 through 4090. 4. Click the Load Products button.
Port VLANs 36 10. In the Select VLANs list, select the VLAN you want to assign to the selected interfaces. The list includes the default VLAN (VLAN1) and the VLAN or VLANs you are currently creating. You can assign one or more VLANs to the selected ports. In the Selected Ports list, each VLAN node is shown as Tagged, Untagged, or Dual Mode. If a port is already tagged in one VLAN, it can be marked as Tagged in other VLANs.
36 Port VLANs Adding or modifying dual mode ports You can configure an interface in a VLAN as a dual mode port by assigning it as a tagged port to one VLAN and as an untagged port to another VLAN. You can add a dual mode port to any VLAN except the default VLAN, VLAN 1. NOTE Dual mode is not supported on Network OS products. To add or modify a dual mode port, perform the following steps. 1.
Port VLANs 36 Adding VLAN properties The Add VLAN dialog box has two tabs: Ports and Properties. The VLAN properties vary for different products, for example: • When an IOS VLAN is selected, the Name, QoS, Spanning Tree and Router Interface fields and Transparent Flooding enable check box display. • When a DCB VLAN or product is selected and moved to the Products/VLAN list, the Name and Admin Status fields and the FCoE check box display. All the fields displayed for DCB products are read-only.
36 Port VLANs • Select Low (0) through High (7) for all other IronWare OS IP products. - Spanning Tree — Select the type of spanning tree protocol from the Spanning Tree list. The list options include STP, RSTP, and None. - Router Interface — If you want to add a virtual routing interface to the VLAN, enter the virtual routing interface number in this field. You can add an IP address to the virtual routing interface once the VLAN is deployed.
Port VLANs 36 Modifying port VLAN properties Complete the following steps to modify port VLANs using the VLAN View tab or the Product View tab on the Edit VLAN dialog box. 1. On the VLAN Manager dialog box, click the VLAN View or Product View tab. 2. If in the VLAN view, select and expand a VLAN entry, or if in the Product view, select and expand a product and click the Edit button. NOTE When a Network OS VLAN is selected, the Name and Admin fields display.
36 Spanning Tree Protocol configuration Deploying VLAN configurations The Deploy VLANs dialog box allows you to deploy a VLAN configuration to target products. Duplicate action is not supported. 1. Select a deployment option: • Click the Deploy now option if you want to deploy the VLAN definition. • Click the Save deployment only option if you want to save the VLAN definition without scheduling its deployment. • Click the Schedule option if you want to schedule the deployment of the VLAN definition. 2.
Spanning Tree Protocol configuration 36 • RSTP — Rapid Spanning Tree Protocol (IEEE 802.1w Internet standard) is a refinement of STP, which provides for faster spanning tree convergence after a topology change. • MSTP — Multiple Spanning Tree Protocol (IEEE 802.1s Internet standard) allows several VLANs to be mapped to a reduced number of spanning tree instances. This is possible because most networks do not need more than a few logical topologies.
36 Spanning Tree Protocol configuration FIGURE 561 STP Configuration dialog box 3. Select the target switch, VLAN, or port from the Target Context list. Target contexts and spanning tree options at the product, VLAN, or port level are listed in Table 135.
Spanning Tree Protocol configuration 36 10. The Force Version list is available only if you selected RSTP. This parameter forces the bridge to send BPDUs in a specific format. You can enter one of the following values: • 0: The bridge has been forced to operate in STP default mode. • 1: The bridge has been forced to operate in RSTP default mode. 11. Specify an interval in the Re-enable Port Interval field, available only if you selected RSTP.
36 Spanning Tree Protocol configuration 8. After the deployment has successfully completed, click Close to close the Deployment Status dialog box. Configuring MSTP on a product You can configure MSTP attributes from the VLAN View tab or the Product View tab on the VLAN Manager dialog box. 1. Perform one of the following tasks to select the VLAN on which MSTP will be configured: • On the VLAN View tab, expand the list of VLANs and select one or multiple VLANs on which MSTP will be configured.
Spanning Tree Protocol configuration 36 8. Enter the number of seconds a root bridge waits before it sends the next BPDU in the Hello Time field. The values range from 1 through 10 seconds. The default is 2 seconds. 9. Enter the number of seconds a bridge waits for a hello packet from the root bridge before initiating a topology change in the Max Age field. The values range from 6 through 40 seconds. The default is 20 seconds. 10.
36 VLAN routing 3. Select MSTP from the Spanning Tree list. The STP Configuration dialog box displays the Available MSTP Instances list. 4. Select an MSTP instance from the list under the Available MSTP Instances list, or enter the MSTP instance number. 5. Click Add. A new row is added to the Available MSTP Instances list. You can change the bridge priority, which is set, by default, to 32768. VLAN routing A VLAN restricts the broadcast domain to only its interface members.
VLAN routing 36 FIGURE 563 Virtual Port - IP Configuration dialog box 3. Complete one of the following steps: - To add a new IP address to the SVI, enter the IP address in the IP Address field and click the right arrow button to move it to the Selected IP Addresses list. - To modify an IP address of an SVI, select the IP address from the list and click the left arrow button to move the IP address back to the IP Parameters list.
36 VLAN routing 7. Click the Deploy now option. 8. Select a Save Configurations option: - Click the Save to running option to save the configuration while the system is running. - Click the Save to running and startup then reboot option to save the configuration both while the system is running and when the system starts up, and then automatically reboot. Click the Save to running and startup option to save the configuration both while the system is running and when the system starts up. 9.
Chapter 37 MPLS Management In this chapter • MPLS pre-configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • MPLS licensing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • MPLS overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • LSP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
37 MPLS licensing 7. Create VLL instances using the Customer-facing ports using the Management application (refer to “VLL manager” on page 1346). 8. Create VPLS instances using the Customer-facing ports using the Management application (refer to “VPLS Manager” on page 1362). MPLS licensing The following are MPLS capable products: • Ethernet Backbone router, Ethernet Core router, and Ethernet router running version 5.0.
MPLS overview 37 The following conditions must be met for inclusion in the MPLS Licensed and Configured Products product group: • Your version of the Management application supports MPLS. • Adding the product does not exceed the MPLS product license limit. For more information about how the Management application counts MPLS products, refer to “Managed MPLS product count calculation” on page 32.
37 LSP 2. Select the checkboxes and enter the required information in the fields provided as follows: - Advertise Labels ACL - Enables the 64 character text field for entering an Access Control List (ACL) name. - Hello Interval - The interval in seconds between sending LDP hello messages. The range is 1-32767. The hello interval must be smaller than the hold time set by Hello Timeout. - Use FEC 128 for autodiscovered peers - FEC 129 is the default.
LSP 37 • Setup priority for the LSP. • Metric for the LSP. • Whether the LSP includes or excludes links belonging to specified administrative groups. Viewing LSP Admin Group information MPLS interfaces on an LSP can be organized into administrative groups (admin groups). LSP admin groups are typically used to manage CSPF path selection by including or excluding network segments identified as admin groups. Take the following steps to view LSP admin groups. 1. Select Configure > MPLS > LSP. 2.
37 LSP Viewing LSP path information An LSP path is a list of router hops across an MPLS domain. Paths are configured separately from LSPs. This allows paths to be used by any LSP that knows the path name. Take the following steps to view LSP paths. 1. Select Configure > MPLS > LSP. 2. Select the Paths tab (Figure 567). FIGURE 567 LSP dialog box, Paths tab 3. A tree structure displays under Products/Paths with products at the top level.
LSP 37 Viewing RSVP LSP information Resource Reservation Protocol (RSVP) controls signalling messages sent to each LSR in the LSP to reserve resources for traffic-engineered paths and cause labels to be dynamically associated with interfaces. Take the following steps to view RSVP LSP information. The dialog box allows you to view a list of RSVP LSPs by product or by RSVP LSP name. You can also add, edit, duplicate, or delete RSVP LSPs, and launch the LDP Configuration wizard. 1.
37 LSP Viewing saved LSP configurations Take the following steps to view all saved LSP configurations. 1. Select Configure > MPLS > LSP. 2. Select the Saved Configurations tab (Figure 569). FIGURE 569 LSP dialog box, Saved Configurations tab Saved LSP configurations are listed by name, description, payload, and deployment schedule. Adding an LSP admin group MPLS interfaces can be organized into administrative groups (admin groups). Typically, an admin group is used to identify a network segment.
LSP 37 3. Click the Add button. The Admin Group Configuration dialog box of the Admin Group Configuration wizard displays (Figure 570). FIGURE 570 Add Admin Groups Configuration dialog box, Configuration Info pane 4. Enter an a name for the Admin Group in the Name field. A maximum of 32 ASCII characters is allowed. 5. Enter an Admin Group ID in the ID field. The ID must be an integer from 0 to 31. 6.
37 LSP FIGURE 571 Add Admin Groups Configuration dialog box, Deployment Properties pane 8. Select the desired properties. 9. Click Deploy. Editing an LSP admin group You can edit an LSP admin group by taking the following steps. 1. Select Configure > MPLS > LSP. 2. Select the Admin Groups tab. 3. Select the admin group you want to edit. 4. Click the Edit button. The Edit Admin Group Configuration dialog box of the Admin Group Configuration wizard displays (Figure 570).
LSP 37 Deleting an LSP admin group You can delete an LSP admin group by taking the following steps. 1. Select Configure > MPLS > LSP. 2. Select the Admin Groups tab. 3. Select the admin group to be deleted. 4. Click the Delete button. The Delete Admin Group Configuration dialog box of the Admin Group Configuration wizard displays. 5. Click on a series of Next buttons to deploy. Adding an LSP path An LSP path is a list of router hops across an MPLS domain. Paths are configured separately from LSPs.
37 LSP 5. Click the Add button. Use the Up and Down buttons to move the selected hop higher or lower in the table. An empty line is added under Hop Details. The first entry is always considered to be the local node and the Ingress LER. LER nodes should be then be added in order from Ingress to Egress. If you need to change the order, you can select an entry and use the Up and Down arrows to change its position. Actual routing depends on whether or not Type is set to Strict or Loose.
LSP 37 Duplicating an LSP path When you want to add a new LSP path, you can save work by duplicating an existing path and editing the name and any other parameters you may want to change. You can duplicate an LSP path by taking the following steps. 1. Select Configure > MPLS > LSP. 2. Select the Paths tab. 3. Select the path you want to duplicate. 4. Click the Duplicate button. The Path Configuration dialog box of the Path Configuration wizard displays (Figure 572).
37 LSP Configuring advanced RSVP LSP settings Resource Reservation Protocol (RSVP) can be used to send signalling messages to each LSR in the LSP to reserve resources and cause labels to be dynamically associated with interfaces. This enables you to engineer network traffic routing to avoid points of congestion and make efficient use of high bandwidth interfaces.
LSP 37 8. Click Advanced Settings to establish traffic engineering parameters. The RSVP LSP Advanced Settings dialog box has three tabs: Global, Paths, and Fast Reroute. The default view is the Global tab (Figure 575). FIGURE 575 RSVP LSP Advanced Settings Global tab From the Global tab you can set the following: - Adaptive checkbox - Select the Adaptive checkbox to allow you to change parameters while an LSP is in enabled state.
37 LSP You can place selected admin groups into any of the following categories: • Include All - An interface must be a member of all selected groups. • Include Any - An interface is included if it is a member of any of the selected groups. • Exclude All - Interfaces in the selected groups are excluded. - Bidirectional Forwarding Detection (BFD) check box - This check box allows you to enable or disable BFD.
LSP - 37 Path Select Mode - The choices are Manual and Unconditional. If Manual is chosen, traffic is shifted to an alternate path only if the selected path fails. If the path recovers, traffic is shifted back. If Unconditional is chosen, the traffic stays on the selected path even if the path fails. If you do not want to specify a path select mode or want to remove the configured path select mode, select None. • Primary - Selected by default.
37 LSP • Maximum Rate - Sets the maximum data rate supported for data bursts above the mean rate. • Maximum Burst - Sets the maximum number of bytes that can be handled at the maximum rate. - Use LSP for OSPF shortcuts - Enables the use of traffic engineering data carried in OSPF extensions that contain information about the interface’s metric, bandwidth reservations, and admin group memberships. - Use LSP for IS-IS shortcuts - Enables you to configure the IS-IS shortcut parameters.
LSP a. 37 Use the Primary Path Select button to display the Path Selector dialog box (Figure 578). FIGURE 578 Path Selector dialog box b. Select the path you want to use as the primary path from Available Paths, and use the right arrow to move the path to Selected Paths. c. Click OK. Secondary paths for the LSP are listed under Paths. Use the Add and Delete buttons to add or delete a secondary path. Use the up and down arrows to move entries up and down in the table. 10.
37 LSP From the Fast Reroute tab you can configure an LSP to request a facility backup provided by a bypass LSP in the event of a failure along the LSP path. Each LSR in an LSP except the egress router may act as a Point of Local Repair (PLR). If a failure occurs on an LSP, the PLR tries to initiate a bypass LSP to provide a backup route for the protected path. The PLR then becomes the ingress of a bypass LSP. The bypass LSP carries the traffic of the LSPs it protects around the break.
LSP 37 Editing an RSVP LSP You can edit an RSVP LSP by taking the following steps. 1. Select Configure > MPLS > LSP. 2. Select the RSVP LSP tab. 3. Select the RSVP LSP you want to edit. 4. Click the Edit button. The RSVP LSP Configuration dialog box of the RSVP LSP Configuration wizard displays (Figure 574). Refer to “Configuring advanced RSVP LSP settings” for a description of how to use the RSVP LSP Configuration wizard.
37 LSP FIGURE 581 Delete RSVP Configuration wizard 5. Click a series of Next buttons to deploy the payload. Editing a saved LSP configuration You can edit a saved LSP configuration by taking the following steps. 1. Select Configure > MPLS > LSP. 2. Select the Saved Configuration tab. 3. Select the saved configuration 4. Click the Edit button.
LSP 37 Deleting a saved LSP configuration You can delete a saved LSP configuration by taking the following steps. 1. Select Configure > MPLS > LSP. 2. Select the Saved Configuration tab. 3. Select the saved configuration 4. Click the Delete button. Displaying LSP Topologies Refer to the View Management chapter for descriptions for topology map layout options and navigation aids. You can display topology maps for configured LDP and RSVP LSPs by taking the following steps. 1.
37 LSP FIGURE 583 LSP Topology View Options 4. Use the LSP Type selector to limit the display to RSVP LSPs Only or LDP Tunnels Only. If you right-click on an LSP, three options are displayed (Figure 584).
MPLS Virtual Leased Line (VLL) overview 37 • Select Drill-down to LSP Hops Topology to display LSPs and hops as a line from the ingress router with an arrow to indicate direction. Operationally enabled LSPs are shown with a solid line. Operationally disabled LSPs are shown with a dotted line. • Select LSP Ping to launch the LSP Ping dialog box. • Select LSP Traceroute to launch the LSP Trace Route dialog box.
37 VLL manager The PE router pushes two labels onto the packet: • The inner VC label is used for determining what happens to the packet once it reaches the VLL peer. This label is significant only to the VLL peer. • The outer tunnel label is used for forwarding the packet through the MPLS domain. This label corresponds to an RSVP-signalled tunnel LSP. After applying the two labels to the packet, the PE router forwards it to the next LSR in the tunnel LSP. 3.
VLL manager 37 Viewing VLL instances To view currently defined VLL instances, do the following: 1. Select Configure > MPLS > VLL. 2. Select the VLL Manager Views tab (Figure 586). FIGURE 586 VLL Manager Views tab 3. You can filter output by name or by VCID by using the selector next to the VLL field. - You can use an Asterisk (*), as a wildcard character if you select By Name. You can enter individual VCIDs or a range of VCIDs if you select By VCID.
37 VLL manager 6. Click the Get button to begin the search for the VLL name. VLLs that match the filter criteria display under VLL Settings and Endpoint Settings. The table shows the following information: - VCID of the VLL. This cell is blank for a local VLL. Name of the VLL. Status of the VLL: • • • • - Conflict - Indicates if there are conflicts with VLL endpoint instances. Conflicts can arise, especially with VLLs configured using the product CLI.
VLL manager 37 • Raw: The ingress router does not add a VLAN ID to the packets. • Tag Mode • Tagged: If the endpoint is a tagged port, the device transmits the packet with the specified VLAN ID and forwards it out the specified interface. • Untagged: If the endpoint is an untagged port, the device removes any VLAN ID before transmitting it out the specified interface. • L2 Status - Layer 2 status (Up or Down). • Outer VLAN ID - Present if the Tag Mode for the endpoint is Tagged.
37 VLL manager 5. When you select a configuration, the following information displays in the fields below Saved Configurations: 6. Right click any entry in the table to display the Print pop up menu. Select Print from the menu to print the table. Adding or editing a VLL instance To add a new VLL instance do the following: 1. Select Configure > MPLS > VLL. 2. Select either the Views tab or the Saved Configurations tab. 3. Click the Add button.
VLL manager 37 9. Under Available Endpoints, expand the Devices folder to display the available devices. Then expand the device folder, and slot folder to select a port for an endpoint. Ports that run FDP or CDP protocol are filtered out because they cannot be a VLL or VPLS endpoint. For a remote VLL the two endpoints must come from different devices. For a Local VLL, the ports selected must be from the same device. 10. Use the right arrow button to move the port to the Selected Endpoints box.
37 VLL manager Configuring devices using the VLL Manager 1. From the Product Configuration pane of the VLL Configuration Wizard, click each device entry. The last discovered CoS and MTU settings for the device are displayed in the Discovered area. You can modify the settings under the Configured area. 2. Enter values for the following: - COS - From the drop down list, select the Class of Service (COS) you want to assign to this instance. Packets that go through this instance are assigned this instance.
VLL manager a. 37 From the Tag Mode list, select one of the following: • Tagged: If the endpoint is a tagged port, the device transmits the packet with the specified VLAN ID and forwards it out the specified interface. • Untagged: If the endpoint is an untagged port, the device removes any VLAN ID before transmitting it out the specified interface. b. For tagged ports only, enter a VLAN ID for the service provider end point tag in the Outer VLAN ID field.
37 VLL manager Deploying target actions using the VLL Manager 1. From the Deploy Target Actions pane, under the Resultant Endpoint Actions, Endpoint Targets column, select the device, or expand the folder for the device to display the VLAN ID (if the Tagged is configured for the port’s tag mode) and the port on which the VLL is to be assigned. 2. The Actions column displays the action to take when the VLL is deployed to the devices.
VLL manager 37 Deploying VLL properties using the VLL Manager 1. From the Deployment Properties pane of the VLL Configuration Wizard, under Persistence Properties, chose one of the following: - Do not Save to Flash or Reload - Use this option if you want to update the running configuration. The payload configuration is not saved to the device flash memory, nor is the device rebooted when the VLL configuration is deployed.
37 VLL manager Scheduling deployment using the VLL Manager 1. From the Deployment Schedule pane of the VLL Configuration Wizard, select from the following deployment options: - Save without scheduling deployment - saves the payload configuration without a deployment schedule. - Schedule Deployment - enables you to schedule a time for deployment using the Frequency, Time (hh:mm), and Date selectors. - Disable Schedule - Checkbox for disabling a scheduled deployment. 2. Click Next.
VLL manager 37 Reviewing the VLL Manager configuration 1. From the Summary pane of the VLL Configuration Wizard, review the information on the page. The Configuration tab displays the configuration in CLI format. 2. Click the Previous to return to pages that you want to modify. Click Cancel to cancel the configuration. When you have finished, click Next. The configuration is assigned a Configuration ID.
37 VLL manager Editing a VLL instance To edit a VLL instance, do the following: 1. Select Configure > MPLS > VLL. 2. Select either the Views tab or the Saved Configurations tab. 3. Select the instance you want to edit from the list of VLL instances. 4. Click the Edit button. The Target Selection dialog box displays. Deleting VLL instances You can delete a VLL configuration from a device, whether or not it is on a device covered by your MPLS license. Do the following. 1.
VLL manager 37 Filtering VLL traffic monitoring The VLL Manager Monitor dialog box allows you to monitor traffic on VLLs. 1. Select Monitor > MPLS > VLL. The VLL Monitor Dialog box displays (Figure 595). FIGURE 595 VLL Monitor dialog box 2. You can filter output by name or by VCID by using the selector next to the VLL field. - You can use an Asterisk (*), as a wildcard character if you select By Name. You can enter individual VCIDs or a range of VCIDs if you select By VCID.
37 Virtual Private LAN Services (VPLS) overview The VLL Instances table shows the following information: - VCID of the VLL - In Packets - Number of packets received by the A Endpoint. This data is not available in the NetIron CER and NetIron CES - Z Endpoint - Name and IP address of the device that serves as the last endpoint for the VLL - In Packets - Number of packets transmitted through the Z Endpoint. This data is not available in the NetIron CER and NetIron CES.
Virtual Private LAN Services (VPLS) overview 37 CE Device Customer A R2 R3 R1 CE Device CE Devices Customer A MPLS Domain Customer A VLAN 200 VLAN 100 Customer B Customer B CE Devices VLAN 200 VLAN 100 R4 FIGURE 596 VPLS configuration with two customer VPNs Unlike a Virtual Leased Line (VLL), a VPLS instance can have multiple endpoints. The PE device performs local and remote VLAN tag translation, so that multiple VLANs can be specified under a single VPLS instance.
37 VPLS Manager VPLS Manager The VPLS Manager allows you to manage VPLS instances. You can perform the following tasks from the VLL manager: • View current VPLS instances and peer topologies. • View VPLS configurations. • Add, edit, duplicate, or delete VPLS instances. NOTE When configuring VPLS, a check is made to determine if there are LSPs configured for the target products. You may proceed with configuration, but an LSP is needed for a working connection.
VPLS Manager 37 3. To specify new filter criteria, select By Name or By VCID from the VPLS list. You can use the following to filter the VPLS instances: • Asterisk (*) as a wildcard character if you select By Name. • Individual VCIDs or a range of VCIDs, separating each entry with a comma if you selected By VCID. 4. Click Get to begin the search. Information about products that match the search criteria displays under VPLS Settings, PE Products, and Endpoints on the Details tab.
37 VPLS Manager FIGURE 598 VPLS Manager Peer Topology tab Viewing Saved VPLS configurations To view current VPLS configurations, do the following: 1. Select Configure > MPLS > VPLS. 2. Select the Saved Configurations tab (Figure 599).
VPLS Manager 37 FIGURE 599 VPLS Manager Saved Configurations tab 3. You can use the Name field to filter output by configuration name. You can use an Asterisk (*) as a wild card character. 4. Click Get to begin the search. Configurations that match the filter criteria display under Saved Configurations, showing the configuration ID, the configuration name, and the name of the user that created the configuration.
37 VPLS Manager • Endpoints table — Displays the following information: Endpoints — Names and IP addresses of the endpoint devices. Tag Mode — Tagged if a VLAN tag is used. Untagged if a VLAN tag is not used. Outer VLAN ID — Present if the Tag Mode for the endpoint is Tagged. The service provider end point tag. Inner VLAN ID — Present if the Tag Mode for the endpoint is Tagged. The customer end point tag. L2 Status — Displays whether L2 is up or down. 5.
VPLS Manager 37 6. Use the right arrow button to move the port to the Selected Endpoints box. Make sure you select two endpoints from two different devices. NOTE The device folder lists all MPLS capable devices, whether or not they are covered by your MPLS license. If you select an MPLS capable device that in not covered by your MPLS license, you will not be able to configure VPLS services for that device.
37 VPLS Manager c. You can select the IP address of the peer by clicking the drop down arrow for Peer IP address. By default, the ingress IP address of a tunnel is selected. d. Enter the maximum number of MAC entries that the VPLS instance is allowed to learn. Determine the range of values you can enter by checking the configuration guide for your device. 3. Click Next. The Port Configuration page displays (Figure 602).
VPLS Manager 37 FIGURE 603 VPLS Configuration wizard Deploy Target Action dialog box The VPLS instance name and VCID are shown in the Name and VCID fields. Deploying target actions using VPLS Manager 1. From the Deploy Target Actions pane, the Endpoint Targets column lists the names and IP addresses of the devices to which the VPLS instance will be deployed. Expand the folder for a device to display any VLANs and ports to which the VPLS instance will be deployed.
37 VPLS Manager FIGURE 604 VPLS Configuration wizard Deployment Properties dialog box Deploying VPLS properties using VPLS Manager 1. From the Deployment Properties pane, choose one of the following persistence properties: - Do not Save to Flash or Reload - Use this option if you want to update the running configuration. The payload configuration is not saved to the device flash memory, nor is the device rebooted when the payload configuration is deployed.
VPLS Manager 37 FIGURE 605 VPLS Configuration wizard Deployment Schedule dialog box Scheduling deployment using VPLS Manager 1. If the Deployment Schedule dialog box displays, select from the following deployment options: - Save without scheduling deployment - saves the payload configuration without a deployment schedule. - Schedule Deployment - enables you to schedule a time for deployment using the Frequency, Time (hh:mm), and Date selectors. 2. Click Disable Schedule to disable a schedule.
37 VPLS Manager FIGURE 606 VPLS Configuration wizard Deployment Summary dialog box Reviewing the VPLS Manager summary 1. On the Deployment and Targets Summary pane, review the summary information. The Deployment and Targets tab displays the information you entered on the previous pages. The Configuration tab displays the configuration in CLI format. 2. Click the Previous to return to pages that you want to modify. Click Cancel to cancel the configuration. When you have finished, click Next.
VPLS Manager 37 4. The next available VCID in the VCID pool is automatically placed in the VCID field. You can change the VCID if desired as long as it is not used in a current VLL instance. 5. Modify any of the remaining values in the instance by following the procedure presented in “Adding or editing a VPLS instance” on page 1366. NOTE The device folder under Available Endpoints lists all MPLS capable devices, whether or not they are in the All MPLS Licensed and Configured Devices group.
37 VPLS Manager Filtering for VPLS traffic monitoring The VPLS Manager Monitor allows you to filter and monitor VPLS traffic. 1. Select Monitor > MPLS > VPLS. The VPLS Monitor dialog box displays (Figure 607). FIGURE 607 VPLS Monitor dialog box 2. You can filter output by name or by VCID by using the selector next to the VPLS field. - You can use an Asterisk (*), as a wildcard character if you select By Name. You can enter individual VCIDs or a range of VCIDs if you select By VCID. 3.
VCID pools 37 VCID pools VCID pools contain VCID that can be used in a VLL or VPLS instance. You may create a combined VCID pool containing VCIDs that are shared by VLL and VPLS, or you may create a segmented VCID pool that provides separate VCID pools for VLL and VPLS configurations. Viewing, creating, and deleting VCID pools To view a VCID Pool and to create or delete VCID pools, do the following: 1. Select Configure > MPLS > VCID Pool. The VCID Pool dialog box displays (Figure 608).
37 802.1ag Connectivity Fault Management 5. Edit the Start and End fields to specify the desired range of VCIDs. You can use any numbers between 1 to 4294967294. If you are creating a segmented pool, be sure the VLL and VPLS VCIDs do not overlap. 6. Click OK. 802.1ag Connectivity Fault Management 802.1ag Connectivity Fault Management (CFM) is an IEEE standard used to define protocols and practices for Ethernet Operations, Administration, and Maintenance (OAM). 802.
802.1ag Connectivity Fault Management 37 1. Choose one of the following options: • From the VPLS Manager dialog box, Views tab, choose one of the following options: Select a device from the VPLS Peer Status/VPLS Name/VCID list and click 802.1ag CFM. Select the Peer Topology tab and right-click a device in the topology and select 802.1ag CFM. From the VLL Manager dialog box, Views tab, select an instance from the VLL Instances table and click 802.1ag CFM.
37 802.1ag Connectivity Fault Management 12. Select the MEP direction from the Direction list. Options include: • Up — Select to set the MEP direction away from the monitored VLAN. • Down — Select to set the MEP direction towards the monitored VLAN. 13. Click the right arrow button to move the defined MEP to the Selected Maintenance End Points table.
802.1ag Connectivity Fault Management 37 Editing a maintenance association You can access 802.1ag CFM from the following features: • VPLS Manager (requires the IP - MPLS – VLL prvilege with read-write or read-only permission) • VLL Manager (requires the IP - MPLS – VPLS prvilege with read-write or read-only permission) • VLAN Manager (requires the VLAN Manager prvilege with read-write or read-only permission) NOTE 802.
37 802.1ag Connectivity Fault Management 9. To add a MEP, complete the following steps. a. Select a product from the Product list. The list contains all products that are part of the VPLS. b. Select a VLAN ID from the VLAN ID list. The list contains all VLAN IDs in the VPLS. c. Select a port from the Port list. The list contains all VPLS end-points for the selected VLAN ID. d. Enter a unique identifier for the end-point in the End Point ID field. Valid values include 1 through 8191. e.
802.1ag Connectivity Fault Management 37 11. Click OK on the Edit Maintenance Association dialog box. The Deploy to Products dialog box displays. 12. Select one of the following options: • Save to running — Select to update the running configuration; however, the deployment is not saved to the product’s flash memory. • Save to running and startup — Select to update the running configuration as well as save the deployment configuration to the product’s flash memory.
37 802.1ag Connectivity Fault Management Adding a MEP to a maintenance association You can access 802.1ag CFM from the following features: • VPLS Manager (requires the IP - MPLS – VLL prvilege with read-write or read-only permission) • VLL Manager (requires the IP - MPLS – VPLS prvilege with read-write or read-only permission) • VLAN Manager (requires the VLAN Manager prvilege with read-write or read-only permission) NOTE 802.
802.1ag Connectivity Fault Management 37 10. Click OK on the Edit Maintenance Association dialog box. The Deploy to Products dialog box displays. 11. Select one of the following options: • Save to running — Select to update the running configuration; however, the deployment is not saved to the product’s flash memory. • Save to running and startup — Select to update the running configuration as well as save the deployment configuration to the product’s flash memory.
37 802.1ag Connectivity Fault Management Editing a MEP You can access 802.1ag CFM from the following features: • VPLS Manager (requires the IP - MPLS – VLL prvilege with read-write or read-only permission) • VLL Manager (requires the IP - MPLS – VPLS prvilege with read-write or read-only permission) • VLAN Manager (requires the VLAN Manager prvilege with read-write or read-only permission) NOTE 802.1ag CFM is only supported on IronWare Ethernet Routers devices running firmware release 5.2 or later.
802.1ag Connectivity Fault Management 37 11. Click OK on the Edit Maintenance Association dialog box. The Deploy to Products dialog box displays. 12. Select one of the following options: • Save to running — Select to update the running configuration; however, the deployment is not saved to the product’s flash memory. • Save to running and startup — Select to update the running configuration as well as save the deployment configuration to the product’s flash memory.
37 802.1ag Connectivity Fault Management Viewing the MEPs in a maintenance association You can access 802.1ag CFM from the following features: • VPLS Manager (requires the IP - MPLS – VLL prvilege with read-write or read-only permission) • VLL Manager (requires the IP - MPLS – VPLS prvilege with read-write or read-only permission) • VLAN Manager (requires the VLAN Manager prvilege with read-write or read-only permission) NOTE 802.
802.1ag Connectivity Fault Management 37 • To send a loopback message to a specific MEP or MIP in the domain, refer to “Sending a loopback message” on page 1389. • To send a linktrace message to a specific MEP or MIP in the domain, refer to “Sending a linktrace message” on page 1390.. 4. Click Close on the Configure 802.1ag CFM dialog box. Deleting a maintenance association You can access 802.
37 802.1ag Connectivity Fault Management Checking the connectivity status of remote MEPs Use the 802.1ag CFM Connectivity dialog box to check the status of all remote maintenance end points (MEP) for the selected MEP. You can access 802.
802.1ag Connectivity Fault Management • • • • 7. 37 Product - The product containing the remote MEP. Port - The port of the remote MEP. MAC Address - The MAC address of the remote MEP. Operational State - The state of the port attached to the MEP. Valid values include: Unknown, Idle, Start, Failed, and OK. Click Close on the 802.1ag CFM Connectivity dialog box. 8. Click Close on the Configure 802.1ag CFM dialog box.
37 802.1ag Connectivity Fault Management 3. Click Loopback. The 802.1ag CFM Loopback dialog box displays the product that contains the selected MEP, the domain, the maintenance association, and the port number of the selected MEP. 4. Select the MEP for which you want to send a loopback message to a specific maintenance end point (MEP) or maintenance intermediate point (MIP) in the domain in the Maintenance End Points (MEP) table. 5. Click Loopback. The 802.1ag CFM Loopback dialog box displays. 6.
802.1ag Connectivity Fault Management 37 To send a link trace message to a specific MEP or MIP in the domain, complete the following steps. 1. Choose one of the following options: • From the VPLS Manager dialog box, Views tab, choose one of the following options: Select a device from the VPLS Peer Status/VPLS Name/VCID list and click 802.1ag CFM. Select the Peer Topology tab and right-click a device in the topology and select 802.1ag CFM.
37 802.1ag Connectivity Fault Management 10. Review the hop details: - The Hop Details table lists the connectivity status for each remote MEP and MIP. The hop number. The MAC address of the remote MEP/MIP. Whether the MEP or MIP forwarded the message. The ingress or egress MEP and MIP. • For a linktrace on a VLAN service, displays the associated port name in the format of Slot_Number/Port_Number. • For a linktrace on a VLL or VPLS, displays the IPv4 address of the peer product.
802.1ag Connectivity Fault Management 37 • From the VLL Manager dialog box, Views tab, select an instance from the VLL Instances table and click 802.1ag CFM. • From the VLAN Manager dialog box - VLAN View or Product View, select a VLAN from list and click 802.1ag CFM. The Configure 802.1ag CFM dialog box displays the product that contains the selected MEP, the domain, the maintenance association, and the port number of the selected MEP. 2.
Chapter 38 VIP Servers In this chapter • VIP Servers overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing the VIP Servers. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing VIP Server information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Enabling or disabling servers or server ports . . . . . . . . . . . . . . . . . . . . . • Server port statistics . . . . . . . . . . . . . . . . . . . . . . . .
38 Viewing the VIP Servers FIGURE 609 VIP Servers dialog box The View list allows you to select which real server, real server port, virtual server, or virtual server ports you want to view. For detailed information, refer to “Viewing VIP Server information” on page 1397. The VIP Servers list displays the ServerIron devices that have been discovered by the Management application ports, and information about the real server or virtual server.
Viewing VIP Server information 38 Viewing VIP Server information 1. From the View list on the VIP Servers dialog box, select which ports you want to view from the following options: • Real server ports view of the virtual server, shown in Figure 610 • Virtual server ports view of the real server, shown in Figure 611 • Real server view of the virtual server, shown in Figure 612 on page 1398 2.
38 Viewing VIP Server information FIGURE 612 Real server view of the virtual server The following fields describe the components in the VIP Servers list on the VIP Servers dialog box. VIP Servers list • The name and IP addresses of the real server or virtual server. • The name or port numbers of the real server port or virtual server port. • Only the servers in a Management application user’s AOR are listed in the list.
Enabling or disabling servers or server ports 38 Enabling or disabling servers or server ports If you have the VIP Server Manager privilege with read-write permission, you can enable and disable real servers, virtual servers, real server ports, and virtual server ports. If you have the VIP Server Manager Leaf Node privilege with read-write permission, you can enable and disable only the server leaf nodes.
38 Server port statistics • • • • • RX Packets — The number of packets received by the port. TX Packets — The number of packets transmitted by the port. RX Bytes — The number of bytes received by the port. TX Bytes — The number of bytes transmitted by the port. Last Update — The date and time when information for the server was updated.
Chapter 39 Global Server Load Balancing In this chapter • GSLB Manager. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • GSLB policy management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • GSLB site management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • GSLB zone configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Controller configuration . . . . . . . . .
39 GSLB Manager Viewing the GSLB Manager To view the GSLB Manager, perform the following steps. Select Configure > Application Delivery > GSLB. The Policy Configuration tab in the GSLB dialog box, shown in Figure 613, displays. FIGURE 613 GSLB dialog box - Policy Configuration tab The GSLB dialog box displays the following buttons: • • • • Add — Creates a new GSLB policy, site, or zone definition and a new controller configuration. Edit — Modifies existing GSLB Manager definitions and configurations.
GSLB policy management 39 GSLB policy management A GSLB policy allows a GSLB ServerIron ADX product to evaluate each IP address in a DNS reply, based on defined criteria called metrics. The GSLB ServerIron ADX product can reorder the list of addresses and place the IP address for the best site at the top of the list. Creating a GSLB policy To create a GSLB policy, perform the following steps. 1. Select Configure > Application Delivery > GSLB. 2. Click the Policy Configuration tab.
39 GSLB policy management FIGURE 614 Policy Configuration dialog box - Metrics tab 4. Provide the following information on the Policy Configuration dialog box. a. Enter a policy name for the GSLB policy in the Policy Name field. The combination of a GSLB policy name and the Management application user who created it must be unique. b. Select the policy type from the Policy Type list. Options include the Global or Host policy types. c.
GSLB policy management e. 39 Select the tie breaker method from the Tie Breaker list. This value is used in case multiple addresses pass the policy criteria without one address emerging as the best choice: • Least Response: Selects the address of the site that has been selected least often in previous DNS responses. Note: ADX-type products do not support the Least Response tie-breaker method.
39 GSLB policy management Applying metrics on the Metrics tab The GSLB ServerIron ADX product evaluates each IP address in the DNS reply based on the metrics order. Based on the results, the GSLB ServerIron ADX product can reorder the list to place the IP address for the best site on the top of the list. To apply policy metrics, perform the following steps. 1. Click the Metrics tab on the Policy Configuration dial box. 2. Select the order from the Metric Order list.
GSLB policy management 39 Adding a prefix on the Prefix tab 1. Click the Prefix tab on the Policy Configuration dialog box, shown in Figure 615. 2. Click Add. A new row is added to the Geo Prefix/Static Prefix list. FIGURE 615 Policy Configuration dialog box - Prefix tab 3. Enter the IP address and select a location from the Location list. If you select NONE for the location, the prefix is considered static. If you select any other location, the prefix is considered geographical (Geo).
39 GSLB policy management Importing IP addresses from a file 1. Select Configure > Application Delivery > GSLB. 2. Click the Policy Configuration tab. 3. In the Geo Prefix/Static Prefix list, click Import. The List of Prefix Networks and Location dialog box displays. 4. Click Import on the Prefix tab of the Policy Configuration dialog box. The List of Prefix Networks and Locations dialog box, shown in Figure 616, displays. 5. Enter a list of prefix networks and locations in the text box.
GSLB site management 39 GSLB site management The Site Configuration dialog box allows you to configure a GSLB ServerIron ADX product with site parameters. A GSLB site contains GSLB ServerIron ADX products that belong to that site. Click the Site Configuration tab on the GSLB dialog box to view the GSLB sites that have been defined for the system, and perform one of the following tasks: • Click Add to create a new GSLB site. • Select an existing GSLB site, and click Edit if you want to modify it.
39 GSLB site management Adding ServerIron ADX products to the site You must add at least one site ADC/ADX product to create a site configuration. 1. Click the Add button. When you click Add, a row is added to the Site ADCs list. The ServerIron ADX products that the Management application has discovered appear in the Site ADC column. The name of the selected ServerIron ADX product displays in the ADC Name column. You can edit the ADC name. 2.
GSLB zone configuration 39 GSLB zone configuration When you manage GSLB zones, you specify the DNS zone name and the host information (applications) within each zone for which you want the GSLB ServerIron ADX product to provide GSLB. There are no defaults for zone parameters.
39 GSLB zone configuration 2. Enter a name for the zone in the Zone Name field. The combination of a GSLB zone name and the Management application user who created it must be unique. 3. Perform one of the following tasks: • Click the Add button to open the Add Hosts dialog box, where you can add hosts to a zone. • Select the host from the Hosts list, and click Edit to modify information for a host. • Select the host from the Hosts list, and click Delete to delete a host.
GSLB zone configuration 39 Adding a host to a zone The Add Hosts dialog box allows you to specify host information within each zone. NOTE When you specify the hosts and applications, the GSLB ServerIron queries the DNS server (the one for which the GSLB ServerIron is a proxy) for the IP addresses associated with the hosts and begins sending health checks to the hosts. 1. Enter the name of the host in the Host Name field.
39 GSLB zone configuration 7. Click Add to add an IP address and weight in the IP Weights list. The IP Weights list is used if IP Weights is specified in the selected policy (during site configuration using the Site Configuration dialog box). You assign a weight to an IP address so that the ServerIron ADX product distributes GSLB traffic among IP addresses in a DNS reply. 8. Enter the IP address to which you want to assign a weight in the IP Address column. 9.
Controller configuration 39 Controller configuration Once policies, sites, and zones are configured, you can assign and deploy a policy to a ServerIron ADX product that is the GSLB controller. The Controller Configuration tab on the GSLB dialog box allows you to assign and deploy a policy to a ServerIron product that is the GSLB controller, after policies, sites, and zones are configured. NOTE All configuration options on the Controller Configuration tab are deployed to the selected GSLB controller.
39 Controller configuration Creating a new GSLB controller configuration 1. Select Configure > Application Delivery > GSLB. 1. Click the Controller Configuration tab of the GSLB dialog box to view the controller definitions that have been defined for the system. 2. Click Add to create a new GSLB controller configuration, or select an existing GSLB controller configuration and click Edit or Duplicate. The Controller Configuration dialog box displays, as shown in Figure 620.
Controller configuration 39 6. Select the Enable Logging check box if you want to enable logging of the following information for DNS requests assisted by the GSLB ServerIron ADX product: • • • • • Source IP address (the address of the client making the request) Best IP address (site address provided by the ServerIron ADX product) Host Zone Metric used This parameter setting is deployed to the controller and to the site ServerIron ADX products specified in this configuration.
39 Controller configuration 11. When you have finished, click OK to add the configuration to the Available Zones/Host list on the Controller Configuration dialog box. Deploying a controller configuration Under GSLB Manager, only the entries under the Controller Configuration tab can be deployed to a ServerIron ADX product that will run the GSLB protocol. Controller configuration deployment can be scheduled or deployed on demand.
Controller configuration 39 FIGURE 621 Controller Configuration dialog box - Schedule tab 4. Provide the following information. a. Click the Save Without Scheduling Deployment option if you want to save the deployment definition without scheduling it. b. Click the Schedule Deployment option if you want to schedule and save the deployment definition. c.
39 Controller configuration f. Select the day of the week when the definition will be deployed. The Day of the Month list appears if you selected Monthly as the schedule type. g. Select the day of the month when the definition will be deployed. The Date list appears if you selected One Time or Yearly as the schedule type. h. 1420 Indicate the date of the deployment. i. Open the calendar and select the date. ii. Select the Suspend Scheduling check box to disable the schedule.
Chapter 40 SSL Certificates for ServerIron Products In this chapter • SSL certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SSL certificate configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Generating a certificate signing request . . . . . . . . . . . . . . . . . . . . . . . . . • Adding an SSL certificate and key file . . . . . . . . . . . . . . . . . . . . . . . . . . .
40 SSL certificate configuration You must have the appropriate user privileges to access SSL Certificates. NOTE SSL Certificates does not generate signed certificates and keys. You can generate a certificate signing request (CSR), but the signed certificates and keys managed by SSL Certificates must be signed by a certificate authority (CA) and must be stored in an accessible location.
SSL certificate configuration 40 Accessing SSL certificates on the Certificate View tab The SSL Certificates dialog box Certificate View tab allows you to view, add, edit, duplicate, append, delete, chain, import, export, and deploy SSL certificates. You can also create a certificate signing request (CSR) and create key passwords from this tab.
40 SSL certificate configuration - Certificates selector — Use this selector to Add, Edit, Duplicate, Append, or Delete certificates. - Chain button — Use to chain certificates. View button — Use to view certificates. Import selector — Use this selector to import a certificate or key from a file or a product. Export button — Use to export a certificate. Deploy button — Use to deploy certificates. Signing Request button — Use to generate certificate signing request.
SSL certificate configuration 40 FIGURE 623 SSL Certificates dialog box - Product View tab The Product View tab contains the following fields and components. - Products — A product tree structure. When you select a product, certificates are displayed under Certificates. If the ADX is running software release 12.3.00 or later, you can only view and manage SSL certificates to Virtual IP servers that are in your Area of Responsibility (AOR).
40 Generating a certificate signing request - Need Deploy — Yes if the certificate or key is not deployed to the product. No if the certificate or key is deployed to the product. - View button — Launches the View Certificate dialog box. Delete button — Deletes a selected certificate. Import button — Import a certificate or key from a file. Deploy button — Launches the Deploy Certificate/Key dialog box.
Generating a certificate signing request 40 FIGURE 625 Generate CSR Key dialog box 7. Enter your organization’s user data: • • • • Common Name - A common name for the CSR (1 through 32 alphanumeric characters). Unit Name - A unit name for the CSR (1 through 32 alphanumeric characters). Organization - The name of your organization (1 through 64 alphanumeric characters). E-mail Address - The e-mail address for the CSR. This is the From: address when the CSR is submitted for signing.
40 Adding an SSL certificate and key file 10. Enter the key password in the Password field, if necessary. By default, the Password field displays the password (entered in the Certificate Signing Request dialog box) as asterisks (*). 11. Click OK. The generated CSR displays in the CSR field. 12. The CSR needs to be copied and pasted into a file. Obtain instructions from the CA for submitting the CSR for signing.
Editing an SSL certificate and key file 40 4. Paste the signed certificate request into the Certificate field. The certificate request must be in .PEM format, and must not be expired. No size limit is enforced. 5. If you want a key to accompany the certificate, select the With Private Key check box. This enables the Key Name, Key, and Password fields. If you select With Private Key, continue with step 6. If you do not select With Private Key, continue with step 9. 6. Enter a name in the Key Name field.
40 Duplicating an SSL certificate and key file Duplicating an SSL certificate and key file You can only edit the certificate name, the key name, and the certificate key decription from the Duplicate Certificate dialog box. 1. Select Configure > Application Delivery > SSL Certificates. The SSL Certificates dialog box displays. 2. From the Certificate View tab, use the Certificates arrow to select Duplicate . The Duplicate Certificate dialog box displays. 3. Change the name in the Certificate Name field.
Importing certificates and keys from file locations 40 Importing certificates and keys from file locations NOTE If the ADX is running software release 12.3.00 or later, you can only view and manage SSL certificates that are bound to Virtual IP servers that are in your Area of Responsibility (AOR).
40 Importing certificates and keys from products 8. Enter the password associated with the key in the Password field. 9. (Optional) Enter a description of the certificate in the Description field. 10. Click OK to import the certificate and key files. Importing certificates and keys from products NOTE If the ADX is running software release 12.3.00 or later, you can only view and manage SSL certificates that are bound to Virtual IP servers that are in your Area of Responsibility (AOR).
Exporting certificates and keys 40 3. Select a product from the Available Sources list. 4. Use the right arrow button to move the selected product to the Selected Sources list. 5. Click OK to import certificates and keys for the selected products. Exporting certificates and keys NOTE If the ADX is running software release 12.3.00 or later, you can only view and manage SSL certificates that are bound to Virtual IP servers that are in your Area of Responsibility (AOR).
40 Deploying certificates and keys Deploying certificates and keys NOTE If the ADX is running software release 12.3.00 or later, you can only view and manage SSL certificates that are bound to Virtual IP servers that are in your Area of Responsibility (AOR). To add a Virtual IP server to your AOR, refer to “Assigning products to an AOR” on page 253 You can deploy an SSL certificate and key to a ServerIron or ADX product using the following procedure. 1.
Creating key passwords 40 Creating key passwords You can create candidate key passwords used when importing SSL keys from a ServerIron product using the following procedure. 1. Select Configure > Application Delivery > SSL Certificates. The SSL Certificates dialog box displays. 2. From the Certificate View tab, click Key Passwords. The Key Passwords dialog box displays (Figure 630). FIGURE 630 Key Passwords dialog box 3.
40 Appending SSL certificates Appending SSL certificates NOTE If the ADX is running software release 12.3.00 or later, you can only view and manage SSL certificates that are bound to Virtual IP servers that are in your Area of Responsibility (AOR). To add a Virtual IP server to your AOR, refer to “Assigning products to an AOR” on page 253 You can append an SSL certificate with another certificate. 1. Select Configure > Application Delivery > SSL Certificates. The SSL Certificates dialog box displays. 2.
Chaining SSL certificates 40 3. Click Chain. The Chain Certificates dialog box displays (Figure 631). FIGURE 631 Chain Certificates dialog box The Certificates table includes the following details: • ID — A unique system-assigned ID for each certificate entry. • Status — Possible values are Valid, About to Expire, or Expired. • Certificate — The user-assigned certificate name. The same name may be used on different products. • Key — The user-assigned key name.
40 Deleting SSL certificates 4. Select the certificate you want to chain to the certificate you selected in step 2. The Chain status for the selected certificate must be Yes. Make sure the Status for the second certificate is Yes. The description of the certificate displays in the Description field, if a description was entered when the certificate was created. 5. Click OK.
Chapter 41 Deployment Manager In this chapter • Introduction to the Deployment Manager . . . . . . . . . . . . . . . . . . . . . . . . • Editing a deployment configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Duplicating a deployment configuration . . . . . . . . . . . . . . . . . . . . . . . . . • Deleting a deployment configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Deploying a configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
41 Editing a deployment configuration Editing a deployment configuration 1. Select Configure > Task Scheduler. The Task Scheduler dialog box displays, as shown in Figure 632. FIGURE 632 Task Scheduler dialog box 2. Select a deployment configuration in the Saved or Scheduled tab. Policy-based routing configurations cannot be edited. 3. Click Edit. A dialog box specific to the type of deployment displays. This is the same dialog box that was used when the deployment was created. 4.
Deleting a deployment configuration 41 3. Click Duplicate. A dialog box specific to the type of deployment displays. This is the same dialog box that was used when the original deployment was created. 4. Update the dialog box with any information you want to change. A copy of the deployment configuration is created with the name “originalName copyn”. For example, if the original name is “test”, the new name is “test copy1”. If you duplicate “test” again, the name of the second duplicate is “test copy2”.
41 Generating a deployment report Generating a deployment report 1. Select Configure > Task Scheduler. The Task Scheduler dialog box displays. 2. Select a deployment in the Saved, Scheduled, or Log tab. 3. Click Report. An HTML report displays. You can click the Configuration Name or Deployment Time to see additional details. Generating a deployment configuration snapshot report 1. Select Configure > Task Scheduler. The Task Scheduler dialog box displays. 2.
Searching the configuration snapshots 41 4. Identify the targets you want to search. Select a target in the Available Targets list and click the right arrow to move the target to the Selected Targets list. 5. Define search criteria. You can specify whether the targets should contain or not contain specific text, and whether to display all configurations, the most recent configurations, or only those configurations that fall within a specific date range. 6. Click Find.
Chapter Fibre Channel Troubleshooting 42 In this chapter • FC troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1445 • FCIP troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1454 FC troubleshooting NOTE FC troubleshooting is only available for Fabric OS devices.
42 FC troubleshooting Tracing FC routes The Management application enables you to select a source port and a destination port and displays the detailed routing information from the source port or area on the local switch to the destination port or area on another switch. NOTE Trace route cannot be performed on offline devices. NOTE Trace route cannot be performed in a mixed (Fabric OS) fabric. Fabric OS trace route requirements • Fabric OS trace route is only supported in a pure-Fabric OS fabric.
FC troubleshooting 42 (Fabric OS only) Whether ping was successful (Fabric OS only) (Fabric OS only) Round trip time (minimum, maximum, and average) (Fabric OS only) Whether the device ports are in active zones. Forward Route — This tab shows the path taken by data packets from the port belonging to the switch on which the trace route has been invoked (source port) to the port on the other switch (destination port).
42 FC troubleshooting • Select the source and destination ports from a list by selecting the Select two device ports option and completing the following steps. a. Right-click a fabric in the Available Device Ports table and select Expand All. b. Select the ports (source and destination) for which you want to confirm device sharing from the Available Device Ports table. To add a detached device to troubleshoot device connectivity, refer to “Adding a detached device” on page 1448. c.
FC troubleshooting 42 Confirming Fabric Device Sharing NOTE Fabric device sharing is only available with Trial or Licensed version. NOTE Fabric device sharing is only available on pure Fabric OS fabrics. To confirm that two or more fabrics have been configured to share devices, complete the following steps. 1. Select Configure > FC Troubleshooting > Fabric Device Sharing. The Fabric Device Sharing Diagnosis dialog box displays. 2.
42 FC troubleshooting Troubleshooting port diagnostics This feature allows you to run a diagnostic port test and a link traffic test on the selected ports. Port diagnostics requirements • Only supported on devices with 10 Gbps-capable D-ports or E-ports running Fabric OS 7.0 or later. The source and destinationports must be the same. • Only supported on devices with 16 Gbps-capable E-ports running Fabric OS 7.0 or later.
FC troubleshooting 42 5. Click Start. The Management application performs the following operations to enable diagnostic mode on the selected ports: 1. Disable the source port. 2. Disable the destination port. 3. Enable the diagnostic mode on source E-port. 4. Enable the diagnostic mode on destination E-port. 5. Enable the source port. 6. Enable the destination port.
42 FC troubleshooting 6. Select a port row in the Selected Ports table to display the detailed status in the Status Details of the Selected Row table. The Status Details of the Selected Row table displays with the details of the port selected for diagnosis, the details of the tests performed, the results of the test, as well as short description of the test results. The following table details the messages that display depending on the success or failure of the operations and tests.
FC troubleshooting TABLE 138 42 Status Detail messages Operation/Test Possible message Link Traffic Test Successfully completed Link Traffic Test. Link Traffic Test failed. Distance between ports Approximate distance between the ports is numerical_value meters. Reverse Optical Loopback Test Successfully completed Reverse Optical Loopback Test. Reverse Optical Loopback Test failed. Roundtrip link latency Roundtrip link latency: numerical_value nano-seconds.
42 FCIP troubleshooting 4. Choose one of the following options in the Payload Pattern area to configure the payload pattern to use in the traffic test • Select the Predefined option and select a pre-defined payload patteren from the list. Options include BYTE_NOT, WORD_NOT, QUAD_NOT, BYTE_RAMP, WORD_RAMP, QUAD_RAMP, BYTE_LFSR, RANDOM, CRPAT, CSPAT, CHALF_SQ, CQTR_SQ, RDRAM_PAT, jCRPAT, jCJTPAT, jCSPAT, PRED_RAND, SMI_TEST, CJPAT, QUAD_NOTP, JSPAT, and JTSPAT.
FCIP troubleshooting 42 To configure IP ping, complete the following steps. 1. Select Configure > FCIP > Troubleshooting > Ping. The IP Ping dialog box displays. 2. Select a switch from the Available Switches table. 3. Select a port from the GigE Port list. 4. Select an IP address switch from the IP Interface list. 5. Enter the remote IP address in the Remote IP Address field. 6. Click OK.
42 FCIP troubleshooting TABLE 140 7. IP Ping Details Field or Component Description Round Trip Time (ms) The time in milliseconds between sending the packet and receiving the response. This provides a rough indication of network congestion or latency. It is normal for the first packet to experience a higher round trip time than later packets, if the intermediate routers need to do ARP requests to locate the next hop. Time To Live (hops) The number of hops remaining in the received response.
FCIP troubleshooting TABLE 141 7. 42 IP Trace Details Field or Component Description Hop Number The TTL inserted in the transmitted probe packet. IP Address 1 The IP address of the system that responded to the first of the three probes, or 0.0.0.0 if there was no response. IP Address 2 The IP address of the system that responded to the second of the three probes, or 0.0.0.0 if there was no response.
42 FCIP troubleshooting 6. Click OK. The IP Performance Result dialog box displays. IP Performance sends dummy data as fast as possible to the remote IP address and measures how much data can be sent over a given interval. IP Performance attempts to saturate the network link to see how much bandwidth is available. It will display the media link bandwidth only if no other traffic is flowing.
Chapter 43 Performance Data In this chapter • SAN performance overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN real-time performance data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN historical performance data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN end-to-end monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN Top Talker monitoring . . . . . . . . . . . . . . . . . . . . . . .
43 SAN performance overview The Professional version only allows you to monitor your SAN by gathering and displaying real-time performance data (Switch Ports - FC, Switch Ports - GE, Switch Ports - 10GE, ISL Ports, E_Port Trunks, end-to-end Monitors, FCIP Tunnels, device Ports, managed HBA Ports, managed CNA Ports). • Persist and display historical performance data (Switch Ports - FC ports, ISL ports, device Ports, FCIP tunnels, SFP, and Switch Ports - 10 GE Ports) for selected fabrics or the entire SAN.
SAN performance overview 43 • Tx MB/Sec — Available for FC, GE, managed HBA ports, managed CNA ports, 10GE ports, E_port trunks, FCIP tunnels, and end-to-end monitors. • Rx MB/Sec — Available for FC, GE, managed HBA ports, managed CNA ports, 10GE ports, E_port trunks, FCIP tunnels, and end-to-end monitors. • CRC Errors — Available for FC, managed HBA ports, managed CNA ports, 10GE ports and end-to-end monitors.
43 SAN performance overview • Primitive Sequence Protocol Errors — Available for managed HBA ports and managed CNA ports. • • • • Dropped Frames — Available for managed HBA ports and managed CNA ports. Bad EOF Frames — Available for managed HBA ports and managed CNA ports. Invalid Ordered Sets — Available for managed HBA ports and managed CNA ports. Non Frame Coding Error — Available for managed HBA ports and managed CNA ports.
SAN performance overview 43 Trap recipient Severity level: 4 Community 3: private (rw) Trap recipient: 10.103.5.105 Trap port: 162 Trap recipient Severity level: 4 Community 4: public (ro) Trap recipient: 2.168.102.41 Trap port: 162 Trap recipient Severity level: 4 Community 5: common (ro) Trap recipient: 10.32.150.
43 SAN performance overview Auth Priv User Auth Priv User Auth Priv - Protocol: noAuth Protocol: noPriv 5 (ro): snmpuser2 Protocol: noAuth Protocol: noPriv 6 (ro): admin Protocol: noAuth Protocol: noPriv To set the SNMP v3 credentials on the device, use the snmpconfig --set snmpv3 command.
SAN performance overview 43 1. Select Discover > Fabrics. The Discover Fabrics dialog box displays. 2. Select an IP address from the Available Addresses list. 3. Click Edit. The AddFabric Discovery dialog box displays. 4. Select the Manual option to view SNMP credentials. 5. Click the SNMP tab. 6. Select v1 or v3 from the SNMP Version list. 7. Make sure SNMP credentials match those on the device. 8. Click OK on the AddFabric Discovery dialog box. 9. Click Close on the Discover Fabrics dialog box.
43 SAN real-time performance data • To collect performance data on a Virtual Fabric-enabled device, use the userconfig --show command to make sure the Fabric OS user has access to all the Virtual Fabrics. Make sure that the SNMPv3 user name is the same as the Fabric OS user name. Otherwise, the data is not collected for virtual switches with a non-default Virtual Fabric ID. By default, the admin user has access to all Virtual Fabrics.
SAN real-time performance data 43 Generating a real-time performance graph You can monitor a device’s performance through a performance graph that displays transmit and receive data. The graphs can be sorted by the column headers. You can create multiple real-time performance graph instances. NOTE To make sure that statistics for a switch does not fail, you must configure SNMP credentials for the switch. For step-by-step instructions, refer to “Discovery” on page 47.
43 SAN real-time performance data 3. Select the object type from the Show list by which you want to graph performance. NOTE Devices with 10GE ports must be running Fabric OS 6.4.1 or later to obtain the correct TE_Port statistics (TX/RX). NOTE Devices with 10GE ports must have the RMON MIB enabled on the switch. For more information about the rmon collection command, refer to the Fabric OS Converged Enhanced Ethernet Command Reference. 4.
SAN real-time performance data 7. 43 Move the Row Height slider to the left to make the row height smaller or to the right to make it larger. 8. Select the Display tabular data only check box to show only text with no graphs or icons. The Source and Destination icons and the Graph column do not display. 9. Click Apply. The selected data automatically displays in the Real Time Performance Graphs dialog box. 10. Click the close button (X) to close the Real Time Performance Graphs dialog box.
43 SAN historical performance data Clearing port counters To reset all port statistic counters to zero on a selected device, complete the following steps. 1. Right-click a device on the Connectivity Map or Product List and select Monitor > Performance > Clear Counters. 2. Click Yes on the message. A Port Stats Counter Reset message displays. If any of the counters do not clear, the message displays a list of the associated ports. 3. Click OK on the Port Stats Counter Reset message.
SAN historical performance data 43 Enabling SAN-wide historical performance collection To enable historical performance collection, select Monitor > Performance > Historical Data Collection. The Fabric Selector dialog box displays with Enable SAN Wide enabled by default. This enables historical performance data collection for all fabrics in the SAN. NOTE After enabling historical data collection, information for switches, ports, and FCIP tunnels also displays in the IP Historical Graph/Tables dialog box.
43 SAN historical performance data 5. Select the Include newly discovered fabrics check box to automatically add all newly discovered fabrics to the Selected list. 6. Click OK. Historical performance data collection is enabled for all selected fabrics. NOTE After enabling historical data collection, information for switches, ports, and FCIP tunnels also displays in the IP Historical Graph/Tables dialog box. If available, click the IP tab, then select Monitor > Performance > Historical Graphs/Tables.
SAN historical performance data 43 FIGURE 635 Historical Performance Graph dialog box 3. Select a default or custom-saved port and time from the Favorites list or filter the historical data by completing the following steps. a. Select the number of results to display from the Display list. b. Select the type of port from which you want to gather performance data from the From list. NOTE Devices with 10GE ports must be running Fabric OS 6.4.1 or later to obtain the correct TE port statistics (TX/RX).
43 SAN historical performance data • 1 day granularity for last 730 days NOTE The graph will not update dynamically if the granularity is 30 Minutes, 2 Hours, or 1 day. To update, click Apply. The graph will update dynamically when 5 Minutes is selected. e. Select the measure by which you want to gather performance data from the Measures list. To select more than one measure, click the Additional Measures expand arrows and select the check box for each additional measure. f.
SAN historical performance data 43 • Select the Use Logarithmic Axis check box to present data on a logarithmic or non-logarithmic axis. • Select the Show Values check box to annotate data point values in the graph. • Select the Enable Auto Scrolling check box to automatically jump to display the new data when new data is collected while the graph is in view.
43 SAN historical performance data 4. Select the ports (press Ctrl or Shift and then click to select multiple ports) from which you want to gather performance data from the Available list and click the right arrow button. NOTE Devices with 10GE ports must be running Fabric OS 6.4.1 or later to obtain the correct TE_Port statistics (TX/RX). NOTE Devices with 10GE ports must have the RMON MIB enabled on the switch.
SAN historical performance data 43 Exporting historical performance data To export historical performance data, complete the following steps. 1. Generate a performance graph. To generate a performance graph, refer to “Generating and saving a historical performance graph” on page 1472. 2. Right-click anywhere in the graph table and select Export. The Save to a tab delimited file dialog box displays. 3. Browse to the file location where you want to save the performance data. 4.
43 SAN end-to-end monitoring • FCIP_STATS_2HOUR_INFO • FCIP_STATS_1DAY_INFO The following EE_MONITOR_STATS and TE_PORT_STATS view names are used to extract data similar to the 11.3.0 database schema from the server with the version greater than or equal to 12.0.0. Refer to Appendix I, “Database Fields” for view definitions.
SAN end-to-end monitoring 43 • End-to-end monitoring on an Access Gateway device requires Fabric OS 7.0 or later with an Advanced Performance Monitor license. Performance monitoring enables you to provision end-to-end monitors of selected target and initiator pairs. These monitors are persisted in the database and are enabled on one of the F_Ports on the connected device (the Management application server determines the port).
43 SAN end-to-end monitoring 3. Select an initiator port from the Select an initiator port list. 4. Select a target port from the Select a target port list. 5. Click the right arrow to move the selected initiator and target ports to the Monitored Pairs list. The system automatically determines the initiator SID and the target DID identifiers for the pair and displays them in the Monitored Pairs list. 6. Click Apply.
SAN end-to-end monitoring 43 Displaying end-to-end monitor pairs in a historical graph Procedures in this section pertain to configuring monitors on systems using the legacy End-to-End Monitor feature instead of using Flow Vision. For systems using Fabric OS version 7.2 or later, when you select a device or device port, and then select Monitor > Performance > End-to-End Monitors, a message displays that you can use Flow Vision to provide End-to-End monitoring.
43 SAN Top Talker monitoring 3. Click OK. Deleting an end-to-end monitor pair Procedures in this section pertain to deleting monitors on systems using the legacy End-to-End Monitor feature instead of using Flow Vision. For systems using Fabric OS version 7.2 or later, when you select a device or device port, and then select Monitor > Performance > End-to-End Monitors, a message displays that you can use Flow Vision to provide End-to-End monitoring.
SAN Top Talker monitoring 43 • On the 8 Gbps 8-FC port, 10 GbE 24-DCB port Switch, Top Talkers is only supported on the 8 Gbps FC Ports. You can create Top Talker monitors on selected devices. Use Top Talkers to display the connections which are using the most bandwidth on the selected device or port. Top Talkers can be enabled on the device or one of the F_Ports on the device. You can only use Top Talkers to view real-time performance data.
43 SAN Top Talker monitoring 1. Select the fabric on which you want to monitor Top Talker data. NOTE On the 8 Gbps 8-FC port, 10 GbE 24-DCB port Switch, Top Talkers is only supported on the 8 Gbps FC Ports. 2. Select Monitor > Performance > Top Talkers. The Top Talker Selector dialog box displays, as shown in Figure 639 on page 1484. FIGURE 639 Top Talker Selector dialog box 3. Select Fabric in the Top Talker Mode list to select a switch to monitor. 4.
SAN Top Talker monitoring • • • Source Switch/Port Destination • • 43 DID Destination Port Destination Switch/Port 8. Click Destination to launch the Port Properties dialog box for the Destination port. 9. Click Source to launch the Port Properties dialog box for the Source port. Configuring an F_Port mode Top Talker monitor Procedures in this section pertain to configuring the legacy Top Talkers feature instead of using Flow Vision. For systems using Fabric OS version 7.
43 SAN Top Talker monitoring 7. Select how often you want the Top Talker to refresh (10, 20, 30, 40, or 50 seconds, or 1 minute) from the Refresh Interval list. 8. Select whether you want to monitor the receive (Rx) flow or the transmit (Tx) flow for the port from the Flow list. 9. Click Apply. The top 20 conversations display in the Current Top Talkers list.
SAN Top Talker monitoring 43 Pausing a Top Talker monitor Procedures in this section pertain to pausing monitors created on systems using the legacy Top Talkers feature and not those created with Flow Vision. For systems using Fabric OS version 7.2 or later, when you select a device or device port, and then select Monitor > Performance > Top Talkers, a message displays that you can use Flow Vision to provide Top Talkers monitoring.
43 Bottleneck detection Bottleneck detection A bottleneck is a port in the fabric where frames cannot get through as fast as they should. In other words, a bottleneck is a port where the offered load is greater than the achieved egress throughput. Bottlenecks can cause undesirable degradation in throughput on various links. When a bottleneck occurs at one place, other points in the fabric can experience bottlenecks as the traffic backs up.
Bottleneck detection 43 • Bottleneck detection is supported whether Virtual Fabrics is enabled or disabled. In VF mode, bottleneck detection is supported on all fabrics, including the base fabric. How bottlenecks are reported Bottlenecks are reported through alerts in the Master Log. A bottleneck cleared alert is sent when the bottleneck is cleared. NOTE A bottleneck cleared alert is sent if you disable bottleneck detection on a bottlenecked port, even though the port is still bottlenecked.
43 Bottleneck detection • When changing switch-level parameters, such as time and severity threshold values, bottleneck detection will be disabled, then enabled. If ineligible ports later become eligible or, in the case of a logical switch, if ports are moved to the logical switch, bottleneck detection is automatically applied to those ports.
Bottleneck detection 43 FIGURE 641Bottlenecks dialog box 2. Select Enable if it is not already selected. 3. Select the Congestion Alerts check box to enable alerts for congestion bottlenecks. Clear this check box to disable alerts. If you enabled alerts, enter threshold values between 1 and 100, or use the default value for triggering a congestion alert. 4. Select the Latency Alerts check box to enable alerts for latency bottlenecks.
43 Bottleneck detection 7. Select one or more fabrics, switches, or ports from the Products/Ports list. You can select fabrics or switches or ports, but you cannot select a mix of fabrics, switches, and ports. 8. Click the right arrow to apply the settings in the Bottleneck Detection pane to the selected elements in the Products/Ports list.
Bottleneck detection 43 Copying alert parameters from one switch or port to another 1. Select Monitor > Performance > Bottlenecks. The Bottlenecks dialog box displays. 2. Select the switch or port from which you want to copy the bottleneck parameters. 3. Click the left arrow. The parameters display in the Bottleneck Detection pane. 4. Select one or more switches, ports, or fabrics to which you want to copy the bottleneck parameters.
43 Bottleneck detection • Select a bottlenecked F_Port or FL_Port and click Show Affected Devices to see the hosts and targets that may be affected by the bottleneck. Displaying devices that could be affected by an F_Port or FL_Port bottleneck The following procedure displays hosts and targets that could be affected because of a bottlenecked F_Port or FL_Port. These devices are determined based on zoning information and are not based on actual traffic flow.
Thresholds and event notification 43 Thresholds and event notification Performance monitoring allows you to apply thresholds and event notification to real-time performance data. A performance monitor process (thread) monitors the performance data against the threshold setting for each port and issues an appropriate alert to notify you when the threshold is exceeded. For information about configuring event notification, refer to “Event notification” on page 1708.
43 Thresholds and event notification FIGURE 643 Set Threshold Policies dialog box NOTE Policies set for switches enabled for Monitoring and Alerting Policy Suite (MAPS) also display in this dialog box. 2. To edit a current policy, select a policy form the Available Threshold Policies list and click Edit. The Edit Threshold Policy dialog box displays, as shown in Figure 644 on page 1496. FIGURE 644 Edit Threshold Policy dialog box 3. To add a new policy, perform the following steps. a. Click Add.
Thresholds and event notification 43 FIGURE 645 New Threshold Policy dialog box b. Enter a name for the policy (100 characters maximum) in the Name field. 4. Select a policy type from the Policy Type list. You can only define policies for E_Port and F_Port, and FL_Ports. 5. Select a measure from the Measure list. You can only define policies for the Tx % Utilization and Rx % Utilization measures. You cannot add the same measure more than once.
43 Thresholds and event notification FIGURE 646 Confirm Threshold Changes dialog box 14. Make the threshold changes by selecting one of the following options: • To add only new thresholds, select the Keep currently set thresholds and only add new thresholds check box. • To overwrite all existing thresholds on all fabrics and devices, select the Overwrite all thresholds currently set on all switches check box. 15. Click OK on the Confirm Threshold Changes dialog box.
Thresholds and event notification 43 Assigning a threshold policy To assign a threshold policy to a fabric or device, complete the following steps. 1. Select Monitor > Fabric Watch > Performance Thresholds. The Set Threshold Policies dialog box displays. 2. Select one or more threshold policies you want to assign to a fabric or device in the Available Threshold Policies list. Press Ctrl or Shift and then click to select multiple policies. 3.
43 SAN connection utilization 4. Click Yes on the confirmation message. 5. Click OK on the Set Threshold Policies dialog box. The Confirm Threshold Changes dialog box displays. 6. Make the threshold changes by selecting one of the following options: • To add only new thresholds, select the Keep currently set thresholds and only add new thresholds check box. • To overwrite all existing thresholds on all fabrics and devices, select the Overwrite all thresholds currently set on all switches check box. 7.
SAN connection utilization 43 FIGURE 647 Utilization Legend The colors and their meanings are outlined in Table 142 on page 1501. TABLE 142 Utilization Legend Line color Utilization defaults Red line 80% to 100% utilization Yellow line 40% to 80% utilization Blue line 1% to 40% utilization Gray line 0% to 1% utilization Black line Utilization disabled Enabling connection utilization To display the connection utilization, complete the following steps. 1.
43 SAN connection utilization FIGURE 648 Historical Data Collection message 2. Choose one of the following options: • Select Enable SAN Wide to enable data collection for the entire SAN. • Select Enable Selected Fabrics to enable data collection for specific fabrics. The Historical Data Collection dialog box displays. To select the fabrics on which you want to enable data collection, refer to “Enabling historical performance collection for selected fabrics” on page 1471.
SAN connection utilization 43 Changing connection utilization percentages You can change the utilization percentages. To change the utilization percentages, complete the following steps. 1. Click the change link in the Utilization Legend, as shown in Figure 649 on page 1503. FIGURE 649 Utilization Legend in edit mode 2. Enter or select the end percentage you want for the blue line.
43 IP performance monitoring and traffic analysis IP performance monitoring and traffic analysis Use information in the following sections to monitor IP performance and analyze IP traffic. • IP configuration requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • IP real-time performance monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . • IP historical performance monitoring. . . . . . . . . . . . . . . . . . . . . . . . . . . . .
IP real-time performance monitoring 43 IP real-time performance monitoring Real-time performance monitoring allows you to view a snapshot of current performance data. You can enable real-time performance monitoring without configuring historical data collectors. The data is not stored in the database. Performance monitoring allows you to define a data collector by mapping a Management Information Base (MIB) object to a unit name (refer to “MIB data collectors” on page 1535).
43 IP real-time performance monitoring 2. Select the products you want in the Available Products list and click the right arrow button to move them to the Selected Products list. NOTE You cannot select more than 100 products and ports. 3. Select the ports you want in the Available Ports list and click the right arrow button to move them to the Selected Ports list. 4. Click OK. The Real Time Graphs/Tables dialog box displays. 5.
IP real-time performance monitoring TABLE 143 43 Collection status icons Failed. No value was ever collected for this collectible. Warning: Data collection failed in the last polling cycle. Successful: Last collection successful. Scheduled but not currently active. • Last Value - The last (most current) value collected. • Last Time Polled - The time that the collector was last polled. 10. Click Sources to add products and ports to or remove products and ports from real-time performance monitoring.
43 IP real-time performance monitoring 5. The Real Time Graphs/Tables dialog box displays. Adding measures to products To add measures to products, complete the following steps. 1. Right-click a device and select Performance > Real Time Graph/Table. The Real Time Graphs/Tables dialog box displays. 2. Select Products from the Show list. The available products display in a list. 3. Select a product in the list and click Measures. The Select measures - Real Time Graphs/Tables dialog box displays. 4.
IP real-time performance monitoring 43 3. Select a product in the list and click Measures. The Select measures - Real Time Graphs/Tables dialog box displays. 4. Select Device Measures from the Show list. 5. To remove an MIB or expression from the product, complete the following steps. a. Select the MIB or expression you want to remove from the product in the Selected Measures list. Select multiple MIBs and expressions by holding down the CTRL key and clicking more than one MIB or expression. b.
43 IP real-time performance monitoring 8. Click OK. The Real Time Graphs/Tables dialog box displays. Removing measures from ports To remove measures from ports, complete the following steps. 1. Right-click a device and select Performance > Real Time Graph/Table. The Real Time Graphs/Tables dialog box displays. 2. Select Products from the Show list. The available products display in a list. 3. Expand the list and select a port in the list and click Measures.
IP real-time performance monitoring 43 b. Select the port you want to include in performance in the tree. Press CTRL and click to select multiple ports. c. Click the right arrow button. The graph and table are populated with the collectible performance values. All collectibles defined for the selected port display beneath the graph. 3. Add an individual collectibles by completing the following steps. a. Select Show > Collectibles to show the MIB objects and expressions. b.
43 IP real-time performance monitoring • Select the Show Values check box to annotate data point values in the graph. • Select the Enable Auto Scrolling check box to automatically jump to display the new data when new data is collected while the graph is in view. • Select the Enable Transition Effect check box to automatically adjusts the range on the vertical axis so that all the data are contained within the view area when you drag the chart into a different time range on the SNMP monitoring graph.
IP real-time performance monitoring 43 4. Select the Graph or Table option to display data in graphical or tabular format. 5. Select a time range relative to the present for the display of historical data from the For list. The options are incremental from the last 30 minutes to the last 24 hours. 6. (Historical graphs and monitors only) Select the Plot Min/Max check box to plot minimum and maximum values along with the average data point.
43 IP real-time performance monitoring FIGURE 652 Graph Options dialog box (Historical Graphs/Tables dialog box) NOTE Figure 652 illustrates the Graph Options dialog box available from the Historical Graphs/Tables dialog box. The Graph Options dialog box available from the Real Time Graphs/Tables dialog box is similar, but has fewer control options. 2. Select the type of chart style from the Chart Style list. Available chart styles include Line Chart, Area Chart, or Bar Chart. 3.
IP real-time performance monitoring 43 • (Historical graphs and monitors only) Plot Min/Max - Plots minimum and maximum values along with the average data. The range between the minimum and maximum values will be represented by the width of a color band surrounding the data points as shown in the following illustration. Note that this option is not available if you select Minimum Interval granularity. It also does not apply and is not available for Real Time Performance graphs.
43 IP real-time performance monitoring a. (Historical graphs and monitors only) Select the granularity of the data points to display on the graph from the Granularity list. Options are 5 minutes, 30 minutes, 2 hours, or 1 day. NOTE The graph will not update dynamically if the granularity is 30 Minutes, 2 Hours, or 1 day. To update, click Apply. The graph will update dynamically when Minimum interval is selected. b. Select the duration of time for data display on the graph from Select list.
IP historical performance monitoring 43 1. Right-click the graph and select Print. The Page Setup dialog box displays. 2. Edit the paper, orientation, and margins, as needed. 3. Click Printer to select a printer. 4. Click OK. IP historical performance monitoring Historical performance monitoring allows you create data collectors by choosing MIB object and by choosing or creating mathematical expressions. You can also configure an historical data graph or table to display data.
43 IP historical performance monitoring • Threshold and Rearm settings - Threshold and Rearm page You cannot modify the following attributes: • • • • • • • Name - Collector Basics page Device or port level - Collector Basics page Polling interval - Collector Basics page Schedule setting - Collector Basics page MIB selection - MIB Object page Expression selection - Expression page MIB index - MIB Index page NOTE The MIB index page for system collectors will not show since you cannot configure the MIB i
IP historical performance monitoring 43 • Source Defined - Whether or not the information source (product or port) is defined (Yes) or not configured (No). • System Collectors - Whether or not this is a system data collector.
43 IP historical performance monitoring FIGURE 656 Data Collector wizard Collector Basics pane 3. Enter a descriptive name for the data collector in the Name field. 4. Use the Polling Interval list to set the polling interval. The choices are 1 minute, 5 minutes, 10 minutes, 15 minutes, and 30 minutes. 5. Select the Target Type. • If you select Product level, SNMP data is collected at the product (device) level. • If you select Port level, SNMP data is collected at the port level. 6.
IP historical performance monitoring 43 • Duration - Enter a value in the Duration field, and then select the unit of measure. The options are Minutes, Hours, and Days. 7. Click Next on the Collector Basics dialog box. The MIB Objects dialog box displays. FIGURE 657 Data Collector wizard MIB Objects dialog box The Available MIB Objects tree includes all integer-based objects that are available by default and any that have been imported.
43 IP historical performance monitoring FIGURE 658 Data Collector wizard Expressions dialog box The Available Expressions list shows all expressions that are available by default and any that have been defined by the user. 12. Select an expression from the Available Expressions list. A description of the expression displays under Details of . 13. To include the expression in your data collector, click the right arrow button to move the expression to the Selected Expressions list.
IP historical performance monitoring 43 FIGURE 659 Data Collector wizard Select Sources dialog box The Available Products/Ports tree structure includes all products and ports that can be monitored. You can expand folders to display all available products and ports. If you have selected Port Level on the Collector Basics dialog box, trunk objects will be included as available targets in the form of LAG, vLAG, or Trill objects. Only ifindex-based MIBs or expressions are supported. 15.
43 IP historical performance monitoring FIGURE 660 Data Collector wizard MIB Index dialog box You can define index values for each MIB object that requires an index. 17. From the MIB Instances list, select the required MIB variable. The Complete SNMP OID, the Index Name, and the Index Value display beneath the MIB Instances list. 18. You have several options for entering index information: • Select the Dynamic walk check box to dynamically select index values for a particular index.
IP historical performance monitoring 43 FIGURE 661 Data Collector wizard Threshold & Rearm dialog box This dialog box allows you to establish a a threshold value that triggers a trap message when the threshold is met, and to establish conditions for repeating threshold check and trap messages. 20. Select Enable threshold and rearm events to enable the Threshold and Rearm selectors. 21. Select the Fixed Threshold value and assign a Threshold Trap Severity level. 22.
43 IP historical performance monitoring 4. Save and close the mibs_to_compile.txt file. 5. Launch the MIB Objects dialog box to view the third-party device MIB objects. Refer to “Adding or editing a historical data collector” on page 1519. Configuring a MIB walk instance To configure a MIB walk instance, complete the following steps. 1. Launch the MIB Index dialog box. Refer to “Adding or editing a historical data collector” on page 1519. 2.
IP historical performance monitoring 43 Duplicating system data collectors Although you can duplicate a system collector, only the following target types will carry over to the duplicate collector: • • • • • Individual products Individual ports User defined port groups User defined product groups System product groups.
43 IP historical performance monitoring FIGURE 663 Add Expressions dialog box - Select the expression you want to edit or duplicate from the Expressions list and click Edit or Duplicate. The Edit Expression or Duplicate Expression dialog box displays with the details for the selected expression. If you are duplicating, the Management application appends _copy to the name of the expression. 3. Enter a name for the expression in the Name field. 4.
IP historical performance monitoring 43 • MIB Object.Rate — Assuming the MIB value polled in the current polling period is M(T1) and the value polled in the Previous polling period is M(T0), the MIB value to be used in the expression is calculated using (M(T1)- M(T0))/ (T1 – T0) (T0 and T1 in the unit of second). The following example is the formula used to create the If%Errors expression, which calculates the error percentage for input packets on an interface.
43 IP historical performance monitoring Viewing Historical Graphs/Tables 1. Select Monitor > Performance > Historical Graphs/Tables. 2. Select the Data Monitoring tab. The main features are a tree structure and a graph area. You can collapse the tree structure to expand the graph area. FIGURE 664 Historical Graphs/Tables Data Monitoring tab 3. Use the Show selector to toggle the tree structure display in the left panel between Products and Collectibles.
IP historical performance monitoring 43 FIGURE 665 SAN Fibre Channel port display FIGURE 666 SAN FCIP tunnel display Brocade Network Advisor SAN + IP User Manual 53-1002949-01 1531
43 IP historical performance monitoring FIGURE 667 Wireless controller and APs display • Select Collectibles and the left panel displays measures (MIB objects and expressions) currently being collected. Select a measure, and the targets (products or ports) from which the measure was collected display in the right panel. If SAN historical data collection is enabled, corresponding SAN products and ports display. Measures also display for SAN products, ports, and FCIP tunnels that appear in the device tree.
IP historical performance monitoring 43 If a table is displayed, the first column displays the time of the collection. The remaining columns display the value of each collectible at the specified time. There is one column for every collectible you select to display. 7. Select the Collection Status Summary tab. FIGURE 668 Historical Graphs/Tables Collection Status Summary tab The Collection Status Summary tab provides a high level overview of all defined collectors.
43 IP historical performance monitoring • Last Time Polled - The time that the collector was last polled. When you use the Show selector to select Products, devices and ports display in a tree structure in the left-most column. If you select a device or port, the right collectibles column lists all the collectors that have been defined for the device or port.
MIB data collectors 43 MIB data collectors The Management application enables you to define a data collector by mapping a MIB object to a unit name in the mib_unit.properties file. This property file is located in the Install_Home/conf/mibs directory. The default mib_unit.properties file contains commonly used MIB unit definitions. Once mapped, the unit name displays on the line chart of the performance graphs when you select that MIB object as a data collector.
43 IP Custom performance reports IP Custom performance reports You can create customized reports and run or schedule them in the same manner as a standard report. You can modify, copy, or delete customized reports. Select the report from the Report Definitions tab, then click the Edit, Duplicate, or Delete button. Creating a custom report Complete the following steps to create a report. 1. Select Monitor > Performance > Custom Reports.
IP Custom performance reports 43 FIGURE 670 Add/Edit /Duplicate Report Definition dialog box - Collection Items tab By default, the Collection Items tab is selected. On this tab, the collectibles in all data collector configurations are listed by device in the Available Collection Items list. 3. Select the collectible you want to include in the report and click the right arrow button to move it to the Selected Collection Items list.
43 IP Custom performance reports 5. To schedule the report to run at a specific time, click the Time Settings tab. FIGURE 671 Add/Edit Report Definition dialog box - Time Settings tab You can choose from the following settings: • Relative Time - Enables you to select a time range relative to the present for the display of historical data. The choices are incremental from the last 30 minutes to the last 24 hours.
IP Custom performance reports 43 6. To arrange the order of the columns in the generated report, click the Result Settings tab. FIGURE 672 Add/Edit Report Definition dialog box - Result Settings tab • Data types that will be collected are listed in the Available Columns list. Select the data type you want to include in the report and click the right arrow button to move it to the Selected Columns box. • Select a data type to be used to sort the report.
43 IP Custom performance reports 7. Click the Identification tab. FIGURE 673 Add/Edit Report Definition dialog box - Identification tab 8. Enter a name for the report in the Name field. You can use up to 64 alphanumeric characters. This name appears under the Name column on the SNMP Monitor reports tree. This name must be unique for each SNMP Monitor report. 9. Enter a title for the report, which will be used as the title of a generated report, in the Title field.
IP Custom performance reports 43 12. Select the user accounts that will be able to view and run this definition in the Available Users list and click the right arrow button to move those user accounts into the Selected Roles box. Click the left arrow button to move the user accounts back to the Available Users list. You can share this definition with specific Management application users.
43 IP sFlow configuration IP sFlow configuration The Management application supports the creation of sFlow reports to capture traffic data. Configuring sFlow You can use the sFlow configuration wizard to configure an sFlow data collector and a destination for the sFlow data collector. 1. Select Monitor > Traffic Analysis > Configure sFlow. The Interface Payload - sFlow Configuration dialog box displays.
IP sFlow configuration 43 2. Click Next. The Interface Payload - sFlow Settings dialog box displays. FIGURE 675 Interface Payload - sFlow Settings dialog box 3. Under Global Settings, select Enable to have the sFlow report enabled when it is deployed. Select Disable to deploy the sFlow report as initially disabled. 4. Use the Rate Sampling selector to choose either Adaptive or Custom sampling. If you choose Adaptive, the management server selects the sampling interval and traffic sampling rate.
43 IP sFlow configuration If you choose Custom, you may set your own sampling interval and traffic sampling rate. - Global Settings • Counter sampling Interval - defines the interval in seconds between samples. The range is 0 to 86400. • Traffic sampling rate - the ratio between the total number of incoming packets and the number of flow samples taken at the product level. The ratio is expressed as n to 1; for example, if you specify a sampling rate of 100, the ratio is 100:1.
IP sFlow configuration c. 43 Click OK. A new row appears under Collector Details for the collector you just added. NOTE A limit of four collectors is enforced in the Collector Details table. If you add more than four collectors, an error message displays. An error message also displays if you try to add a collector with the same IP address and UDP port combination as an existing collector. NOTE For VCS devices running Network OS v4.0 and above, you can deploy up to five collectors.
43 IP sFlow configuration 15. Review the configuration summary and click Deploy. Creating custom sFlow reports You may create custom sFlow reports if you want to capture traffic analysis information that is not available in the standard reports. 1. Select Monitor > Traffic Analysis > Custom Reports. The Traffic Analyzer Custom Reports dialog box displays. FIGURE 676 Traffic Analyzer Custom Reports dialog box, Definition tab 2. Select the Report Definitions tab. 3. Click the Add button.
IP sFlow configuration 43 FIGURE 677 Add Report Definitions dialog box, Product & Port tab The Product & Port tab contains tables of available products and ports that may be selected for sFlow data collection. 5. Determine if you want a report on only one product or port or on two or more products or ports, and select either Single or Multiple as appropriate. Options are displayed differently depending on your choice of Single or Multiple. If you chose Single, complete the following steps.
43 IP sFlow configuration For VCS fabrics, if you select Single mode, the following report definition behavior may occur: - Displays all ports from all members of the selected VCS fabric in the available ports tables on the Product & Port tab. - Automatically includes fabric changes (adding or deleting members) when you run the report.
IP sFlow configuration 43 8. If you do not chose the Prompt check box, complete the following for each field. - Source VM — Enter the name, IP address, or MAC address of the source VMs in comma separated value (CSV) format or click the ellipsis button to the right of the field to select the VMs from the Select VMs dialog box.
43 IP sFlow configuration 12. Select the Layer 3 & 4 tab. FIGURE 680 Add Report Definitions dialog box, Layer 3 & 4 tab 13. Examine each listed item and decide the following: - Do you want to enter values in the field, or be prompted to enter the value when running the report? If you want to be prompted, select the Prompt check box.
IP sFlow configuration 43 - Layer 4 Protocols — The layer 4 protocols you can use as a filter depends on which layer 3 protocols you selected. Enter the L4 protocols in comma separated value (CSV) format or click the ellipsis button to the right of the field to select the protocols from the Layer 4 Protocols dialog box. - Source Ports — Enter the ports in comma separated value (CSV) format or click the ellipsis button to the right of the field to select the ports from the L4 Source Port dialog box.
43 IP sFlow configuration 18. Examine each listed item and decide the following: Do you want to enter values in the field, or be prompted to enter the value when running the report? If you want to be prompted, select the Prompt check box. If you do not chose the Prompt check box, you may enter any of the following in the fields provided: - Source Subnet Bits - Enter the source subnet of the route. Destination Subnet Bits - Enter the destination subnet of the route. Local AS - Enter the local AS number.
IP sFlow configuration 43 FIGURE 684 Add Report Definitions dialog box, Result Settings tab 22. Select one of the following options for displaying report data from Result Type list: - Detailed Table - Displays data in table format. - Bottom N Chart and Table - Displays a pie chart of the bottom N talkers above the tabular data. Top N Chart and Table - Displays a pie chart of the top N talkers for your selected sorting options above tabular data.
43 IP sFlow configuration FIGURE 685 Add Report Definitions dialog box, Result Settings tab 23. If you selected Bottom N Chart and Table or Top N Chart and Table, select the top or bottom number (N) of talkers that you want in the report by clicking the arrows on the selector to the right of the Result Type list. Select a minimum of 5, with increments of 5 to a maximum of 25.
IP sFlow configuration 43 FIGURE 686 Add Report Definitions dialog box, Identification tab 27. Enter a name for the report in the Name field. The name must be unique among all sFlow reports, and can be a maximum of 64 alphanumeric characters. 28. Enter the report title in the Title field. The Title field supports a maximum of 128 alphanumeric characters. 29. Select Do not share the definition if you do not want other users to see the report definition when they log in. 30.
43 IP sFlow configuration FIGURE 687 Example report for top 5 MAC Talkers Scheduling custom sFlow reports You can schedule a custom sFlow report from the Schedules tab of the Custom Reports dialog box. 1. Select Monitor > Traffic Analysis > Custom Reports. 2. Select the Schedules tab. Custom sFlow Reports dialog box displays, as shown in Figure 688 on page 1557.
IP sFlow configuration 43 FIGURE 688 Custom sFlow Reports dialog box, Schedules tab 3. Click Add. The Add Schedule dialog box displays, as shown in Figure 689 on page 1558.
43 IP sFlow configuration FIGURE 689 Add Schedule dialog box 4. Enter a name for the schedule in the Name field. 5. Use the Report Definition selector to select the report definition you want to schedule. NOTE Report definitions that included a prompt are not listed. 6. Use the Format selector to choose either HTML or CSV format. 7. Use the Frequency selector to choose to run the data collector on a Yearly, Monthly, Weekly, Daily, Hourly, or One Time basis.
IP Traffic analyzer monitoring and sFlow reports 43 12. You may include text that you want to add before the auto-generated report content in the Body Prologue field. 13. You may include text that you want to add after the auto-generated report content in the Body Epilogue field. 14. Click OK. Suspending a custom sFlow report schedule To suspend the schedule of a custom sFlow report, complete the following steps. 1. Select Monitor > Traffic Analysis > Custom Reports. 2. Select the Schedules tab. 3.
43 IP Traffic analyzer monitoring and sFlow reports 802.1X configuration requirements 802.1X user information can be displayed on sFlow reports. To ensure that this information is displayed, do the following: • Make sure the device and software release it is running supports 802.1X. • 802.1X must be enabled on the device ports. • Clients must be running software platforms that support 802.1X (for example, Windows XP operating system). • RADIUS authentication servers must have the 802.
IP Traffic analyzer monitoring and sFlow reports 43 4. To launch the sFlow Configuration wizard and configure an sFlow data collector, select Configure sFlow. Selecting a report Use the report header to configure the report display. This section explains the available fields and selection options. Report list Select the type of traffic that you want to view from the list. • • • • For Layer 2 reports, select MAC, VM, or VLAN. For L3/L4 reports, select IPv4, IPv6, IPX, AppleTalk (AT), VM, or Others.
43 IP Traffic analyzer monitoring and sFlow reports How End Date/Time and Span works: Assume you have seven days of sFlow data from June 1 through 7. You want to view the first four hours of data during June 2. From the End Date/Time lists, select 6/2 for day and 4 am for time. In the Span list, select 4h. The resulting report shows four hours of data for June 2, beginning at 12 am and ending at 4 am.
IP Traffic analyzer monitoring and sFlow reports 43 • Apply rate limiting policies to a port. • Apply ACL policies to a port. Show DNS Name Select this check box if you want domain name server (DNS) names of IP addresses to be displayed on the report. Include Remaining Talkers The sFlow monitoring reports display the top five talkers and remaining talkers. To exclude any remaining talkers in the chart area, select this check box.
43 IP Traffic analyzer monitoring and sFlow reports If the Graph check box is selected, a graph appears below the report header. Data for the most current time on the report is displayed when a report is requested. The navigation arrows in the report header allow you to display the next or previous panel of the report. Refer to the “Selecting a report” on page 1561 for information on what the graph represents.
IP Traffic analyzer monitoring and sFlow reports 43 Viewing top MAC talkers The Top MAC Talkers report shows the top pairs of source and destination MAC addresses being used on the network. Follow the steps below to display the report. 1. Select Monitor > Traffic Analysis > Monitor sFlow. 2. On the Monitor sFlow dialog box, choose one of the following options: • To view a report for a product group, click the report icon for the product group you want.
43 IP Traffic analyzer monitoring and sFlow reports 4. In the Reports list, select VLAN. The report presents the following information: • • • • • VLAN - The ID of the source and destination VLANs used by the users. Ethernet QOS - The 802.1p priority tag configured on the incoming and outgoing traffic. Port - The ID of the port on which the traffic is being received and being sent. For VCS fabrics, the send and receive ports are from different devices.
IP Traffic analyzer monitoring and sFlow reports 43 5. In the next list, select All. The report provides the following information: • L3 columns - Source - The source IP addresses of the IPv4 traffic and VM hosts (Top VM Talkers reports). If enabled, host names of the IP address are shown in parentheses. - Destination - The destination IP addresses of the IPv4 traffic and VM hosts (Top VM Talkers reports). If enabled, host names of the IP address are shown in parentheses.
43 IP Traffic analyzer monitoring and sFlow reports 4. In the Reports list, select IPV4. 5. In the next list, select TCP. The report shows the following information: • IPV4 - Source - The source IP addresses of the IPv4 traffic. If enabled, host names of the IP address are shown in parentheses. - Destination - The destination IP addresses of the IPv4 traffic. If enabled, host names of the IP address are shown in parentheses.
IP Traffic analyzer monitoring and sFlow reports 43 Viewing IPv4 – top UDP talkers The Top IPV4–UDP Talkers report shows the top users of IPv4 UDP services. Complete the following steps to display the report. 1. Select Monitor > Traffic Analysis > Monitor sFlow. 2. On the Monitor sFlow dialog box, choose one of the following options: • To view a report for a device group, click the report icon for the device group you want.
43 IP Traffic analyzer monitoring and sFlow reports • Mbytes - Size of the traffic in megabytes for the time duration shown on the report. A subtotal is displayed for each of the top users. This subtotal is displayed by source and destination IP addresses. If the report is for a device group, the name and IP address of the device that the traffic accessed appear in parentheses. If the report is for an individual device, only the source and destination IP addresses appear.
IP Traffic analyzer monitoring and sFlow reports 43 • Frames - Size of the traffic in frames. • Mbytes - Size of the traffic in megabytes for the time duration shown on the report. A subtotal is displayed for each of the top users. This subtotal is displayed by source and destination IP addresses. If the report is for a device group, the name and IP address of the device that the traffic accessed appear in parentheses.
43 IP Traffic analyzer monitoring and sFlow reports Viewing other Layer 3 or Layer 4 Top Talkers The Others report under the Layer3/Layer 4 report category provides information on Layer 3 protocols excluding IPV4, IPV6, IPX, and AppleTalk services. Complete the following steps to display the report. 1. Select Monitor > Traffic Analysis > Monitor sFlow. 2.
IP Traffic analyzer monitoring and sFlow reports 43 Enabling and viewing TCP reports You can monitor TCP traffic to determine if there is any unusual activity on the network, such as TCP attacks. Identifying unusual activity will aid in understanding the nature of the traffic and the ports that are affected, so that you can take corrective actions. For example, you may decide to disable a port on which TCP attacks are being received.
43 IP Traffic analyzer monitoring and sFlow reports 2. Select IP Preferences from the Software Configurations list in the Category pane. 3. Go to the SFlowDataMonitoring preferences section. 4. Click in the TCPFlags_InvalidCombos parameter field to edit the invalid bit combinations. 5. Click Apply or OK to save your work. Displaying the invalid TCP Flags report Complete the following steps to display the invalid TCP flags report. 1.
IP Traffic analyzer monitoring and sFlow reports 43 • Frames - Size of the traffic in frames. • MBytes - Size of the traffic in megabytes for the time duration shown on the report. Viewing BGP paths report The BGP Paths report shows source and destination traffic based on BGP autonomous systems paths. Complete the following steps to display the report. 1. Select Monitor > Traffic Analysis > Monitor sFlow. 2.
43 IP traffic accounting Troubleshooting sFlow reports If the sFlow Monitoring report launches with an error on RedHat Linux, use the following steps to resolve. 1. Stop the server. 2. Run the command unset DISPLAY on the terminal. 3. Restart the server. NOTE You can only restart the server using the Server Management Console (Start > Programs > Management_Application_Name 11.X.X > Server Management Console).
IP traffic accounting 43 4. You have three options for displaying traffic accounting information: • Click Summary to view the entire accounting summary report for the selected group. • Click In Traffic to view inbound traffic on the ports in the selected group. • Click Out Traffic to view outbound traffic on the ports in the selected group. The number of records gathered for each device is limited to 10,000 by default.
Chapter 44 Flow Vision In this chapter • Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Provisioning flows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Monitoring Flows . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Dashboard flow performance monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . • Flow Vision features . . . . . . . . . . . . . . .
44 Overview Why Flow Vision exists As storage networks become larger and more complicated, storage administrators need methods to analyze flows (and dynamic nature of the network) so that they can obtain benefits such as the following: • Instant identification of the source of performance or other problems. For example, is the problem in an application, SAN, or in storage.
Overview 44 Flow Vision support Flow Vision is supported on platforms using 8 Gbps and 16 Gbps-capable Fibre Channel platforms; there are no platform exclusions. All ports other than those listed under “Unsupported ports” on page 1581 are supported. This includes ICL ports. For details on Flow Vision feature and parameter support on switch platforms, Access Gateway switches, and virtual fabrics, refer to “Flow parameter support” on page 1610.
44 Overview • Direction. The direction is implicitly defined source device to destination device. All flows except learning flows, can also be bidirectional. You cannot define bidirectional flows with the Generator feature enabled as flows are always from source to destination. Flow provisioning and monitoring Flow Vision has two components: • Flow provisioning • Flow monitoring Before monitoring a flow, you must define criteria that uniquely identify the flow.
Overview 44 After you define flows for a fabric you can monitor these flows using the Flow Vision dialog box. Data display for flows includes MAPS violations, values for criteria defined in your flow definitions, SCSI measures, and frame measures.
44 Provisioning flows Provisioning flows To provision or define a flow and to configure Flow Vision to monitor that flow, provide a flow name and specify the flow parameters in the Add Flow Definition dialog box. These parameters identify the sets of related frames and can either be explicitly defined or Flow Vision can learn them through observation. Flow Vision allows you to learn a particular set of parameters for a frame.
Provisioning flows 44 NOTE You can also right click on either of these objects in the products list or connectivity map and select Fabric Vision > Flow > Add from the menu. Selected switches, switch ports, initiator, ports, and target ports must be able to support Flow Vision. The Add Flow Definition dialog box displays. Note that you must select Advanced Options to display the Frame Type and LUN IDs fields at the bottom of the dialog box.
44 Provisioning flows 7. Select Persist over switch reboots to persist flow definitions over reboots. Configuring Basic Options Use the following steps to configure Basic Options on the Add Flow Definition dialog box. 1. Select either Port Address (Port ID) or WWN format for entering the End Device identification. 2. Use one of the following methods to enter End Device Source and Destination identification: - Type a port ID or WWN in the Source and Destination fields.
Provisioning flows 44 FIGURE 694 Select Device Ports dialog box. (Products and Ports selected) Select products and ports under the Available Products panel and move to the Selected Products panel using the right arrow. In the Selected Products panel you can select to Use Any Port (*) in these products or Use Selected Ports. If you choose to use selected ports, select a specific port under the Selected Products panel.
44 Provisioning flows FIGURE 695 Select Switch Ports dialog box. On the Select Switch Ports dialog box, select a port in the Available Products panel and move it under the Selected Products panel with the right arrow. Select OK to close the Select Switch Ports dialog box and return to the Add Flow Definition dialog box. - Select to swap the Ingress switch identification and Egress switch identification. 6.
Provisioning flows 44 Configuring Advanced Options Use the following steps to configure Advanced Options on the Add Flow Definition dialog box as needed to define your flow definition. 1. Select the arrows on the Advanced Options tab to display configuration options. FIGURE 697 Add Flow Definition dialog box 2. Enter an Frame Type or select the ellipses button on the right of the Frame Type field to display the Frame Type Picker dialog box. Use this dialog box to select available frame command types.
44 Provisioning flows The following Frame Type commands are supported: - SCSI SCSIRead SCSIWrite SCSIRW SCSI2Reserve SCSI3Reserve SCSI2Release SCSI3Release SCSI2ReserveRelease SCSI3ReserveRelease SCSITur SCSIStatus SCSIInquiry SCSIXferrdy ABTS BAACC SCSIGoodStatus SCSICheckStatus SCSIResvConflict BARJT 3. Enter LUN IDs between 0 and 65535 that you want to include in the flow definition. 4. Select OK to save the definition and launch the add flow progress dialog box.
Provisioning flows 44 Flow definition examples Table 147 on page 1591 provides examples of flow data that you can monitor and criteria that you configure in the Add or Edit Flow Definition dialog box to define the flow. NOTE In this guide an asterisk (*) in fields denotes any selected device or port in PID or WWN format.
44 Provisioning flows TABLE 147 Flow definition examples Desired flow data Context for launching Flow Definition dialog box and options Flow definition Top talkers Select a switch or port on which to monitor the top talkers from the product list and select Monitor > Fabric Vision > Flow > Add or right click the switch or port and select Flow Vision > Flow > Add.
Monitoring Flows 44 Monitoring Flows After you define flows for a fabric you can monitor them using the flow Flow Vision dialog box. The dialog box supports all the flows defined on the switches through the management application or CLI commands. Data display for flows includes all measures supported by the flow monitoring features and AMS violations on monitored flows.
44 Monitoring Flows If you launch the Flow Vision dialog box by right-clicking a switch port on the Connectivity Map or Product List, and then select Flow Vision > Flow > Monitor, the management application verifies if there is a flow definition in the fabric with the selected port as the ingress or egress port. If you select an initiator or target, the management application verifies if there is a flow definition in the fabric with the port as a source or destination device.
Monitoring Flows 44 • Feature - Select options from the Monitor, Mirror, and Generator submenus to activate, deactivate, or reset the features for selected flow definitions, if these features are included in the flow definitions. Each feature contains a submenu with the following options: - Configure - For the Flow Generator only, selecting this option launches the Configure Generate Flow dialog box.
44 Monitoring Flows Flows panel right-click menus Right-click a sub-flow in the Flows panel of the Flow Vision dialog box to select the following options: • Locate - displays the following sub options. Select an option to highlight the port or device in the topology map: - Ingress Port - Highlights the ingress port. Egress Port - Highlights the egress port. Source Device - Highlights the source device. Destination Device - Highlights the destination device.
Monitoring Flows TABLE 148 44 Flows Definitions panel information Column information Displayed Source Source IDs as defined for flow. Source Info This field is either empty or displays the icon of inferred destination device (either a VM, host or storage) based on the source ID. The name of the VM, host, or storage displays with a hyper link to the device’s property sheet. Ingress Port Ingress port as defined for the flow. Egress Port Egress port as defined for the flow.
44 Monitoring Flows TABLE 149 1598 Flows panel information (Monitor feature selected) Column Information Displayed Sub Flow ID Sub-flow database ID. Target Switch Name of the target switch for the flow. Flow Name Name of flow as defined. Source SIDs as defined or learned. Source Info This field is either empty or displays the inferred destination device (either a VM, host or storage) based on the source ID.
Monitoring Flows TABLE 149 44 Flows panel information (Monitor feature selected) Column Information Displayed Flow Definition Persistence Either Yes if “Persist over switch reboots” is defined in the flow or No. Frame Types Frame types as defined for the flow. Size NA Pattern NA Last Updated Time The time when the sub-flows were last updated.
44 Monitoring Flows Information displayed when Mirror enabled Table 151 describes information on sub-flows displayed in the Flows panel when you select Mirror from the Feature list above the Flows panel. TABLE 151 Flows panel information (Mirror feature selected) Column Information Displayed Sub Flow Id Sub-flow database ID. Target Switch Name of the target switch for the flow. Flow Name Name of flow as defined. Source SIDs as defined or learned.
Monitoring Flows 44 Using the Performance Graph You can access the Historical Graphs Tables dialog box (Figure 701), also called the Performance Graph, on the SAN tab using one of the following options: • Move flow definitions that you want to graph to the Flows panel in the Flow Vision dialog box, and then select the Graph button.
44 Monitoring Flows FIGURE 702 Historical Graph (Flow Measures selected) Control functions on the Historical Graphs/Tables dialog box, such as plotting new sub-flows and creating a flow performance monitor on the dashboard, as follows: 1602 - Plot different sub-flows and measures in the graph area by selecting them in the columns under Select Network Objects and Measures and moving them to the graph with the right arrow.
Dashboard flow performance monitor 44 Dashboard flow performance monitor Figure 703 shows a flow performance monitor that you can create using the Publish button on the Flow Vision performance graph (Historical Graphs/Tables dialog box). FIGURE 703 Flow performance monitor Use the dashboard flow performance monitor tool bar and right-click menus to control monitor display, and launch the Historical Graph/Table and Flow Monitor dialog box for the flow.
44 Flow Vision features Flow Vision features This section provides detailed information on the Flow Generator, Flow Mirror, and Flow Monitor features. Flow Mirror You can define flows with the feature enabled to select a traffic pattern and mirror this traffic to the CPU. You can then monitor sub-flows resulting from the definition to listen or snoop on traffic passing through a port. Flow Mirror supports the following functions: - Sending mirrored frames to the CPU. Mirroring frames in Layer 2 fabric.
Flow Vision features 44 • A maximum of 5 seconds worth of data is stored for any platform. • This feature is only supported on ports operating at 8 Gbps or less. Refer to “Flow parameter support” on page 1610 for more information on Flow Mirror feature limitations for flow definition parameters. Zoning considerations Zone checking is not required for the source device or destination device elements of a flow to be mirrored.
44 Flow Vision features Limitations and prerequisites The following limitations and prerequisites apply specifically to the Flow Monitor feature. • Bidirectional flows are supported for F_Ports only. For E_Ports, you must create a separate flow definition for each direction. • You cannot specify an asterisk in the Add Flow Definition dialog box to learn all hosts sending traffic to a LUN.
Flow Vision features 44 You can customize test flows by specifying the source, destination, a specific or random payload size, and payload pattern. Flow Generator source and destination ports emulate device entries in the Name Server database, where they are treated as real devices and so can be used to evaluate various switch and fabric operations, such as zoning, QoS, and traffic isolation. Simulated devices will display as virtual end devices.
44 Flow Vision features • A maximum of four flow generator flows is supported per port. Refer to “Flow parameter support” on page 1610 for more information on Flow Vision feature limitations for flow definition parameters. Port characteristics Ingress Port characteristics The source port must meet the following criteria. If it does not, the flow will be rejected. • • • • The port must be a 16 Gbps-capable Fibre Channel port. The port cannot be in the base switch.
Flow Vision features 44 Prior to creating and activating flows, use the steps under “Enabling and disabling SIM ports” on page 1609 to set the source device and destination device ports as SIM ports. Attributes of a SIM-port are as follows: • Simulates an F_Port on the switch. A SIM port simulates a fabric device using the port WWN or virtual WWN. It is added into the name server database and can be part of a zoning database (needed for learning mode).
44 Flow Vision features 1. Select an enabled SIM port on the local switch for the source device in the Product List, and then select Monitor > Fabric Vision > Flow > SIM Mode > Disable. 2. Select an Enabled SIM port on the local switch for the destination device in the Product List, and then select Monitor > Fabric Vision > Flow > SIM Mode > Disable. Zoning considerations For learning flows, Flow Generator requires several levels of zoning support when simulating traffic.
Context-based flow definitions TABLE 153 44 Supported basic flow parameters for Flow Vision features Parameter Flow Generator Flow Monitor Flow Mirror Destination device Supported Supported Supported Bidirectional Not applicable Supported Supported Table 154 lists the supported advanced flow configuration parameters for the Flow Vision Generator, Monitor, and Mirror applications.
44 Flow parameter and configuration rules and limitations TABLE 155 Flow definition based on context where Add Flow Definition dialog box launched Context Flow Created Definition parameters in dialog box Target port Flow definition created on the switch attached to the target port. Ingress switch port = Source Device = Destination Device = * Features = Monitor Switch Flow definition created on the selected switch.
Flow parameter and configuration rules and limitations 44 Supported basic flow parameter combinations Table 156 lists the supported flow identification parameter combinations for Add Flow Definition dialog box fields. TABLE 156 Basic flow identification rules Parameter Rules Ingress Port Egress Port • Both cannot be specified. • Values can only be fixed value. Source Device Destination Device • Either one or both can be specified.
44 Flow parameter and configuration rules and limitations Flow Mirror supported flow identification parameter combinations Table 157 lists the supported flow parameter combinations for Flow Mirror.
Accessing Flow Vision from other management application features TABLE 158 44 Flow parameter combinations for Flow Monitor Source Device Destination Device Ingress Port Egress Port LUN IDs Frame Type Bidirectional Description/ Notes Fixed value Fixed value Fixed value Not specified Fixed value Not specified Not specified LUN monitor without Frame Type needs both source device and destination device values (ASIC limitation) Fixed value Fixed value Not specified Fixed value Fixed value
44 Accessing Flow Vision from other management application features Bottleneck Detection Select a port from the Bottlenecks dialog box and select Add Flow to launch the Add Flow Definition dialog box.
Accessing Flow Vision from other management application features 44 Trace route and ping Select an row from the Forward Route, Reverse Route, and FC Ping tabs on the Trace Route Summary dialog box and select Add Flow to launch the Add Flow Definition dialog box. Use the Add Flow Definition dialog box to configure and monitor flows established by your selections on the Trace Route Summary dialog box.
44 Accessing Flow Vision from other management application features Table 161 describes how options are populated on the Add Flow Definition dialog box are populated according to the row selected on the Reverse Route tab, TABLE 161 Add Flow Definition dialog box options populated per Reverse Route selection Port Selected Options populated No rows selected Source Device = Source ID from source device port Destination Device = Destination ID from destination device port.
Accessing Flow Vision from other management application features TABLE 162 44 Add Flow Definition dialog box options populated per Reverse Route selection Row Selected Options populated Target row Source Device = * if port is on a 16-Gbps switch, otherwise empty. Destination Device = Target port ID. Ingress Port = Selected port's connected switch port number. Target Switch = Selected port's connected switch. Direction = Bidirectional If selected row is neither the first or last row.
Chapter 45 Frame Monitor In this chapter • Frame Monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Creating a custom frame monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Editing a frame monitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Assigning a frame monitor to a port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Finding frame monitor assignments . . . . . . . . . . . . . . . .
45 Frame Monitor Pre-defined frame types Pre-defined frame types include the following: • • • • • • • • • ABTS (Abort Sequence Basic Link Service command) BA_ACC (Abort Accept) IP SCSI SCSI Read SCSI Write SCSI RW SCSI-2 Reserve SCSI-3 Reserve Custom frame types In addition to the standard frame types, you can create custom frame types to gather statistics that fit your needs. To define a custom frame type, you must specify a series of offsets, bitmasks, and values.
Creating a custom frame monitor 45 Frame Monitoring requirements To configure Frame Monitoring, the following requirements must be met: • The switch must be running Fabric OS 7.0.0 or later. • Frame Monitoring requires the Advanced Performance Monitoring license and the Fabric Watch license. NOTE The Advanced Performance Monitoring license is required to configure frame monitors. The monitoring functionality requires the Fabric Watch license.
45 Creating a custom frame monitor 2. Select the Switch option. The Products / Monitors list displays the switches that support Frame Monitoring. 3. Enter the monitor data in the Configure Monitor area. 4. Select one or more switches in the Products / Monitors list, and click the right arrow button to assign the frame monitor to those switches. 5. Select the Port option. 6. Expand the switch in the Products / Ports list. The Monitors list displays all of the frame monitors defined for that switch. 7.
Editing a frame monitor 45 11. Click Start. The frame monitor configuration is applied to the switches. 12. Click Close after configuration is complete (indicated by “Completed” in the Progress column). Editing a frame monitor 1. Select Monitor > Fabric Watch > Frame Monitor. The Frame Monitor dialog box displays. 2. Select the Switch option. 3. Expand the Products / Monitors list to display the frame monitors for each switch. 4. Select a frame monitor and click the left arrow button.
45 Finding frame monitor assignments 6. Click the right arrow button to move the frame monitor to the selected ports. The Monitor Details list displays the monitors that are assigned to a selected port. If no monitors are assigned, or if more than one port is selected, the Monitor Details list does not display. 7. Click OK. The Frame Monitor Configuration Status dialog box displays. 8. Click Start. The frame monitor configuration is applied to the ports. 9.
Removing a frame monitor from a switch 45 8. Click Start. The frame monitor configuration is applied to the ports. 9. Click Close after configuration is complete (indicated by “Completed” in the Progress column). Removing a frame monitor from a switch When you remove a frame monitor from a switch, the frame monitor is automatically removed from all assigned ports in the switch. You can remove only custom frame types; you cannot remove the pre-defined frame types. 1.
Chapter 46 Power Center In this chapter • Power center overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Data monitoring . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • PoE power on demand . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Schedule PoE power deployment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • PoE thresholds. . . . . . . . . . . . . . . . . . . . . . .
46 Data monitoring Data monitoring Power Center enables you to view PoE data for ports and products in both table and chart formats. Viewing PoE data for products To view PoE data for a product, complete the following steps. 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select PoE Products from the View list. FIGURE 706 Power Center dialog box 3.
Data monitoring 46 • Allocation % — The percentage of allocated capacity. For example, if the Capacity (W) is 480 W and Allocation (W) is 120 W, then the Allocation percentage is 25. Only displays when the product running agent version 7.2.2 or later. If the product is running a agent version 7.2.1 or earlier, “-“ displays. • Consumption (W) — The power consumed by all powered devices connected to the product in Watts. • Consumption % — The current power consumed as a percentage of allocated power.
46 Data monitoring 4. Review the details in the Port Data list: • • • • • • Product filter — The name of the Product. Port filter — The port identifier. Name filter — The port name. Status filter — The Ethernet status of the port. Values include: Up and Down. State filter — The Ethernet state of the port. Values include: Enabled and Disabled. Admin State filter — The PoE administrative state of the port. Values include: On (enabled) and Off (disabled). • Oper.
Data monitoring 46 4. Use the following filters to sort the Port Data list: • • • • • • • Product filter Port filter Name filter Status filter State filter Admin State filter Oper. State filter The administrative state must be On for operational state to be On. • • • • • • • • • Allocation (W) filter Consumption (W) filter Consumption % filter Type filter Class filter Priority filter Mfr. filter. Model filter Software filter 5. Click Close to close the Power Center dialog box.
46 Data monitoring FIGURE 708 Attached Devices tab of the Properties dialog box 4. Review the details in the Attached Devices tab: • POE Port Count — The number of PoE ports, that have power devices which support LLDP, connected to the selected device. • • • • • • System name — The system name of the connected device. System capabilities — The system capabilities enabled on the remote system. Enabled capabilties — The system capabilities enabled on the connected device.
Data monitoring 46 • Med Serial number — The serial number on the connected device. • Med Manufacturer — The manufacturer name on the connected device. • Med Model name — The model name on the connected device. 5. Click OK to close the Properties dialog box. 6. Click Close to close the Power Center dialog box. Viewing PoE charts To view a PoE chart, complete the following steps. 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select Charts from the View list. 3.
46 Data monitoring FIGURE 710 Product Power Consumption Percentage bar graph Displays the power consumption percentages for all products in a bar graph using the following colors: • • • • • 0 – 20 % = Green 20 – 40 % = Blue 40 – 60 % = Yellow 60 – 80 % = Orange 80 – 100 % = Red Click a bar in the chart to display the products panel and highlight the corresponding products.
Data monitoring 46 FIGURE 712 Product Power Top Allocations stacked bar graph Displays the top five products with the highest power allocation values in Watts in a stacked bar graph. Click a bar in the chart to display the products panel and highlight the corresponding product. FIGURE 713 Product Power Top Consumers stacked bar graph Displays the top five products with the highest power consumption values in Watts in a stacked bar graph.
46 Data monitoring FIGURE 714 PoE Port Utilization pie chart Displays how many ports with PoE turned on and how many with connected devices in a pie chart using the following colors: • PoE Off = Red • PoE On - Unconnected = Blue • PoE On - Connected = Green Click the pie chart to display the products panel and highlight the All Products row. 4. Click Close to close the Power Center dialog box.
PoE power on demand 46 Configuring automatic data refresh To configure automatic refresh the PoE data, complete the following steps. 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select the Auto refresh check box to refresh the data automatically at a specified interval. 3. Select the auto refresh interval from the Interval (min) list. Options include: 15, 30, or 60. 4. Click Close to close the Power Center dialog box.
46 PoE power on demand 3. Select a product in the PoE Product list. The selected Product’s PoE ports display in the Port Data list. The PoE operational state (On or Off) for each port displays in the Admin State column. 4. Select one or more ports and click PoE On. 5. Click Yes on the confirmation message. The Deployment Status dialog box displays, which allows you to view the progress and status of the deployment. Click Abort to stop the deployment.
Schedule PoE power deployment 46 6. Click Close to close the Deployment Status dialog box. NOTE Closing the Deployment Status dialog box does not stop deployment. The updated PoE operational state of the selected port displays in the Admin State column. 7. Click Close to close the Power Center dialog box. Schedule PoE power deployment You can define a deployment schedule on a port, product, port group, or product group.
46 Schedule PoE power deployment FIGURE 716 Schedule PoE On/Off dialog box 4. (Ports only) Select a port from the Port list. 5. Enter a name for the schedule in the Schedule Name field. 6. Enter a description for the schedule in the Description field. 7. Select the Enable check box to enable the schedule. 8. Select the PoE On option to enable PoE. 9.
Schedule PoE power deployment 46 Configuring a one-time deployment schedule To configure a one-time schedule, complete the following steps. 1. Select One Time from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 3. Click the Date list to select a date from the calendar.
46 Schedule PoE power deployment Configuring a daily deployment schedule To configure a daily deployment schedule, complete the following steps. 1. Select Daily from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM.
Schedule PoE power deployment 46 Configuring a monthly deployment schedule To configure a monthly schedule, complete the following steps. 1. Select Monthly from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists. Where the hour value is from 1 through 12, the minute value is from 00 through 59, and the day or night value is AM or PM. 3. Select the day you want deployment to run from the Day of the Month list (1 through 31).
46 Schedule PoE power deployment Scheduling a power down deployment To schedule a power down deployment on one or more PoE-capable ports, complete the following steps. 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select PoE Products from the View list. 3. Select a port, product, port group, or product group in the PoE Product list and click Schedule PoE On/Off. The Schedule PoE On/Off dialog box displays. 4. (Ports only) Select a port from the Port list. 5.
Schedule PoE power deployment 46 Updating a power deployment schedule To update a power deployment on one or more PoE-capable ports, complete the following steps. 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select PoE Products from the View list. 3. Select a port, product, port group, or product group in the PoE Product list and click Schedule PoE On/Off. The Schedule PoE On/Off dialog box displays. 4. Select the schedule you want to update from the All Schedules list.
46 Schedule PoE power deployment Viewing the configured ports for a power deployment schedule To view all ports to which a power deployment schedule is configured, complete the following steps. 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select PoE Products from the View list. 3. Select a port, product, port group, or product group in the PoE Product list and click Schedule PoE On/Off. The Schedule PoE On/Off dialog box displays. 4.
Schedule PoE power deployment 46 • Type — The type of the device connected to the port. Values include: 802.3af and 802.3at. • Class — The class of the device connected to the port. Values include: Class 0 through Class 4. • Priority — The priority of the device connected to the port. Values include: invalid, critical, high, low, medium, and other. • Mfr.. — The manufacturer of the device connected to the port. This information is obtained using LLDP neighbor details command.
46 PoE thresholds PoE thresholds Power Center enables you to define a threshold on a product or port. You cannot define a threshold on a product group or port group. You can define Product thresholds using the following measures: • PoE Capacity — The total PoE capacity of the product in Watts. NOTE PoE capacity requires the product to be running agent version 7.2.2 or later. • PoE Allocation — The amount of allocated power to the product in Watts. • Allocation % — The percentage of available capacity.
PoE thresholds 46 FIGURE 718 Thresholds dialog box 3. Choose one of the following measures: • • • • • • PoE Capacity (The product must be running agent version 7.2.2 or later.) PoE Allocation Allocation % (The product must be running agent version 7.2.2 or later.) PoE Consumption Consumption % Allocations Count (The product must be running agent version 7.2.2 or later.) 4. Select one of the following from the Conditions list: • > • < • == 5.
46 PoE thresholds 7. Select the time period to be monitored for the number of threshold events in the Interval (min) list. The time period starts with the first event and runs its full duration if the event limit is not reached. Interval values, in minutes, include: • 15 • 30 • 60 Click Refresh on the Power Center dialog box to determine if any thresholds are triggered. 8. Click Add. The new threshold displays in the All Thresholds list. 9.
PoE thresholds 46 FIGURE 719 Thresholds dialog box 3. Choose one of the following measures: • Port allocation • Port consumption • Port consumption % 4. Select one of the following from the Conditions list: • > • < • == 5. Enter the number of events that must be generated to trigger the threshold event in the Value field. The value should not exceed the capacity of the product. If you select a percentage measure, the value should be less than or equal to 100. 6.
46 PoE thresholds 7. Select the time period to be monitored for the number of threshold events in the Interval (min) list. The time period starts with the first event and runs its full duration if the event limit is not reached. Interval values, in minutes, include: • 15 • 30 • 60 8. Click Add. The new threshold displays in the All Thresholds list. 9. Select the Enabled check box of the new threshold in the All Thresholds list to enable the threshold on the product. 10.
PoE thresholds 46 Updating a PoE threshold To update a PoE threshold, complete the following steps. 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select a product in the PoE Product list and click Thresholds. The Thresholds dialog box displays with the thresholds defined for that product. 3. Select the threshold you want to edit in the All Thresholds list. The selected threshold displays in the Thresholds Editor area. 4.
46 PoE thresholds 12. Click Refresh on the Power Center dialog box to determine if any thresholds are triggered. 13. Click Close to close the Power Center dialog box. Enabling PoE thresholds To enable PoE thresholds, complete the following steps. 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select a product in the PoE Product list and click Thresholds. The Thresholds dialog box displays with the thresholds defined for that product. 3.
Viewing PoE performance 46 Deleting PoE thresholds 1. Select Monitor > Power Center. The Power Center dialog box displays. 2. Select a product in the PoE Product list and click Thresholds. The Thresholds dialog box displays with the thresholds defined for that product. 3. Select the threshold you want to delete and click Delete. Select more than one threshold to delete by pressing Ctrl and clicking each threshold you want to delete. 4. Click Close to close the Thresholds dialog box. 5.
46 Viewing PoE performance FIGURE 720 Real Time Power Graphs/Tables dialog box 4. Select the measures you want to include and click the right arrow button to display it on the Data Monitoring tab. Product power measures include the following: • Allocation (W) • Allocation % 5. Click the Data Monitoring tab to view a performance monitoring graph or table. • Click the Graph option to view a performance graph. The legend under the graph shows what data each color represents.
Viewing PoE performance 46 6. Click the Collection Status Summary tab to view the following information: The Collection Status Summary tab provides a high level overview of all defined collectors. The information is displayed in the following columns: • Product - Shows the product name and IP address. There maybe multiple instances of the product name for each collectible assigned to the product. • Port - The port name when a port is selected.
46 Viewing PoE performance The Real Time Power Graphs/Tables dialog box displays. FIGURE 721 Real Time Power Graphs/Tables dialog box 4. Select the measures you want to include and click the right arrow button to display it on the Data Monitoring tab. Port power measures include the following: • Allocation (W) — snAgentPoePortWattage • Consumption (W) — snAgentPoePortConsumed • Consumption % 5. Click the Data Monitoring tab to view a performance monitoring graph or table.
Viewing PoE performance 46 6. Click the Collection Status Summary tab to view the following information: The Collection Status Summary tab provides a high level overview of all defined collectors. The information is displayed in the following columns: • Product - Shows the product name and IP address. There maybe multiple instances of the product name for each collectible assigned to the product. • Port - The port name when a port is selected.
Chapter 47 Policy Monitor In this chapter • Policy monitor overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Preconfigured policy monitors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing policy monitor status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing existing policy monitors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Adding a policy monitor . . . . . . . . . . . . . . . . . . . .
47 Policy monitor overview Fabric policy monitors Fabric policy monitors enable you to set the following policy monitors on SAN and Ethernet fabrics (refer to “Adding a policy monitor” on page 1673): • Check zoning status — This fabric policy monitor enables you to determine if zoning is enabled or disabled on the fabric. Zoning plays a key role in the management of device communication. When you enforce zoning, devices not in the same zone cannot communicate.
Policy monitor overview - 47 Fabric Assigned WWN — If the switch or Access Gateway (AG) port has a connected device port, the application finds the connected device ports and uses them for the ratio calculation. Some devices can function as both initiator and target.
47 Policy monitor overview Switch and router policy monitors Switch and router policy monitors enable you to set the following policy monitors on switches and routers. • Check connections: redundant connections to neighboring switches (SAN only) — This switch and router policy monitor enables you to determine if there are at least the minimum number of configured inter-switch links (ISLs) between each switch pair. The resiliency and redundancy of the fabric is an important aspect of the SAN topology.
Policy monitor overview 47 • Check if the product is configured to send events to this server — This switch and router policy monitor enables you to determine if the Management application server is registered as an SNMP recipient and Syslog recipient. If the server has multiple NICs, the server uses an IP address reachable from the switch for event registration. This policy cannot determine if the server is using a reachable IP address for the event registration.
47 Policy monitor overview For IronWare products, verifies SSH access is enabled and telnet access is disabled through CLI commands. Rule Violation Fix — If the policy monitor report shows a violation, enable SSH on the device. Disable Telnet settings on the device, if enabled. • Check for SNMPv3 (secure SNMP) configuration — This switch and router policy monitor enables you to check each target to see if SNMPv3 is active for device data transmission and SNMPv1 and SNMPv2 are not configured.
Policy monitor overview 47 Depending on how you discover the hosts, there are recommended configurations you should complete to avoid inaccuracy: - Fabric discovery for manual host enclosures to fabric connections (refer to “Discovering fabrics” on page 50) Make sure there are Brocade HBAs on the host. Make sure to configure the host port mapping. (refer to “Host port mapping overview” on page 589) - Host adaptor discovery with 2.
47 Preconfigured policy monitors - VM Manager plus Host discovery (refer to “VM Manager discovery” on page 141) Make sure there are Brocade HBAs (with a 2.1 or later driver) on the host. Make sure you discover the associated fabrics. Rule Violation Fix — If the policy monitor report shows a violation, the Administrator can add redundant connections (either a host to attached fabrics or attached fabrics to a target LUN or more inter-fabric routes) to establish a complete path from host to target LUN.
Viewing policy monitor status 47 Default IP Policy — Available for SAN products and contains the following values: • • • • Name — Default IP Policy Description — Default policy to run on all IP targets Frequency — Weekly Next Run — Next time the policy will run using the format: . For example, Fri Jun 08 08:00:00 PDT 2012.
47 Viewing existing policy monitors Viewing existing policy monitors To view existing policy monitors, complete the following steps. 1. Select Monitor > Policy Monitor (Figure 722). The Policy Monitor dialog box displays. FIGURE 722 Policy Monitor dialog box 2. Review the policy monitor details: • Name — The user-defined name of the policy. • Description — A description of the policy.
Adding a policy monitor 7. 47 To open the last executed report for a selected policy monitor, select a policy monitor and click Report (refer to “Viewing a policy monitor report” on page 1702). 8. To view the report history for all policy monitors, click History (refer to “Viewing historical reports for a policy monitor” on page 1705). 9.
47 Adding a policy monitor 3. Enter a user-defined name for the policy in the Name field. The name must be unique. It cannot be over 64 characters, nor can the field be empty. It cannot include asterisks. 4. Enter a description of the policy in the Description field. The description cannot be over 128 characters. It cannot include asterisks. 5.
Adding a policy monitor e. 47 Enter the initiator port limit in the Initiator Port Limit field. The default recommended threshold ratio is 20:1 (20 initiator ports to 1 target port). Therefore, if the ratio for the storage port is equal to or higher than 20:1, the policy monitor considers it as a violation and logs it in the report. f. Select the Check that all profiles are the same on each RBridge in an Ethernet fabric check box to determine if all RBridge profiles in an Ethernet fabric are the same.
47 Adding a policy monitor a. Select one or more of the following checks in the Available Checks list to include them in the policy monitor: For more information about these checks and fixes for rule violations, refer to “Switch and router policy monitors” on page 1666.
Adding a policy monitor d. 47 Select the switches or routers to which you want to apply this policy in the Available Switches/Routers list and click the right arrow button. NOTE You can use the All Fabrics and All SAN Switches targets (under the Product Groups > System Product Groups node) in the Available Switches/Routers list) for future provisioning. Select All Fabrics and click the right arrow button to apply this policy to all discovered fabrics.
47 Adding a policy monitor c. Select the Check for connections through two fabrics to each target LUN check box to determine if there are redundant connections between the host group and the target LUN. For more information about this check and a fix for rule violations, refer to “Host policy monitors” on page 1668. d. Select the hosts to which you want to apply this policy in the Available Hosts list and click the right arrow button.
Policy monitor scheduling 47 Policy monitor scheduling You can schedule a policy monitor to run automatically.
47 Editing a policy monitor 3. Click OK on the Schedule Properties dialog box. To finish configuring the policy monitor, return to step 6 of “Adding a policy monitor” on page 1673. Configuring a weekly policy monitor schedule To configure a weekly schedule, complete the following steps. 1. Select Weekly from the Frequency list. 2. Select the time of day you want deployment to run from the Time (hh:mm) lists.
Deleting a policy monitor 47 4. Change the description of the policy in the Description field. The description cannot be over 128 characters. It cannot include asterisks. 5. To edit the policy monitor checks, repeat step 5 through step 9 of “Adding a policy monitor” on page 1673. 6. Click OK on the Edit Monitor dialog box. The updated policy monitor displays in the Monitors list of the Policy Monitor dialog box. 7. Click Close on the Policy Monitor dialog box.
47 Configuration rules Predefined configuration rules The Management application provides the following predefined configuration rules: • No Interface Shutdown Rule — The rule fails when any interface (10 Gbps port or LAG) on the device shuts down. Table 165 defines the logical expressions for this rule.
Configuration rules TABLE 166 47 Port Profile Interface Rule expressions (Continued) AND/OR ( Block/Condition Name ) Details - Description/Condition/Configuration Network OS Interface Port Profiled Checks whether the interface port profiled. This condition should be used with in an interface block. Matches - Lines in any order port-profile-port End: Network OS LAG Interfaces ! Viewing configuration rule details 1. Select Monitor > Policy Monitor. The Policy Monitor dialog box displays. 2.
47 Configuration rules • Description — A description for the rule. The description cannot be over 1024 ASCII characters. • Library list — Contains a list of predefined and user-defined conditions or blocks. You cannot modify or delete predefined conditions or blocks. For more information, about predefined conditions and blocks, refer to “Predefined conditions” on page 1694 and “Predefined blocks” on page 1700.
Configuration rules 47 • Selected Conditions/Block list — Contains the logical expression of one or more conditions and blocks for the rule. The Selected Conditions/Block list contains the following details: AND/OR — To change the logical operator separator, select AND or OR from the AND/OR column. Valid values include AND and OR. The first item in a rule and the first connector in a block display empty fields and cannot be edited.
47 Configuration rules 4. Select Add > Configuration Rule. The Add Configuration Rule dialog box displays (Figure 727). 5. Enter a name for the rule in the Name field. The name cannot be over 128 characters. The only special characters allowed are an underscore (_) or space. 6. Enter a description for the rule in the Description field. The description cannot be over 1024 ASCII characters. 7.
Configuration rules 47 12. To move a condition or block down in the rule, select one condition or block (except the last item) and click Move Down. You can only move one item (condition or entire block) down at a time. If you move a condition from the first position in the rule or in a block, the logical operator (AND/OR column) is automatically populated. You can move a condition into a block by moving it between the start and end of a block.
47 Configuration rules 10. Click OK on the Add Monitor dialog box. The updated policy monitor displays in the Monitors table of the Policy Monitor dialog box. 11. Click Close on the Policy Monitor dialog box. Editing a configuration rule You can edit your own rules to compare content against a baseline. 1. Select Monitor > Policy Monitor. The Policy Monitor dialog box displays. 2. Click Edit. The Edit Monitor dialog box displays. 3. Click the Switch/Router Checks tab. 4.
Configuration rules 47 Importing a configuration rule You can import user-defined configuration rules (xml format) one at a time. Imported rules must meet the following criteria: • The rule cannot have the same name as a predefined configuration rule. • The rule cannot have any invalid rule or condition parameters. • The rule cannot have any invalid block parameters. 1. From the Add Monitor or Edit Monitor dialog box, select Import from the Export list. The Import Configuration Rule dialog box displays.
47 Configuration rules • Configuration the lines below list — Not available in the View Condition dialog box. • Configuration text box — The configuration lines with which you want to compare the product configuration. • Lines in exact order check box — Not available in the View Condition dialog box. • Remediation text box — Details how to correct the failure, if the condition fails. Remediation content displays in the Configuration Rule Report for each failed condition.
Configuration rules 47 6. Enter a user-defined name for the rule in the Name field. The name must be unique. The name cannot be over 128 characters. The only special character allowed is an underscore (_). 7. Enter a description of the rule in the Description field. The description cannot be over 1024 ASCII characters. 8. Select the backup configuration file you want to use by completing the following steps. a. Click the Product ellipsis button complete the steps in “Selecting a product” on page 1692.
47 Configuration rules Selecting a product You can only select one product at a time. 1. From the Add Condition dialog box, click the Product ellipsis button to select a product. The Select Product dialog box displays. 2. Select a product from the Available Products list, and click the right arrow button to move the product to the Selected Product table. The Available Products list contains the same fields as the IP Product list (refer to “IP Product List” on page 373). 3.
Configuration rules 47 Editing a user-defined configuration condition NOTE You cannot edit a predefined configuration condition. 1. Select Monitor > Policy Monitor. The Policy Monitor dialog box displays. 2. Click Edit. The Edit Monitor dialog box displays. 3. Click the Switch/Router Checks tab. 4. Select the configuration rule you want to edit in the Available Checks list and click Edit. The Edit Configuration Rule dialog box displays. 5. Select the user-defined condition you want to edit and click Edit.
47 Configuration rules Predefined conditions The Management application provides predefined conditions. Table 167 lists the predefined conditions that can be used in a block or at the configuration rule level. For example, interface conditions should be used in a port or LAG interface block and SNMP conditions can be used at the rule level.
Configuration rules TABLE 167 47 Predefined conditions (Continued) Name Description Use Matches/ regular Not Matches expression Configuration Lines in exact order Network OS SNMP community strings configured check Checks whether SNMP community strings are configured. Yes Matches snmp-server community private rw snmp-server community public No IronWare OS Interface name check Checks whether the port is named or not. Yes Matches port-name.
47 Configuration rules TABLE 167 Predefined conditions (Continued) Name Description Use Matches/ regular Not Matches expression Configuration Lines in exact order RFS Radio Interface check Checks whether the specified profile is configured with Radio interfaces. This condition should be used inside the profile block. If the profile name is not specified in the configuration or if the user selects all the profiles (profile.*), then it will match against the first available profile.
Configuration rules 47 5. Select the predefined block you want to view and click Edit/View. The View Block dialog box displays. This dialog box contains the following fields and components: • • • • Name — The name of the selected block. Description — The description of the selected block. Use regular expression check box — Not available for the View Block dialog box. Block Start — The start of the selected block used to match a block start label in the device configuration.
47 Configuration rules 6. Enter a user-defined name for the block in the Name field. The name must be unique. The name cannot be over 128 characters. The only special character allowed is an underscore (_). 7. Enter a description of the block in the Description field. The description cannot be over 1024 ASCII characters. 8. Select the Use regular expression check box to use a regular expression in the Block Start field. This enables you to match one or more blocks in the device configuration. 9.
Configuration rules 7. 47 Change the description of the rule in the Description field, if necessary. The description cannot be over 1024 ASCII characters. 8. To edit a configuration block, repeat step 8 through step 10 of “Adding a configuration block” on page 1697. 9. Click OK on the Add Block dialog box. 10. Click OK on the Edit Configuration Rule dialog box. 11. Click OK on the Edit Monitor dialog box. The updated policy monitor displays in the Monitors table of the Policy Monitor dialog box. 12.
47 Configuration rules Deleting conditions and blocks You can only delete user-defined conditions or blocks. Before you delete a user-defined condition or block, you must remove it from any rules. 1. From the Add Configuration Rule or Edit Configuration Rule dialog box, select one or more user-defined conditions or blocks you want to delete. 2. Click Delete. 3. Click Yes on the confirmation message. 4. Click OK on the Add Configuration Rule or Edit Configuration Rule dialog box.
Running a policy monitor 47 Running a policy monitor Before you run a policy monitor, make sure your policy monitors are valid. Valid policy monitors must have at least one policy selected with one or more targets. Management checks do not require a target. To run an existing policy monitor, complete the following steps. 1. Select Monitor > Policy Monitor. The Policy Monitor dialog box displays. 2. Select the policy you want to run in the Monitors list. 3. Click Run.
47 Viewing a policy monitor report Viewing a policy monitor report NOTE You must run the policy monitor at least once before you can view a report. To view an existing policy monitor report, complete the following steps. 1. Select Monitor > Policy Monitor. The Policy Monitor dialog box displays. 2. Select the policy for which you want to view a report in the Monitors list. 3. Click Report. NOTE If you have run this policy more than once, the latest report displays.
Viewing a policy monitor report Check the number of initiator ports zoned to each storage port is less than Configured_Value. This check provides the following additional detail for this check: 47 Storage Port — WWN of the storage port. Initiator Count — Number of initiator ports zoned to the storage port. Initiator Port — WWN of the initiator port. Zone — Zone name containing the initiator/storage port zoning pair. Check zones that do not contain any online member.
47 Viewing a policy monitor report Status — Whether the configurations matched (Passed) or did not match (Failed). Remote VLANs — Remote VLAN number. Remote Port — Name of the remote switch port. Remote Switch — Name and IP address of the remote switch. Configuration Rule Checks — Switch checks provide the following information for each selected check: - Block/Condition Name — Name of the block or condition. - Condition Details — Details about the condition.
Viewing historical reports for all policy monitors 47 Viewing historical reports for all policy monitors 1. Select Monitor > Policy Monitor. The Policy Monitor dialog box displays. 2. Click History. The Report History dialog box displays the last 10 reports run for all monitors. The Report History dialog box retains up to 10 reports for each policy monitor. • Name — Name of the policy monitor. • Date — Date and time the report was finished. • Result — Result of the policy monitor run.
Chapter 48 Fault Management In this chapter • Fault management overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Event notification. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Defining filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SNMP traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SNMP informs . . . . . . . . .
48 Event notification Restrictions The following items affect Fault Management operation. Supported IP address types The Management application receives traps and syslog messages for physical IP addresses only. Event Purging The default maximum number of days that historical events are stored is 365. You can select a different default (from 1 to 365 ) in the Options dialog box under Event Storage. Event Archiving The default number of days that purged events are archived is 30.
Event notification 48 2. Select the Enable E-mail Event Notification check box to enable the application to send e-mail messages in case of event notifications. 3. Enter the IP address or the name of the SMTP mail server that the server can use to send the e-mail notifications in the E-mail Server field. The Management application accepts IP addresses in IPv4 and IPv6 formats. The IPv4 format is valid when the operating system has IPv4 mode only or dual stack mode.
48 Defining filters Defining filters The Define Filter dialog box, shown in Figure 732, allows you to define event filters by product, event category, and severity. You can define event filters on SAN products, IP products, or hosts. Setting up basic event filtering To set up advanced event filtering on the selected events for a user, complete the following steps. 1. Select Server > Users. The Users dialog box displays. 2. Select a user in the Users list and click Edit. The Edit User dialog box displays.
Defining filters 48 6. Select the Allow Products check box to control whether or not all products are always displayed. 7. - When selected (the default), all products, even newly-added products, are added to the Selected Products to be displayed list. - If the check box is cleared, only the products listed in the Selected Products to be displayed list are shown in the Master Log and all newly-added products are added to the Available Products list.
48 Defining filters FIGURE 733 Define Filter dialog box - Advanced tab 5. Select the Start Date check box to display only the events that were logged after the specified start date. The default start date and time is the current date and time. 6. To include events in the event filter, complete the following steps. a. Select the event type you want to include from the Event Category list. All event types are listed in alphabetical order. b.
SNMP traps 7. 48 To exclude events from the event filter, complete the following steps. NOTE You can configure a maximum of ten filters to be included. a. Select the event type you want to remove from the Event Category list. All event types are listed in alphabetical order. b. Select the event column for the event from the Event Column list. All event columns are listed in alphabetical order. c. Enter all or part of the event type value in the Value Contains field. d.
48 SNMP traps • • • • • • “Adding an SNMP v1 or v2c community string” on page 1722 “Importing a new MIB into the Management application” on page 1723 “Trap customization” on page 1724 “Unregistering a registered trap” on page 1725 “Customizing a registered trap definition” on page 1726 “Reverting the customization of a registered trap to default” on page 1726 Adding a trap recipient to one or more switches The SNMP Trap Recipients dialog box allows you to register any recipient as a trap recipient on se
SNMP traps 48 5. Select the fabric or switches from the Available list and click the right arrow button to move it to the Selected list. You can select multiple products. NOTE For IP products and product groups, only switches are available to select. 6. If the selected product is a SAN or Network OS device, select a severity from the Severity list. Severity levels can be one of the following: None, Critical, Error, Warning, Info, or Debug. The Severity list is disabled for IP products.
48 SNMP traps To forward SNMP traps, complete the following steps. 1. Select Monitor > SNMP Setup > Trap Forwarding. The SNMP Trap Forwarding dialog box, shown in Figure 735, displays. FIGURE 735 SNMP Trap Forwarding dialog box Adding a trap destination The Add Trap Destination dialog box allows you to configure destinations for forwarding SNMP traps. To add a trap destination, complete the following steps. 1. Select Monitor > SNMP Setup > Trap Forwarding.
SNMP traps 48 FIGURE 736 Add Trap Destination dialog box 4. Enter a general description of the trap destination in the Description field. 5. Enter the IP address of the trap destination in the IP Address field. This is a mandatory field. IPv4 and IPv6 addresses are accepted, but a DNS name is not accepted. 6. Enter the SNMP trap listening port of the recipient in the Port # field. This is a mandatory field. Valid numeric values range from 1 through 65535.
48 SNMP traps FIGURE 737 Add Trap Filter dialog box 3. Enter a unique name for the trap filter in the Filter Name field. 4. Enter a general description of the trap filter in the Description field. 5. Select the Forward Application Messages check box to forward application events. 6. Select the Forward pseudo events check box to forward pseudo events. 7. Select a severity level from the Severity pulldown menu. The severity level can be one of the following, and appear in descending order of severity.
SNMP traps - 48 Info Debug Traps with the selected severity and those with higher severity levels are forwarded. For example, by default, Critical severity is selected. Therefore, traps with Critical, Alert, and Emergency severity levels are forwarded. To have all traps forwarded, select Debug, the lowest severity level. 8. Select the SAN, IP, or Hosts tab. Depending on the tab selected, the products available to which you can add a trap filter display in the Available Products list. 9.
48 SNMP traps FIGURE 738 Event Reception dialog box - Trap Credentials tab By default, the Management application receives SNMP v1 and v2c traps from IronWare OS and Network OS IP products that have any SNMP community strings. You can accept or restrict SNMP v1 and v2c traps by selecting one of the following check boxes in the Event Reception dialog box: • Do not accept SNMP v1/v2c traps Use this option to turn off receiving SNMP v1 and v2c traps.
SNMP traps TABLE 169 48 SNMP security and authentication SNMP credential type Privacy protocol Authentication Result v1 No authentication No privacy protocol Community string Uses a community string to match for authentication. v2c No authentication No privacy protocol Community string Uses a community string to match for authentication. v3 No authentication No privacy protocol User name Uses a user name to match for authentication.
48 SNMP traps 5. Select an authentication protocol from the Auth Protocol list. You can select -None-, HMAC-MD5, or HMAC_SHA. HMAC_MD5 is the default. If you select no authentication, the Management application uses the user name to match for authentication. 6. Type a password in the Auth Password field and re-type the password in the Auth Confirm Password field. 7. Select a privacy protocol from the Priv Protocol list. You can select -None-, CBC_DES, or CFB_AES_128.
SNMP traps 48 Importing a new MIB into the Management application The SNMP traps that the Management application receives must be registered in the Management application in order for these traps to be available. To register a trap, you must first identify the MIB file that contains the trap information in the mibs_to_compile.txt file. Then, you must register the traps using the Event Reception dialog box. To add the MIB file that contains the trap you want to register to mibs_to_compile.
48 SNMP traps Trap customization The Trap Configuration tab of the Event Reception dialog box enables you to configure the following settings: • Register and unregister various Management Information Bases (MIBs) • Customize trap description messages based on varbinds and severity and specify alias names Registering traps Traps must be registered in the Event Reception dialog box to make them available. To register traps, complete the following steps. 1. Select Monitor > SNMP Setup > Event Reception. 2.
SNMP traps 48 4. Select the trap you want to register. The SNMP name and Object Identification (OID) of the trap appear at the top line of the configuration pane. Also, the status of the trap shows Not Registered, which is the default definition of the trap. Details about the trap appear in the fields beneath the MIB Name field.
48 SNMP informs Customizing a registered trap definition To modify the definitions of registered traps, complete the following steps. 1. Click the Trap Configuration tab. 2. Click the Registered button. The Trap tree displays the MIBs that contain the registered traps. 3. Expand a MIB folder to display the traps that have been registered for that MIB. 4. Select a trap to display its current definition. You can change the severity, message, or alias of the trap. 5.
Syslogs 48 Enabling or disabling SNMP informs To enable or disable SNMP informs, complete the following steps. 1. Select Monitor > SNMP Setup > Informs. The SNMP Informs dialog box displays. 2. Select a product group from the Fabric / Products list. The products display in the SNMP Informs Capable Products list, where you can determine if the product’s status is enabled or disabled. 3.
48 Syslogs FIGURE 742 Syslog Recipients dialog box 2. Select Add from the Action list. 3. Enter the IP address of the syslog port (the recipient server) in the Recipient IP Address field. This is a mandatory field. IPv4 addresses are accepted, but a DNS name is not accepted. 4. Enter the syslog port of the recipient in the Recipient Port field. Valid numeric values range from 1 through 65535. The default value is 514. NOTE For IronWare products, a non-default port can be registered.
Syslogs 48 The Management application removes the recipient from the managed switches. Syslog forwarding The Syslog Forwarding dialog box enables the Management application to forward syslog events to a destination on another host. You can use the Syslog Forwarding feature to set up filters to determine which syslog events will be forwarded. Adding a syslog forwarding destination The Add Syslog Destination dialog box allows you to configure destinations for forwarding syslog events.
48 Syslogs FIGURE 744 Add Syslog Destination dialog box 4. Enter a general description of the syslog destination in the Description field. 5. Enter the IP address of the syslog destination in the IP Address field. This is a mandatory field. IPv4 and IPv6 addresses are accepted, but a DNS name is not accepted. 6. Enter the syslog listening port of the recipient in the Port # field. This is a mandatory field. Valid numeric values range from 1 through 65535. The default is 514. 7.
Syslogs 48 FIGURE 745 Add Syslog Filter dialog box 4. Enter a unique name for the syslog filter in the Filter Name field. 5. Enter a general description of the syslog filter in the Description field. 6. (Optional) For additional filtering, enter a text string using from 1 through 512 characters or wild card symbols in the Regular Expression field. The regular expression is used to describe a pattern in text. You can use an asterisk (*) to indicate a wildcard, as in the following examples: 7.
48 Event action definitions 10. Select the product from the Available Products list and click the right arrow button to move it to the Selected Products list. 11. Click OK. Snort message forwarding Snort is a third-party tool that monitors network traffic in real time. When Snort detects dangerous payloads or other abnormal behavior, it sends an alert to the syslog in real time.
Event action definitions 48 FIGURE 746 Event Actions dialog box 2. Click Add to display the Identification pane of the dialog box. 3. Enter a name and description for the event action and select the Enabled check box. 4. Click Next to advance to the Events pane. Selecting an event for an event action To select an event for an event action, complete the following steps. 1. Select Monitor > Event Processing > Event Actions. The Event Actions dialog box displays. 2. Click Next to advance to the Events pane.
48 Event action definitions FIGURE 747 Add Event Action dialog box - Events pane 3. Select one of the following event types from the Show list: - Traps (default) Application Events Pseudo Events Custom Events Snort® Message Depending on what event type you select, a box listing the available events or pseudo events displays. 4. By default, all traps are listed in the Available Traps list, under the folders for the MIB to which they belong.
Event action definitions 48 8. If you selected Pseudo Events in step 3, select one or more of the pseudo events you created that you want to include in the definition, then click the right arrow button to move it to the Selected Pseudo Events list. 9. If you selected Custom Events in step 3, click Next to accept the defaults; otherwise, select the Event Category, Severity, Message ID, and Description Contains, as required. 10.
48 Event action definitions 4. For each varbind in the Selected Varbinds list, select one of the following operations for the condition you want to filter: - = – Equal to != – Not equal < – Less than > – Greater than >= – Greater than or equal to <= – Less than or equal to In – Matches collection Not_in – Does not match collection ~ – Arbitrary Unicode regular expression 5. Enter the value of the varbind. The value you enter must conform to the data type required by the varbind.
Event action definitions 48 To configure the identity of the event action source, complete the following steps. 1. Select Monitor > Event Processing > Event Actions. The Event Actions dialog box displays. 2. Click Next to advance to the Sources pane. 3. Click the Provide the IP Address / Node WWN / Name of the source button if you want to manually enter the IP address, the world wide name (WWN), or the name of the source in the IP Address field. 4.
48 Event action definitions Configuring event action policies The Policy pane of the Add Event Action dialog box, shown in Figure 750, allows you to define the frequency of the event, enter a message for an event that will be displayed in the event log, and specify the event severity. FIGURE 750 Policy pane of the Add Event Action dialog box To configure the event action policies, complete the following steps. 1.
Event action definitions 48 4. Indicate how often the policy is to be reset. You can choose one of the following options: - Reset immediately - Repeats the policy as soon as the specified action has been applied. Wait until ____ seconds or minutes - If this parameter is selected, the policy will not be applied to the product for the specified duration of time. Enter the duration in minutes or hours.
48 Event action definitions To configure the policies for the event action, complete the following steps. 1. Select Apply as a Logging Policy to indicate whether or not you want the event occurrence to be logged in the Management application database: - Select Log to log the occurrence in the Management application database and Master Log. - Select Drop to not log the occurrence in the Management application database or Master Log.
Event action definitions 48 8. The Mark as Special Events check box is unselected by default. Leave it this way if you want the event action to be added to the Special Event Handling event action category. Refer to “Special events handling” for more complete information. 9. Click the Collect support save check box to enable SupportSave on the event. The check box is unselected by default. 10.
48 Event action definitions - Event Sender: Deploy the payload to the product that sent the event. If the event was sent by a non-IronWare OS or Network OS product, the event action will not be deployed to that product. - Derived from: Deploy the payload to the product that matches the IP address as specified in the attribute of the selected source. If the matching product is a non-IronWare OS or Network OS product, the event action will not be deployed to that product.
Event action definitions 48 Acknowledging special events When the Management application receives and processes events selected as special events, the following status bar icon displays: FIGURE 752 Status bar with highlighted special events icon To configure special event acknowledgements, complete the following steps. 1. Click the special events icon to launch the Special Events dialog box, shown in Figure 753.
48 Event action definitions Configuring event action e-mail settings The Action Group - E-Mail Settings pane of the Add Event Action dialog box, shown in Figure 754, allows you to select e-mail recipients from a list, add new e-mail recipients, and compose e-mail messages. FIGURE 754 Action Group - E-Mail Settings pane of the Add Event Action dialog box To configure the e-mail settings for the event action, complete the following steps. 1.
Event action definitions 48 5. If you want an epilogue to be placed at the end of the e-mail message, enter up to 255 characters in the Body Epilogue field. NOTE The prologue, the event action message, and the epilogue form the body of the e-mail alert. 6. Click Finish. The Summary pane of the Edit Event Action dialog box displays an overview of the e-mail configuration you are creating. 7. Review your entries and take one of the following actions: - Click Finish to approve the configuration.
48 Event action definitions 3. Click Edit to display the Edit Event Action dialog box. 4. Make the changes you want to make to the definition. You can perform this action in any of the panes of the Add Event Action dialog box. 5. Click Finish to save your definition. Deleting an event action definition To delete an event action definition, complete the following steps. 1. Select Monitor > Event Processing > Event Actions. The Event Actions dialog box displays. 2.
Event action definitions 48 2. Click the Import Snort® Rule button. The Import Snort® Rule File dialog box displays, shown in Figure 756. FIGURE 756 Import Snort® Rule File dialog box 3. Enter the complete path of the Snort rule file located on the Syslog server. 4. Click OK to import the Snort rules. 5. While still in the Add Event Action dialog box, continue to click Next until you advance to the Action Group - Actions pane. 6.
48 Pseudo events Pseudo events A pseudo event is a combination of different SNMP traps that you decide would constitute a single event. For example, there are two separate SNMP traps for link up and link down occurrences. You might decide that these two occurrences should be just one event. Displaying pseudo event definitions To display the properties of a pseudo event definition, complete the following steps. 1. Select Monitor > Event Processing > Pseudo Events.
Pseudo events 48 Setting pseudo event policies The Policy pane of the Add Pseudo Event dialog box, shown in Figure 758, allows you to create escalation, resolve, and flapping policies for the pseudo event, and then specify the time duration for each of these policies in minutes or seconds. FIGURE 758 Policy pane of the Add Pseudo Event dialog box To create policies for a pseudo event definition, complete the following steps. 1.
48 Pseudo events 3. Click the Flapping button to create a flapping policy, and then enter the number of occurrences and the duration of time before the Management application performs the action specified in an event action. Specify the number of flapping times in minutes or seconds. The flapping policy checks to see if the event consistently transitions between two opposite states during a specified length of time. If it does, then the specified action in the definition is performed.
Pseudo events 48 FIGURE 759 Events pane of the Add Pseudo Event dialog box 3. From the Available Traps list, select the trap for the down state of a product or interface. By default, all traps known to the Management application are included in the Available Traps list, which is a list of all traps that are available based on the MIB and filter criteria. 4. Select a trap for the Selected Down Trap list and a trap for the Selected Up Trap list. You cannot select the same trap for up and down conditions.
48 Pseudo events Creating a pseudo event definition by copying an existing definition You can create a pseudo event definition by copying an existing definition. To create a pseudo event definition by copying an existing definition, complete the following steps. 1. Select Monitor > Event Processing > Pseudo Events. 2. Select the pseudo event definition that you want to copy from the Pseudo Events list. 3. Click the Duplicate button. The Pseudo Events dialog box, shown in Figure 757, displays.
Pseudo events 48 4. Click Yes to delete the selected definition. The definition is removed from the Pseudo Events list. Adding a pseudo event on the escalation policy Use the escalation policy to be notified if a critical event occurs on a product, port, or system. When the event occurs, the escalation policy waits for a duration of time to see if the event remains in that state. If it does, then the specified action in the definition is performed.
48 Pseudo events Creating an event action with a pseudo event on the escalation policy To create an event action with a pseudo event on the escalation policy, complete the following steps. 1. Select Monitor > Event Processing > Event Actions. The Event Actions dialog box displays. 2. Click Add to display the Identification pane of the Add Event Action dialog box. 3. Enter a name and description for the event action and select the Enabled check box to enable the event. 4.
Pseudo events 48 17. If you want an epilogue to be placed at the end of the e-mail message, enter up to 255 characters in the Body Epilogue field. NOTE The prologue, the event action message, and the epilogue form the body of the e-mail alert. 18. Click Next to advance to the Summary pane. 19. Click Finish. The Summary pane of the Add Event Action dialog box displays an overview of the e-mail configuration you are creating.
48 Pseudo events Creating an event action with a pseudo event on the resolving policy To create an event action with a pseudo event on the resolving policy, complete the following steps. 1. Select Monitor > Event Processing > Event Actions. The Event Actions dialog box displays. 2. Click Add to display the Identification pane of the Add Event Action dialog box. 3. Enter a name and description for the event action and select the Enabled check box to enable the event. 4.
Pseudo events 48 Adding a pseudo event on the flapping policy The flapping policy checks to see if the event consistently transitions between two opposite states during a specified length of time. If it does, then the specified action in the definition is performed. The following two-part procedure uses both the Add Pseudo Events dialog box and the Add Event Actions dialog box to create an event action with the flapping policy. To add a pseudo event on the flapping policy, complete the following steps. 1.
48 Pseudo events 6. Select the pseudo event you created and click Next. The Sources pane of the Add Event Action dialog box displays. 7. Select the source that you will use to monitor this event from the Selected Sources list. 8. Click Next to advance to the Policy pane of the Add Event Action dialog box. The Policy pane of the Add Event Action dialog box displays. 9. Click the Take actions for the selected events when they occur button if you want to take action for the selected events when they occur.
Event custom reports 48 14. Select the Apply as a Logging Policy check box to indicate whether or not you want the event occurrence to be logged in the Management application database: - Select Log to log the occurrence in the Management application database. Select Drop to not log the occurrence in the Management application database. 15. Click Next to advance to the Summary pane. 16. Click Finish. For more information about adding an event action, refer to “Event action definitions” on page 1732.
48 Event custom reports Defining report settings You can configure report settings so that you see only a restricted set of information in a report. NOTE You can change the number of displayed event custom report records by following the procedure in “Configuring custom report preferences” on page 211. By default, 1000 records display, even if the event count is greater than 1000. NOTE You must first enter a name and title on the Identification tab before you can run the result settings.
Event custom reports 48 NOTE The Available Column list lists the attributes you can include in the report. Each attribute represents a column on the report. 5. Select the attribute you want, then click the right arrow to move your selection to the Selected Columns list. To remove an attribute from the Selected Columns list, select the attribute that you want to remove, then click the left arrow button.
48 Event custom reports FIGURE 762 Add/Edit Report Definition dialog box - Identification tab 5. In the Name field, enter a name for the definition. This name appears under the Name column on the Report Definitions tab of the Event Custom Reports dialog box. This name must be unique for each report group. This is a required parameter. 6. In the Title field, enter a title for the definition, which will be used as the title of a generated report. This is a required parameter. 7.
Event custom reports 48 10. Select the roles that will have view and run access to this definition, then press the right arrow button to move the role in the Selected Roles list. All Management application users who have the selected roles will be able to view, copy, and run the definition. NOTE You can share the available users definition with specific Management application users.
48 Event custom reports FIGURE 763 Add/Edit Report Definition dialog box - Product tab 4. Click the Filter tab. The Add/Edit Report Definition dialog box - Filter tab, shown in Figure 764, displays.
Event custom reports 48 5. To limit the search results to traps, syslog, and pseudo event messages with a specific text string, enter the text string in the Description field. You can use an asterisk (*) to indicate a wildcard, as in the following examples: - *cdef: Matches a message ending with cdef abc*: Matches a message beginning with abc *abc*: Matches a message that contains abc For example, if you want to find the events that have the text “Auth” in the message, enter “*Auth*”.
48 Event custom reports FIGURE 765 Add/Edit Report Definition dialog box - Time Settings tab 4. Choose between relative time (the default) and absolute time. - Click Relative Time if you want to filter traffic based on when the report is generated, and then select a relative time from the Range list. Relative time is calculated based on the date and time the report is generated. - Click Absolute Time if you want to filter traffic sent at a specific date and time. a.
Event custom reports 48 Creating a new report definition by copying an existing definition The simplest way to create a new report definition is by copying an existing definition. To create a new report definition is by copying an existing definition, complete the following steps. 1. Select the definition you want to copy from the Report Definitions tab of the Event Custom Reports dialog box. 2. Click Duplicate.
48 Event custom report schedules Deleting a report definition You can delete a report definition, but only if it belongs to you. To delete a report definition, complete the following steps. 1. To access the dialog box, select Reports > Event Custom Reports. The Event Custom Reports dialog box displays. 2. Click the Report Definitions tab of the Event Custom Reports dialog box and select the definition you want to delete. 3. Click the Delete button.
Event custom report schedules • • • • 48 Duplicate — Creates a copy of the selected report schedule. Delete — Deletes the selected schedule from the Schedules list. Enable — Enables the selected schedule. Disable — Disables the selected schedule.
48 Event custom report schedules 7. Select one of the following periods from the Frequency list: - One Time - Daily — If you selected Daily as the schedule type, Time (hh:mm) appears. - Monthly — If you selected Monthly as the schedule type, Day of the month appears. Select the day of the month when the report will be generated. - Yearly — If you selected Yearly as the schedule type, Day of the year appears. Select the day of the year when the report will be generated.
Event logs 48 Event logs You can view all events that take place through the Master Log at the bottom of the main window. You can also view a specific log by selecting an option from the Logs submenu of the Monitor menu. The logs are described in the following list: • Audit Log — Displays all Application Events raised by the application modules and all Audit Syslog messages from the switches and Brocade HBAs.
48 Event logs 2. Select the rows you want to copy: - To select contiguous rows, select the first row you want to copy, press Shift, and click the contiguous row or rows you want to copy. - To select non-contiguous rows, select the first row you want to copy, press CTRL, and click the additional row or rows you want to copy. 3. Right-click one of the selected rows and select Copy Rows. 4. Open the application to which you want to paste the data. 5. Click where you want to paste the data. 6.
Event logs 48 5. Click Save. All data and column headings are exported to the text file. 6. Click Close to close the dialog box. E-mailing all event details from the Master Log NOTE You must configure e-mail notification before you can e-mail event details from the Master Log. To configure e-mail notification, refer to “Configuring e-mail notification” on page 1708. To e-mail all event details from the Master Log, complete the following steps. 1. Right-click an entry in the Master Log. 2.
48 Event logs Displaying event properties from the Master Log You can view detailed information for an event. NOTE Network OS events display in both the SAN and IP tab of the Master Log. To display event details from the Master Log, complete the following steps. 1. Right-click an entry in the Master Log. 2. Select Properties. The Event Properties dialog box, shown in Table 170, displays. 3. Review the information.
Event logs TABLE 170 48 Event Properties (Continued) Event Field Description Module Name The module associated with the event. Source Address The IP address of the source. Acknowledged Indicates whether the event has been acknowledged. 4. Click Close to close the Event Properties dialog box. Copying part of the Master Log You can copy data from logs to other applications. Use this method to analyze or store the data using another tool.
48 Event logs Exporting the Master Log You can export the Master Log to a tab-delimited text file. Use this method to analyze or store the data using another tool. To export the Master Log, complete the following steps. 1. Right-click an entry in the Master Log. 2. Select Table > Export Table. The Save table to a tab delimited file dialog box displays. 3. Browse to the location where you want to export the data. 4. Enter a name for the file in the File Name field. 5. Click Save.
Event logs 48 FIGURE 768 Master Log Filter menu 2. If you do not see the filter you want, click the … button immediately to the left of the menu. The Define Filters dialog box displays. FIGURE 769 Define Filter dialog box - Basic tab, IP tab selected 3. Use the following to include or exclude products. - To include an event type in the filter, select the event from the Available Products list and click the right arrow.
48 Event logs 5. From the Selected Event Category and Severity to be displayed list, select one of the following severity levels to assigned to the selected event action: - Emergency Alert Critical Errors Warning Notice Info Debug Unknown Clear the severity level check boxes to turn off the filter for the selected events. 6.
Event logs 48 Duplicating a Filter To duplicate a filter, select the filter you want to duplicate in Filters panel and click Add. The content of the selected filter will be loaded, but with the name field left blank. Enter a name for the new filter and click OK. Deleting a Filter To delete a filter, select the filter and click Delete. Deleting a filter removes the filter name from the Filters panel of the Define Filters dialog box. A filter is not permanently deleted until you click OK.
Chapter Packet Capture (Pcap) 49 In this chapter • Configuring packet captures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1781 Configuring packet captures Organizations can configure switches as sensors to capture packets through the embedded sFlow capability and send them back to the Management application, which acts as an sFlow collector. The Management application then converts the sFlow data to Pcap format, which is understood by a variety of open source products.
49 Configuring packet captures 5. Enter the full path of the command that will be invoked to launch the PCAP-aware tool into the Pcap Tool Location text box. For example, if SNORT is installed under the C:\\SNORT\ directory, enter the following commands to launch SNORT: C:\\SNORT\bin\SNORT.exe -c C:\\SNORT\etc\SNORT.conf -Xeds -K none 6. Specify the working directory for the PCAP-aware tool in the Working Directory text box.
Chapter 50 Monitoring and Alerting Policy Suite In this chapter • Monitoring and Alerting Policy Suite overview. . . . . . . . . . . . . . . . . . . . . . • MAPS interoperability with other features . . . . . . . . . . . . . . . . . . . . . . . . . • MAPS category, object, and measure hierarchy . . . . . . . . . . . . . . . . . . . . • MAPS monitoring categories. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • MAPS policies . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
50 Monitoring and Alerting Policy Suite overview Supported hardware MAPS is only supported on Fabric OS devices running Fabric OS 7.2.0 or later. NOTE MAPS is not supported on DCB devices. MAPS license requirements MAPS is supported on all versions of the Management application with SAN management. MAPS is supported on Fabric OS devices running 7.1 or earlier with the Fabric Watch and Performance Monitor license. MAPS is supported on Fabric OS devices running 7.2 or later with the Fabric Vision license.
MAPS interoperability with other features 50 Enabling MAPS on a device You can enable MAPS on one or more devices at the same time. Enabling MAPS on a device converts existing Fabric Watch thresholds to MAPS policies and the active thresholds currently monitored by Fabric Watch will continue to be monitored through MAPS. 1. Select Monitor > Fabric Vision > MAPS > Enable. The Enable MAPS dialog box displays (Figure 771).
50 MAPS interoperability with other features Configuration upload and download MAPS configuration is stored in separate configuration files. The default MAPS configuration is stored in one configuration file. The user-created configuration is stored in another configuration file. One user configuration file exists for each logical switch. You cannot upload and download the default MAPS configuration file. A configuration upload or download affects only the user-created configuration files.
MAPS interoperability with other features 50 • Frame Monitor — Only displays switches that do not have MAPs-enabled. A “None of the Fabric Watch specific operations can be performed on this switch because the MAPS (Monitoring and Alerting Policy Suite) are enabled.” error message displays. • Performance Thresholds — Only displays switches that do not have MAPs-enabled.
50 MAPS interoperability with other features TABLE 171 Fabric Watch supported RAS event IDs Category Measure Unit label RAS event ID Port Health CRC — CRC errors Count 1182 ITW — Invalid transmit words Count 1178 LOSS_SYNC — Loss of synchronization Count 1166 LF — Link failure Count 1162 LOSS_SIGNAL — Signal loss Count 1170 PE — Protocol errors Count 1174 LR — Link reset Count 1198 C3TXTO — Class 3 timeout Count 1202 STATE_CHG — State changes Count 1194 CURRENT — SFP tran
50 MAPS interoperability with other features TABLE 171 Fabric Watch supported RAS event IDs (Continued) Category Measure Unit label RAS event ID Fabric State Changes DID_CHG — Domain ID change Count 1123 FLOGI — Fabric login Count 1135 FAB_CFG — Fabric reconfigurations Count 1119 EPORT_DOWN — E_Ports down Count 1115 FAB_SEG — Fabric segmentation Count 1127 ZONE_CHG — Zone changes Count 1131 FRU Health Security Health Brocade Network Advisor SAN + IP User Manual 53-1002949-01 2
50 MAPS interoperability with other features TABLE 171 Fabric Watch supported RAS event IDs (Continued) Category Measure Unit label RAS event ID Switch Resources TEMP — Temperature sensor N/A 1002 1003 1004 FLASH_USAGE — Flash usage % 1402 CPU — CPU usage % 1404 MEMORY_USAGE — Memory usage % 1404 1406 CIR_STATE — FCIP circuit state changes Count 3020 CIR_UTIL — FCIP circuit utilization % 3012 CIR_PKTLOSS — FCIP packet loss % 3016 RX — Receive bandwidth usage percentage % 1186
MAPS category, object, and measure hierarchy 50 MAPS category, object, and measure hierarchy Fabric measures and events are organized in a hierarchy by category, object, and measure. There is a category, object, and measure associated with every monitored behavior. Categories are the highest level in the system, subdivided into one or more objects. Objects contain one or more measures. An example of a very simple category, object, measure hierarchy follows.
50 MAPS category, object, and measure hierarchy MAPS categories, measures, and actions Table 173 details the object types for each category, the threshold measures for each object type, and the action you can configure when a threshold is crossed.
MAPS category, object, and measure hierarchy TABLE 173 50 Monitors and actions by category (Continued) Category Objects Measures Possible actions Security Health Local Switch SEC_DCC — Device connection control violations SEC_HTTP — HTTP violations SEC_CMD — Illegal command SEC_IDB — Incompatible security DB SEC_LV — Login violations SEC_CERT — Invalid certifications SEC_FCS — No Fabric Configuration Server (FCS) switch SEC_SCC — Switch Connection Control violations SEC_AUTH_FAIL: — Authentication
50 MAPS monitoring categories MAPS monitoring categories MAPS enables you to monitor the independent components that are listed in this section by creating policies. Policies are a series of rules that define thresholds for measures and actions to take when a threshold is triggered. Port monitoring category The Port category monitors port statistics and takes action based on the configured thresholds and actions.
MAPS monitoring categories TABLE 174 50 Port measures (Continued) Measure Description SFP Current The amount of supplied current to the SFP transceiver. Current area events indicate hardware failures. SFP Receive power (RXP) The amount of incoming laser, in microwatts (µw). This is used to help determine if the SFP transceiver is in good working condition. If the counter often exceeds the threshold, the SFP transceiver is deteriorating.
50 MAPS monitoring categories TABLE 175 Switch status measures Measure Description Missing SFPs1 (MISSING_SFP) Ports that are missing SFP transceiver. Error 1. Ports1 (ERR_PORTS) Ports with errors. Marginal ports, faulty ports, error ports, and missing SFP transceivers are calculated as a percentage of the physical ports (excluding FCoE and VE_Ports).
MAPS monitoring categories 50 FRU monitoring category The FRU category enables you to define rules for field replaceable units (FRU), including ports, power supplies, and flash memory. Table 177 lists measures in the FRU category and describes each measure. Possible states for all FRU measures are faulty, inserted, on, off, ready, and up. TABLE 177 FRU measures Measure Description Power Supplies (PS_STATE) State of a power supply has changed. Fans (FAN_STATE) State of a fan has changed.
50 MAPS monitoring categories Resource monitoring category The Resource category monitors the system RAM, flash, CPU, and memory. The Resource category uses monitors to perform the following tasks: • Configure thresholds for MAPS event monitoring and reporting for the environment and resource classes. Environment thresholds enable temperature monitoring, and resource thresholds enable monitoring of flash memory. • Configure memory or CPU usage parameters on the switch or display memory or CPU usage.
MAPS monitoring categories 50 Traffic/Flows monitoring category The Traffic/Flows category groups areas that track the source and destination of traffic and flows. Use traffic and flow thresholds and alarms to determine traffic load and flow and to reallocate resources appropriately. Table 181 lists measures in the Traffic/Flows category and describes each measure.
50 MAPS policies MAPS policies A MAPS policy is a set of rules that define thresholds for measures and action to take when a threshold is triggered. When you enable a policy, all of the rules in the policy are in effect. A device can have multiple policies. For example, you can have a policy for everyday use and you can have another policy for when you are running backups or performing switch maintenance. However, only one policy can be active at a time.
MAPS rules 50 Fabric Watch legacy policies You cannot return Fabric Watch once you activate MAPS (or migrate to MAPS). When you migrate from Fabric Watch to MAPS, three policies are automatically created: • fw_custom_policy Contains all of the monitoring rules based on the custom thresholds configured in Fabric Watch, even if the rules have the same parameters as the default rules. • fw_default_policy Contains all of the monitoring rules based on the default thresholds configured in Fabric Watch.
50 MAPS conditions • The condition. Each rule specifies a single condition. A condition includes a time base and a threshold. Refer to “MAPS conditions” on page 1802 for additional information. • The actions to take if the condition is evaluated to be true. Refer to “MAPS actions” on page 1803 for additional information. The combination of actions, conditions, and measures allow you to create a rule for almost any scenario required for your environment.
MAPS actions 50 MAPS actions MAPS provides actions (event notifications) in several different formats to ensure that event details are accessible from all platforms and operating systems. In response to an event, MAPS can record event data as any (or all) of the following alarm options. To enable MAPS actions, refer to “Enabling or disabling policy actions for all policies” on page 1805.
50 MAPS actions E-mail An e-mail alert sends information about a switch event to a specified e-mail address. An e-mail alert can send information about any error from any element, area, and class (only one e-mail recipient can be configured per class). The e-mail alert specifies the threshold and describes the event, much like an error message. To configure multiple e-mail recipients, refer to “Configuring e-mail notification” on page 1806.
MAPS actions 50 SNMP MIB support MAPS requires SNMP management information base (MIB) support on the device for management information collection. For a list of required MIBs, refer to Table 182.
50 MAPS actions • Switch Status Critical — Use to set the switch status to critical • Switch Status Marginal. — Use to set the switch status to marginal. For a complete list of categories and the associated measures and actions, refer to “MAPS categories, measures, and actions” on page 1792. 4. Click OK on the MAPS Policy Actions dialog box. 5. Click Close on the MAPS Configuration dialog box.
MAPS actions 50 6. Click OK on the MAPS E-Mail Setup dialog box. 7. Click Close on the MAPS Configuration dialog box. Viewing MAPS policy data You can view the MAPS-capable devices and the associated MAPS policies and actions. 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays (Figure 772). Sort the contents by clicking the column header. Click the same column header again to reverse the sort order.
50 MAPS actions SFP Status Marginal — If check mark displays, sets the SFP status to marginal when triggered. Switch Status Marginal. — If check mark displays, sets the switch status to marginal when triggered. Switch Status Critical — If check mark displays, sets the switch status to critical when triggered. Violations button — Select an object (switch or fabric) and click to open the Violations dialog box for the selected object. For more information, refer to “Viewing MAPS violations” on page 1827.
MAPS actions 50 Configuring a MAPS policy 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays. 2. Click Add. The Add Policy dialog box displays (Figure 773). FIGURE 773 Add Policy dialog box 3. Enter a name for the policy in the Name field. The policy name can be up to 32 characters and can only contain of alphanumeric and underscore characters. 4.
50 MAPS actions • Security tab — Rules defined on this tab measure thresholds at the switch level to detect out of range security changes. • Resource tab — Rules defined on this tab measure thresholds on temperature sensors or at the chassis level to detect out of range resource usage. • FCIP tab — Rules defined on this tab measure thresholds on FCIP circuits to detect out of range state, utilization, or packet loss.
MAPS actions 50 8. Enter a threshold value in the Threshold field. Valid values include 1 through 1,000 for numerical values and 0.00 through 100.00 for percentage measures. For the SFP_TEMP measure in Port category, valid values are -40 through 100. For FRUs, valid values include: IN, READY, UP, ON, OFF, and FAULTY. For the TEMP measure in the Resource category, valid values are IN_RANGE and OUT_OF_RANGE. 9. Select one of the following durations to monitor the counter from the Time Base list.
50 MAPS actions Editing a MAPS policy 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays. 2. Select any non-default policy in the list and select Edit option (on the Add button list). You can also select the switch in the list and select Edit option (on the Add button list) to edit the active policy. When you edit the active policy on the switch, updated rules activate on the switch automatically.
MAPS actions 50 Importing Flow definitions You can import a flow definition into MAPS for threshold monitoring. 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays. 2. Select a policy in the list and click Add. The Add Policy dialog box displays. 3. Click the Traffic / Flows tab. 4. Click Import. The Import Flow Definitions dialog box displays.
50 MAPS actions • • • • • • • • • Zone Check — The zone checks defined in the flow Flow Definition Persistence — Whether or not to persist flow definition over device reboot. Data Type — The data type defined for the flow. Routing Control — The routing control defined in the flow. QOS — The Quality of Service (QOS) defined for the flow. Offset — The offset value defined in the flow. Originator — The FC originator defined for the flow. SCSI Commands — The SCSI command defined for the flow.
MAPS actions 50 3. Click Close on the MAPS Configuration dialog box. Replicating a policy to other devices You can replicate a non-default policy on a device to all MAPS-capable devices in a Fabric or SAN. NOTE Copying a policy from one device to another overwrites any policy with a matching name on the target devices. 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays. 2.
50 MAPS actions 3. Browse to the location you want to save the policy and click Save. 4. Click Close on the MAPS Configuration dialog box. Importing a MAPS policy You can import a policy with an xml file format to a device. NOTE You cannot import policies at the SAN or fabric level. 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays. 2.
MAPS actions 50 Viewing MAPS policy rules You can open more than one View Policy dialog box at the same time. 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays. 2. Select a policy and click View. You can also select the switch in the list and select View to view the active policy. The View Policy dialog box displays (Figure 774). FIGURE 774 View Policy dialog box 3.
50 MAPS actions • Security tab — Rules defined on this tab measure thresholds at the switch level to detect out of range security changes. • Resource tab — Rules defined on this tab measure thresholds on temperature sensors or at the chassis level to detect out of range resource usage. • FCIP tab — Rules defined on this tab measure thresholds on FCIP circuits to detect out of range state, utilization, or packet loss.
MAPS groups 50 MAPS groups A MAPS group is a collection of similar objects that you can monitor as a single entity. You can create a group of objects and then use that group in rules, thus simplifying rule configuration and management. For example, you can create a group of UNIX ports, and then create specific rules for monitoring this group. Preconfigured groups MAPS provides several preconfigured groups. You cannot edit or delete a preconfigured group.
50 MAPS groups TABLE 183 Pre-configured groups Pre-configured group name Element type Description CHASSIS Chassis Default group used to define rules on global parameters for the entire chassis; for example, CPU, Flash, and so on. ALL_FLASH Flash All monitored flash. ALL_WWN WWN All monitored WWN cards. User-defined groups NOTE You can only create user-defined custom groups for ports, SFPs, and FCIP circuits.
MAPS groups 50 FIGURE 775 Add Group dialog box 4. Enter a unique name for the group in the Name field. The name can be up to 32 characters and can only contain of alphanumeric and underscore characters. 5. Add objects to the group by selecting the object (port or circuit) in the Available Ports/Circuits area and clicking the right arrow button. The selected objects move from the Available Ports/Circuits area to the Selected Ports/Circuits area. 6.
50 MAPS groups Editing a group If a new object, such as host, target, or SFP transceiver is added to a fabric, you can monitor the object using existing rules for similar objects. The group must be the same type as the new object you want to monitor (port, circuit, or SFP). The object is automatically monitored using the existing rules that have been set up for the group, as long as the rules are in the active policy. You do not need to re-enable the active policy. 1.
MAPS groups 7. 50 Configure policies and rules for the group. For more information, refer to “Configuring a MAPS policy” on page 1809. 8. Click OK on the Edit Policy dialog box. 9. Click Close on the MAPS Configuration dialog box. Deleting a group NOTE You cannot delete a default group or any group that contains a rule. 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays. 2.
50 MAPS groups FIGURE 777 Fabric/Device_Name - Manage MAPS Groups dialog box 3. Review the group details: Sort the contents by clicking the column header (Name or Type). Click the same column header again to reverse the sort order. • Groups list — List of groups available on the selected fabric or device. Name — Group name Type — Group type (Port, SFP, or Circuit) Available Ports/Circuits list — List of available ports, SFPs, or circuits and the associated products for the selected group.
MAPS groups 50 Creating multiple groups You can create groups that are in the same fabric or device. 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Configure. The MAPS Configuration dialog box displays. 2. Select a fabric or device in the SAN/Fabric/Switch list and click Manage. The Fabric/Device _Name - Manage MAPS Groups dialog box displays with a list of all configured Port, SFP, or Circuit groups on the selected fabric or device in the Groups area. 3.
50 MAPS groups 5. Remove objects from the group by selecting the object (port, SFP, or circuit) in the Selected Ports/Circuits list and clicking the left arrow button. The selected objects move from the Selected Ports/Circuits list to the Available Ports/Circuits list. 6. Repeat step 2 through step 5 for each group you want to edit. 7. Click OK on the Fabric/Device _Name - Manage MAPS Groups dialog box. 8. Click Close on the MAPS Configuration dialog box.
MAPS violations 50 MAPS violations MAPS violation data is stored in the database for 30 days. The system purges old data (over 30 days) every night at 12:00 AM. The system also purges violations from deleted or unmonitored devices. Viewing MAPS violations 1. Right-click a device in the Product List or Connectivity Map and select Fabric Vision > MAPS > Violations. The Violations dialog box displays (Figure 778). FIGURE 778 Violations dialog box 2.
50 MAPS violations 3. Review the detailed data. You can sort the contents by clicking the column header. Click the same column header again to reverse the sort order. • Time (MAPS and Fabric Watch support) — The time on the server when the violation was reported. • Fabric Name (MAPS and Fabric Watch support) — The Fabric name to which the object belongs. • Product (MAPS and Fabric Watch support) — The device name.
MAPS events 50 MAPS events Once you configure MAPS rule violations to trigger RASLOG messages, the Management application starts receiving SNMP traps for the MAPS rule violations. The Management application processes the RASLOG messages by an event processor and displays them in the Master Log and the historical graphs and monitors the same as any other events.
50 MAPS events • 1 Day — Displays data for the previous day beginning when the Violations dialog box is displayed. • 3 Days — Displays data for the previous 3 days beginning when the Violations dialog box is displayed. • 1 Week — Displays data for the previous week beginning when the Violations dialog box is displayed. • 1 Month — Displays data for the previous month beginning when the Violations dialog box is displayed. 3. Select one or more rows in the Violations dialog box and click Events.
MAPS events 50 4. Review the detailed data. The MAPS Violation Master Log Events dialog box contains the same fields as the Master Log; however, the MAPS violations only displays content in the MAPS related fields. You can sort the contents by clicking the column header. Click the same column header again to reverse the sort order. Event field Description Severity The MAPS event severity is Warning. Acknowledged N/A Last Event Server Time The time range selected in the MAPS Violations dialog box.
50 MAPS integration with other features MAPS integration with other features Dashboard MAPS widgets The MAPS widgets display on the main Dashboard tab (refer to “Monitoring and Alerting Policy Suite widgets” on page 299). The Management application provides the following preconfigured MAPS widgets: • Out of Range Violations widget — Table view of all out of range threshold violations reported in your SAN (refer to “Out of Range Violations widget” on page 300).
Chapter Technical Support 51 In this chapter • Server and client support save. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1833 • Device technical support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1837 • Upload failure data capture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1847 Server and client support save You can use Technical Support to collect SupportSave data for the Management server and clients.
51 Server and client support save 4. Select the Include Database check box to include the database in the support save and choose one of the following options. • Select the Partial (Excludes historical performance data and events) option to exclude historical performance data and events from the database capture. • Select the Full option to capture the entire database. Clear the Include Database check box to exclude the database in the support save. 5.
Server and client support save 51 4. Enter a file name for the server support save file in the File Name field. The default file name is DCM-SS-Time_Stamp. 5. Select the Include Database check box to include the database in the support save and choose one of the following options. • Select the Partial (Excludes historical performance data and events) option to exclude historical performance data and events from the database capture. • Select the Full option to capture the entire database.
51 Server and client support save Client support save using a command line interface Use the following procedures to capture client support save files through the command line interface (CLI). Capturing client support save using the CLI (Windows) To capture client support save files through the CLI, complete the following steps. 1. Go to the following location: • (Local client) User_Home/Management_Application_Name/localhost • (Remote client) User_Home/Management_Application_Name/Server IP 2.
Device technical support 51 Device technical support You can use Technical Support to collect SupportSave data (such as, RASLOG, TRACE and so on) and switch events from Fabric OS, IronWare, and Network OS devices. To gather technical support information for the Management application server, refer to “Capturing technical support information” on page 506. Scheduling technical support information collection You can capture technical support and event information for up to 50 devices.
51 Device technical support FIGURE 780 Technical SupportSave dialog box, Schedule tab 3. Select the Enable scheduled Technical Support Data check box. 4. Select how often you want the scheduled collection to occur from the Frequency list. 5. Select the start date for the scheduled collection from the Start Date list. This list is only available when you select Weekly or Monthly from the Frequency list. 6. Select the time you want the scheduled collection to begin from the Start Time Hour and Minute lists.
Device technical support 51 • • • • • Location — The customer site location. a. Right-click in the Available SAN Products table and select Expand All. b. Select the switches you want to collect data for in the Available SAN Products table and click the right arrow to move them to the Selected Products and Hosts table. Contact — The primary contact at the customer site. Description — A description of the customer site. State — The switch state, for example, online or offline.
51 Device technical support Technical SupportSave uses the following naming convention for the IronWare device support save files: IPProd-Device_Display_Name-IP_Address-Time_Stamp. Technical SupportSave uses the following naming convention for the Fabric OS DCB device support save files from the IP tab: IPProd-DCB-Time_Stamp. If you select more than one IronWare device for collection, the IronWare device support save files are saved as individual zip files.
Device technical support 51 Firmware Type — The type of firmware: FOS (Fabric OS), IOS (IronWare), or NOS (Network OS). Firmware version — The firmware version of the selected product or host. For VCS-enabled product’s, the firmware version of the selected node. Support Save Credentials — Whether the product or host has supportSave credentials or not.
51 Device technical support FIGURE 781 Technical SupportSave dialog box, Generate Now tab 3. Click the SAN Products tab, if necessary, and complete the following steps. a. Right-click in the Available SAN Products table and select Expand All. b. Select the switches you want to collect data for in the Available SAN Products table and click the right arrow to move them to the Selected Products and Hosts table.
Device technical support 51 If you select more than one IronWare device for collection, the IronWare device support save files are saved as individual zip files. However, if you select more than one Fabric OS DCB device for collection, the DCB device support save files are bundled together in a zip file.
51 Device technical support 7. Field Description Progress The status of the supportsave. On products running Fabric OS 7.0 or later, this field shows the percentage complete and is updated every minute. For IronWare and Host products, as well as Fabric OS products running 6.4 or earlier, this field cannot display the percentatge (only displays whether it is ‘in Progress’ or’ Completed’). Status The status of the support save, for example, Ceases or Failure.
Device technical support 51 2. Review the techncial support repository details: Field/Component Description Available SupportSave and Upload Failure Data Capture Files table Select the support data file you want to view. Displays the following information: File Name — The name of the SupportSave file. Size (MB) — The name of the SupportSave file. Last Modified — The date the SupportSave file was generated.
51 Device technical support E-mailing technical support information NOTE You cannot e-mail technical support information collected from the remote client. To e-mail technical support information, complete the following steps. 1. Select Monitor > Technical Support > View Repository. The Technical Support Repository dialog box displays. 2. Select the file you want to e-mail in the table. 3. Click E-mail to e-mail the event and supportsave files (zip).
Upload failure data capture 51 6. Enter the destination directory where you want to copy the data on the external FTP server in the Destination Directory field. The destination directory should be the sub directory of the external FTP server’s root directory. For example, if you enter “repository” as the destination directory, then the support save file is copied to the “/repository” directory of the external FTP server. 7. Click OK.
51 Upload failure data capture FIGURE 782 Upload Failure Data Capture dialog box 2. Select a one or more devices on which you want to enable automatic trace dump from the Available Switches with Upload Failure Data Capture Disabled table. The Available Switches with Upload Failure Data Capture Disabled table displays the following information: • • • • • • • • • • • • • • • • • 1848 All Levels — All discovered devices and ports as both text and icons. Name — The name of the available switch.
Upload failure data capture 51 3. Click the right arrow button. The selected devices move from the Available Switches with Upload Failure Data Capture Disabled table to the Switches with Upload Failure Data Capture Enabled table. The Switches with Upload Failure Data Capture Enabled table displays the following information: • • • • • • IP Address — The switch’s IP address. Name — The name of the switch. FTP Host — The current FTP host configured on the switch.
51 Upload failure data capture Configuring the upload failure data capture FTP server NOTE Upload Failure Data Capture is only supported on Fabric OS devices. NOTE Some external FTP software (such as, Filezilla and Xlight) are not supported. 1. Select Monitor > Technical Support > Upload Failure Data Capture. The Upload Failure Data Capture dialog box displays. 2. Select a device from the Available Switches with Upload Failure Data Capture Enabled table. 3. Click Change FTP Host.
Chapter 52 Reports In this chapter • Reports overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN report types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Generating SAN reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing SAN reports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Exporting SAN reports . . . . . . . . . . . . . . . .
52 Reports overview Reports overview Reports are available from the Reports menu. You must have the Reports privilege to access the reports. For more information about privileges, refer to ““User Privileges” on page 1935. Browser requirements IP reports display in a web browser. SAN reports can printed from a web browser.
Viewing SAN reports 52 3. Select the fabrics for which you want to generate reports. 4. Click OK. The generated reports display in the View Reports dialog box. NOTE Hyperlinks in reports are active only if the source data is available. 5. Click Close to close the View Reports dialog box. 6. Click Yes on the “are you sure you want to close” message. Viewing SAN reports You can view any report generated in the SAN. To view reports, complete the following steps. 1.
52 Exporting SAN reports Icon Description Zoom In — Click to zoom in on the report. Zoom Out — Click to zoom out on the report. 4. Click Show in Browser to view the selected report in your default browser window. 5. Click Close to close the View Reports dialog box. 6. Click Yes on the “are you sure you want to close” message. Exporting SAN reports To export reports, complete the following steps. 1. Select Reports > View or click the View Report icon. The View Reports dialog box displays. 2.
Deleting SAN reports 52 NOTE Hyperlinks in reports are active only if the source data is available. 3. Click Show in Browser. The selected report displays in your default web browser. 4. Select File > Print (in the web browser). The Print dialog box displays. 5. Select the printer to which you want to print and click Print. 6. Close the web browser. 7. Click Close in the View Reports dialog box. 8. Click Yes on the “are you sure you want to close” message.
52 Generating SAN performance reports 3. Filter the historical data by completing the following steps. a. Select the number of results to display from the Display list. b. Select the ports from which you want to gather performance data from the From list. NOTE Devices with 10GE ports must be running Fabric OS 6.4.1ltd or later to obtain the correct TE port statistics (TX/RX). If you select Custom, complete the following steps. i. Select the type of ports from the Show list. ii.
Generating SAN zoning reports h. 52 Click Apply. The selected report automatically displays in the View Reports dialog box. NOTE Hyperlinks in reports are active only if the source data is available. To print the selected report, refer to “Printing SAN reports” on page 1854. To export the selected report, refer to “Exporting SAN reports” on page 1854. To delete the selected report, refer to “Deleting SAN reports” on page 1855. 4. Click the close button (X) to close the View Reports dialog box. 5.
52 Viewing IP reports Viewing IP reports Reports are available from the Reports menu. You must have the Reports privilege to access the reports. For more information about privileges, refer to “User Privileges” on page 1935. • Click the Reports button on the menu bar to display the report options. • Click a report option to display the report that you want. NOTE ATM ports are not displayed in the reports. The ATM module may appear in the reports, but the modules will be listed as having no ports.
IP report contents 52 FIGURE 783 Report via E-Mail dialog box 2. Click the ellipsis button next to the E-mail Recipients field. The Users dialog box displays. 3. Select the preconfigured e-mail user account from the list and click OK. 4. Enter additional e-mail addresses in the Other Recipients field. 5. Enter text in the Subject field to change the subject of the e-mail. 6. Enter text in the Body field to send a message with the report. 7. Click Send to send the report.
52 IP Wired Products report IP Wired Products report The Wired Products report displays general and detailed configuration information about wired products that are under the management server. The information on the report comes from the software image version that is in the management application for that product. To ensure that the latest configuration information is in the management application, run the discovery process or resynchronize the product.
IP Wired Products report TABLE 185 52 Wired Products report fields and components (Continued) Field/Component Description Serial Number The serial number of the product. Admin Status The administrative status of the product. Possible status includes: Normal — The product is in normal operating mode. Troubleshooting — The product is in troubleshooting mode. • • Model The model of the product. Firmware The firmware level of the product. Contact The contact name for the product.
52 IP Wired Products report TABLE 186 Detailed Product Report fields and components (Continued) System Information Stacking Units This section only displays if the product is configured as a stacked device. It includes the following: • Unit — The ID of the unit on the stack. • Present — Whether the stacked device is physically present. • Role — The role of the unit. • Model — The model number of the stacked device. • Firmware — The firmware level of the stacked device.
IP Wired Products report TABLE 186 52 Detailed Product Report fields and components (Continued) IP Addresses The IP addresses of each interface, including the virtual routing interface on wired products. For Layer 2 switches, the management IP address displays in the IP Addresses table with "management" in the Interface column. • Port — The port number. • IP Address — The IP address. • Subnet Mask — The subnet mask number. • VRF — The virtual routing interface.
52 IP Wired Products report TABLE 186 Detailed Product Report fields and components (Continued) Controller Cluster 1864 Cluster information for a wireless controller. Information includes: Cluster Name — The cluster name. Cluster Mode — The cluster mode. Options include Active and Standby. Cluster members — The IP address of the controllers in cluster mode. • • • Virtual Interfaces Information on any virtual interface on the product.
IP Wired Products report 52 Detailed Cluster Report NOTE This report is only available for VCS clusters. To launch the Detailed Cluster Report from the topology, right-click the VCS cluster on the Network Objects, L2 Topology, Ethernet Fabrics, IP Topology, or VLAN Topology view and select Detailed Report. The Detailed Cluster Report displays (Table 187).
52 IP Wired Products report TABLE 187 Detailed Cluster Report fields and components (Continued) Admin Status Modules IP Addresses Ethernet Ports FC Ports 1866 Admin status information includes the following: Name — The name of the product. Click the name of a product to launch the Detailed Product Report. • Status — Whether the product is in normal operating mode or troubleshooting mode. • Status Last Updated — When the last status update occurred. • Memo — A memo for the product.
IP Module report TABLE 187 52 Detailed Cluster Report fields and components (Continued) Physical Ports Realtime The name of the device with drill-down support. When you click on the name, the “IP Physical Ports - Realtime report” launches (refer to “IP Physical Ports - Realtime report” on page 1870). Physical Media Realtime The name of the device with drill-down support.
52 IP Layer 3 VLAN report TABLE 189 Port VLANs report fields and components (Continued) Port VLAN Information Ports in Port VLAN #: This section contains the Layer 3 VLANs list, which displays links to protocol VLANs associated with the port VLAN. This section shows the following information: Product — The name of the products that have ports belonging to the VLAN. For VCS fabric members, displays the VCS IP address with the name of the products that have ports belonging to the VLAN.
IP Address report 52 To determine which products belong to a subnet, click the Products link for that subnet. For example, clicking products for the IP subnet 112.112.112.0 displays the Product List by IP Subnet report. The Product List by IP Subnet report has the parameters described in Table 192. TABLE 192 Product List by IP Subnet report fields and components Field/Component Description Name The name of the products that belong to the subnet. Click to launch the Detailed Product Report.
52 MAC Address report MAC Address report The MAC Address report shows the MAC addresses of wired products that have been discovered on the network. Display the report by selecting Reports > MAC Addresses. The MAC Address report has the parameters described in Table 194. TABLE 194 MAC Address report fields and components Field/Component Description MAC Address The MAC address of the interface. Product The name of the product to which the MAC address belongs.
IP Stacking Ports - Realtime report 52 IP Stacking Ports - Realtime report The Stacking Ports - Realtime report shows the stacking port and neighbor port details. To display the report, from the Detailed Product Report, click the device name in the Stacking Ports - Realtime table. The Stacking Ports - Realtime report has the parameters described in Table 196.
52 IP Deployment reports TABLE 197 Physical Media - Realtime report fields and components (Continued) Wave Length (nm) The wave length of the SFP. Encoding The transceiver encoding method of the SFP. You can sort the report by clicking on a column header. For example, if you want to sort the table by the identifier, click the column header. IP Deployment reports Deployment reports provide information about deployments performed from the Management application.
Reports Template Manager overview 52 4. To export a report to a file, refer to “Exporting and saving IP reports to a file” on page 1858. 5. To e-mail a report, refer to “Exporting IP reports to e-mail recipients” on page 1858. 6. To configure how often to purge deployment reports, refer to “Configuring deployment report preferences” on page 211 Reports Template Manager overview The Report Template Manager enables you to run, import, export, or delete preconfigured and user-defined reports.
52 Reports Template Manager overview Accessing the Report Template Manager 1. Select Reports > Report Manager. The Report Template Manager dialog box displays (Figure 785). FIGURE 785 Report Template Manager dialog box The Report Template Manager dialog box includes the following fields and components: • Report Templates table — Lists all reports. Title — The title of the report, which must be unique. File — The file name of the report, which must be unique.
Reports Template Manager overview 52 Viewing a report 1. Select Reports > Report Manager. The Report Template Manager dialog box displays. 2. Select the report you want to run in the Report Templates table. 3. Click Run. If one or more parameters are required for the report, the Parameter dialog box displays (Figure 786). FIGURE 786 Parameter dialog box 4. Enter the parameters (such as IP address, source port name, or destination port name). NOTE The parameter fields cannot be empty.
52 Reports Template Manager overview Importing a report template You can use the BIRT report designer to create user-defined report templates that you can then import into Report Template Manager. 1. Select Reports > Report Manager. The Report Template Manager dialog box displays. 2. Click Import. The Open dialog box displays. 3. Browse to the location from which you want to import the report and click Open.
Reports Template Manager overview 52 Report content and functions Each report contains the following information: • The name of the report displayed at the top of the report. • The date and time the report was generated. • The report data, presented in a tabular format. Depending on the report type, you can perform the following functions: • Sort a table by clicking a column head. Click a column head again to reverse the sort order. • Launch a more detailed report by clicking a link within the report.
52 Reports Template Manager overview Products List report The Products List report displays general and detailed configuration information about all discovered products (Figure 787). The information on the report comes from the software image version that is in the Management application for that product. To ensure that the latest configuration information is in the Management application, run the discovery process or resynchronize the product.
Reports Template Manager overview TABLE 198 52 Products List report fields and components (Continued) Field/Component Description IP Address The IP address of the product. Product Type The type of product. Serial Number The serial number of the product. Admin Status The administrative status of the product. Possible status includes: Normal — The product is in normal operating mode. Troubleshooting — The product is in troubleshooting mode. • • Model The model of the product.
52 Reports Template Manager overview Table 199 describes the fields and components of the Detailed Product Report. TABLE 199 Detailed Product Report fields and components Field/Component Description Product The IP address of the product. System Information Admin Status Modules Ethernet Ports 1880 System information includes the following: Alias Name — An optional name that is entered using the Properties dialog box.
Reports Template Manager overview TABLE 199 52 Detailed Product Report fields and components (Continued) Physical Ports Physical port information for each port on the product. Identifier — The port identifier of the physical interfaces on the product. Port Name — The port name of the physical interfaces on the product. Type — The type of port of the physical interfaces on the product. Speed (Mbps) — The speed of the physical interfaces on the product.
52 Reports Template Manager overview Table 200 describes the fields and components of the Detailed Cluster Report. TABLE 200 Detailed Cluster Report fields and components Field/Component Description Cluster The name of the cluster. System Information Nodes Admin Status 1882 System information includes the following: Alias Name — An optional name that is entered using the Properties dialog box.
Reports Template Manager overview TABLE 200 52 Detailed Cluster Report fields and components (Continued) Modules Ethernet Ports Module information shows what modules are installed on the product. Slot Number — For products that do not support stacking, you can view the slot number. • Type — The type of module installed in the slot. • Serial Number — The serial number of the module. For wired products, the serial number cell may be blank. • Ports — The number of ports on the product.
52 Reports Template Manager overview Table 201 describes the fields and components of the Ports Tx/Rx Ratio report. TABLE 201 Ports Tx/Rx Ratio report fields and components Field/Component Description Summary table Location The location of the device. Device Name The name of the device. Click the device name link to launch the Detailed Product Report. IP Address The IP address of the device. Total Received (MB) The total data received (the sum of Rx in Rx Details table) in megabytes.
Reports Template Manager overview 52 Low Traffic Ports report The Low Traffic Ports report details the port utilization that is less than or equal to the percentage and number of days you specify (Figure 791). FIGURE 791 Low Traffic Ports report Table 202 describes the fields and components of the Low Traffic Ports report. TABLE 202 Low Traffic Ports report fields and components Field/Component Description Location The location of the device. Device Name The name of the device.
52 Reports Template Manager overview Exporting data from the report You can export data from a report to CSV, PDF, or Word. 1. Run a report (refer to “Viewing a report” on page 1875). 2. From the report, click the Export Report icon on the Report toolbar. The Export Report dialog box displays. 3. Select an export format (PDF or Word) from the Export Format list. 4. Configure what content to export by selecting one of the following options: • Select All pages to export the entire report.
Appendix A Application menus In this appendix • Dashboard main menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN main menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • IP main menus. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • SAN shortcut menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • IP shortcut menus . . . . . . . . . . . . . . .
A SAN main menus Menu Command Command Options Contents — Select to open the Online Help. Find — Select to search the Online Help. License — Select to view or change your License information. About Management_Application_Name — Select to view the application information, such as the company information and release number. SAN main menus The menu bar is located at the top of the main window. The following table outlines the many functions available on each menu.
SAN main menus Menu Command A Command Options View Menu Show Main Tab — Select to choose which tab to display. Dashboard — Select to show the dashboard. SAN — Select to show the SAN tab. IP — Select to show the IP tab. Show Panels — Select to select which panels to display. All Panels — Select to show all panels. Topology Map — Select to only show the topology map. Product List — Select to only show the Product List. Master Log — Select to only show the Master Log.
A SAN main menus Menu Command Command Options Map Display — Select to customize a group's layout to make it easier to view the SAN and manage its devices. Domain ID/Port # — Select to set the display domain IDs and port numbers in decimal or hex format. Decimal — Select to display all domain IDs and port numbers in decimal format. Hex — Select to display all domain IDs in hex format. Product Label — Select to configure which product labels display.
SAN main menus Menu Command A Command Options Host Adapters — Select to discover hosts. VM Managers — Select to discover VM managers. VCEM Managers — Select to discover Virtual Connect Enterprise Managers. Host Port Mapping — (Trial and Licensed version Only) Select to manually map HBA ports to a host. Storage Port Mapping — (Trial and Licensed version Only) Select to manually map Storage Ports to a Storage Device or other Storage Ports.
A Menu SAN main menus Command Command Options Configuration Repository — (Trial and Licensed version Only) Select to manage device configurations from the repository. Schedule Backup — (Trial and Licensed version Only) Select to schedule configuration backup. Replicate — (Trial and Licensed version Only) Select to replicate the switch Configuration or Security. Task Scheduler — Select to manage deployment. DCB — Select to manage a DCB switch, port, or link aggregation group (LAG).
SAN main menus Menu Command A Command Options Recommission — Select to recommission an individual port or all ports on a blade or switch. Routing — (Trial and Licensed version Only) Select to manage a selected router. Configuration — (Trial and Licensed version Only) Select to view the R_Ports on a router. Domain IDs — (Trial and Licensed version Only) Select to configure the router domain IDs. Security — Select to manage security.
A SAN main menus Menu Command Command Options Monitor Menu Fabric Vision — Select to configure MAPS or Flow Vision. Flow Vision — Select to define or monitor network traffic by choosing one of the following options: • Monitor — Select to monitor network traffic and provides statistics for the defined flows. • Performance Graph — Select to monitor performance through a graph, which displays transmit and receive data. The graphs show historical data. • Add — Select to define a traffic flow.
SAN main menus Menu Command A Command Options Top Talkers — (Trial and Licensed version Only) Select to monitor performance through a real-time list of top conversations for a switch or port along with related information. Real-Time Graph — Select to monitor performance through a graph, which displays transmit and receive data. The graphs show real-time data. Historical Graph — (Trial and Licensed version Only) Select to monitor performance through a graph, which displays transmit and receive data.
A Menu SAN main menus Command Command Options FICON — Select to display the FICON events related to the selected device or fabric. Product Event — Select to display errors related to SNMP traps and Client-Server communications. Product Status — Select to display operational status changes of managed products. Security — Select to display security information. Syslog — Select to display Syslog events related to the selected device or fabric.
SAN main menus Menu Command A Command Options FC — Select how to troubleshoot FC by choosing one of the following options: • FC Trace Route — Select to view the route information between two device ports. • Device Connectivity — Select to view the connectivity information for two devices. • Fabric Device Sharing. (Trial and Licensed version Only) Select to determine if the selected fabrics are configured to share devices. • Diagnostic Port Test — Select to run a diagnostic port test.
A IP main menus IP main menus The menu bar is located at the top of the main window. The following table outlines the many functions available on each menu. Menu Command Command Options Server Menu Users. Select to configure users and user groups. User Profile. Select to configure user profiles. Active Sessions. Select to display the active Management application sessions. Server Properties. Select to display the Server properties. Options. Select to configure the Management application options. Exit.
IP main menus Menu Command A Command Options Enable Flyover Display. Select to enable flyover display. Show Ports. — Select to show utilized ports on the selected device. Map Display Layout. Select to choose a map format. Organic. Select to set the map format to organic. Orthogonal. Select to set the map format to orthogonal. Orthogonal (Merge Lines). Select to set the map format to orthogonal with merged lines. Hierarchical. Select to set the map format to hierarchical. Circular.
A IP main menus Menu Command Command Options Configure Menu Element Manager. Select to configure a selected device. Front Panel. (IronWare OS device) Select to display a graphic of the front panel for the selected device. Web. (IronWare OS device) Select to launch the web management interface for the selected device. Hardware. (Fabric OS devices) Select to launch the Element Manager or Web Tools application for the selected device. Ports.
IP main menus Menu Command A Command Options MPLS. Select to configure the multiprotocol label switches service (MPLS). VLL. Select to configure virtual leased line (VLL) services. VPLS. Select to configure virtual private LAN services (VPLS). VCID Pool. Select to create a pool of virtual circuit identifiers (VCID). LSP. Select to configure label switched path (LSP). Firmware Management. Select to launch the Image Repository. DCB. Select to manage a DCB switch, port, or link aggregation group (LAG).
A IP main menus Menu Command Command Options Monitor Menu Performance. Select to monitor IP devices. Dashboard — Select to launch the Performance Dashboard. Historical Data Collectors. Select to monitor historical data. Real-Time Graph/Tables. Select to monitor performance through a graph or table, which displays real-time data for transmit and receive data. Historical Graph/Tables. Select to monitor a performance through a graph or table, which displays historical data for transmit and receive data.
IP main menus Menu Command A Command Options Logs. Select to display logs. Audit. Select to display a history of user actions performed through the application (except login/logout). Product Event. Select to display errors related to SNMP traps and Client-Server communications. Product Status. Select to display operational status changes of managed products. Security. Select to display security information. Syslog. Select to display Syslog events related to the selected device or fabric. SNMP Setup.
A IP main menus Menu Command Command Options MAC Addresses. Select to run a report of MAC addresses on the network. Product CLI. Select to run a product CLI report. Deployment. Select to run a deployment report. Host Adapters — Select to run a Host product report. Inventory Report — Select to run a Host inventory report. Faulty SFP Report — Select to run a faulty SFP report. Tools Menu Address Finder. Select to search for IP or MAC addresses on the network. Setup.
SAN shortcut menus A SAN shortcut menus You can use the Management application interface main menu to configure, monitor, and troubleshoot your SAN components. The instructions for using these features are documented in the subsequent chapters of this manual. For each SAN component, you can optionally right-click the component and a shortcut menu displays. The table below details the command options available for each component.
A SAN shortcut menus Component Menu/Submenu Commands Comments Technical Support > SupportSave Product/Host SupportSave Upload Failure Data Capture View Repository FC Trace Route Create Meta SAN View Only available for Backbone fabrics. Automatically creates a view with the selected fabric. View name is same as the current label. Map Display Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List.
SAN shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List.
A SAN shortcut menus Component Menu/Submenu Commands Comments Swap Blades Virtual Fabric > Disable Logical Switches Locate Logical Switches > List_of_Logical_Switches (Fabric OS only) (Virtual Fabric-capable switches only) Zoning > Fabric Does not display when switch is in a Core Switch group, Chassis group or Isolated device group, or when it is in Access Gateway mode.
SAN shortcut menus Component A Menu/Submenu Commands Comments Product Only enabled when the fabric is tracked, and the product is removed and joins another fabric. Other Ports > Does not display when an Access Gateway mode device is attached to multiple fabrics. Show Ports check box Show Connections Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List.
A SAN shortcut menus Component Menu/Submenu Commands Comments Technical Support > (Fabric OS only) Product/Host SupportSave Upload Failure Data Capture View Repository Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List. Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List.
SAN shortcut menus Component Menu/Submenu Commands A Comments Allow / Prohibit Matrix Security > L2 ACL Performance > Clear Counters Top Talkers Real-Time Graph Historical Graph Historical Report Bottleneck Graph Fabric Watch > Configure Port Fencing Frame Monitor Performance Thresholds Technical Support > Product / Host SupportSave Upload Failure Data Capture** View Repository Events Port Connectivity Port Optics (SFP) Telnet Telnet through Server Setup Tools Product Only ena
A SAN shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List. HBA, iSCSI Host, and HBA Enclosure Element Manager Launches Element Manager for Fabric OS HBAs discovered using JSON agent. Launches blank window for unmanaged Fabric OS HBAs.
SAN shortcut menus Component Menu/Submenu Commands Comments Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List. Expand All Only available from Product List. Collapse All Only available from Product List. A Properties Storage, iSCSI Storage, and Storage Enclosure Storage Port Mapping Trial and Licensed version Only Disabled for routed device.
A SAN shortcut menus Component Menu/Submenu Commands Comments Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List. Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List.
SAN shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List. Collapse All Only available from Product List. A Properties HBA and iSCSI Initiator Host Port Mapping Only available for Brocade, Emulex, and Qlogic HBAs and HBA enclosures. Performance > Real Time Graphs Disabled when all ports are offline.
A SAN shortcut menus Component Menu/Submenu Commands Comments Performance > Real Time Graphs Only available for occupied, managed ports. Disabled when all ports are offline. FC Security Protocol Only available for Managed JSON HBA Ports. Only available when you have the Security Privilege.
SAN shortcut menus Component Menu/Submenu Commands A Comments Giga-Bit Ethernet Port Performance > Real-Time Graph Modify Launches Element Manager. IP Troubleshooting > Ping Trace Route Performance (Trial and Licensed version Only) Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Only available from Product List.
A SAN shortcut menus Component Menu/Submenu Commands Comments Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List.
SAN shortcut menus Component Menu/Submenu Commands A Comments White Area of the Connectivity Map Accept All Changes Zoom Zoom In Zoom Out Map Display Expand Collapse Export White Area of the Product List Port Display > Occupied Product Ports UnOccupied Product Ports Attached Ports Switch to Switch Connections Table > Copy 'Component' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Product List Table > Copy 'Component' Copy Table Ex
A IP shortcut menus IP shortcut menus You can use the Management application interface main menu to configure, monitor, and troubleshoot your IP components. The instructions for using these features are documented in the associated chapters of this manual. For each IP component, you can optionally right-click the component and a shortcut menu displays.
IP shortcut menus Component Menu/Submenu Commands Comments Properties Displays the Properties dialog box for the selected device. Table > Copy “Cell_Value” Copy Row Copy Table Export Row Export Table Print Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List. Copies the information in the selected cell. Copies all information in the selected row. Copies all information in the table. Copies all information in the selected row.
A IP shortcut menus Component Menu/Submenu Commands Comments Fabric Watch > Configure Port Fencing Frame Monitor Performance Thresholds Technical Support > Product / Host SupportSave View Repository Events Port Connectivity Port Optics (SFP) Telnet Telnet through Server Network Objects Table > Copy 'Device_Name Group' Copy Row Copy Table Export Row Export Table Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List.
IP shortcut menus Component Menu/Submenu Commands A Comments Fabric Watch > Configure Port Fencing Frame Monitor Performance Thresholds Technical Support > Product / Host SupportSave View Repository Events CLI through Server Setup Tools Network Objects Ethernet Fabric Detailed Report Generates and displays a Detailed Report for the selected device Physical Ports Report Generates and displays a Physical Ports Report for the selected device L2 sFlow Report Generates and displays a Layer 2 sFlow Repo
A IP shortcut menus Component 1924 Menu/Submenu Commands Comments Properties Displays the Properties dialog box for the selected device. Table > Copy “Cell_Value” Copy Row Copy Table Export Row Export Table Print Search Select All Size All Columns To Fit Expand All Collapse All Customize Only available from Product List. Copies the information in the selected cell. Copies all information in the selected row. Copies all information in the table. Copies all information in the selected row.
Appendix B Call Home Event Tables In this appendix This appendix provides information about the specific events that display when using Call Home. This information is shown in the following Event Tables. • # CONSRV Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • # Thermal Events. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Fabric OS Events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
B Call Home Event Tables TABLE 204 # Thermal Events Event reason code FRU code/Event type Description Severity 800 DVP/LIM/HW High temperature warning. 3 801 DVP/LIM/HW Critically hot temperature warning. 3 802 DVP/LIM/HW Port card shutdown due to thermal violations. 3 805 SWM/SBAR/HW High temperature warning. 3 806 SWM/SBAR/HW Critically hot temperature warning. 3 807 SWM/SBAR/HW SBAR module shutdown due to thermal violations. 3 810 CTP/HW High temperature warning.
B Call Home Event Tables TABLE 205 Fabric OS Events (Continued) Event reason code FRU code/Event type Description Severity 1426 FW-1426 Faulty or missing power supply. 3 1427 FW-1427 Faulty power supply. 3 1428 FW-1428 Missing power supply. 3 1429 FW-1429 Problem in power supply arrangement. 3 1430 FW-1430 Faulty temperature sensors. 3 1431 FW-1431 Faulty fans. 3 1432 FW-1432 Faulty WWN cards. 3 1433 FW-1433 Faulty CPs. 3 1434 FW-1434 Faulty blades.
B Call Home Event Tables TABLE 207 Network OS Call Home Event Event reason code FRU code/Event type Description Severity N/A Ethernet Switch is not reachable. 3 N/A SW-Missing Switch is missing from the fabric. 3 1426 FW-1426 Faulty or missing power supply. 3 1427 FW-1427 Faulty power supply. 3 1428 FW-1428 Missing power supply. 3 1430 FW-1430 Faulty temperature sensors. 3 1431 FW-1431 Faulty fans. 3 1432 FW-1432 Faulty WWN cards. 3 1433 FW-1433 Faulty CPs.
Appendix C Event Categories In this appendix This section provides information about the events that display in each of the following categories: • Link incident events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Product status events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Product audit events . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Security events . . . . . . . . . . . . . . .
C Product audit events If the event is a RASLOG and if the RASLOG ID matches any of the RASLOGS listed below, then the event is categorized as a product status event. • • • • • • • • • • • • • • • • • • • • • FW-1424 FW-1425 FW-1426 FW-1427 FW-1428 FW-1429 FW-1430 FW-1431 FW-1432 FW-1433 FW-1434 FW-1435 FW-1436 FW-1437 FW-1438 FW-1439 FW-1440 FW-1441 FW-1442 FW-1443 FW-1444 Product audit events Events that are used to track audit information are categorized as product audit events.
Security events C Security events Security events are those that indicate authentication success or failure, a security violation, or user login and logout. Security events for FC devices For FOS switches, if the event is a RASLOG event and the RASLOG ID contains 'SEC', then the event is categorized as a security event. Security events for IP devices For IOS devices, if the event OID starts with any of the following OIDs, then the event is categorized as a security event.
C User action events • • • • • • • • • • • • • • • • • 1.3.6.1.4.1.1991.1.6.1.7.4.2.13 [localMacAddrAuthFail] 1.3.6.1.4.1.1991.1.6.1.7.4.2.14 [pppLogonFail] 1.3.6.1.4.1.1991.1.6.1.7.4.2.18 [dot1xSupplicantAuthenticated] 1.3.6.1.4.1.1991.1.7.2.2.2.9 [apAuthFailureTooMany] 1.3.6.1.4.1.1991.1.8.2.1.4.0.2 [userLoginNotification] 1.3.6.1.4.1.1991.1.8.2.1.4.0.3 [userLogOffNotification] 1.3.6.1.4.1.1991.1.8.2.1.4.0.4 [userLoginFailNotification] 1.3.6.1.4.1.1991.1.11.1.1.2.2.2.32 [mwlAuthFailure] 1.3.6.1.4.1.
Product events C Product events All other events originating from the product are categorized as product events. IP Performance monitoring events IP performance monitoring events, listed in Table 208, occur when users select the option to forward events to the vCenter during VM Manager discovery. TABLE 208 Performance monitoring IP threshold events Trap name OID Description bnaRisingThresholdCrossed 1.3.6.1.4.1.1991.1.13.2.0.
Appendix User Privileges D In this appendix • About user privileges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1935 • About Roles and Access Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1956 About user privileges The Management application provides the User Administrator with a high level of control over what functions individual users can see and use.
D About user privileges TABLE 209 Application privileges and behavior Privilege Description No Privilege Read-Only Read/Write Active Session Management Allows you view active client sessions and disconnect an unwanted user. Disables the Active Sessions command from the Server menu. Enables the Active Sessions command from the Server menu. Disables all commands and functions on the dialog box except the Close and Help. Enables the Active Sessions command from the Server menu.
About user privileges TABLE 209 D Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Element Manager Product Administration An Element Manager privilege that enables most functionally. Disables the functions described in the Element Manager User Manual for which you do not have rights. Displays the message, “You do not have rights to perform this action.” Same as No Privilege.
D About user privileges TABLE 209 Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Fault Management Allows you to control access to the SNMP Trap Registration and Forwarding dialog box, the Event Storage option of the Options dialog box, the Syslog Registration and Forwarding dialog box, as well as the Export and Clear functions in the Event Log dialog box and the Show and Hide functions in the Customize Columns dialog box.
About user privileges TABLE 209 D Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Firmware Management Allows you to download firmware to selected switches and manage the firmware repository. Disables the Firmware Management command from the Configure menu and right-click menu. Enables the Firmware Management command from the Configure menu and right-click menu. Disables all commands and functions on the dialog box except the Close and Help.
D About user privileges TABLE 209 Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Policy Monitor Allows you to configure policy monitors. Disables Policy Monitor command on the Monitor menu. Enables Policy Monitor command on the Monitor menu. Allows you to open the Policy Monitor dialog box; however, disables the Add, Delete, and Run buttons. No changes can be made. Enables you to use the Edit, Report, and History buttons to view content.
About user privileges TABLE 209 D Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Security Allows you to enable and configure SANtegrity features. Disables the Security command from the Configure > Switch > Replicate menu. Disables the Security Log command on the Monitor > Logs menu. Disables the Security Misc command from the Server > Options menu. Disables the Security command from the Configure > Switch > Replicate menu.
D About user privileges TABLE 209 Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Technical Support Data Collection Allows you to capture support data from Fabric OS switches. Disables the SupportSave, Upload Failure Data Capture, and View Repository commands from the Monitor > Technical Support menu and right-click menu. Enables the View Repository command from the Monitor > Technical Support menu and right-click menu.
About user privileges TABLE 209 D Application privileges and behavior (Continued) Privilege Description Web Services Allows you to use Web Services API. Zoning Activation (Fabric and offline zone database) Allows you to activate a zone configuration selected in the Zoning dialog box. NOTE You must also have the Zoning Offline and Zoning Online privileges to launch the Zoning dialog box.
D About user privileges TABLE 209 Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Zoning Online Allows you to edit any of the fabric zone databases in the available fabrics within the Zoning dialog box from the client side and then save to the switch. In Zoning dialog box, the Zone DB list includes online and offline zones; however, if an online zone is selected, the contents are not loaded into the Zoning dialog box.
About user privileges TABLE 209 D Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Zoning Offline Allows you to edit the zone database in offline mode and save the zone database to the repository or to the switch. In Zoning dialog box, the Zone DB list includes offline zones; however, if an offline zone is selected, the contents are not loaded into the Zoning dialog box.
D About user privileges TABLE 209 Application privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write Zoning - LSAN Allows you to edit and activate LSAN zones for the LSAN fabrics that are available within the Zoning dialog box. Prerequisite: Both the backbone fabrics as well as all directly connected edge fabrics must be added to a resource group and a user with LSAN Zoning privilege must be assigned to this specific resource group.
About user privileges TABLE 210 D IP privileges and behavior Privilege Description No Privilege Read-Only Read/Write IP - Address Finder Allows you to use Address Finder. Address Finder finds MAC addresses that are in the forwarding tables at the moment when the search is performed. Disables the Address Finder command. Enables the Address Finder command; however, disables functions on the dialog box. Enables the Address Finder command and all functions on the dialog box.
D About user privileges TABLE 210 IP privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write IP - Element Manager Port Config Allows you to access the device from Element Manager. For read-write access to a device Web Management Interface to manage specific ports, but not for global configuration of a device. Disables the Element Manager - Port Config command. Enables the Element Manager - Port Config command; however, disables functions on the dialog box.
About user privileges D TABLE 210 IP privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write IP - MPLS - VLL Allows you to manage VLL configurations. Disables the MPLS command. Enables the MPLS command; however, disables functions on the dialog box. Enables the MPLS command and all VLL functions on the dialog box. IP - MPLS - VPLS Allows you to manage VPLS configurations Disables the MPLS command.
D About user privileges TABLE 210 IP privileges and behavior (Continued) Privilege Description No Privilege Read-Only Read/Write IP - VIP-Server Mgr Leaf Node (Real Server Port View) Allows you to manage VIP Server using the Real Server Port View. When assigned to user as Read-Write privilege, only leaf node can be disabled/enable Disables the VIP Server command. Enables the VIP Server command; however, disables functions on the dialog box.
About user privileges TABLE 211 D SAN privileges and application behavior (Continued) Privilege Description No Privilege Read-Only Read/Write SAN - FCIP Management Allows you to configure FCIP tunnels and troubleshooting of IP interfaces (IP performance, IP ping and IP trace route). Disables the Configure > FCIP Tunnel and Configure > IP Troubleshooting commands. Disables the FCIP Tunnel command on the Fabric right-click menu.
D About user privileges TABLE 211 SAN privileges and application behavior (Continued) Privilege Description No Privilege Read-Only Read/Write SAN - Port Mapping - Host Allows you to identify all the HBAs that are in the same server. Disables the Host Port Mapping command from the Discover menu. Disables the Server right-click command on HBAs. Enables Host Port Mapping command from the Discover menu and right-click menu; however, disables the Create, Delete, and OK buttons.
About user privileges TABLE 211 D SAN privileges and application behavior (Continued) Privilege Description No Privilege Read-Only Read/Write SAN - SMIA Operations Allows you to access the CIMOM (Common Disables the Configure SMI Agent button from the Server Console. Disables the SMIA Configuration Tool Java web start application. Enables the Configure SMI Agent button from the Server Console. Enables the SMIA Configuration Tool Java web start application.
D About user privileges TABLE 211 SAN privileges and application behavior (Continued) Privilege Description No Privilege Read-Only Read/Write SAN - Storage Encryption Key Operation Allows you to configure storage encryption key operation, including selecting storage devices and LUNs, viewing switch, group, or engine properties, viewing storage device encryption properties, initiating manual LUN re-keying, enabling and disabling an engine, zeroizing an engine, restoring a Master Key, and all smart
About user privileges TABLE 211 D SAN privileges and application behavior (Continued) Privilege Description No Privilege Read-Only Read/Write SAN - Storage Encryption Security Allows you to configure storage encryption security, including creating a new encryption group, adding a switch to an existing group, zeroizing an encryption engine, backing up or restoring a master key, and enabling encryption functions after a power cycle. Disables all functions from the dialog box except view.
D About Roles and Access Levels TABLE 211 SAN privileges and application behavior (Continued) Privilege Description No Privilege Read-Only Read/Write SAN - View Management Allows you to create, edit, and delete views. Selecting from views should always be allowed unless restricted by the assignment of Views in the Group definition in the Users dialog box.
About Roles and Access Levels TABLE 212 D Application Features and Role Access Levels (Continued) Feature Roles with Read/Write Access E-mail Event Notification Setup SAN System Administrator, IP System Administrator, Operator Element Manager SAN System Administrator, IP System Administrator, Element Manager - Product Administration SAN System Administrator, IP System Administrator, Event Management SAN System Administrator, IP System Administrator, Network Administrator Fabric Watch SAN Syst
D About Roles and Access Levels TABLE 212 Application Features and Role Access Levels (Continued) Feature Roles with Read/Write Access Roles with Read-Only Access User Management SAN System Administrator, IP System Administrator, Security Officer Operator Virtual Network Management SAN System Administrator, IP System Administrator Operator VLAN Manager SAN System Administrator, IP System Administrator Operator Web Services SAN System Administrator, IP System Administrator Operator Zoning
About Roles and Access Levels TABLE 213 SAN Features and Role Access Levels (Continued) Feature Roles with Read/Write Access Roles with Read-Only Access SAN- Port Mapping - Host SAN System Administrator, Security Officer, Host Administrator Operator SAN- Port Mapping - Storage SAN System Administrator Operator SAN- Properties - Add/Delete Columns SAN System Administrator, Host Administrator Operator SAN- Routing Configuration SAN System Administrator Operator SAN- SCOM Management SAN Syst
D About Roles and Access Levels TABLE 214 IP Features and Role Access Levels (Continued) Feature Roles with Read/Write Access IP - Main Display - MRP IP System Administrator, Network Administrator IP - Main Display - VLAN IP System Administrator, Network Administrator IP - MPLS - LSP IP System Administrator IP - MPLS - VCID Pool IP System Administrator IP - MPLS - VLL IP System Administrator IP - MPLS - VPLS IP System Administrator IP - Power Management IP System Administrator IP - Reloa
Appendix E Device Properties In this appendix • SAN device properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Viewing VC module properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • IP device properties. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Host properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Properties customization . . . . . . . . .
E SAN device properties TABLE 215 Fabric properties Field/Component Description Last Discovery The date and time of last discovery. Tracked Whether the fabric is tracked. Location The customer site location. Contact The primary contact at the customer site. Add button Click to add a user-defined property. For more information, refer to “Adding a property field” on page 1991. Edit button Click to edit a user-defined property.
SAN device properties TABLE 216 E Device properties (Continued) Field/Component Description Discovery Status The discovery status of the switch. Examples include ‘Discovered: Seed Switch’ and ‘Discovered: Not Reachable’. Domain ID The device’s domain ID, which is the top-level addressing hierarchy of the domain. Fabric The fabric name. Fabric Name The name specified through the device Element Manager. Fabric Watch Whether Fabric Watch is up or down.
E SAN device properties TABLE 216 1964 Device properties (Continued) Field/Component Description Node Name The name of the node. Node WWN The world wide name of the node. Physical/Logical Whether the device is a physical device or a logical device. Port Count The number of ports. Port Type The port type. Preshared key configured Whether the preshared key is configured for the FCIP tunnel. Reason The device status. Remote Switch Name The remote switch name of the trunk.
SAN device properties TABLE 216 E Device properties (Continued) Field/Component Description WWN The world wide name of the device. Add button Click to add a user-defined property. For more information, refer to “Adding a property field” on page 1991. Edit button Click to edit a user-defined property. For more information, refer to “Editing a property field” on page 1991. Delete button Click to delete a user-defined property.
E SAN device properties Viewing Storage properties The Storage Properties dialog box displays information related to a selected storage device. To view the properties for a storage device, complete the following steps. 1. Select a storage icon. 2. Select Edit > Properties. The Properties dialog box displays. 3. Click the Storage tab. NOTE Some fields may not be available for all products. 1966 Field Description (Status) Lists two kinds of data: the LUN’s health and the state of the LUN’s disks.
SAN device properties E Field Description Host Spares The number of disks assigned as host spares in addition to the disks that make up the LUN. Label A user-specified label. The default value is the name of the label as specified in the storage product. Loop (IBM ESS products only) The physical connection between a pair of product adapters in the ESS product. LSS ID Specifies the logical subsystem of an IBM ESS product. LUN Name The name of the LUN.
E SAN device properties Field Description Edit button Click to edit a user-defined property. For more information, refer to “Editing a property field” on page 1991. Delete button Click to delete a user-defined property. For more information, refer to “Deleting a property field” on page 1992. 4. Click OK on the Properties dialog box to close. Viewing iSCSI Properties dialog box The iSCSI Properties dialog box displays information related to iSCSI.
SAN device properties E Field Description iSCSI Node Type The node type of the product. iSCSI Service The service status; for example, running or not running. iSNS IP Address The IP address of the server to which the product is pointed. ISNS IP Address A list of the iSNS IP addresses this product has been assigned by the user to query. iSNS Service Whether the product is registered with an iSNS server. Location The location of the product.
E SAN device properties Viewing port properties The following port types are available depending on the device: • • • • FC Ports GigE Ports IP Ports iSCSI Ports NOTE iSCSI ports that have an FC Address of all zeros are inactive. All others are active. • Virtual Sessions Ports • Virtual FCoE Ports To view a port’s properties, right-click on a port and select Properties, or double-click the port. The port Properties dialog box displays (Figure 792).
SAN device properties TABLE 217 E Port properties (Continued) Field Description Addressing Mode The addressing mode of the switch. Active FC4 Types The active FC4 types. Active Tunnels The number of active tunnels. Area ID (hex)/Port Index (hex) The area identifier, in hexadecimal, of the switch-to-product connection. Associated GE Port The port number of the associated GE port. Attached Port # The port number of the attached product.
E SAN device properties TABLE 217 Port properties (Continued) Field Description FCIP Capable Whether the port is FCIP capable. FCoE Capable Whether the device is Fibre Channel over Ethernet capable. FCS Role Whether FCS is supported. Flag (FICON related) Whether a flag is on or off. Firmware The firmware version. Forward Error Correction (FEC) Whether FEC is enabled or disabled. GigE Port The GigE port of the FCIP tunnel. GigE Port Count The number of GigE ports on the device.
SAN device properties TABLE 217 E Port properties (Continued) Field Description Model The model number of the device. Modify button Click to launch the Element Manager. Name The name of the port (up to 128 characters). This field is editable. Node Name The name of the node. Node WWN The world wide name of the node.
E SAN device properties TABLE 217 1974 Port properties (Continued) Field Description State The port state (online or offline). Status The port’s operational status (online or offline). Switch Name The switch name. Switch IP The switch IP address. Switch WWN The switch world wide name. Symbolic Name The symbolic name of the port. Tag The tag number of the port. Tape Pipelining Whether tape pipelining is On or Off for the FCIP tunnel.
Viewing VC module properties E Viewing VC module properties To view Virtual Connect (VC) module properties, complete the following steps. 1. Right-click a VC module and select Properties. 2. Review the properties for the device. TABLE 218 Properties tab Field Description Fabric The name of the fabric. Name (Fabric OS modules only) The name of the device. WwnName The world wide name of the device. IP Address (Fabric OS modules only) The IP address of the device. Status The operational status.
E IP device properties TABLE 220 NPIV WWNs tab Field Description NPIV Port WWN The world wide name of the NPIF port. NPIV Node WWN The world wide name of the NPIF node. Name The user-defined name of the NPIV WWN. This is an editable field. Uplink Port Number The port number of the uplink. Uplink Port WWN The port world wide name of the uplink. Server Profile The server profile. Server Bay The server bay number. Virtual Serial Number The serial number. 3.
IP device properties Field/Component Description Properties tab Select to display information about the device. E Detailed Report button Click to launch the detailed product report. Name The name of the product. Alias The alias. Host Name The host name. System Name The system name. IP Address The IP address (IPv4 or IPv6 format) of the product. System OID The system's object identifier. Product Type The type of device. VCS Mode Whether or not the device is in VCS mode.
E IP device properties Field/Component 1978 Description Controller cluster name Only applicable to the selected controller. Cluster name. Controller cluster members Only applicable to the selected controller. IP addresses of the controller cluster peers. Cluster (MCT switches only) The cluster details of the Multi-Chassis Trunk (MCT) switch. MCT cluster details include: • Cluster ID — The MCT cluster ID. • Cluster Name — The MCT cluster name.
IP device properties Field/Component Show list E Description Select the port type you want to display. Options include: All Trunked Ports ICLs MCT Ports • • • • Port Count The number of ports in the group. Port Actions list Select to enable to disable port actions. Performance list Select to launch the Performance dialog box. Identifier The identifier of the port. Name The name of the port. MAC Address The MAC Address of the port. Port Status The status of the port.
E IP device properties Field/Component Description Serial Number The serial number of the AP. Firmware version The firmware level of the AP. Status IP address of the controller which manages the AP. Also displays the port number if the AP is directly connected. Controller \ Port IP address of the controller or switch connected to the AP. Also displays the port number if the AP is directly connected. Connected switch \ Port AP profile name. Profile Name The RF domain name set for the AP.
IP device properties Field/Component E Description Config Mode The configuration mode of the fabric, which is Local Only for a management fabric and fabric. Node Count The number of fabric nodes in the fabric. Principal Switch The name and IP address of the principal switch. Status The health status of the cluster. Admin Status The administrative status of the switch, for example, Normal. Memo Additional comments regarding the switch. Vendor The switch vendor.
E IP device properties Field/Component Memo Additional comments regarding the switch. Vendor The switch vendor. Model The switch model type (VDX 6710, VDX 6720, or VDX 6730). Port Count The number of ports on the switch. Firmware The firmware version and build number. Location The physical location of the product. Contact The name of the person or group you should contact about the product, for example, Technical Support. Description The description of the product.
IP device properties Field/Component E Description Associated MACs list Lists the following details of the Media Access Control (MAC) addresses associated with the port profile: • MAC — The MAC address associated with the port profile. • Name — The name of the vNIC associated with the selected MAC address. • Switch Port — The switch port associated with the selected MAC address. • VM — The virtual machine associated with the selected MAC address.
E IP device properties Field/Component Description Flow Control The Ethernet priority flow control mode of the port. Possible modes are as follows: • Off (the default) • 802.3x pause • Tx On or Off • Rx On or Off • Priority Flow Control. For this mode, the Tx and Rx values for each CoS display in the table. Maps Displays details about the following DCB maps: • CoS to CoS — Displays the details of the CoS to CoS map assigned to the port.
IP device properties Field/Component Port Actions list Description Select one of the following options: Enable Disable Display Attached Port Properties • • • Performance list Select to launch the Performance dialog box. Fabric and Edge Ports properties • • • • • • • • • • • • • • • Brocade Network Advisor SAN + IP User Manual 53-1002949-01 E Identifier — The identifier of the port. Name — The name of the port. This is an editable field. Enter a name (up to 64 characters) for the port.
E IP device properties Field/Component FC Ports properties Description • • • • • • • • • • • • • • • • • • • • • 1986 Identifier — The identifier of the port. Name — The name of the port. This is an editable field. Enter a name (up to 64 characters) for the port. WWN — The world wide name of the device. FC Address — The Fibre Channel address. Each FC port has both an address identifier and a world wide name. Status — The operational status. Additional Info — Additional information about the port.
IP device properties Field/Component E Description SFP/Port Optics Click to view the SFP/Port Optic information: • TX Power — The power transmitted to the SFP in dBm and uWatts. • RX Power — The power received from the port in dBm and uWatts. • Transceiver Temp (C) — The temperature of the SFP transceiver. • Voltage (mVolts) — The voltage across the port in mVolts. • Transceiver Current (mAmps) — The laser bias current value in mAmps.
E Host properties Host properties You can view device and port properties from the Product List or the map. You can customize the Host Properties dialog boxes by creating user-defined property labels (refer to “Adding a property field” on page 1991). NOTE You cannot create user-defined property labels at the adapter level. You can also edit property fields to change information. Fields containing a green triangle ( the lower right corner are editable.
Host properties TABLE 31 E Adapter port properties (Continued) Field Description Class of Service The class of the port; for example, Class-2 or Class-3. Switch The name of the switch. Fabric The name of the Fabric. VM Port Name The port name of the virtual machine associated with the host. Preboot Created Indicates whether preboot was created on the virtual port. PCI Function Index The PCI function number associated with the physical port.
E Properties customization TABLE 31 Adapter port properties (Continued) Field Description FCSP Status Whether FC-SP authentication is being used. Algorithm The configured authentication algorithm. Group The DH group, which is DH-null (group 0), which is the only option. Error Status The health status of the Fibre Channel Security Protocol parameters. QoS Configured QoS State Indicates whether QoS is enabled or disabled. Operating QoS State Indicates whether QoS is on or off.
Properties customization E Adding a property field You can add up to three new user-defined properties to the fabric Properties dialog box as well as the Properties and Ports tabs of the device Properties dialog box. To add a user-defined property, complete the following steps. 1. Right-click any product icon and select Properties. The Properties dialog box displays. 2. Select the tab to which you want to add a property, if necessary. 3. Click Add. The Add Property dialog box displays. 4.
E Properties customization Deleting a property field NOTE Properties customization requires read and write permissions to the Properties - Add / Delete Columns privilege. You can delete any user-defined property from the Properties dialog box. To delete a user-defined property, complete the following steps. 1. Right-click any product icon and select Properties. The Properties dialog box displays. 2. Select the tab on which you want to delete a user-defined property, if necessary. 3.
Appendix F Regular Expressions In this appendix This appendix presents a summary of Unicode regular expression constructs that you can use in the Management application. • Characters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Character classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Predefined character classes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
F Regular Expressions TABLE 1 Matches \e The escape character ('\u001B') \cx The control character corresponding to x TABLE 2 Character classes Construct Matches [abc] a, b, or c (simple class) [^abc] Any character except a, b, or c (negation) [a-zA-Z] a through z or A through Z, inclusive (range) [a-d[m-p]] a through d, or m through p: [a-dm-p] (union) [a-z&&[def]] d, e, or f (intersection) [a-z&&[^bc]] a through z, except for b and c: [ad-z] (subtraction) [a-z&&[^m-p]] a through z
Regular Expressions TABLE 4 POSIX character classes (US-ASCII only) Construct Matches \p{Blank} A space or a tab: [ \t] \p{Cntrl} A control character: [\x00-\x1F\x7F] \p{XDigit} A hexadecimal digit: [0-9a-fA-F] \p{Space} A whitespace character: [ \t\n\x0B\f\r] TABLE 5 java.lang.Character classes (simple java character type) Construct Matches \p{javaLowerCase} Equivalent to java.lang.Character.isLowerCase() \p{javaUpperCase} Equivalent to java.lang.Character.
F Regular Expressions TABLE 8 Construct Matches X? X, once or not at all X* X, zero or more times X+ X, one or more times X{n} X, exactly n times X{n,} X, at least n times X{n,m} X, at least n but not more than m times TABLE 9 Reluctant quantifiers Construct Matches X?? X, once or not at all X*? X, zero or more times X+? X, one or more times X{n}? X, exactly n times X{n,}? X, at least n times X{n,m}? X, at least n but not more than m times TABLE 10 Possessive quantifiers Co
Regular Expressions TABLE 12 F Back references Construct Matches \n Whatever the nth capturing group matched Quotation \ Nothing, but quotes the following character \Q Nothing, but quotes all characters until \E \E Nothing, but ends quoting started by \Q TABLE 13 Special constructs (non-capturing) Construct Matches (?:X) X, as a non-capturing group (?idmsux-idmsux) Nothing, but turns match flags on–off (?idmsux-idmsux:X) X, as a non-capturing group with the given flags on–off (?=X)
Appendix G CLI Templates In this appendix The Management application provides preconfigured Configuration templates for IronWare and Network OS devices. By default, all preconfigured templates are configure to prompt for additional targets during manual deployment. The preconfigured templates include the following: • HyperEdge – Stack Enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • HyperEdge – Stack Disable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
G CLI Templates • Network OS – Configure RX Symbol Errors Monitor . . . . . . . . . . . . . . . . • Network OS – Configure Standard L2 Access List . . . . . . . . . . . . . . . . . • Network OS – Create CoS Mutation Map. . . . . . . . . . . . . . . . . . . . . . . . . • Network OS – Create LLDP Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Network OS – Create Port Profile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Network OS – Create Traffic Class Map . . . . .
CLI Templates G • IronWare OS VLAN – Configure virtual routing interface . . . . . . . . . . . . 2013 • IronWare OS VLAN – Enable Spanning Tree Protocol on IOS VLAN . . . . 2013 • IronWare OS VLAN – Disable Spanning Tree Protocol on IOS VLAN. . . . . 2014 • Network OS VLAN – VLAN Interface Creation . . . . . . . . . . . . . . . . . . . . . . 2014 • Network OS VLAN – VLAN Interface Deletion . . . . . . . . . . . . . . . . . . . . . . 2014 • Network OS VLAN – Layer2 Switch Port Configuration . . . . . . . .
G CLI Templates TABLE 19 Feature HyperEdge – Stack Trunk Deletion Description HyperEdge To delete stacking trunks.
CLI Templates TABLE 27 IronWare OS – Configure L2-Access-List Feature Description CLI Commands ACL access-list $ deny $ $ any access-list $ deny any $ $ access-list $ permit $ $ any access-list $ permit any any no access-list $ permit any any no access-list $ permit $ $ any
G CLI Templates TABLE 31 Feature Description CLI Commands MCT Delete cluster. no cluster $ $ no vlan $ no vlan $ TABLE 32 MCT Client Creation Feature Description CLI Commands MCT Create a cluster client.
CLI Templates TABLE 36 G MPLS – Endpoint Configuration Feature Description CLI Commands MPLS Used to configure MPLS endpoints. Disable FDP, CDP as they are not supported in MPLS endpoints.
G CLI Templates TABLE 39 Network OS – Configure Extended L2 Access List Feature Description CLI Commands ACL This template is used to configure an extended L2 ACL on Network OS products running 3.0 or later.
CLI Templates TABLE 42 G Network OS – Configure RX Missing Terminations Characters Monitor Feature Description CLI Commands Network OS This template is used to configure threshold and alert values for RX Missing Termination Characters monitoring. Possible values for timebase are day, hour, minute and none. Buffer value cannot be more than average of high plus low threshold. Supported Values for High and Low Threshold Action Parameters are email, raslog, all, and none.
G CLI Templates TABLE 46 Feature Description CLI Commands QoS This template is used to create LLDP profile and configure LLDP profile parameters protocol lldp profile $ description $ hello $ multiplier $ advertise dcbx-fcoe-logical-link-tlv advertise dcbx-fcoe-app-tlv TABLE 47 Network OS – Create Port Profile Feature Description CLI Commands AMPP Creates the port profile and its sub profile.
CLI Templates TABLE 50 G Network OS – Create VLAN Classifier Rule Feature Description CLI Commands QoS This template is used to create a protocol-based or MAC address-based VLAN classifier rule vlan classifier rule $ $ TABLE 51 Network OS – Delete Port Profiles Feature Description CLI Commands AMPP Removes the port profile.
G CLI Templates TABLE 55 Feature Description CLI Commands VLAN To configure PVLAN type (Isolated, community or primary) to a VLAN. interface vlan $
CLI Templates TABLE 62 G Private VLAN – Map primary and secondary VLAN to promiscuous port Feature Description CLI Commands VLAN To assign Primary Vlan to Promiscuous port. This command also maps a Promiscuous port to selected secondary VLANs.
G CLI Templates TABLE 68 Feature Description CLI Commands VLAN To display the private vlan status. show vlan private-vlan TABLE 69 VRF – VRF Creation Feature Description CLI Commands VRF To create VRF in specific RBridge. rbridge-id $ vrf $ TABLE 70 VRF – VRF Deletion Feature Description CLI Commands VRF To delete VRF from specific RBridge.
CLI Templates TABLE 75 VRF – Display VRF Information Feature Description CLI Commands VLAN To display the VRF details. show vrf detail show vrf rbridge-id $ show vrf $ TABLE 76 IronWare OS VLAN – Remove interfaces from VLAN as untagged Feature Description CLI Commands VLAN To remove interfaces from the VLAN as untagged.
G CLI Templates TABLE 84 Feature Description CLI Commands VLAN To disable spanning tree protocol on VLAN. vlan $ no spanning-tree TABLE 85 Network OS VLAN – VLAN Interface Creation Feature Description CLI Commands VLAN To create a VLAN Interface. interface vlan $ TABLE 86 Network OS VLAN – VLAN Interface Deletion Feature Description CLI Commands VLAN To delete a VLAN Interface.
CLI Templates TABLE 91 G Network OS VLAN – Disable Native VLAN Configuration Feature Description CLI Commands VLAN To disable native VLAN from a trunk interface. interface tengigabitethernet $ no switchport trunk native-vlan $ TABLE 92 Network OS VLAN – Access Interface Configuration Feature Description CLI Commands VLAN To configure the interface as an access interface.
Appendix H Troubleshooting In this chapter • Application Configuration Wizard troubleshooting . . . . . . . . . . . . . . . . . • Browser troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Client browser troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuration backup and restore troubleshooting . . . . . . . . . . . . . . . . • Fabric tracking troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
H Application Configuration Wizard troubleshooting Application Configuration Wizard troubleshooting The following section states a possible issue and the recommended solution for Management application Configuration Wizard errors. Problem Resolution Unable to launch the Management application Configuration Wizard on a Windows Vista, Windows 7,or Windows 2008 R2 system The Windows Vista, Windows 7,or Windows 2008 R2 system enables the User Access Control (UAC) option by default.
Client browser troubleshooting H Client browser troubleshooting The following section states a possible issue and the recommended solution for client browser errors. Problem Resolution Downloading Client from a Internet Explorer Browser over HTTPS • If the JNLP file does not launch automatically, use one of the following options: Complete the following steps. 1 Save the JNLP file to the local host. 2 Launch the JNLP file manually. • In Internet Explorer 7, complete the following steps.
H Fabric tracking troubleshooting Fabric tracking troubleshooting The following section states a possible issue and the recommended solution for fabric tracking errors. Problem Resolution If a switch is replaced by another switch having the same IP address but a different node WWN while fabric tracking is on, the Management application does not update the Product List, Connectivity Map or switch properties with the new node WWN.
Firmware download troubleshooting H Firmware download troubleshooting The following section states a possible issue and the recommended solution for firmware download errors. Problem Resolution If you configured an internal FTP server and the Management application server is running IPv6, firmware download is not supported. Choose from one of the following options: • If the Management application is running IPv6 only, configure an external FTP server.
H Launch Client troubleshooting Launch Client troubleshooting The following section states a possible issue and the recommended solution if you are unable to launch the remote client. Problem Resolution Remote client does not upgrade from versions prior to 11.0. The remote client does not automatically upgrade when you select the remote client shortcut of client versions earlier than 11.0. To clear the old client and launch the new remote client version, complete the following steps.
Launch Client troubleshooting H Problem Resolution Unable to log into the Client (the application does not launch when you use a valid user name and password and exceptions are thrown in the client side). Use one the following procedures to configure the IP address in the host file. Windows operating systems 1 Log in using the 'Administrator' privilege. 2 Select Start > Run. 3 Type drivers in the Open field and press Enter. 4 Go to the ‘etc’ folder and open the ‘hosts’ file using a text editor.
H Master Log and Switch Console troubleshooting Master Log and Switch Console troubleshooting The following section states a possible issue and the recommended solution for switch console errors. Problem Resolution Too many login and log messages received on switch console and and Master Log due to lazy polling. NOTE: This setting cannot be disabled for DCB switches. To disable lazy polling, complete the following steps. 1 Select Discover > IP Products. The Discover Setup - IP dialog box displays.
Patch troubleshooting H Patch troubleshooting The following section states a possible issue and the recommended solution for patch errors. Problem Resolution Unable to launch the SMC on a Windows Vista,Windows 7,or Windows 2008 R2 system The Windows Vista,Windows 7,or Windows 2008 R2 system enables the User Access Control (UAC) option by default. When the UAC option is enabled, the SMC cannot launch.
H Performance troubleshooting Performance troubleshooting The following section states a possible issue and the recommended solution for Performance errors. Problem Resolution An error message with the following text displays: Real Time statistics collection has failed. Please see master log for details. Make sure that the following prerequisites for Performance Monitoring Data collection are met.
Performance troubleshooting Problem Resolution An error message with the following text displays: Real Time statistics collection has failed. Please see master log for details. 2 Brocade Network Advisor SAN + IP User Manual 53-1002949-01 H To collect data, the SNMP credentials in the Management application and switch must match. SNMP v1 or v3: The community strings entered in the Address Properties dialog box SNMP tab must match the one entered in the switch.
H Performance troubleshooting Problem Resolution An error message with the following text displays: Real Time statistics collection has failed. Please see master log for details. 3 To collect GigE port and FCIP statistics, you must enable the FCIP-MIB capability.
Performance troubleshooting H Problem Resolution An error message with the following text displays: Real Time statistics collection has failed. Please see master log for details. 5 To collect data on Virtual Fabric-enabled switches, the Fabric OS user must have access to all Virtual Fabrics. The SNMPv3 user name must be the same as the Fabric OS user name. If the SNMPv3 and Fabric OS user names do not match, data is not collected for the virtual switches with the non-default VF ID.
H Port Fencing troubleshooting Port Fencing troubleshooting The following section states a possible issue and the recommended solution for Port Fencing errors. Problem Resolution If you segment a switch from a fabric then rediscover the switch without accepting changes, the Port Fencing dialog box displays the switch twice and the port count is doubled. Right-click on the fabric that the segmented switch (with red minus icon) is part of and select Accept Changes.
Server Management Console troubleshooting H Server Management Console troubleshooting The following section states a possible issue and the recommended solution for server management console errors. Problem Resolution Unable to launch the SMC on a Windows Vista,Windows 7 , or Windows 2008 R2 system The Windows Vista,Windows 7,or Windows 2008 R2 system enables the User Access Control (UAC) option by default. When the UAC option is enabled, the SMC cannot launch.
H Supportsave troubleshooting Problem Resolution Unable to launch the SMC on a Windows Vista or Windows 7 system continued Disable using the Group Policy by completing the following steps. You can perform this procedure on you local machine using Local Group Policy editor or for many computers at the same time using the Active Directory-based Group Policy Object (GPO) editor. To disable using the Local Group Policy editor, complete the following steps.
Technical support data collection troubleshooting H Technical support data collection troubleshooting The following section states a possible issue and the recommended solution for technical support data collection errors.
H Wireless troubleshooting Wireless troubleshooting After discovery, the Management application inspects the trap listener and syslog recipient configuration on wireless controllers. If there is a problem with the registration, the Management application changes the “registration success” master log event to a warning event with additional message text.
Zoning troubleshooting H Problem Resolution Zoning activation message displays for a long time, but zone configuration is not activated. Telnet zoning can take a long time. To improve speed, open the Discover Setup dialog box (Discover > Setup) and add the IP address for the device to the Selected Individual Addresses list. Out of memory error caused by running a zoning report for a large zone configuration (1 MB) in a medium-sized SAN due to a third party tool.
Appendix I Database Fields In this appendix • Database tables and fields. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2037 • Views . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2243 Database tables and fields NOTE The primary keys are marked by an asterisk (*) TABLE 98 ACH_CALL_CENTER Field Definition Format ID * Unique generated database identifier. int NAME Name of the Call Center.
I Database tables and fields TABLE 100 Definition Format Size TYPE Type of the event. varchar 256 CONTRIBUTOR_PATTERN Indicates the Contributor pattern to be used for searching the event contributor in event description. In some cases, FOS uses same message id for different events (e.g MAPS events). To increase the filtering capability of Call Home events, this contributor pattern string is used along with message id.
I Database tables and fields TABLE 105 ADAPTER_DRIVER_FILE_DETAILS Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 110 AOR_HOST_MAP Field Definition Format AOR_ID ID of AOR int HOST_ID HOST ID which is in the AOR int TABLE 111 AOR_INM_PORT_GROUP_MAP Field Definition Format AOR_ID ID of AOR int PORT_GROUP_ID IP of port group int TABLE 112 Definition Format AOR_ID The column holds ID of an AOR. It is Foreign Key and refers to ID column of AOR table int VIP_SERVER_ID The column holds ID of VIP Server.
I Database tables and fields TABLE 114 BIRTREPORT_PARAMETER (Continued) Field DATA_TYPE Format Data type of the parameter. Possible values are: 1 - String 2 - Float 3 - Decimal 4 - Date and Time 5 - Boolean 6 - Integer 7 - Date 8 - Time int Value of the Parameter. varchar 256 Size • • • • • • • • PARAMETER_VALUE TABLE 115 Definition Size BIRTREPORT_RUN_TEMPLATE Field Definition Format ID The primary key of the table.
I Database tables and fields TABLE 117 Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 121 CARD (Continued) Field Definition Format Size STATE State of the blade, such as ENABLED or DISABLED. varchar 32 POWER_STATE State of power supply to the blade. varchar 16 varchar 32 ATTN_STATE SERIAL_NUMBER Factory serial number of the blade. varchar 32 PART_NUMBER The part number assigned by the organization responsible for producing or manufacturing the blade. varchar 32 TRUNKING_SUPPORTED 1 = trunking is supported on this blade.
I Database tables and fields TABLE 121 Definition Format HEADER_VERSION The OEM or vendor-assigned version number. int GIGE_MODE Determines the port operating mode for GE ports. 0 - 1G 1 - 10G 2 - Dual mode 3 - Failover mode Default value -1 means it is not applicable. smallint TABLE 122 • • • • Definition Format CARD_ID * DB ID of the card. int CAPABILITY_ * Name of the capability detected on the card. varchar ENABLED 1 = the capability is enabled on the card. Default value is 0.
I Database tables and fields TABLE 126 CEE_PORT (Continued) Field Definition Format IF_INDEX Interface index int IF_NAME Interface name varchar 256 IF_MODE Gige port mode (L2, L3, none) varchar 8 L2_MODE L2 mode (hybrid, trunk, access) varchar 32 VLAN_ID List of VLAN this port belongs to text LAG_ID LAG ID this port belongs to int IP_ADDRESS Port''s configured IP address varchar 128 MAC_ADDRESS Port''s MAC address varchar 64 PORT_SPEED Speed in Gb/sec.
I Database tables and fields TABLE 128 Definition Format Size ENTITY_CATEGORY Holds the type of the entity to whom the column name belongs to like Port, Fabric, IPProduct, VCSInterface, etc' varchar 128 COLUMN_INDEX Used to differentiate user defined columns and static columns. For static it is 0 and for user defined columns it is 1,2,3. small int DESCRIPTION Holds description of the column. varchar ICON_ID Holds Icon Id for the column. Currently it is unused.
I Database tables and fields TABLE 133 CNA_ETH_PORT Field Definition Format ID ID of the Eth port int ETH_DEV Ethernet device varchar ETH_LOG_LEVEL Log level for the Ethernet device. Possible values are 0 - Log Invalid 1 - Log Critical 2 - Log Error 3 - Log Warning 4 - Log Info int NAME Name of the port varchar 256 MAC_ADDRESS MAC Address varchar 64 IOC_ID IO controller ID. The default value is 0.
I Database tables and fields TABLE 135 Definition Format Size MAX_BANDWIDTH Maximum guaranteed bandwidth. Value will be in Gbps (1 to 10). varchar 64 MIN_BANDWIDTH Minimum guaranteed bandwidth. Value will be in Gbps (0 to 10). int PORT_NUMBER Physical port number of adapter. int PORT_TYPE Type of this port. For example, ETH. varchar CREATION_TIME Creation time of this DB record. timestamp CONFIGURATION_STATUS Indicates current configuration status of the port.
I Database tables and fields TABLE 138 COLLECTOR_MIB_OBJECT_ENTRY Field Definition Format COLLECTOR_MIB_OBJECT_ ENTRY_ID Primary key autogenerated ID. int COLLECTOR_ID ID of the PERF_COLLECTOR. int MIB_OBJECT_ID MIB_OBJECT table DB ID. int TABLE 139 COLLECTOR_SNMP_EXPRESSION_ENTRY Field Definition Format COLLECTOR_SNMP_EXPRE SSION_ENTRY_ID Primary key autogenerated ID. int COLLECTOR_ID ID of the PERF_COLLECTOR. int EXPRESSION_ID Id of the SNMP_EXPRESSION.
I Database tables and fields TABLE 141 2050 CORE_SWITCH (Continued) Field Definition Format REACHABLE Determines whether the switch is reachable from the Management application. 1 is reachable and 0 is unreachable smallint UNREACHABLE_TIME Time when the switch becomes unreachable. timestamp OPERATIONAL_STATUS Chassis operational status like FRU, Power Supply etc.. varchar CREATION_TIME Core switch record creation time. This tells us when the intial discovery has happened.
I Database tables and fields TABLE 141 CORE_SWITCH (Continued) Field Definition Format Size NAT_PRIVATE_IP_ADDRESS NAT private IP Address. Feature available from NMS DC Eureka release onwards. During a successful NAT translation the Private IP that gets translated will be stored in this field. The new translated IP Address will be stored in the existing IP_ADDRESS field. All the NAT look up will be done using the NAT Private IP Address.
I Database tables and fields TABLE 145 CORE_SWITCH_DETAILS (Continued) Field Definition Format Size FC_MASK FC IP Address ethernet mask. char 64 FC_IP Fibre Channel IP address. char 64 FC_CERTIFICATE FC IP Address. smallint SW_LICENSE_ID License ID of the chassis. char 23 SUPPLIER_SERIAL_ NUMBER Supplier serial number for the switch. varchar 32 PART_NUMBER Partnumber of the switch varchar 32 CHECK_BEACON Denotes if Switch Beacon is enabled or not on the switch.
I Database tables and fields TABLE 145 CORE_SWITCH_DETAILS (Continued) Field Definition Format Size VENDOR_VERSION Required by integrated SMI agent to populate Brocade_Product.Version property. varchar 32 VENDOR_PART_NUMBER Required by integrated SMI agent to populate Brocade_Product.SKUNumber property. varchar 32 SNMP_INFORMS_ENABLED Flag to denote whether SNMP informs option in the switch is enabled or disabled. Default value is 0.
I Database tables and fields TABLE 147 CRYPTO_LUN Field Definition Format ID Unique generated database identifier. int CRYPTO_TARGET_CONTAI NER_ID Foreign key reference to the CRYPTO_TARGET_CONTAINER that contains the host for which these LUNs are configured. int SERIAL_NUMBER The LUN serial number, used to identify the physical LUN. varchar ENCRYPTION_STATE Boolean. • True (1) if LUN is being encrypted. • False (0) if cleartext. The default value is 0.
I Database tables and fields TABLE 147 CRYPTO_LUN (Continued) Field Definition Format DECRYPT_EXISTING_DATA Not used. When configuring disk LUN that was previously encrypted and is to become cleartext, this property tells the switch whether or not to start a re-keying operation to decrypt the existing LUN data. This property does not need to be persisted. This feature is no longer supported in FOS. smallint KEY_ID Hex-encoded binary key vault ID for the current data encryption key for this LUN.
I Database tables and fields TABLE 147 Definition Format Size NEW_LUN_TYPE This field indicates the role of the LUN configured in the SRDF mode. The values could be R1, R2 or UNKNOWN. Feature available only from 6.4 release onwards and for RSA key vaults. CryptoLuncollector fills in this value. varchar 64 DISABLE_WRITE_EARLY_A CK This variable indicates whether write early acknowledgement is enabled (if value is 0) or disabled (if value is 1).
I Database tables and fields TABLE 148 CRYPTO_SWITCH (Continued) Field Definition Format PRIMARY_VAULT_LINK_ STATUS The status of the link key for the primary key vault. Link keys are used only for NetApp LKM key vaults. For possible values, see the enum definition in the DTO class. Default value is 0. smallint BACKUP_VAULT_LINK_ STATUS The status of the link key for the backup key vault. Link keys are used only for NetApp LKM key vaults.
I Database tables and fields TABLE 149 Definition Format FAILOVER_STATUS Indicates whether this container''s target is being encrypted by the encryption engine on which the container is configured (value 0) or by another encryption engine in the HA Cluster (value 1). Default value is 0.. smallint FAILOVER_STATUS_2 Failover status from the HA Cluster peer. smallint DEVICE_STATUS The physical target storage device operational status when the virtual initiator last attempted to access the target.
I Database tables and fields TABLE 151 DASHBOARD (Continued) Field Definition Format CREATION_TIME Time when dashboard was created. timestamp LAST_OPENED_TIME Time when dashboard was last opened. timestamp TABLE 152 Size DASHBOARD_CANVAS Field Definition Format ID Dashboard Canvas ID. int NAME Name of the Dashboard canvas. varchar 128 DESCRIPTION Description of the dashboard canvas.
I Database tables and fields TABLE 154 Definition PROVIDER_GROUP The Group to which the Provider belong to. varchar Similar providers will have same group name. PROVIDER_ORDER The order of execution passed to the Job Executor framework. Provider belong to same group will have different order number. Default: 0 TABLE 155 2060 DASHBOARD_PROVIDER Field Format Size 128 int DASHBOARD_WIDGET Field Definition Format Size ID ID of the dashboard widget. Auto incremented.
I Database tables and fields TABLE 155 DASHBOARD_WIDGET (Continued) Field Definition Format installation_type Indicates the widgets is SAN Only (0) / IP Only (1) / SAN_IP (2)' int shared_provider Can the provider be shared? 0 - Not Shared 1 - Shared. int TABLE 156 Size DASHBOARD_WIDGET_PREFERENCE Field Definition Format ID Auto incremented widget preference ID. int WIDGET_ID Foreign Key to DASHBOARD_WIDGET(ID). int USER_ID Foreign Key to USER_ (ID).
I Database tables and fields TABLE 157 Definition Format Size MAIN_MEASURE The Additional measures based on the FAVORITE.MAIN_MEASURE varchar 40 ADDITIONAL_MEASURE The Additional measures based on the FAVORITE.MAIN_MEASURE int TABLE 158 DEFAULT_WIDGET_PREFERENCE Field Definition Format ID Auto incremented Dashboard Widget Preference ID. int dashboard_id Foreign Key to DASHBOARD(ID). int widget_id Foreign Key to DASHBOARD_WIDGET(ID).
I Database tables and fields TABLE 159 DEPLOYMENT_CONFIGURATION (Continued) Field Definition Format SNAPSHOT_ENABLED 1 indicates that snapshot is applied to the configuration smallint CLI_TEMPLATE_ID Identifies the CLI template details.
I Database tables and fields TABLE 161 Definition Format PRODUCT_ID This record will be per product. Hence this will have the id of the product. int PRODUCT_TYPE_ID Foreign Key references TARGET_TYPE(id). This identifies the PRODUCT_ID. (Whether it is switch, device, etc). int STATUS Indicated the product deployment status 1-Aborted 2-Succesful 3-Partial Failure 4-Failed smallint MESSAGE Message to be displayed in the report.
I Database tables and fields TABLE 163 DEPLOYMENT_TARGET_MAP (Continued) Field Definition Format TARGET_TYPE_ID Foreign Key references TARGET_TYPE (id) Identifies the target type int TARGET_PARENT_ID Identifies the parent of the target. If, switch, device, port group, device group it will be same as target id. If it is port/interfaces the parent id will be the switch id int TABLE 164 Size DEVICE Field Definition Format DEVICE_ID Primary key for this table.
I Database tables and fields TABLE 164 DEVICE (Continued) Field Definition Format Size IS_SLB Flag to identify whether the device supports server load balancing or not. num (1,0) varchar 64 varchar 64 LAST_PROBE_TIME varchar 64 LAST_PROBE_STATUS varchar 64 FIRST_SEEN_TIME LAST_SEEN_TIME 2066 Time when the device is getting discovered by recent collection. IS_SFLOW_CAPABLE Flag to identify whether the device is SFlow capable or not.
I Database tables and fields TABLE 164 DEVICE (Continued) Field Definition Format Size TACPLUS_USERNAME_READ_ONL Y TACACS+ username for read only access. varchar 512 TACPLUS_PASSWORD_READ_ONL Y TACACS+ password for read only access. varchar 512 ENABLE_PASSWORD_PORT_CFG Enable password configured in device used for port configuration. varchar 512 ENABLE_PASSWORD_READ_ONLY Enable password for read only access. varchar 512 ADMIN_STATUS Device admin status.
I Database tables and fields TABLE 164 DEVICE (Continued) Field Definition Format PORT_COUNT Record the number of presented physical ports on the device. int SERIAL_NUMBER Record the serial number of the device. If there is no serial number, an empty string will be stored.
I Database tables and fields TABLE 164 DEVICE (Continued) Field Definition Format NETCONF_TRANSPORT The transport protocol used to connect to this device through Netconf. Possible values are: • 0=Netconf not supported by this device • 1=SSH • 2=HTTPS • 3=HTTP • 4=WING_HTTPS • 5=WING_HTTP smallint POE_CAPABLE The POE capability of device. Possible values are: • 0 = POE is not supported by this device • 1 = POE is supported with IEEE 802.
I Database tables and fields TABLE 164 2070 DEVICE (Continued) Field Definition Format Size VCS_LICENSED Indicates whether the cluster device has VCS license or not. Possible values are 0 for not applicable, 1 for licensed, 2 for not licensed. 0 is default. Clusters with 2 or less nodes will have value of 0 as all those clusters are automatically licensed. Clusters with 3 or more nodes will have values 1 or 2 depending on whether the license was acquired or not.
I Database tables and fields TABLE 164 DEVICE (Continued) Field Definition Format Size USER_DEFINED_VALUE_3 User defined value used for product. varchar 256 CLUSTER_MEMBER_STATE Indicates the state of the member in Fabric Cluster and Management Cluster. States can be Online, Offline, Rejoining etc.. For all other devices this column will be empty. varchar 64 TABLE 165 DEVICE_ENCLOSURE Field Definition Format ID* Unique generated database identifier.
I Database tables and fields TABLE 165 Definition Format TRUSTED Flag to mark the enclosure trusted. Default value is 0. smallint CREATION_TIME Time when enclosure was created. Default is ’now()’. timestamp MISSING Flag to indicate missing enclosure. Default value is 0. smallint MISSING_TIME Time when the enclosure is found to be missing. timestamp HOST_NAME Host Name corresponding to the Device Enclsoure.
I Database tables and fields TABLE 167 DEVICE_FDMI_DETAILS (Continued) Field Definition Format Size FIRMWARE_VERSION Holds the firmware version of the device available via FDMI ex: 2.1.0.2 varchar 64 DRIVER_VERSION Holds the driver version of the device available via FDMI, ex: 2.1.0.
I Database tables and fields TABLE 169 DEVICE_GROUP_ENTRY Field Definition Format DEVICE_GROUP_ID Database ID of the DEVICE_GROUP instance which the device is member of. int DEVICE_GROUP_ENTRY_ID Unique database auto generated identifier. int DEVICE_ID Database ID of the member DEVICE. int TABLE 170 DEVICE_NODE Field Definition Format ID* Unique generated database identifier. int FABRIC_ID Fabric DB ID to which this device node belongs. int WWN Device node WWN.
I Database tables and fields TABLE 171 DEVICE_PORT Field Definition Format NODE_ID Reference to the ID of the Device Node of which this device port is a part of. int DOMAIN_ID Stores the Domain ID of the switch to which this device port is connected to. int WWN Stores the Device Port WWN char 23 SWITCH_PORT_WWN Stores the switch port wwn to which this device port is physically connected to.
I Database tables and fields TABLE 172 Field Definition Format DEVICE_PORT_ID The primary key of the DevicePort int GIGE_PORT_ID The primary key of the GigEPort. int DIRECT_ATTACH Indicates whether the device port is directly attached to the CEE 10G TE port. smallint VIRTUAL_FCOE_PORT_ID The value of virtual_fcoe_port_id in the Device_Port_Gige_Port_Link table is applicable only for NOS devices.
I Database tables and fields TABLE 174 ENCRYPTION_ENGINE (Continued) Field Definition Format STATE Administrative state for this engine. 0 = disabled, 1 = enabled. The default value is 0. smallint SP_CERTIFICATE The public key certificate, in PEM format, for the Security Processor within the Encryption Engine. Used to create link keys for Decru LKM key vaults. varchar EE_STATE The operational status of this Encryption Engine.
I Database tables and fields TABLE 175 ENCRYPTION_GROUP (Continued) Field Definition Format Size LEADER_SWITCH_WWN The Node WWN of the current group leader switch. Each encryption group has one group leader switch. char 23 DEPLOYMENT_MODE Indicates Transparent (0) or NonTransparent (1) deployment mode. Only Transparent mode is currently supported. All switches in the Encryption Group share the same deployment mode.
I Database tables and fields TABLE 175 ENCRYPTION_GROUP (Continued) Field Definition Format KEY_VAULT_TYPE Indicates the type of key vault used by switches in this Encryption Group. 0 = Decru Lifetime Key Manager (LKM), 1 = RSA Key Manager (RKM), 2 = Brocade internal key storage (for demo use only). The default value is 0. smallint PRIMARY_KEY_VAULT_ID Foreign key reference to the KEY_VAULT record that describes the primary key vault for this Encryption Group.
I Database tables and fields TABLE 177 Definition Format Size AUTHENTICATION_MODE Indicates the configured User Authentication mode for the encryption group. Possible values are None, Username, UserPass, and NA. varchar 32 CERTIFICATE_TYPE Indicates the configured Certificate Type for the encryption group. Possible values are self, CASign, and NA. varchar 32 Size TABLE 178 ENCRYPTION_TAPE_POOL Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 180 ETHERNET_INTERFACE Field Definition INTERFACE_ID TABLE 181 Format int ETHERNET_ISL Field Definition Format ID Unique generated database identifier. int SOURCE_PORT_ID The unique id of the source port. int DEST_PORT_ID The unique id of the destination port. int MISSING Flag to identify whether the ethernet isl link is missing from the switch. smallint, MISSING_TIME Time when the ethernet isl link is missing from the switch.
I Database tables and fields TABLE 182 Definition Format EVENT_DESCRIPTION_ID Indicates the identifier of the event description in the EVENT_DESCRIPTION table. int LAST_OCCURRENCE_HOST _TIME Indicates the the Management application server timestamp when this event occurred last. timestamp EVENT_COUNT Indicates the number of occurrences of the event. Count indicates the number of times the same event occurred in a given ten minute window.
I Database tables and fields TABLE 184 EVENT_CATEGORY Field Definition Format ID Unique generated database identifier. int DESCRIPTION Holds the event categories. Possible values : Unknown- 0, Product Event- 1, Link Incident Event- 2 , Product Audit Event- 3, Product Status Event- 4, Security Event- 5 , User Action Event- 6, Management Server Event- 7. varchar 50 Size TABLE 185 Size EVENT_DESCRIPTION Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 186 Definition Format Size USER_NAME Captures the user information from audit Syslog messages. Varchar 512 PORT_NAME Shows the PortName for the corresponding port. Varchar 255 MAC_ADDRESS 'Indicates the MAC address of the Access Point from which this event is received. If the event is received from the wireless controller or any other products, this will be empty.
I Database tables and fields TABLE 188 EVENT_POLICY_SOURCE_ENTRY (Continued) Field Definition Format DEVICE_GROUP_ID A reference key to the Device Group Do not maintain it as a foreign key constraints. The default value is 0. int PORT_GROUP_ID A reference key to the Port Group Do not maintain it as a foreign key constraints. The default value is 0.
I Database tables and fields TABLE 190 Definition Format Size OPERATOR4 AND operator used to append the rule. varchar 12 WWN Source WWN. varchar 1024 OPERATOR5 AND operator used to append the rule. varchar 12 COUNT Count of the specified event. int OPERATOR6 AND operator used to append the rule. varchar DURATION Duration of the specified event. bigint STATE State of the rule: • 0 = Disabled • 1 = Enabled smallint SEVERITY_LEVEL Event severity level. Default value is 4.
I Database tables and fields TABLE 191 FABRIC (Continued) Field Definition Format MANAGEMENT_STATE Bit map to indicate various management indications for the fabric. Default value is 0. smallint TRACK_CHANGES 1 = changes (member switches, ISL and devices) in the fabric are tracked. Default value is 0. smallint STATS_COLLECTION 1 = statistics collection is enabled on the fabric. Default value is 0. smallint CREATION_TIME When the fabric record is inserted, i.e., created.
I Database tables and fields TABLE 191 Definition Format BOTTLENECK_STATUS Holds bottleneck status of fabric. Default is 0, Values are 0 or 1. int VCS_LICENSED Indicates whether the fabric has VCS license or not. Possible values are 0 for not applicable, 1 for licensed, 2 for not licensed. 0 is default. Fabrics representing clusters with 2 or less nodes will have value of 0 as all those are automatically licensed.
I Database tables and fields TABLE 194 FABRIC_MEMBER (Continued) Field Definition Format MISSING_TIME When it is missed from the fabric; null if the member is entrusted. timestamp LAST_UPDATE Last Updated time for the record. bigint TABLE 195 FABRIC_THRESHOLD_SETTING Field Definition Format FABRIC_ID* References the ID in FABRIC table int POLICY_ID* References the ID in THRESHOLD_POLICY table int TABLE 196 Definition Format FABRIC_ID Foreign key to ID in fabric table.
I Database tables and fields TABLE 198 FAVORITES (Continued) Field Definition Format CUSTOM_FROM The starting time. timestamp CUSTOM_TO The ending time. timestamp GRANULARITY The granularity. varchar THRESHOLD The reference line. int MAIN_MEASURE The measure of FC/FCIP/GE. varchar ADDITIONAL_MEASURE The additional measures. int CUSTOM_SELECTION_OBJE CT_TYPE Represents the selected filter type.
I Database tables and fields TABLE 201 FCIP_TUNNEL (Continued) Field Definition Format COMMUNICATION_RATE Bandwidth specified for the tunnel. double precision MIN_RETRANSMIT_TIME FCIP Tunnel Parameter. int SELECTIVE_ACK_ENABLED FCIP Tunnel Parameter. smallint KEEP_ALIVE_TIMEOUT FCIP Tunnel Parameter. int MAX_RETRANSMISSION FCIP Tunnel Parameter. int WAN_TOV_ENABLED Is WAN TOV enabled. Default value is 0. smallint TUNNEL_STATUS Tunnel Status (Active/Inactive).
I Database tables and fields TABLE 201 FCIP_TUNNEL (Continued) Field 2092 Definition Format FICON_TR_EMUL_ENABLED Whether Ficon_Tape_Read_Emulation is enabled on that tunnel. Default value is 0. smallint FICON_DEBUG_FLAGS FICON_DEBUG_FLAGS for that particular tunnel. Default value is -1. double precision REMOTE_WWN Configured WWN of the Remote Node. char CDC CDC Flag. Default value is 0. smallint ADMIN_STATUS Admin Status of the Tunnel. Default value is 0.
I Database tables and fields TABLE 201 FCIP_TUNNEL (Continued) Field Definition Format TURBO_WRITE_ENABLED Whether turbo write (fast write) is enabled or not (0,1). Default value is 0. smallint TAPE_ACCELERATION_ENA BLED Whether turbo write (fast write) is enabled or not (0,1). Default value is 0. smallint IPSEC_ENABLED Default value is 0. smallint PRESHARED_KEY The preshared key on tunnel. char QOS_HIGH QoS high value. smallint QOS_MEDIUM QoS medium value.
I Database tables and fields TABLE 202 2094 FCIP_TUNNEL_CIRCUIT (Continued) Field Definition Format VLAN_TAG VLAN Tag of the circuit. The default value is -1 int SELECTIVE_ACK Select acknowledgement flag.The default value is 0. smallint QOS_MAPPING QOS Mapping. The default value is 0. smallint PATH_MTU_DISCOVERY MTU Discovery Path. The default value is 0. smallint MIN_COMM_RATE Minimum communication int Speed. The default value is 0. MAX_COMM_RATE Maximum communication int Speed.
I Database tables and fields TABLE 202 FCIP_TUNNEL_CIRCUIT (Continued) Field Definition Format ENABLED Is circuit enabled. Default: 0, Values: 0|1. The default value is 0. smallint MISMATCHED_CONFIGURATIONS If a tunnel is down due to mismatched configurations on local and remote end, this property specifies the list of such mismatched configurations. varchar 1024 CIRCUIT_STATUS_STRING Circuit Status string value from switch for the tunnel varchar 256 L2COS_F_CLASS The default value is 0.
I Database tables and fields TABLE 203 Definition Format RX The number of octets or bytes that have been received by this port. One second periodic polling of the port. This value is saved and compared with the next polled value to compute net throughput. Note, for Fibre Channel, ordered sets are not included in the count.
I Database tables and fields TABLE 205 FCR_ROUTE Field Definition Format ID* Unique generated database identifier. int BB_FABRIC_ID Backbone fabric DB ID. int FCR_FABRIC_ID FID assigned to edge fabric. int SWITCH_WWN WWN of the router switch. varchar NR_PORT_ID Route parameter. int FCRP_COST Route parameter. int EX_PORT_WWN Ex_port WWN. varchar 128 Field Definition Format Size FEATURE_ID* ID used to uniquely identify the feature. int 6 NAME Name of the feature.
I Database tables and fields TABLE 209 Definition Format Size MANUFACTURER Manufacturer of the device, typically IBM. varchar 64 MANUFACTURER_PLANT Plant number where the device is manufactured. varchar 64 SEQUENCE_NUMBER Device sequence number. varchar 32 TAG FICON device property, e.g., 809a or 809b. varchar 16 FLAG FICON device property, e.g., 0x10 (hex). varchar 8 PARAMS FICON device property string, e.g., Valid channel port.
I Database tables and fields TABLE 212 FOUNDRY_DEVICE Field Definition Format DEVICE_ID Database ID of the DEVICE instance. int IMAGE_VERSION Firmware image version currently running in the device. varchar 128 PRODUCT_TYPE Product type of the device computed based on sysoid and version of main board. To get the main board version for devices, refer octet 28 of snChasMainBrdId MIB in foundry.mib.
I Database tables and fields TABLE 214 FOUNDRY_PHYSICAL_DEVICE (Continued) Field Definition Format Size SERIAL_NUMBER The serial number of the chassis. varchar 32 PRODUCT_TYPE Product type based on sysoid or architecture type and management module main board id. varchar 32 Size TABLE 215 FOUNDRY_PHYSICAL_PORT Field Definition Format PHYSICAL_PORT_ID Database ID of PHYSICAL_PORT instance. int CONNECTOR_TYPE The type of connector that the port offers.
I Database tables and fields TABLE 218 FRU (Continued) Field Definition Format Size PART_NUMBER provides the part number of the FRU element, requested by SMIA and values filled in by Switch Asset Collector.
I Database tables and fields TABLE 218 FRU (Continued) Field Definition Format CREATION_TIME provides the record creation time, standard columns for Management applciation and values filled in by Switch Asset Collector timestamp LAST_UPDATE_TIME provides the record creation time, standard columns for Management applciation and values filled in by Switch Asset Collector timestamp PREVIOUS_OP_STATUS provides the previous operational status of FRU element, requested by SMIA and values filled in b
I Database tables and fields TABLE 221 GIGE_PORT (Continued) Field Definition Format SPEED Port speed details. Default value is 0. bigint MAX_SPEED Port maximum speed supported. bigint MAC_ADDRESS MAC Address of that port. varchar 64 PORT_NAME GigE Port Name. varchar 64 OPERATIONAL_STATUS LED status. int LED_STATE LED status. smallint SPEED_LED_STATE GigE Port type details. smallint PORT_TYPE Port type for the GigE Port.
I Database tables and fields TABLE 223 Definition Format PORT_ID References the ID in SWITCH_PORT table. int CREATION_TIME The polling time. timestamp TX Transmit (TX) value in bytes. double precision RX Receive (RX) value in bytes. double precision TX_UTILIZATION Transmit utilization (TX%) value in percentage. double precision RX_UTILIZATION Receive utilization (RX%) value in percentage. double precision DROPPED_PACKETS Number of dropped packets.
Database tables and fields TABLE 227 I HBA Field Definition Format ID Unique generated database identifier. int HOST_ID ID of the Device Enclosure (Host) to which this HBA belongs to. int NAME User defined name of the HBA varchar 128 POWER_MODE Power mode of the HBA varchar 256 MODEL Model code of the HBA varchar 256 MODEL_DESCRIPTION Model description for the HBA varchar 256 OPERATING_STATUS Current operating status of the HBA: 1: Enabled/0: Disabled. The default value is 0.
I Database tables and fields TABLE 227 2106 HBA (Continued) Field Definition Format Size PCI_REG_NEG_LANE_COUNT The set number of PCI lanes that were initially negotiated. The default value is 8. int PCI_REG_GENERATION PCI generation varchar TRUSTED Denotes whether HBA is trusted by user or not. When the host first time discovered, all the HBAs will be trusted by default. If any HBA added later, then it will be in untrusted stated. 0 denotes untrusted and 1 is for trusted.
I Database tables and fields TABLE 227 HBA (Continued) Field Definition Format Size VPD_EXT_CAPABILITY EXT_CAPABILITY of the device varchar 256 VPD_OEM OEM details of the device varchar 256 VPD_OEM_INFO OEM related information of the device varchar 256 MAX_PCIF Maximum number of Pci functions. smallint CARD_MODE The mode that the card is operating on. smallint DRIVER_CARD_MODE It is the same as card type but uses new values applicable for 3.0 and later driver versions.
I Database tables and fields TABLE 229 HBA_PORT (Continued) Field Definition Format MISSING_TIME States the missing time of the this port. timestamp OPERATING_SPEED Operating speed of the hba port. The default value is 0.
I Database tables and fields TABLE 230 HBA_PORT_DETAIL (Continued) Field Definition Format BOOT_SPEED Boot speed for the port in Gbps. Possible values are 0 - AUTO_NEGOTIATE and 2, 4, 8, 16 Gbps. The default value is 0. int BOOT_TOPOLOGY Boot topology for the port. Possible values are 0 Point to Point , 1 - Loop. The default value is 1. int BOOTUP_DELAY On starting system how long system needs to wait for user action. Configured value ranges 0,1,2,5 and 10 minutes. Default value is 0.
I Database tables and fields TABLE 230 HBA_PORT_DETAIL (Continued) Field Definition Format Size RECIEVE_BUFFER_CREDIT Receiving buffer-to-buffer credits (BB_credits) for the port. varchar 64 TRANSMIT_BUFFER_CREDI T Transmitting buffer-to-buffer credits (BB_credits) for the port. varchar 64 FCSP_AUTH_STATE Indicates whether FC-SP authentication is on or off. The default value is 0. smallint FCSP_STATUS The status of FC-SP authentication. The default value is 'Disabled'.
I Database tables and fields TABLE 230 HBA_PORT_DETAIL (Continued) Field Definition Format Size FEC_STATE State of FEC. The FEC (Forward Error Correction) is an error recovery mechanism that allows the receiver of the corrupted frame to correct the error without referring back to the port which transmitted the frame. Supported on prowler card in FC mode. Applicable values are Online, Offline and Not Supported. Note : Not Supported on (PORT_MEDIA_MEZZANINE_CARD).
I Database tables and fields TABLE 232 HBA_PORT_FCOE_DETAILS (Continued) Field Definition Format MTU Maximum transmission unit in bytes of the FCoE port. Default - 2112, 0 - auto int PATH_TOV The value between 0 and 60 that specifies the time-out session.
I Database tables and fields TABLE 233 HBA_REMOTE_PORT (Continued) Field Definition Format Size STATE Indicates whether the device is online or offline. The default value is ‘Offline’. varchar 64 SUPPORTED_COS The types of classes that are supported on the remote port; for example, Class-3 varchar 32 DEVICE_TYPE The type of the device; for example, Disk or Tape. varchar 64 BIND_TYPE The persistent bind type. The default value is 0.
I Database tables and fields TABLE 233 HBA_REMOTE_PORT (Continued) Field TASK_RENTRY_IDENT_SUP PORT CONFIRMED_COMPLETION S_SUPPORT TABLE 234 Format The number of PRLI responses from the target to the initiator and begins when HBA Port starts FCP exchanges.Zero would mean unsupported and nonzero value implies supported. The default value is 0. int The number of confirmed completions on the remote port and begins when HBA Port starts FCP exchanges.
I Database tables and fields TABLE 235 HBA_TARGET (Continued) Field Definition Format TRUSTED Denotes whether target is trusted or not. 0 denotes untrusted and 1 is for trusted. smallint CREATION_TIME Creation time of the entry timestamp MISSING Flag to indicate if the remote LUN is missing. The default value is 0. smallint MISSING_TIME Time at which the LUN is marked missing. timestamp TARGET_ID The identifier of the target device as reported by each HBA port. The default value is 0.
I Database tables and fields TABLE 237 HOST_DISCOVERY_REQ_GROUP Field Definition Format ID Auto generated primary key int NAME Unique name for the host request. The default value is ‘ New Host Group'. varchar( Primary key from the host discovery options table. Points to the associated discovery options int Reflects the status of the request E.g. 0-> Completed, 1->Delete Pending. The default value is 0.
I Database tables and fields TABLE 240 INM_IP_INTERFACE (Continued) Field Definition SUBNET_MASK PRIMARY_IP TABLE 241 Format Size varchar 40 Indicates if the IP address is the primary IP address of the Interface. 1 - Primary 0 - Secondary.
I Database tables and fields TABLE 242 Field Definition Format ID Unique generated database identifier. serial DEPLOYMENT_ID Deployment configuration ID. Foreign Key for DEPLOYMENT table. int CLEAR_CONFIGURATION 1/0 corresponding to ''Clear Assignment'' / ''Assign Configuration'' for interface level configuration. smallint WRITE_TO_DEVICE 1/0 corresponding to Write to device/not write to device for outbound traffic. smallint BINDING_DIRECTION Represents the binding direction.
I Database tables and fields TABLE 245 IP_ROUTE (Continued) Field Definition Format Size NET_MASK Subnet Mask for the Route. varchar 64 GATEWAY Gateway for the Route. varchar 64 IP_ADDRESS IP Address created after ''”&”'' operation of gateway. varchar 64 METRIC Metric. int FLAG Flag. int CHECKSUM Check Sum. varchar GIGE_PORT_TYPE Whether the IP interface is created on a 10G cross port or not. Non-zero value denotes a cross port.
I Database tables and fields TABLE 248 Definition Format CREATION_TIME Creation time of the ISL record in the Management application database. timestamp MISSING Denotes whether ISL link is missing or not. • 0 denotes present • 1 states that ISL is missing smallint MISSING_TIME States the missing time of the this ISL. timestamp missing_reason The ISL disabled reason. For an ISL either one or both ends might have been disabled.
I Database tables and fields TABLE 249 ISL_CONNECTION Field Definition Format SOURCE_MASTER_PORT This column will hold the trunk master port for the source port, if the connection is trunked. For the master connection it will have its source por''s port number. For non-trunk connections it will have the default value -1. int TARGET_MASTER_PORT This column will hold the trunk master port for the target port, if the connection is trunked.
I Database tables and fields TABLE 251 Definition Format MISSING Denotes whether ISL trunk member is missing or not. 0 denotes present and 1 states that ISL trunk member is missing. smallint MISSING_TIME We could change this as "States the missing time of the this ISL trunk member. If the member is not missing then it will be null. timestamp TABLE 252 Size KEY_VAULT Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 254 L2_ACL_INTERFACE_DEPLOY_MAP (Continued) Field Definition Format OUTBOUND_L2_ACL_ID L2 Access control List ID of the L2 ACL selected for outbound. Foreign Key for L2_ACCESS_CONTROL_LIST table. int OUTBOUND_WRITE_TO_DEVICE 1/0 corresponding to Write to device/not write to device for outbound traffic.
I Database tables and fields TABLE 256 Definition Format Size MAC_ADDRESS MAC address of LAG(Port-Channel). varchar 64 IP_ADDRESS Primary IPAddress of the LAG varchar 128 NET_MASK Netmask of the Primary IPAddress of the LAG varchar 128 MINIMUM_LINKS Least number of operationally UP links to declare the port-channel UP. range 1..16. int MTU Maximum transmission unit in bytes. range 1522..9208. int LOAD_BALANCE Load balancing details.
I Database tables and fields TABLE 259 LAUNCH_IN_CONTEXT_MODULE (Continued) Field Definition Format READ_WRITE_ACCESS Specifies the read or write access privilege required to launch this dialog. 0 = no access is required to launch this dialog. 1 = At least the read-only access is required for the above privilege to launch this dialog. 2 = The read-write access is required for the above privilege to launch the dialog.
I Database tables and fields TABLE 260 LICENSE (Continued) Field Definition Format SUB_TYPE Sub Type of license: • 0 - Base, • 1 - Addon. The default value is 0. smallint VALID Is this license still considered: 0 - No, 1 - Yes. The default value is 1. smallint TABLE 261 • • LICENSE_DOWNGRADE_DETAILS Field Definition Format Size ID Primary key ID. PREVIOUS_LICENSE_INFO Previous License information during downgrade.
I Database tables and fields TABLE 264 LICENSED_FEATURE Field Definition Format ID* Unique generated database identifier. int NAME License feature name, a short text description. varchar 64 DESCRIPTION Optional detailed description about the license feature. varchar 256 TABLE 265 Size LINK Field Definition Format LINK_ID Unique database generated identifier. int TYPE Type of the link. Currently it is always U.
I Database tables and fields TABLE 268 Definition Format TAG_ENABLED Indicates whether the LSAN tag is enabled or not. Possible values are 0 -false, 1 - true. smallint ENFORCE_TAGS List of enforcement tags configured in FC router. Enforce tag reduces the resources used in an FC router by limiting the number of LSAN zones that will be enforced in that FC router. There can be maximum of 8 enforce tags per FC router. varchar 128 SPEED_TAGS Speed tag configured in FC router.
I Database tables and fields TABLE 272 LSAN_ZONE_MEMBER Field Definition Format LSAN_ZONE_ID* LSAN_ZONE record reference. int MEMBER_PORT_WWN* Zone member WWN. char 23 Field Definition Format Size MCT_CLIENT_ID MCT Client db ID. int RBRIDGE_ID MCT Client rbridge ID. int CLIENT_NAME MCT Client name. varchar PORT_ID MCT Client port foreign key. int OPER_STATE MCT Client operational state.
I Database tables and fields TABLE 278 Field Definition Format ID The primary key of the table. int HOST_TIME The time at which the server processed the event. timestamp CATEGORY The violations category. i.e. Port Health, Fabric Health, etc. int VIOLATION_TYPE The type of the violation. i.e. CRC, ITW. int MANAGED_ELEMENT_ID The managed element corresponding to this event. int ORIGIN_FABRIC_ID The fabric from which the event originated. Retaining this id as historical data.
I Database tables and fields TABLE 280 MAPS_EVENT_CAUSE_ACTION Field Definition Format VIOLATION_TYPE The type of the violation. i.e. CRC, ITW, as defined in MapsConstants. int ACTION Description of the recommended action for the MAPS violation. varchar 4096 Size TABLE 281 MAPS_POLICY Field Definition Format ID The primary key of the table. int VIRTUAL_SWITCH_ID The id of the virtual switch. int NAME The name of the MAPS policy.
I Database tables and fields TABLE 284 MODULE Field Definition Format MODULE_TYPE_ID Primary key for this table. int MODULE_TYPE Type of the module. NAME Name of the module configured in this device. DESCRIPTION Description of the module. varchar 128 NUM_PORTS Number of ports present in this module. num (4,0) TABLE_SUBTYPE Identifies the table name which more properties/attributes about this module stored. Possible value is FOUNDRY_MODULE.
I Database tables and fields TABLE 287 MPLS_ADMIN_GROUP Field Definition Format MPLS_ADMIN_GROUP_DB_ID Unique database generated identifier. int NAME The group name that this administrative group is associated with. varchar ID Identifies the administrative group. int DEVICE_ID Database ID of the DEVICE instance from which this admin group is retrieved.
I Database tables and fields TABLE 291 Field Definition Format MPLS_PATH_HOP_DB_ID Unique database generated identifier. int HOP_INDEX Index of the MPLS hop. int HOP_IP_ADDRESS The Tunnel Hop Address for this tunnel hop. varchar HOP_TYPE Denotes whether this tunnel hop is routed in a strict or loose fashion. Possible Values are Strict-1 and Loose-2. smallint MPLS_PATH_DB_ID Database ID of the MPLS_PATH Instance which this hop is part of.
Database tables and fields TABLE 292 I MPLS_RSVP_LSP (Continued) Field Definition Format Size IS_LSP_FOR_ISIS_SHORTCUTS_ ANNOUNCE Flag that indicates if the LSP is to be announced into ISIS domain. num (1,0) LSP_FOR_ISIS_SHORTCUTS_AN NOUNCE_METRIC If announced into ISIS domain metric used by the LSP. int TABLE 293 MPLS_RSVP_LSP_ACTUALLY_ROUTED_HOP Field Definition Format MPLS_RSVP_LSP_ACTUALLY_RO UTED_HOP_DB_ID Unique database generated identifier.
I Database tables and fields TABLE 296 Definition Format Size HOP_LIMIT Represents the limit for the number of hops the LSP can traverse. Accepted range is 0 - 255. num (3,0) IS_FACILITY_BACKUP Specifies whether the request for Facility backup is enabled or not. If the FRR mode is facility then this value will be 1. 0 otherwise. num (1,0) SETUP_PRIORITY The setup priority for MPLS Fast Reroute.Allowed range between 0-7. num (1,0) HOLD_PRIORITY 'The hold priority for MPLS Fast Reroute.
TABLE 297 Database tables and fields I Size MPLS_RSVP_LSP_PARAMETERS (Continued) Field Definition Format REOPTIMIZE_TIMER The number of seconds from the beginning of one reoptimization attempt to the beginning of the next attempt. Valid range is 300-65535 seconds. 0 is also accepted. int MPLS_LSP_DB_ID Database ID of the MPLS_RSVP_LSP instance which these parameters are associated with.
I Database tables and fields TABLE 300 Definition Format VLL_MODE Specifies the Virtual Local Loop (VLL) Mode. Possible values are Unknown-0, Raw-1 and Taggged-2. smallint STATUS Status of the MPLS Service. All Peers Up-1, All Peers Down-2, Some Peers Down-3, Undefined-0. smallint CONFLICTS The type of Conflict. Possible values are None-0, Name Mismatch-1, VLL Mode Mismatch-2, Peer Incomplete-4, No Endpoints-8, Peer Missing-16, Duplicate VCID-32, Unknown-65535.
I Database tables and fields TABLE 302 MPLS_SERVICE_ENDPOINT_RELATION (Continued) Field Definition Format TAG_TYPE The type of tagging supported. Possible values are Untagged-1, Dual-2 and Inner VLAN/ISID-3. ISID applicable only when dual tagging enabled for VPLS. smallint INNER_VLAN_ID This value indicates the inner tag for this endpoint. If tagging type is dual, then it returns the inner vlan id of the end point (VLL/VPLS). If tagging type is ISID and Untagged this value will be 0.
I Database tables and fields TABLE 305 2140 MRP_RING_DEVICE (Continued) Field Definition Format Size MRP_RING_NAME User configured name for the ring. varchar 255 TOPO_GRP_ID Topology group ID. int STATE Whether MRP is enabled or disabled on the device. Disabled-1, Enabled -2. smallint ROLE Represents role of device in MRP topology. Master-2, Member-3.
I Database tables and fields TABLE 306 N2F_PORT_MAP Field Definition Format ID* Unique generated database identifier. int VIRTUAL_SWITCH_ID Virtual switch ID of AG for N to F_port mapping, foreign key to VIRTUAL_SWITCH table. int N_PORT Port number of port type N_Port which is being mapped, One N_Port can be mapped to multiple F_ports. smallint F_PORT Port number of port type F_Port which is being mapped.
I Database tables and fields TABLE 310 Definition Format Size SRCPORT Comma separated list of source switch ports. varchar 1024 DSTPORT Comma separated list of destination switch ports. varchar 1024 BIDIR This specifies if traffic in both direction has to be monitored, where, 0 - false, 1 - true. smallint SFID Source fabric ID.
I Database tables and fields TABLE 311 NP_SUB_FLOW Field Definition Format FEATURE Feature this sub flow is associated with. Feature can be one of the following: Monitor - 0, Generator - 1, Mirror - 2 int SRCDEV Source device port. varchar 32 DSTDEV Destination device port. varchar 32 SRCPORT Switch Source port. varchar 32 DSTPORT Switch Destination port.
I Database tables and fields TABLE 314 Field Definition Format ID Unique generated database identifier. int WWN The Wwn of the phantom port. char VIRTUAL_SWITCH_ID The id of the phantom switch. int PORT_NUMBER The port number of the phantom port. The default value is -1. smallint PORT_ID The portId of the phantom port. The default value is 000000. varchar SPEED The speed of the phantom port. The default value is 0. int MAX_SPEED The max speed of the phantom port.
I Database tables and fields TABLE 316 PHYSICAL_INTERFACE Field Definition Format INTERFACE_ID Primary key for this table. int PHYSICAL_PORT_ID Foreign key which refers PHYSICAL_PORT table. int SPEED_IN_MB Interface speed in Mega Bytes. int PHYSICAL_ADDRESS MAC address of this interface. varchar LINK_ID Foreign key which refers LINK table. int DUPLEX_MODE Interface duplex mode. Full/Half/Auto.
I Database tables and fields TABLE 317 Field Definition Format PHYSICAL_PORT_ID Database unique generated identifier. int PORT_NUM Port number from interface identifier. smallint MODULE_ID Database ID of the module which this port is present. int IS_PORT_PRESENT This flag is to indicate whether the port is presented in the device. Unknown-0, Present-1 and Not present -2. smallint TABLE_SUBTYPE PHYSICAL_PORT table sub type.
I Database tables and fields TABLE 321 PM_DASHBOARD_WIDGET Field Definition Format DASHBOARD_WIDGET_ID Primary key column. int TIME_SCOPE Time in unit of seconds, for which the data has to be fetched from DB going back from now applicable for top N, distribution, and top Flow, time series. int REFRESHING_INTERVAL The widget refreshing interval in seconds, in 11.3 we will fix it at 600 (10 mins) and not expose it to user. int MONITOR_TYPE The widget refreshing interval in seconds, in 11.
I Database tables and fields TABLE 321 Definition Format LEVEL5_ENABLED Enable / disable the fifth threshold check. This value is applicable only for Top N, Top Flow widgets. Default is 0. smallint LEVEL5_VALUE Limit value for the fifth percentage band. In case of Top N, Top Flow widgets only three percentage band s are available. This value is not applicable. Default is 0. double precision LEVEL5_COLOR RGB color for the fifth percentage band.
I Database tables and fields TABLE 322 PM_DATA_COLLECTOR (Continued) Field Definition Format Size THRESHOLD_OP Stores the threshold operator value. varchar 10 REARM_OP Stores the rearm operator value. varchar 10 IS_REARM_ABS Whether or not the rearm. Default - 0. smallint THRESHOLD_SEVERITY The severity for the threshold event. smallint REARM_SEVERITY The severity for the rearm event. smallint IS_SYSTEM Indicates whether this is a system built in collector, user cannot delete it.
I Database tables and fields TABLE 326 Field Definition Format WIDGET_ID The id of the widget definition. int MEASURE_TYPE stores measure type id of the widget, a widget could map to multiple measure types. int TABLE 327 Size PM_WIDGET_MONITOR_TYPE Field Definition Format Type Primary key column. int NAME Storing the NAME of the monitor type. varchar 64 Size TABLE 328 Size PM_WIDGET_TARGET_ENTRY Field Definition Format WIDGET_ID The ID of the widget definition.
I Database tables and fields TABLE 331 PM_WIDGET_USER_ENTRY Field Definition Format WIDGET_ID The ID of the widget definition. int USER_ID ID of the user who is using the widget definition. int TABLE 332 POE_THRESHOLD Field Definition Format ID Unique generated database identifier. serial TYPE This field indicates if the threshold is defined for product and port level measure.
I Database tables and fields TABLE 334 Field Definition Format SWITCH_PORT_ID The database ID of the switch port that the configuration belongs to. int BOTTLENECK_DETECT _ENABLED Flag indicates if bottleneck detection is enabled or not. The default value is 0. smallint ALERTS_ENABLED Flag indicates if bottleneck detection alerts is enabled or not.The default value is -1. smallint CONGESTION_ THRESHOLD Value of bottleneck detection congestion threshold in percent. The default value is -1.
I Database tables and fields TABLE 336 PORT_COMMISSION_CIMOM_SERVER (Continued) Field Definition Format Size PASSWORD Password to be used for authenticating. Stored in encrypted format. varchar 512 STATUS Status before and after contacting the CIMOM Server. Possible values are 0 - OK, 1- Not Contacted Yet , 2 - Credentials Updated, 3 - Credentials Failed, 4 - Not Reachable. int LAST_CONTACTED_TIME Last time CIMOM server contacted.
I Database tables and fields TABLE 338 PORT_FENCING_POLICY_MAP (Continued) Field Definition Format Size SUB_LEVEL • • • char 23 NODE WWN of Node which policy assigned. char 23 Directly assigned or inherited from root level. 0 = Directly assigned 1 = Indirectly assigned smallint INHERITANCE TABLE 339 • • PORT_PROFILE Field Definition Format ID Auto generated id for the created profile int SWITCH_ME_ID Incase of a VCS discovery in M/C mode this is the cluster meid.
I Database tables and fields TABLE 341 PORT_PROFILE_MAC_MAP Field Definition Format ID Auto generated ID for the created profile int PROFILE_ID DB id of the port profile int MAC Mac address mapped to the port profile varchar 32 NAME User assigned name to the mac varchar 256 Size TABLE 342 Size PORT_PROFILE_QOS_MAP Field Definition Format ID Auto-generated ID for the created profile int PROFILE_ID DB ID of the port profile int DCB_MODE If the mode is dcb or non dcb.
I Database tables and fields TABLE 343 Definition Format COS2_RX RX setting for this cos field 0: NO 1: YES smallint COS6_TX TX setting for this cos field 0: NO 1: YES smallint COS6_RX RX setting for this cos field 0: NO 1: YES smallint COS7_TX TX setting for this cos field 0: NO 1: YES smallint COS7_RX RX setting for this cos field 0: NO 1: YES smallint TABLE 344 Size PORT_PROFILE_VLAN_MAP Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 345 PORT_VLAN (Continued) Field Definition Format PVLAN_TYPE pvlan_type value for vlan.0- Normal VLAN. The following are PVLAN Types applicable for NOS4.0 and above.1- Primary PVLAN, 2- Isolated secondary PVLAN, 3- Community secondary PVLAN. int PRIMARY_VLAN_ID Private VLAN domain is built with one primary VLAN and one or more secondary VLANs.
I Database tables and fields TABLE 348 Field Definition Format VLAN_DB_ID Database ID of the VLAN instance which is associated with the protocol. int PROTOCOL Protocol for VLAN. Possible values are 1-IP, 2-IPX, 3-AppleTalk, 4-DECnet, 5-NetBIOS, 6-Other and 7-IPv6. num (4,0) TABLE 349 Size QRTZ_BLOB_TRIGGERS Field Definition Format Size TRIGGER_NAME* Name of the trigger. varchar 80 TRIGGER_GROUP* Name of the trigger group. varchar 80 BLOB_DATA The Scheduler info.
I Database tables and fields TABLE 352 QRTZ_FIRED_TRIGGERS (Continued) Field Definition Format IS_STATEFUL Whether the job implements the interface StatefulJob. boolean REQUESTS_RECOVERY True or false. boolean TABLE 353 size QRTZ_JOB_DETAILS Field Definition Format Size JOB_NAME* Name of the job. varchar 80 JOB_GROUP* Name of the job group. varchar 80 DESCRIPTION Description of the job (optional). varchar 120 JOB_CLASS_NAME The instance of the job that will be executed.
I Database tables and fields TABLE 357 Definition Format Size CHECKIN_INTERVAL Repeat interval. num (13,0) RECOVERER Misfire instruction.
I Database tables and fields TABLE 362 RECOVERY_CARD_GROUP_MAPPING (Continued) Field Definition Format SMART_CARD_ID Foreign key reference to the SMART_CARD that is registered as a recovery card for the encryption group. int POSITION_ The position of the card within the recovery card set. 1 = first card, 2 = second card, etc. int Field Definition Format ID* Meta Data for available reports. int NAME Report name. varchar 128 DESCRIPTION Report type description.
I Database tables and fields TABLE 366 Field Definition Format RESOURCE_GROUP_ID* Resource group ID. int FABRIC_ID* Fabric ID, which is in the resource group. int TABLE 367 Size RESOURCE_GROUP Field Definition Format ID* Unique generated database identifier. int NAME Resource group name. varchar 128 DESCRIPTION Resource group description.
I Database tables and fields TABLE 371 SAN Field Definition Format ID* Unique generated database identifier. int NAME Name of this SAN. varchar 256 CONTACT Contact person for this SAN. varchar 256 LOCATION Location of this SAN. varchar 256 DESCRIPTION Description. varchar 256 STATS_COLLECTION 1 = statistics collection is enabled; otherwise, 0. Default value is 0. smallint CREATION_TIME time at which this record was created. Default value is ’now()’.
I Database tables and fields TABLE 373 Field Definition Format ID Unique generated database identifier. int HOST The FQDN or the ip address of the host varchar 256 DOMAIN The domain of the SCOM server host varchar 256 USER_NAME The domain user to login into the SCOM Server varchar 64 PASSWORD The password to login into the SCOM Server varchar 64 VERSION The version of SCOM. Default is 6.1.7221.0 which is SCOM 2007 R2. The default value is '6.1.7221.0' .
I Database tables and fields TABLE 375 SELECTED_FLYOVER_PROPERTY (Continued) Field Definition Format Size USER_NAME* The name of the user who selected the property to be shown on flyover. varchar 128 POSITION_ The user preferred position of the selected flyover property. int Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 376 Definition Format LAST_UPDATE_TIME provides the record last updated time, standard columns for Management applciation and values filled in by Switch Asset Collector timestamp FRU_TYPE provides the type of the sensor, requested by SMIA and values filled in by Switch Asset Collector will be available only from FOS 6.4 switches and above. The values represents FAN,PS, SLOT etc. The default value is -1.
I Database tables and fields TABLE 378 SFLOW_HOUR_SUMMARY Field Definition Format SRC_MAC MAC address of the source in the received sFlow packet. byte DEST_MAC MAC address of the destination in the received sFlow packet. byte L3_SRC_ADDR L3 address of the source in the received sFlow packet. byte L3_DEST_ADDR L3 address of the destination in the received sFlow packet. byte L3_PROTOCOL L3 protocol value in the received sFlow packet. For example, ARP.
I Database tables and fields TABLE 378 Definition IN_PORT_TYPE This column is used to store the port type of the smallint incoming traffic interface. For VCS switch the value of • 0 means its edge port. • 1 means its trill port. For other devices Default value is 0. OUT_PORT_TYPE smallint This column is used to store the port type of the outgoing traffic interface. For VCS switch the value of • 0 means its edge port. • 1 means its trill port. For other devices Default value is 0.
I Database tables and fields TABLE 380 SFLOW_MINUTE_BGP (Continued) Field Definition Format IN_PORT_TYPE Port type of the incoming traffic interface. For VCS member the value of, • 0 means its edge port. • 1 means its fabric port. For other devices Default value is 0. smallint OUT_PORT_TYPE Port type of the outgoing traffic interface. For VCS member the value of, • 0 means its edge port • 1 means its fabric port. For other devices Default value is 0.
I Database tables and fields TABLE 382 Definition Format SRC_MAC MAC address of the Source in the received sFlow packet. bytea DEST_MAC MAC address of the destination in the received sFlow packet. bytea TABLE 383 Definition Format MAX_SLNUM Maximum row count. bigint Size SFLOW_MINUTE_MAC Field Definition Format SLNUM This column is used to store a counter value to identify the total row count. bigserial TIME_IN_SECONDS Data collection time in seconds.
I Database tables and fields TABLE 386 SFLOW_MINUTE_SUMMARY Field Definition Format SLNUM This column is used to store a counter value to identify the total row count. bigserial TIME_IN_SECONDS Data collection time in seconds. int DEVICE_ID ID of the product which sends the sflow traffic. int FRAMES Number of frames transmitted through the sflow sample collected. bigint BYTES Number of bytes transmitted through the sflow sample collected.
I Database tables and fields TABLE 388 Field Definition Format MAX_SLNUM Maximum row count. bigint TABLE 389 Definition Format SFLOW_REPORT_L3_SOURCE_ID Primary key autogenerated ID. int REPORT_DEFINITION_ID Report definition ID. int ADDRESS_GROUP_ID ACL network group IDs mapped with a report definition. int IP_SUBNET_DEFINITION_ID Subnet IDs mapped with a Report definition.
I Database tables and fields TABLE 391 SFLOW_STAGING (Continued) Field Definition Format L3_SRC_ADDR L3 address of the source in the received sFlow packet. bytea L3_DEST_ADDR L3 address of the destination in the received sFlow packet. bytea L3_PROTOCOL L3 protocol value in the received sFlow packet. For example, ARP. int IP_TOS Type of service ID in the received sFlow packet. smallint L4_PROTOCOL L4 protocol value in the received sFlow packet. For example, IGP.
I Database tables and fields TABLE 392 SFLOW_STAGING_SLNUM Field Definition Format MIN_SLNUM Maximum row count. bigint Definition Format TABLE 393 SLOT Field Size SLOT_ID int PHYSICAL_DEVICE_ID int CORE_SWITCH_ID int SLOT_NUM num (4,0) Size TABLE 394 2174 Size SMART_CARD Field Definition Format ID Unique generated database identifier. int CARD_TYPE Indicates how this smart card is configured: 0 = authorization card. The default value is 0.
I Database tables and fields TABLE 395 SMIA_SAN_NAME Field Definition Format Size NAME 'This will be the principal switch WWN of the fabric.'; varchar 24 ELEMENT_NAME User friendly name to identify the SAN varchar 32 IS_PRIMARY_FABRIC This value will indicate whether principal switch WWN has primary ownership or not. In case of simple FC fabric, the value will be always 1.
I Database tables and fields TABLE 397 Definition Format Size WRITE_COMMUNITY_ STRING The SNMP Write-Only Community String is like a password. It is sent along with each SNMP Set-Request and allows (or denies) access to a device. The default value is "private". This is applicable if the agent is configured to operate in SNMPv1. varchar 64 USER_NAME A human readable string representing the name of the user. This is applicable if the agent is configured to operate in SNMPv3.
I Database tables and fields TABLE 398 SNMP_DATA (Continued) Field Definition Format COLLECTOR_ID Correspoding collector table ID. int MIB_INDEX Index value for a MIB varaible. For scalar value it will be empty. varchar 256 Size TABLE 399 Size SNMP_DATA_1DAY Field Definition Format ID Primary key autogenerated ID. int MIB_OBJECT_ID The DB ID of MIB_OBJECT.
I Database tables and fields TABLE 401 SNMP_DATA_30MIN (Continued) Field Definition Format VALUE Value collected by the engine double precision TIME_IN_SECONDS Time at which collection occured in seconds int COLLECTOR_ID DB Id of the collector object used for collection int MIB_INDEX MIB index used for collection if applicable char 256 Size TABLE 402 SNMP_EXPR_DATA Field Definition Format ID Primary key column. serial EXPRESSION_ID MIB object ID.
I Database tables and fields TABLE 404 SNMP_EXPR_DATA_2HOUR (Continued) Field Definition Format TARGET_TYPE smallint TARGET_ID int VALUE double precision TIME_IN_SECONDS int COLLECTOR_ID int TABLE 405 SNMP_EXPR_DATA_30MIN Field Definition Format ID Primary key autogenerated ID int EXPRESSION_ID DB ID of the expression object used for collection int TARGET_TYPE Target/Source type can be device:0 or interface/ports:1' smallint TARGET_ID DB Id of the target which can be device o
I Database tables and fields TABLE 407 2180 SNMP_PROFILE (Continued) Field Definition Format Size RETRY_COUNT Number of times to retry if get/set request to the SNMP agent times out. Default value is 3. smallint TIMEOUT Timeout value in seconds before for a get/set request to the SNMP agent. Default value is 5. smallint VERSION SNMP agent version running on the switch as in SNMPv1 and SNMPv3 varchar 6 READ_COMMUNITY_STRING The SNMP Read-Only Community String is like a password.
I Database tables and fields TABLE 408 SOURCE_OBJECT_TYPE Field Definition Format ID* Unique generated database identifier. int TYPE_NAME Type of the object to which the event applies, such as Fabric, Switch or Port. char 64 DESCRIPTION Description of the object varchar 255 Size TABLE 409 SSL_CERTIFICATE_VIP_SERVER_MAP Field Definition Format SSL_CERTIFICATE_ID Foreign key to SSL_CERTIFICATE_ID in ssl_certificate table int VIP_SERVER_ID The column holds ID of VIP Server.
I Database tables and fields TABLE 411 STATS_AGING (Continued) Field Definition Format POLICY_TYPE The type of the aging ploicy. • 100 - Default aging (1 day 5 mins samples, 3 days 30 mins samples,7 days 2 hrs sample and 2 years 1 day samples) • 101 - 5 mins to 1 day aging(8 days 5 mins samples and 90 days of 1 day samples) smallint ACTIVE The active state of the policy.
I Database tables and fields TABLE 414 SWITCH_BOTTLENECK_CONFIG Field Definition Format LATENCY_SEVERITY The factor by which throughput must drop in a second in order for that second to be considered affected by latency bottlenecking. Range (1 to 1000). int LATENCY_TIME The minimum fraction of a second that must be affected by latency in order for that second to be considered affected by latency bottlenecking. Range (0 to 1).
I Database tables and fields TABLE 417 Definition Format Size PRODUCT_FAMILY This represents the product family that each OID belongs to. varchar 128 BRIEF_PRODUCT_FAMILY Shorter name for the product family. varchar 32 SPEED Switch max speed. Value 0 represents NotAvailable. smallint MULTI_CP_CAPABLE Switch is multi cp cabable or not. 0 means single CP and 1 means multi. smallint MIN_IMAGE_VERSION Supported min firmware version.
I Database tables and fields TABLE 418 SWITCH_PORT (Continued) Field Definition Format Size LOCKED_PORT_TYPE Indicates the locked port type of the port. Ports can be locked down so that they can come up only in that mode. varchar 16 CATEGORY Denotes the category of the switch. 1 denotes FC port and 2 denotes gige port. smallint PROTOCOL The protocol used by the port. FC, FCIP etc. varchar 16 SPEED Actual speed at which the port is currently operating.
I Database tables and fields TABLE 418 2186 SWITCH_PORT (Continued) Field Definition Format Size RATE_LIMITED Denotes if the port has Rate Limiting Enabled. smallint QOS_CAPABLE Indicates if the port is QOS capable. smallint QOS_ENABLED Indicates if the port is QOS enabled. smallint TUNNEL_CONFIGURED Denotes if the port has a fcip tunnel configured. smallint FCIP_TUNNEL_UP Denotes if the fcip tunnel that is configured is up. smallint FCR_FABRIC_ID Stores the FCR fabric ID.
I Database tables and fields TABLE 418 SWITCH_PORT (Continued) Field Definition Format LATENCY_DETECT_SUPPOR TED Whether the port supports latency detection. 1 means true and 0 means false smallint PREVIOUS_STATE Fields copies the old state of the port . The field could be used to track the state change information for the switch port . SwitchAssetCollector sets this field during the collection time.
I Database tables and fields TABLE 418 Definition Format FEATURES_ACTIVE Holds as a bit mask the features that are active. Please note that this is different from the enabled value which is found in the FEATURES_ENABLED column. Each bit would represent features like Encryption, compression etc. The bit mask and their corresponding Features are defined as an enum in the domain model class - SwitchPort.java. int DISABLED_REASON The Switch Port disabled reason.
I Database tables and fields TABLE 422 TARGET_TYPE Field Definition Format ID Unique generated database identifier. serial TYPE Type of the target device. Some possible values are • Switch • Device • Port • Host • Port Group • Product Group • VLAN • Fabric varchar 64 Size TABLE 423 Size THIRD_PARTY_DEVICE Field Definition Format DEVICE_ID Primary key for this table. int DEVICE_TYPE Type of the third party device.
I Database tables and fields TABLE 425 Definition Format ME_ID ME_ID of the target. int VALUE 30 mins aggregated data. double precision TABLE 426 Definition Format TIME_IN_SECONDS Time when the record is inserted. int TARGET_TYPE Target type of the PM collector data. For device level collector the target type is 0, for port level it is 1. smallint MEASURE_ID ID of the measure. int TARGET_ID Target ID of the PM collector data.
I Database tables and fields TABLE 428 TIME_SERIES_DATA_30MIN Field Definition Format TARGET_ID Target ID of the PM collector data. For device level collector it will use deviceId, for port level it will use interfaceId. int COLLECTOR_ID ID of the data_collector. int MEASURE_INDEX Stores the index_map value in case of an expression. varchar ME_ID ME_ID of the target. int VALUE 30 mins aggregated data.
I Database tables and fields TABLE 430 Field Definition Format TIME_IN_SECONDS Time when value of the measure retrieved from the corresponding target. int TARGET_TYPE Target type of the PM collector data. For IP_DEVICE(0), IP_PORT(1), IP_TRUNK(2), FOS_DEVICE(3), FC_PORT(4), GE_PORT(5), TE_PORT(6), HBA_PORT(7), CNA_PORT(8), VIRTUAL_FCOE_PORT(9), FCIP_TUNNEL(10), EE_MONITOR(11), IP_DEVICE_GROUP(12), IP_PORT_GROUP(13), VIRTUAL_GROUP(14), TRILL_TRUNK(15), ALL_SAN_PRODUCTS(16).
I Database tables and fields TABLE 431 TIME_SERIES_DATA_1_2HOUR (Continued) Field Definition Format VALUE Stores the 2 hours aggregated data. double precision MIN_VALUE Minimum value in 30 min table while aggregating 2 hours of data. double precision MAX_VALUE Maximum value in 30 min table while aggregating 2 hours of data.
I Database tables and fields TABLE 433 Field Definition Format TIME_IN_SECONDS Time when value of the measure retrieved from the corresponding target. int TARGET_TYPE Target type of the PM collector data. For IP_DEVICE(0), IP_PORT(1), IP_TRUNK(2), FOS_DEVICE(3), FC_PORT(4), GE_PORT(5), TE_PORT(6), HBA_PORT(7), CNA_PORT(8), VIRTUAL_FCOE_PORT(9), FCIP_TUNNEL(10), EE_MONITOR(11), IP_DEVICE_GROUP(12), IP_PORT_GROUP(13), VIRTUAL_GROUP(14), TRILL_TRUNK(15), ALL_SAN_PRODUCTS(16).
I Database tables and fields TABLE 434 TIME_SERIES_DATA_2_1DAY (Continued) Field Definition Format VALUE Stores One day aggregated data. double precision MIN_VALUE Minimum value in 2 hour table while aggregating 1 day data. double precision MAX_VALUE Maximum value in 2 hour table while aggregating 1 day data. double precision TABLE 435 Size TIME_SERIES_DATA_2_2HOUR Field Definition Format TIME_IN_SECONDS Time when value of the measure retrieved from the corresponding target.
I Database tables and fields TABLE 436 Field Definition Format TIME_IN_SECONDS Time when value of the measure retrieved from the corresponding target. int TARGET_TYPE Target type of the PM collector data. For IP_DEVICE(0), IP_PORT(1), IP_TRUNK(2), FOS_DEVICE(3), FC_PORT(4), GE_PORT(5), TE_PORT(6), HBA_PORT(7), CNA_PORT(8), VIRTUAL_FCOE_PORT(9), FCIP_TUNNEL(10), EE_MONITOR(11), IP_DEVICE_GROUP(12), IP_PORT_GROUP(13), VIRTUAL_GROUP(14), TRILL_TRUNK(15), ALL_SAN_PRODUCTS(16).
I Database tables and fields TABLE 437 TIME_SERIES_DATA_3 (Continued) Field Definition Format VALUE Stores the raw data received from the device. double precision SUM_VALUE Named after SUM_VALUE to be consistent with column names in aggregated data tables.Stores the delta changes for counter values between two samples, only used for counter values, 0 for all other types of measures.
I Database tables and fields TABLE 439 Definition Format TARGET_ID Target ID of the PM collector data. For device level collector it will use deviceId/virtualSwitchId, for port level it will use interfaceId/switchPortId/ fcipTunnelId/devicePortId. int COLLECTOR_ID DB ID of the pm_data_collector. int MEASURE_INDEX Stores the index_map value in case of an expression. varchar ME_ID ME_ID of the target. int VALUE Stores the 2 hours aggregated data.
I Database tables and fields TABLE 441 TIME_SERIES_DATA_4 Field Definition Format TIME_IN_SECONDS Time when value of the measure retrieved from the corresponding target. int TARGET_TYPE Target type of the PM collector data. smallint MEASURE_ID ID of the measure (MIB/Expression). int TARGET_ID Target ID of the PM collector data. For device level collector it will use deviceId/virtualSwitchId, for port level it will use interfaceId/switchPortId/ fcipTunnelId/devicePortId.
I Database tables and fields TABLE 442 Definition Format MAX_VALUE Maximum value in 2 hour table while aggregating 1 day data. double precision SUM_VALUE Named after SUM_VALUE to be consistent with column names in aggregated data tables.Stores the delta changes for counter values between two samples, only used for counter values, 0 for all other types of measures.
I Database tables and fields TABLE 444 TIME_SERIES_DATA_4_30MIN (Continued) Field Definition Format TARGET_ID Target ID of the PM collector data. For device level collector it will use deviceId/virtualSwitchId, for port level it will use interfaceId/switchPortId/ fcipTunnelId/devicePortId. int COLLECTOR_ID DB ID of the pm_data_collector. int MEASURE_INDEX Stores the index_map value in case of an expression. varchar ME_ID ME_ID of the target.
I Database tables and fields TABLE 448 TRILL Field Definition Format ID Unique generated database identifier. int CLUSTER_ME_ID The Management Element ID of the VCS Cluster in the VirtualSwitch int SOURCE_ME_ID The Management Element ID of the source VirtualSwitch. int SOURCE_DOMAIN_ID The source vcs member id int SOURCE_PORT The source port number as retrieved from the switch.
I Database tables and fields TABLE 451 TRUNK_GROUP_INTERFACE Field Definition INTERFACE_ID Size int VLAG TABLE 452 Format Specifies whether the lag is a vlag or not smallint TRUNK_GROUP_MEMBER Field Definition Format TRUNK_GROUP_MEMBER_I D Primary key for this table. int INTERFACE_ID Foreign key which refers INTERACE table. int TRUNK_INTERFACE_ID Foreign key which refers TRUNK_GROUP_INTERACE table. int Field Definition Format ID * Unique generated database identifier.
I Database tables and fields TABLE 453 Definition Format Size IP_PRODUCT_LOGIN_NAME User CLI credential login user name. varchar 256 IP_PRODUCT_LOGIN_PASS WORD User CLI credential login password. varchar 768 IP_PRODUCT_ENABLE_USE R_NAME User CLI credential enable user name. varchar 256 IP_PRODUCT_ENABLE_PAS SWORD User CLI credential enable password. varchar 768 TABLE 454 USER_DEFINED_DEVICE_DETAIL Field Definition Format Size WWN WWN of the device.
I Database tables and fields TABLE 456 USERDEFINED_NETWORK_SCOPE_MEMBERSHIP Field Definition Format PRODUCT_ME_ID Foreign Key MANAGED_ELEMENT.ID. The ME ID of the device in the membership. This can be null if user does not include Switch in his custom membership. int SWITCH_PORT_ID Foreign Key SWITCH_PORT.ID. The ID of the switch Port in the membership. This can be null if user does not include Switch Port in his custom membership. int INTERFACE_ID Foreign Key INTERFACE. INTERFACE_ID.
I Database tables and fields TABLE 461 V_PORT_DETAIL Field Definition Format DEVICE_PORT_ID Primary key from the owner device port table. int STATE Flag to indicate whether port is online or offline varchar 32 FCP_INITIATOR The role of the virtual port; for example, FCP Initiator varchar 256 SWITCH_IP IP of the switch, the V port is connected to varchar 128 VF_ID VF ID for the V port smallint Field Definition Format VCN_ICL_ID Virtual Cluster Node ICL DB ID.
I Database tables and fields TABLE 464 VCN_PEER Field Definition Format VCN_PEER_ID Virtual Cluster Node Peer db id. int IP_ADDRESS Peer ip address. varchar RBRIDGE_ID Peer rbridge id. int ICL_NAME Cluster ICL name used for this peer. varchar Cluster Peer fast failover state: Disabled(0) Enabled(1). smallint KEEP_ALIVE_INTERVAL Cluster Peer keep alive interval in seconds. INET HOLD_TIME Cluster Peer hold time in seconds.
I Database tables and fields TABLE 466 VIP_SERVER Field Definition Format ID Primary Key field for the VIP_SERVER int TYPE Even Policy Type smallint • • Size 0? Virtual Server 1 ? Real Server DEVICE_ID This is the foreign key reference key to the Device Table int IP_ADDRESS The IP Address for the Virtual Server or Real Server varchar 128 NAME The Name of Virtual Server or Real Server varchar 256 TABLE 467 VIP_SERVER_BINDING Field Definition Format ID Primary Key field for th
I Database tables and fields TABLE 468 VIRTUAL_FCOE_PORT (Continued) Field Definition Format DEVICE_COUNT The number of devices associated with this Virtual FCoE Port. The default value is 0. smallint PEER_MAC The Peer FCF MAC if this Virtual FCoE Port is a FCoE VE-port varchar TABLE 469 Size VIRTUAL_FCOE_PORT_MAC_MEMBER Field Definition Format VIRTUAL_FCOE_PORT_ID The unique id of virtual fcoe port the member belongs to int MAC_ADDRESS Mac address of member.
I Database tables and fields TABLE 470 Definition Format INVALID_TX Invalid transmissions double precision CRC_ERRORS Cyclic Redundancy check error double precision TABLE 471 2210 VIRTUAL_FCOE_PORT_STAT (Continued) Field Size VIRTUAL_FCOE_PORT_STAT_2HR Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 471 VIRTUAL_FCOE_PORT_STAT_2HR (Continued) Field Definition DATA_GAPS_5MIN DATA_GAPS_30MIN TABLE 472 Format Size smallint Data gap in 30 minutes table smallint VIRTUAL_FCOE_PORT_STAT_30M Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 473 VIRTUAL_PORT_WWN_DETAILS Field Definition ID Unique generated database identifier. SWITCH_ID If the VPWWN is constructed based on AG Node WWN and AG_Port_Index then this is id of connected switch. int SWITCH_PORT_NUMBER If the VPWWN is configured for AG , this value will have the default value(-1). smallint AG_NODE_WWN If the VPWWN is configured for Switch Port , this value will have the default value.
I Database tables and fields TABLE 474 VIRTUAL_SWITCH (Continued) Field Definition Format Stores the switch capability for Admin domain. 1 is capable 0 is not capable. smallint FABRIC_IDID_MODE Denotes if Insistent Domain ID mode is enabled. smallint OPERATIONAL_STATUS Stores the operational status of the switch. varchar MAX_ZONE_CONFIG_SIZE Denotes the maximum supported zone DB size in bytes. int CREATION_TIME Creation time of the record.
I Database tables and fields TABLE 474 VIRTUAL_SWITCH (Continued) Field Definition Format L3_CAPABLE If the switch supports L3. smallint LF_ENABLED Logical Fabric Enabled/Disabled for a Virtual Switch. Default value is 0. smallint DEFAULT_LOGICAL_SWITCH Check to see whether virtual switch is a default logical switch or not. 1 is true and 0 is false. Default value is 0. smallint FEATURES_SUPPORTED Contains the features supported as a bit mask. Default value is 0.
I Database tables and fields TABLE 474 VIRTUAL_SWITCH (Continued) Field Definition Format MAX_FCIP_TUNNELS The maximun number of tunnels that can be created in this switch,-1 means not supported. Default value is -1. int MAX_FCIP_CIRCUITS The maximun number of circuits that can be created in this switch, -1 means not supported. Default value is -1. int FCIP_LICENSED FCIP Advanced Extension Licensing is available. 1 means licensed and 0 means not licensed, -1 means not supported.
I Database tables and fields TABLE 474 Definition CLUSTER_TYPE smallint This column is used to determine whether VCS is in Fabric Cluster or Management Cluster. The values will be populated by the VCS collector during the discovery of the VCS switch. The default value of -1 means that its a non VCS device. Following are the values and their enums UNKNOWN("vcs-unknown-cluster"), STAND_ALONE("vcs-stand-alone"), FABRIC_CLUSTER("vcs-fabric-cluster"), MANAGEMENT_CLUSTER("vcs-management-cluster").
I Database tables and fields TABLE 478 VLAN Field Definition Format VLAN_DB_ID Unique database generated identifier. int DEVICE_ID Database ID of the DEVICE instance which is associated with the vlan. int NAME Name for vlan. varchar 32 TABLE_SUBTYPE Table subtype possible value is VLAN.
I Database tables and fields TABLE 484 Field Definition Format MPLS_SERVICE_DEVICE_RELATI ON_DB_ID Database ID inherited from MPLS_SERVICE_DEVICE_RELATION. int VLL_DEVICE_RELATION.VLL_MO DE Represents the VLL mode. Possible values are Unknown-0, Raw-1 and Taggged-2. int TABLE 485 Size VLL_ENDPOINT_RELATION Field Definition Format MPLS_SERVICE_ENDPOINT_REL ATION_DB_ID Database ID inherited from MPLS_SERVICE_ENDPOINT_RELATION.
I Database tables and fields TABLE 486 VMOTION_EVENT (Continued) Field Definition Format Size VCENTER_HOST The FQDN or the ip address of the vcenter. varchar 256 VNIC_MACS Comma separated vnic mac addresses. varchar 256 START_TIME Start time of the vmotion event. timestamp END_TIME End time of the vmotion event, could be null cause of a failed vmotion. timestamp STATUS VMotion event status. 0 = info, 1 = warning, 2 = failed.
I Database tables and fields TABLE 489 Field Definition Format ID Primary key. int DATACENTER_ID Foreign to vm_data_center. int NAME Name of the datastore. varchar ACCESSIBLE The connectivity status of this datastore. If this is set to false, meaning the datastore is not accessible, this datastores capacity and freespace properties cannot be validated. 0 = no 1 = yes. smallint STATUS Status of the datastore could be normal, enteringMaintenance, inMaintenance.
I Database tables and fields TABLE 490 VM_DV_PORT (Continued) Field Definition Format CONFLICT Whether the port is a conflict port. A port could be marked as conflict if an entity is discovered connecting to a port that is already occupied, or if the port is created by the host without conferring with Virtual Center Server. A conflict port will not have its runtime state persisted and the port can''t move away from the host, i.
I Database tables and fields TABLE 491 Definition Format Size DESCRIPTION A description string of the portgroup varchar 256 UPLINK_PORT_GROUP Whether this portgroup is an uplink portgroup smallint KEY The key for the port group varchar MOR_ID The managed object reference number assigned by the hypervisor int TABLE 492 2222 VM_DV_PORT_GROUP (Continued) Field 64 VM_DV_SWITCH Field Definition Format ID Unique generated database identifier.
I Database tables and fields TABLE 492 VM_DV_SWITCH (Continued) Field Definition Format DVS_OPER_SUPPORTED Whether this switch allow Virtual Center users to modify DVS configuration at switch level, except for host memeber, policy and scope operations smallint CREATION_TIME The create time of the switch timestamp UPLINK_PORT_NAME The uniform name of uplink ports on each host varchar VM_DATA_CENTER_ID A foreign key referencing VM_DATACENTER table instance to which this host is associated wit
I Database tables and fields TABLE 494 VM_FC_HBA (Continued) Field Definition Format The type of the fiber channel port. One of : Fabric Loop Point to point Unknown smallint SPEED The current operating speed of the adapter in bits per second.
I Database tables and fields TABLE 496 VM_HOST (Continued) Field Definition Format Size CPU_TYPE Text summary of CPU hardware, such as: Intel(R) Xeon(TM) CPU 2.6 GHz varchar 64 CPU_RESOURCES Text summary of CPU resources, such as "20 GHz total, 15 GHz reserved". May be a different format for different VM vendors varchar 64 MEM_RESOURCES Text summary of memory resources, such as "7 GB total, 5 GB reserved".
I Database tables and fields TABLE 498 Definition Format Size DVS_NAME The name of the DistributedVirtualSwitch that the HostProxySwitch is part of varchar 256 DVS_UUID The uuid of the DistributedVirtualSwitch that the HostProxySwitch is a part of varchar 256 KEY_ The proxy switch key varchar 256 NUM_PORTS The number of ports that this switch currently has int NUM_PORTS_AVAILABLE The number of ports that are available on this virtual switch int UPLINK_PORT_NAMES varchar 256 Size T
I Database tables and fields TABLE 500 VM_HOST_VIRTUAL_NIC (Continued) Field Definition Format VM_DV_PORT_ID Foreign key to the vm_dv_port table. DV Port with which this vmknic is associated int MTU The MTU of the port int VM_HOST_ID FOREIGN KEY to the vm_host table int MOR_ID The managed object reference number assigned by the hypervisor int PORT_GROUP_KEY The key for the port group varchar BINARY_MAC MAC address in binary format. bytea BINARY_IP IP address in binary format.
I Database tables and fields TABLE 502 Definition Format REVERSE_POLICY The flag to indicate whether or not the teaming policy is applied to inbound frames as well. For example, if the policy is explicit failover, a broadcast request goes through uplink1 and comes back through uplink2. Then if the reverse policy is set, the frame is dropped when it is received from uplink2. This reverse policy is useful to prevent the virtual machine from getting reflections.
I Database tables and fields TABLE 503 VM_PATH (Continued) Field Definition Format FABRIC_ID Identifies the fabric that contains this path. Not a foreign key reference. Copied here for convenience. Determined by locating the HBA port WWN or target port WWN in the DEVICE_PORT table. Zero if the fabric is not managed. The default value is 0. int HBA_PORT The HBAs physical port WWN for this path char 23 VM_PORT_WWN The initiator port WWN used by the VM.
I Database tables and fields TABLE 504 Definition Format DUPLEX The flag to indicate whether or not the link is capable of full-duplex ("true") or only half-duplex ("false"). smallint MAC_ADDRESS The media access control (MAC) address of the physical network adapter. varchar 17 PCI Device hash of the PCI device corresponding to this physical network adapter. varchar 256 WAKE_ON_LAN_SUPPO RTED Flag indicating whether the NIC is wake-on-LAN capable. 0 - false, 1 - true.
I Database tables and fields TABLE 506 VM_STANDARD_VIRTUAL_SWITCH Field Definition Format ID Unique generated database identifier. serial NAME The name of the virtual switch. varchar PORTS_COUNT The number of ports that this virtual switch currently has. int PORTS_AVAILABLE The number of ports that are available on this virtual switch. int MTU The maximum transmission unit (MTU) associated with this virtual switch in bytes.
I Database tables and fields TABLE 508 Definition Format VM_STANDARD_VIRTUA L__SWITCH_ID Foreign Key to the vm_standard_virtual_switch table. The standard virtual swtich on which this port group exists. int MOR_ID The managed object reference number assigned by the hypervisor. int TABLE 509 2232 VM_STD_VSWITCH_PORT_GROUP (Continued) Field Size VM_STORAGE Field Definition Format Size ID Uniquely identifies this LUN. serial HOST_ID Identifies the server that accesses this LUN.
I Database tables and fields TABLE 510 VM_STORAGE_HBA_REMOTE_PORT_MAP Field Definition Format VM_STORAGE_ID A foreign key referencing VM_STORAGE (ID). int HBA_REMOTE_PORT_ID A foreign key referencing HBA_REMOTE_PORT (ID). int TABLE 511 VM_TRAFFIC_SHAPING_POLICY Field Definition Format ID Unique generated database identifier. serial ENABLED 'The flag to indicate whether or not traffic shaper is enabled on the port.
I Database tables and fields TABLE 512 VM_VCENTER (Continued) Field Format Size MANAGED_ELEMENT_ID A foreign key referencing MANAGED_ELEMENT(ID). int FAULT_MONITORING_ST ATE Flag to indicate whether fault monitoring is registered or not for a VM Host. Possible values are: 1.Not registered 2.Registered (Default) smallint NAME The name of the VCenter. varchar 64 UUID Unique identifier for vCenter server instance.
I Database tables and fields TABLE 514 VM_VIRTUAL_ETHERNET_ADAPTER (Continued) Field Definition Format ADDRESS_TYPE MAC address type. Valid values for address type are: • Manual • Statically assigned MAC address. • Generated • Automatically generated MAC address. • Assigned • MAC address assigned by VirtualCenter. smallint MAC_ADDRESS MAC address assigned to the virtual network adapter. Clients can set this property to any of the allowed address types.
I Database tables and fields TABLE 515 VM_VIRTUAL_MACHINE Field Definition Format ID Uniquely identifies the virtual machine serial HOST_ID Identifies the server that contains this VM int HYPERVISOR_VM_ID The VM number assigned by the hypervisor. Some hypervisors identify VMs by number as well as by name int NAME User-assigned name for the VM varchar 80 DESCRIPTION Optional user-entered notes describing the VM. (Annotation in VMware terminology.
I Database tables and fields TABLE 515 VM_VIRTUAL_MACHINE (Continued) Field Definition Format Size UNCOMMITTED_STORA GE Additional Provisioned storage for a particular virtual machine. varchar 64 UNSHARED_STORAGE Exclusive storage for a particular virtual machine. varchar 64 Size TABLE 516 VM_VIRTUAL_MACHINE_DATASTORE_MAP Field Definition Format VM_DATASTORE_DETAIL S_ID A foreign key referencing VM_DATASTORE_DETAILS(ID).
I Database tables and fields TABLE 519 Field Definition Format ID Unique generated database identifier. serial VCEM_PROFILE_ID Foreign key references the ID of the VCEM server that the domain belongs to. int VR_CONN_DOMAIN_GROUP_I D Nullable foreign key references the ID of the domain group that the domain may belong to. int VCEM_ASSIGNED_ID The ID assigned by the VCEM server.
I Database tables and fields TABLE 522 VR_CONN_MODULE Field Definition Format ID Unique generated database identifier. serial VR_CONN_DOMAIN_ID Foreign key references the domain ID that the module belongs to. int VCEM_ASSIGNED_ID The ID assigned by VCEM. varchar 256 WWN The WWN of the module. char 23 PRODUCT_NAME The product name of the module. varchar 256 SERIAL_NUMBER The serial number of the module. varchar 32 STATUS The current status of the module.
I Database tables and fields TABLE 524 VR_CONN_SERVER_PROFILE Field Definition Format ID Unique generated database identifier. serial VCEM_PROFILE_ID Foreign key references the ID of the VCEM server that the server profile belongs to. int VR_CONN_DOMAIN_GROUP_I D Nullable foreign key references the ID of the domain group that the server profile may belong to. int VCEM_ASSIGNED_ID The ID assigned by the VCEM server.
I Database tables and fields TABLE 527 ZONE (Continued) Field Definition Format TYPE The zone type. int SUB_TYPE The zone subtype. int ACTIVATE For TI zones only, zone is activated. Default value is 0. smallint CONFIGURED_FAILOVER Configured Failover state of the TI Zone. smallint CONFIGURED_ACTIVATE Configured active state of the TI Zone. smallint ENABLED_FAILOVER Enabled Failover state of the TI Zone. smallint ENABLED_ACTIVATE Enabled Active state of the TI Zone.
I Database tables and fields TABLE 531 Definition Format Size CREATED_BY Created by user name. varchar 128 LAST_MODIFIED_BY Last modified by user name. varchar 128 LAST_APPLIED_BY Last saved to switch user name. varchar 128 DEFAULT_ZONE_STATUS All access or no access when no active zone configuration. smallint ZONE_TXN_SUPPORTED Zoning commands support transaction. smallint MCDATA_DEFAULT_ZONE McData switch default zoning mode.
I Views TABLE 535 ZONE_MEMBER (Continued) Field Definition Format Size VALUE Member value (D,P or WWN). varchar 256 ZONE_ID PK of owning zone. int Field Definition Format ID* Unique generated database identifier. int ZONE_DB_ID PK of owning zone DB. int NAME Zone set name. varchar ACTIVE 1 = active zone set 0 = otherwise. smallint TABLE 536 ZONE_SET Size 64 Views ADAPTER_PORT_CONFIG_INFO create or replace view ADAPTER_PORT_CONFIG_INFO as select ADAPTER_PORT_CONFIG.
I Views where ((AG_N_PORT.REMOTE_PORT_WWN = EDGE_F_PORT.WWN) or (AG_N_PORT.REMOTE_PORT_WWN = EDGE_F_PORT.LOGICAL_PORT_WWN and EDGE_F_PORT.TRUNK_MASTER = 1)) and AG_N_PORT.TYPE = 'N-Port'; BOOT_IMAGE_FILE_DETAILS_INFO create or replace view BOOT_IMAGE_FILE_DETAILS_INFO as select BOOT_IMAGE_FILE_DETAILS.BOOT_IMAGE_NAME, BOOT_IMAGE_FILE_DETAILS.MAJOR_VERSION, BOOT_IMAGE_FILE_DETAILS.MINOR_VERSION, BOOT_IMAGE_FILE_DETAILS.MAINTENANCE, BOOT_IMAGE_FILE_DETAILS.PATCH, BOOT_IMAGE_FILE_DETAILS.
Views I CNA_PORT_DETAILS_INFO create or replace view CNA_PORT_DETAILS_INFO as select CNA_PORT.ID, CNA_PORT.PORT_NUMBER, CNA_PORT.PORT_WWN, CNA_PORT.NODE_WWN, CNA_PORT.PHYSICAL_PORT_TYPE, CNA_PORT.NAME, CNA_PORT.MAC_ADDRESS, CNA_PORT.MEDIA, CNA_PORT.CEE_STATE, CNA_PORT.HBA_ID, CNA_PORT.CREATION_TIME as CNA_PORT_CREATION_TIME, CNA_ETH_PORT.ID as ETH_PORT_ID, CNA_ETH_PORT.ETH_DEV, CNA_ETH_PORT.ETH_LOG_LEVEL, CNA_ETH_PORT.NAME as ETH_PORT_NAME, CNA_ETH_PORT.MAC_ADDRESS as ETH_MAC_ADDRESS, CNA_ETH_PORT.
I Views CNA_ETH_PORT.CREATION_TIME as ETH_PORT_CREATION_TIME, HBA_PORT.DEVICE_PORT_ID, CNA_ETH_PORT.MTU, CNA_PORT.ALARM_WARNING from CNA_PORT left outer join HBA_PORT on CNA_PORT.ID = HBA_PORT.CNA_PORT_ID left outer join CNA_ETH_PORT on CNA_PORT.ID = CNA_ETH_PORT.CNA_PORT_ID; CORE_SWITCH_DETAILS_INFO create or replace view CORE_SWITCH_DETAILS_INFO as select CORE_SWITCH.ID, CORE_SWITCH.IP_ADDRESS, CORE_SWITCH.WWN, CORE_SWITCH.NAME, CORE_SWITCH.TYPE, CORE_SWITCH.MODEL, CORE_SWITCH.
Views I CORE_SWITCH_DETAILS.EGM_CAPABLE, CORE_SWITCH_DETAILS.SUB_TYPE, CORE_SWITCH_DETAILS.PARTITION, CORE_SWITCH_DETAILS.MAX_NUM_OF_BLADES, CORE_SWITCH_DETAILS.VENDOR_VERSION, CORE_SWITCH_DETAILS.VENDOR_PART_NUMBER, CORE_SWITCH_DETAILS.RNID_SEQUENCE_NUMBER, CORE_SWITCH_DETAILS.CONTACT, CORE_SWITCH_DETAILS.LOCATION, CORE_SWITCH_DETAILS.DESCRIPTION, CORE_SWITCH_DETAILS.IP_ADDRESS_PREFIX, CORE_SWITCH_DETAILS.DOMAIN_NAME, CORE_SWITCH_DETAILS.FRAME_LOG_SIZE, CORE_SWITCH_DETAILS.
I Views LUN.THIN_PROVISION_LUN from CRYPTO_LUN LUN, CRYPTO_HOST where LUN.CRYPTO_HOST_ID = CRYPTO_HOST.ID; CRYPTO_TARGET_ENGINE_INFO create or replace view CRYPTO_TARGET_ENGINE_INFO as select CRYPTO_TARGET_CONTAINER.ID TARGET_CONTAINER_ID, CRYPTO_TARGET_CONTAINER.NAME, CRYPTO_TARGET_CONTAINER.VT_NODE_WWN, CRYPTO_TARGET_CONTAINER.VT_PORT_WWN, CRYPTO_TARGET_CONTAINER.FAILOVER_STATUS, CRYPTO_TARGET_CONTAINER.FAILOVER_STATUS_2, CRYPTO_TARGET_CONTAINER.DEVICE_STATUS, CRYPTO_TARGET_CONTAINER.
Views I DASHBOARD_CANVAS, DASHBOARD_CANVAS_PREFERENCE where DASHBOARD.ID = DASHBOARD_CANVAS_PREFERENCE.DASHBOARD_ID and DASHBOARD_CANVAS.ID = DASHBOARD_CANVAS_PREFERENCE.DASHBOARD_CANVAS_ID; DEPLOYMENT_INFO create or replace view DEPLOYMENT_INFO as select DEPLOYMENT_CONFIGURATION.ID as ID, DEPLOYMENT_CONFIGURATION.NAME as NAME, DEPLOYMENT_CONFIGURATION.DESCRIPTION as DESCRIPTION, DEPLOYMENT_HANDLER.MODULE as MODULE, DEPLOYMENT_HANDLER.SUB_MODULE as SUB_MODULE, DEPLOYMENT_STATUS.
I Views DEPLOYMENT_HANDLER.MODULE, DEPLOYMENT_HANDLER.SUB_MODULE, DEPLOYMENT_STATUS.DEPLOYMENT_TIME, DEPLOYMENT_CONFIGURATION.DEPLOY_OPTION as DEPLOYMENT_OPTION, DEPLOYMENT_STATUS.STATUS, DEPLOYMENT_STATUS.DEPLOYED_BY, DEPLOYMENT_CONFIGURATION.CREATED_BY as CREATOR, DEPLOYMENT_CONFIGURATION.SCHEDULE_ENABLED, DEPLOYMENT_CONFIGURATION.SNAPSHOT_ENABLED, DEPLOYMENT_CONFIGURATION.MANAGEMENT_FLAG, DEPLOYMENT_HANDLER.PRIVILEGE_ID, DEPLOYMENT_HANDLER.HANDLER_CLASS, DEPLOYMENT_HANDLER.
Views I left join DEVICE_ENCLOSURE_MEMBER on DEVICE_PORT.ID = DEVICE_ENCLOSURE_MEMBER.DEVICE_PORT_ID left join DEVICE_NODE DN on DEVICE_PORT.NODE_ID = DN.ID left join USER_DEFINED_DEVICE_DETAIL USERDEFINEDDETAILS on DN.WWN = USERDEFINEDDETAILS.WWN; EE_MONITOR_STATS_5MIN_INFO create or replace view EE_MONITOR_STATS_5MIN_INFO as select VIRTUAL_SWITCH.
I Views EE_MONITOR_STATS_1DAY_INFO create or replace view EE_MONITOR_STATS_1DAY_INFO as select VIRTUAL_SWITCH.
Views I sum(case when MEASURE_ID = 36 then value else 0 end) as RECEIVE_EOF, sum(case when MEASURE_ID = 40 then value else 0 end) as UNDERFLOW_ERRORS, sum(case when MEASURE_ID = 41 then value else 0 end) as OVERFLOW_ERRORS, sum(case when MEASURE_ID = 43 then value else 0 end) as ALIGNMENT_ERRORS, sum(case when MEASURE_ID = 42 then value else 0 end) as RUNT_ERRORS, sum(case when MEASURE_ID = 43 then value else 0 end) as TOO_LONG_ERRORS, sum(case when MEASURE_ID = 39 then value else 0 end) as CRC_ERRORS fro
I Views sum(case when MEASURE_ID = 43 then value else 0 end) as TOO_LONG_ERRORS, sum(case when MEASURE_ID = 39 then value else 0 end) as CRC_ERRORS from TIME_SERIES_DATA_1_1DAY, VIRTUAL_SWITCH where ME_ID = MANAGED_ELEMENT_ID and COLLECTOR_ID = 12 group by ME_ID, TARGET_TYPE, TARGET_ID, TIME_IN_SECONDS,VIRTUAL_SWITCH_ID order by TIME_IN_SECONDS desc; SWITCH_INFO create or replace view SWITCH_INFO as select CORE_SWITCH.ID as PHYSICAL_SWITCH_ID, CORE_SWITCH.NAME as PHYSICAL_SWITCH_NAME, CORE_SWITCH.
Views I VIRTUAL_SWITCH.USER_DEFINED_VALUE_1, VIRTUAL_SWITCH.USER_DEFINED_VALUE_2, VIRTUAL_SWITCH.USER_DEFINED_VALUE_3, VIRTUAL_SWITCH.INTEROP_MODE, VIRTUAL_SWITCH.CRYPTO_CAPABLE, VIRTUAL_SWITCH.FCR_CAPABLE, VIRTUAL_SWITCH.FCIP_CAPABLE, VIRTUAL_SWITCH.LF_ENABLED, VIRTUAL_SWITCH.FCOE_CAPABLE, VIRTUAL_SWITCH.L2_CAPABLE, VIRTUAL_SWITCH.L3_CAPABLE, VIRTUAL_SWITCH.DEFAULT_LOGICAL_SWITCH, VIRTUAL_SWITCH.FEATURES_SUPPORTED, VIRTUAL_SWITCH.FMS_MODE, VIRTUAL_SWITCH.DYNAMIC_LOAD_SHARING, VIRTUAL_SWITCH.
I Views DEVICE_INFO create or replace view DEVICE_INFO as select distinct DEVICE_NODE.ID as DEVICE_NODE_ID, DEVICE_NODE.WWN as DEVICE_NODE_WWN, DEVICE_NODE.TYPE as DEVICE_NODE_TYPE, DEVICE_NODE.SYMBOLIC_NAME as DEVICE_NODE_SYMBOLIC_NAME, DEVICE_NODE.DEVICE_TYPE, DEVICE_NODE.FDMI_HOST_NAME, DEVICE_NODE.VENDOR, DEVICE_NODE.CAPABILITY_, DEVICE_NODE.AG, DEVICE_PORT.ID as DEVICE_PORT_ID, DEVICE_PORT.DOMAIN_ID as DEVICE_PORT_DOMAIN_ID, DEVICE_PORT.WWN as DEVICE_PORT_WWN, DEVICE_PORT.NUMBER, DEVICE_PORT.
Views I SWITCH_INFO.DOMAIN_ID as VIRTUAL_SWITCH_DOMAIN_ID, SWITCH_INFO.VIRTUAL_FABRIC_ID, SWITCH_INFO.BASE_SWITCH, SWITCH_INFO.STATE as VIRTUAL_SWITCH_STATE, SWITCH_INFO.STATUS as VIRTUAL_SWITCH_STATUS, SWITCH_INFO.FABRIC_ID, SWITCH_INFO.MONITORED, SWITCH_INFO.CRYPTO_CAPABLE from DEVICE_NODE, DEVICE_PORT, SWITCH_PORT, SWITCH_INFO where DEVICE_PORT.NODE_ID = DEVICE_NODE.ID and DEVICE_PORT.SWITCH_PORT_WWN = SWITCH_PORT.WWN and SWITCH_PORT.VIRTUAL_SWITCH_ID = SWITCH_INFO.ID and DEVICE_NODE.
I Views DEVICE_NODE.PROXY_DEVICE, DEVICE_NODE.AG, DEVICE_NODE.PREVIOUS_MISSING_STATE, USER_DEFINED_DEVICE_DETAIL.NAME, USER_DEFINED_DEVICE_DETAIL.TYPE as USER_DEFINED_TYPE, USER_DEFINED_DEVICE_DETAIL.IP_ADDRESS, USER_DEFINED_DEVICE_DETAIL.CONTACT, USER_DEFINED_DEVICE_DETAIL.LOCATION, USER_DEFINED_DEVICE_DETAIL.DESCRIPTION, USER_DEFINED_DEVICE_DETAIL.USER_DEFINED_VALUE1, USER_DEFINED_DEVICE_DETAIL.USER_DEFINED_VALUE2, USER_DEFINED_DEVICE_DETAIL.USER_DEFINED_VALUE3, FABRIC.
Views I FICON_DEVICE_PORT.MANUFACTURER, FICON_DEVICE_PORT.MANUFACTURER_PLANT, FICON_DEVICE_PORT.SEQUENCE_NUMBER, FICON_DEVICE_PORT.TAG, FICON_DEVICE_PORT.FLAG, FICON_DEVICE_PORT.PARAMS, USER_DEFINED_DEVICE_DETAIL.NAME, USER_DEFINED_DEVICE_DETAIL.TYPE as USER_DEFINED_TYPE, USER_DEFINED_DEVICE_DETAIL.IP_ADDRESS, USER_DEFINED_DEVICE_DETAIL.CONTACT, USER_DEFINED_DEVICE_DETAIL.LOCATION, USER_DEFINED_DEVICE_DETAIL.DESCRIPTION, USER_DEFINED_DEVICE_DETAIL.USER_DEFINED_VALUE1, USER_DEFINED_DEVICE_DETAIL.
I Views from DEVICE_PORT_GIGE_PORT_LINK, DEVICE_PORT where DEVICE_PORT_GIGE_PORT_LINK.DEVICE_PORT_ID = DEVICE_PORT.ID; DEV_PORT_MAC_ADDR_MAP_INFO create or replace view DEV_PORT_MAC_ADDR_MAP_INFO as select DEVICE_PORT_MAC_ADDRESS_MAP.DEVICE_PORT_ID, DEVICE_PORT_MAC_ADDRESS_MAP.MAC_ADDRESS, DEVICE_NODE.ID as DEVICE_NODE_ID, DEVICE_NODE.FABRIC_ID, DEVICE_PORT.TRUSTED, DEVICE_PORT.CREATION_TIME, DEVICE_PORT.MISSING, DEVICE_PORT.
Views I ISL_INFO create or replace view ISL_INFO as select distinct ISL.ID, ISL.FABRIC_ID, ISL.COST, ISL.TYPE, ISL.SOURCE_DOMAIN_ID, ISL.SOURCE_PORT_NUMBER, ISL.MISSING, ISL.MISSING_TIME, ISL.TRUSTED, ISL.CREATION_TIME, ISL.TRUNKED, SOURCE_VIRTUAL_SWITCH.ID as SOURCE_SWITCH_ID, SOURCE_VIRTUAL_SWITCH.NAME as SOURCE_SWITCH_NAME, SOURCE_VIRTUAL_SWITCH.WWN as SOURCE_SWITCH_WWN, SOURCE_VIRTUAL_SWITCH.CORE_SWITCH_ID as SOURCE_CORE_SWITCH_ID, SOURCE_VIRTUAL_SWITCH.
I Views SOURCE_SWITCH_PORT.VIRTUAL_SWITCH_ID = SOURCE_VIRTUAL_SWITCH.ID and SOURCE_SWITCH_PORT.CATEGORY = 1 and SOURCE_SWITCH_PORT.USER_PORT_NUMBER = ISL.SOURCE_PORT_NUMBER and DEST_FABRIC_MEMBER.FABRIC_ID = ISL.FABRIC_ID and DEST_VIRTUAL_SWITCH.ID = DEST_FABRIC_MEMBER.VIRTUAL_SWITCH_ID and DEST_VIRTUAL_SWITCH.DOMAIN_ID = ISL.DEST_DOMAIN_ID and DEST_SWITCH_PORT.VIRTUAL_SWITCH_ID = DEST_VIRTUAL_SWITCH.ID and DEST_SWITCH_PORT.CATEGORY = 1 and DEST_SWITCH_PORT.USER_PORT_NUMBER = ISL.
Views I EVENT.ID as ID, EVENT.ME_ID as ME_ID, EVENT.SEVERITY as SEVERITY, EVENT.AREA as AREA, EVENT.ACKNOWLEDGED as ACKNOWLEDGED, EVENT.SOURCE_NAME as SOURCE_NAME, EVENT.SOURCE_ADDR as SOURCE_ADDR, EVENT.LAST_OCCURRENCE_HOST_TIME as LAST_OCCURRENCE_HOST_TIME, EVENT.FIRST_OCCURRENCE_HOST_TIME as FIRST_OCCURRENCE_HOST_TIME, EVENT.EVENT_COUNT as EVENT_COUNT, EVENT.EVENT_KEY as EVENT_KEY, EVENT.EVENT_AUDIT as AUDIT, EVENT.RESOLVED as RESOLVED, EVENT.ACKED_TIME as ACKED_TIME, EVENT.
I Views EVENT.ME_ID as ME_ID, EVENT.SEVERITY as SEVERITY, EVENT.AREA as AREA, EVENT.ACKNOWLEDGED as ACKNOWLEDGED, EVENT.SOURCE_NAME as SOURCE_NAME, EVENT.SOURCE_ADDR as SOURCE_ADDR, EVENT.LAST_OCCURRENCE_HOST_TIME as LAST_OCCURRENCE_HOST_TIME, EVENT.FIRST_OCCURRENCE_HOST_TIME as FIRST_OCCURRENCE_HOST_TIME, EVENT.EVENT_COUNT as EVENT_COUNT, EVENT.EVENT_AUDIT as AUDIT, EVENT.EVENT_ACTION_ID, EVENT.SPECIAL_EVENT, EVENT_ORIGIN.ID as ORIGIN, EVENT_CATEGORY.ID as EVENT_CATEGORY, EVENT_DESCRIPTION.
Views I FABRIC.USER_DEFINED_VALUE_3, FABRIC.PRINCIPAL_SWITCH_WWN, FABRIC.ZONE_TRANSACTION_TIMEOUT, FABRIC.FABRIC_MODEL, FABRIC.ENHANCED_TI_ZONE_SUPPORT, FABRIC.FABRIC_NAME, VIRTUAL_SWITCH.ID as SEED_SWITCH_ID, VIRTUAL_SWITCH.VIRTUAL_FABRIC_ID, VIRTUAL_SWITCH.INTEROP_MODE, CORE_SWITCH.IP_ADDRESS as SEED_SWITCH_IP_ADDRESS, (select count(*) from FABRIC_MEMBER where FABRIC_MEMBER.FABRIC_ID = FABRIC.ID) as SWITCH_COUNT from FABRIC, CORE_SWITCH, VIRTUAL_SWITCH, FABRIC_MEMBER where FABRIC.
I Views FCIP_TUNNEL_CIRCUIT.L2_COS_LOW, FCIP_TUNNEL_CIRCUIT.DSCP_F_CLASS, FCIP_TUNNEL_CIRCUIT.DSCP_HIGH, FCIP_TUNNEL_CIRCUIT.DSCP_MEDIUM, FCIP_TUNNEL_CIRCUIT.DSCP_LOW, FCIP_TUNNEL_CIRCUIT.FAILOVER_CIRCUIT, FCIP_TUNNEL_CIRCUIT.FAILOVER_GROUP_ID, GIGE_PORT.PORT_NUMBER GIGE_PORT_NUMBER, GIGE_PORT.SLOT_NUMBER GIGE_PORT_SLOT_NUMBER, FCIP_CIRCUIT_PORT_MAP.SWITCH_PORT_ID GIGE_PORT_ID, SWITCH_PORT.VIRTUAL_SWITCH_ID, SWITCH_PORT.
Views I FCIP_TUNNEL.TRUNKING_ALGORITHM, FCIP_TUNNEL.EXTENDED_TUNNEL, FCIP_TUNNEL.VIRTUAL_SWITCH_ID, FCIP_TUNNEL.CIRCUIT_COUNT, FCIP_TUNNEL.MISMATCHED_CONFIG_DETAILS, FCIP_TUNNEL.SLOT_NUMBER, FCIP_TUNNEL.FICON_ENABLED, FCIP_TUNNEL.TPERF_ENABLED, FCIP_TUNNEL.AUTH_KEY, FCIP_TUNNEL.CONNECTED_COUNT, FCIP_TUNNEL.TUNNEL_STATUS_STRING, FCIP_TUNNEL.COMPRESSION_MODE, FCIP_TUNNEL.TURBO_WRITE_ENABLED, FCIP_TUNNEL.TAPE_ACCELERATION_ENABLED, FCIP_TUNNEL.IPSEC_ENABLED, FCIP_TUNNEL.PRESHARED_KEY, FCIP_TUNNEL.
I Views FRU_INFO create or replace view FRU_INFO as select FRU.ID, FRU.CORE_SWITCH_ID, FRU.TAG, FRU.PART_NUMBER, FRU.SERIAL_NUMBER, FRU.VENDOR_PART_NUMBER, FRU.VENDOR_SERIAL_NUMBER, FRU.CAN_BE_FRUED, FRU.SLOT_NUMBER, FRU.MANUFACTURER_DATE, FRU.UPDATE_DATE, FRU.VERSION, FRU.MANUFACTURER, FRU.VENDOR_EQUIPMENT_TYPE, FRU.OPERATIONAL_STATUS, FRU.TOTAL_OUTPUT_POWER, FRU.SPEED, FRU.CREATION_TIME, FRU.LAST_UPDATE_TIME, FRU.PREVIOUS_OP_STATUS, FRU.VENDOR, CORE_SWITCH.WWN as PHYSICAL_SWITCH_WWN, VIRTUAL_SWITCH.
Views I where GIGE_PORT_ETHERNET_CLOUD_LINK.SWITCH_PORT_ID = GIGE_PORT.ID and GIGE_PORT.SWITCH_PORT_ID = SWITCH_PORT.ID and SWITCH_PORT.VIRTUAL_SWITCH_ID = VIRTUAL_SWITCH.ID; GIGE_PORT_INFO create or replace view GIGE_PORT_INFO as select GIGE_PORT.ID, GIGE_PORT.SWITCH_PORT_ID, GIGE_PORT.PORT_NUMBER, GIGE_PORT.SLOT_NUMBER, GIGE_PORT.ENABLED, GIGE_PORT.SPEED, GIGE_PORT.MAX_SPEED, GIGE_PORT.MAC_ADDRESS, GIGE_PORT.PORT_NAME, GIGE_PORT.OPERATIONAL_STATUS, GIGE_PORT.LED_STATE, GIGE_PORT.
I Views HBA_PORT.CONFIGURED_TOPOLOGY, HBA_PORT.MAX_SPEED_SUPPORTED, HBA_PORT.OPERATING_STATE, HBA_PORT.OPERATING_TOPOLOGY, HBA_PORT.SUPPORTED_FC4_TYPES, HBA_PORT.SUPPORTED_COS, HBA_PORT.TRUSTED as HBA_PORT_TRUSTED, HBA_PORT.CREATION_TIME as HBA_PORT_CREATION_TIME, HBA_PORT.MISSING as HBA_PORT_MISSING, HBA_PORT.MISSING_TIME as HBA_PORT_MISSING_TIME, HBA_PORT.OPERATING_SPEED, HBA_PORT.CNA_PORT_ID, HBA_PORT.PORT_NWWN, HBA_PORT.PHYSICAL_PORT_WWN, HBA_PORT.SWITCH_IP, HBA_PORT.PRINCIPAL_SWITCH_WWN, HBA_PORT.
I Views HBA_PORT_DETAIL.QOS_LOW_BW_ALLOCATION, HBA_PORT_DETAIL.MEDIA as MEDIA, HBA_PORT_DETAIL.IOC_ID as IOC_ID, HBA_PORT_DETAIL.PREBOOT_DISABLED, HBA_PORT_FCOE_DETAILS.BANDWIDTH as FCOE_BANDWIDTH, HBA_PORT_FCOE_DETAILS.FIP_STATE, HBA_PORT_FCOE_DETAILS.DISCOVERY_PRIORITY, HBA_PORT_FCOE_DETAILS.FCF_FCMAP, HBA_PORT_FCOE_DETAILS.FCF_FPMA_MAC, HBA_PORT_FCOE_DETAILS.FCF_MAC, HBA_PORT_FCOE_DETAILS.FCF_MODE, HBA_PORT_FCOE_DETAILS.FCF_NAMEID, HBA_PORT_FCOE_DETAILS.FCPIM_MPIO_MODE, HBA_PORT_FCOE_DETAILS.
I Views HBA_REMOTE_PORT.FC_ADDRESS, HBA_REMOTE_PORT.FRAME_DATA_SIZE, HBA_REMOTE_PORT.SPEED, HBA_REMOTE_PORT.STATE, HBA_REMOTE_PORT.SUPPORTED_COS, HBA_REMOTE_PORT.DEVICE_TYPE, HBA_REMOTE_PORT.BIND_TYPE, HBA_REMOTE_PORT.TARGET_ID, HBA_REMOTE_PORT.ROLE, HBA_REMOTE_PORT.VENDOR, HBA_REMOTE_PORT.PRODUCT_ID, HBA_REMOTE_PORT.PRODUCT_VERSION, HBA_REMOTE_PORT.QOS_PRIORITY, HBA_REMOTE_PORT.QOS_FLOW_ID, HBA_REMOTE_PORT.CURRENT_SPEED, HBA_REMOTE_PORT.TRL_ENFORCED, HBA_REMOTE_PORT.BUS_NO, HBA_REMOTE_PORT_LUN.
Views I DEPLOYMENT_STATUS, HEALTH_STATUS, HEALTH_TARGET_STATUS where DEPLOYMENT_STATUS.DEPLOYMENT_CONFIGURATION_ID = DEPLOYMENT_CONFIGURATION.ID and HEALTH_STATUS.DEPLOYMENT_STATUS_ID = DEPLOYMENT_STATUS.ID and HEALTH_TARGET_STATUS.HEALTH_STATUS_ID = HEALTH_STATUS.ID; HOST_DISCOVERY_REQUEST_INFO create or replace view HOST_DISCOVERY_REQUEST_INFO as select HOST_DISCOVERY_REQUEST.ID, HOST_DISCOVERY_REQUEST.HOST_NAME AS REQUEST_HOST_NAME, HOST_DISCOVERY_REQUEST.DEVICE_ENCLOSURE_ID, HOST_DISCOVERY_REQUEST.
I Views DEVICE_ENCLOSURE.LAST_UPDATE_TIME, DEVICE_ENCLOSURE.LAST_UPDATE_MODULE, DEVICE_ENCLOSURE.TRUSTED, DEVICE_ENCLOSURE.CREATION_TIME, DEVICE_ENCLOSURE.MISSING, DEVICE_ENCLOSURE.MISSING_TIME, DEVICE_ENCLOSURE.HOST_NAME, DEVICE_ENCLOSURE.SYSLOG_REGISTERED, DEVICE_ENCLOSURE.VIRTUALIZATION, DEVICE_ENCLOSURE.MANAGED_ELEMENT_ID, HOST_DISCOVERY_REQUEST.MANAGEMENT_STATE_DETAILS from HOST_DISCOVERY_REQUEST join HOST_DISCOVERY_OPTION on HOST_DISCOVERY_REQUEST.HOST_DISCOVERY_OPTION_ID = HOST_DISCOVERY_OPTION.
Views I SOURCE_VIRTUAL_SWITCH.MANAGEMENT_STATE as SOURCE_VIRTUAL_SWITCH_MANAGEMENT_STATE, SOURCE_VIRTUAL_SWITCH.MONITORED as SOURCE_VIRTUAL_SWITCH_MONITORED, SOURCE_SWITCH_PORT.ID as SOURCE_SWITCH_PORT_ID, SOURCE_SWITCH_PORT.WWN as SOURCE_SWITCH_PORT_WWN, SOURCE_SWITCH_PORT.NAME as SOURCE_SWITCH_PORT_NAME, SOURCE_SWITCH_PORT.TYPE as PORT_TYPE, SOURCE_SWITCH_PORT.KIND as SOURCE_SWITCH_PORT_KIND, SOURCE_SWITCH_PORT.PHYSICAL_PORT as SOURCE_PHYSICAL_PORT, SOURCE_SWITCH_PORT.
I Views ISL.MISSING, ISL.SOURCE_DOMAIN_ID, ISL.SOURCE_PORT_NUMBER, SOURCE_DEVICE.MANAGED_ELEMENT_ID as SOURCE_ME_ID, SOURCE_DEVICE.DEVICE_ID as SOURCE_DEVICE_ID, SOURCE_DEVICE.SYS_NAME as SOURCE_DEVICE_NAME, SOURCE_SWITCH_PORT.ID as SOURCE_SWITCH_PORT_ID, SOURCE_SWITCH_PORT.NAME as SOURCE_SWITCH_PORT_NAME, SOURCE_SWITCH_PORT.IDENTIFIER as SOURCE_SWITCH_PORT_IDENTIFIER, SOURCE_SWITCH_PORT.TYPE as PORT_TYPE, SOURCE_SWITCH_PORT.KIND as SOURCE_SWITCH_PORT_KIND, SOURCE_SWITCH_PORT.
Views I ISL_TRUNK_GROUP_MEMBER_INFO CREATE VIEW isl_trunk_group_member_info AS select ISL_TRUNK_GROUP.ID, ISL_TRUNK_GROUP.VIRTUAL_SWITCH_ID, ISL_TRUNK_GROUP.MASTER_USER_PORT, ISL_TRUNK_MEMBER.MISSING, ISL_TRUNK_MEMBER.TRUSTED, ISL_TRUNK_MEMBER.MISSING_TIME, ISL_TRUNK_MEMBER.PORT_NUMBER, SWITCH_PORT.WWN, SWITCH_PORT.TYPE, SWITCH_PORT.STATUS, SWITCH_PORT.SPEED, SWITCH_PORT.ID as SWITCH_PORT_ID from ISL_TRUNK_GROUP, ISL_TRUNK_MEMBER, SWITCH_PORT where ISL_TRUNK_GROUP.id = ISL_TRUNK_MEMBER.
I Views ISL_TRUNK_GROUP, ISL_INFO, CORE_SWITCH SOURCE_CORE_SWITCH, CORE_SWITCH DEST_CORE_SWITCH, VIRTUAL_SWITCH SOURCE_VIRTUAL_SWITCH, VIRTUAL_SWITCH DEST_VIRTUAL_SWITCH where ISL_INFO.SOURCE_SWITCH_ID = ISL_TRUNK_GROUP.VIRTUAL_SWITCH_ID and ISL_INFO.SOURCE_PORT_NUMBER = ISL_TRUNK_GROUP.MASTER_USER_PORT and ISL_INFO.SOURCE_SWITCH_ID = SOURCE_VIRTUAL_SWITCH.ID and SOURCE_VIRTUAL_SWITCH.CORE_SWITCH_ID = SOURCE_CORE_SWITCH.ID and ISL_INFO.DEST_SWITCH_ID = DEST_VIRTUAL_SWITCH.ID and DEST_VIRTUAL_SWITCH.
Views I MAPS_EVENT_DETAILS.SWITCH_ENABLED_ACTIONS, VIRTUAL_SWITCH.NAME as SWITCH_NAME, SWITCH_PORT.NAME as SWITCH_PORT_NAME, SWITCH_PORT.WWN as SWITCH_PORT_WWN, SWITCH_PORT.SLOT_NUMBER as SWITCH_PORT_SLOT, SWITCH_PORT.PORT_NUMBER as SWITCH_PORT_NUMBER, SWITCH_PORT.PORT_ID as SWITCH_PORT_PORT_ID, FCIP_TUNNEL_CIRCUIT.CIRCUIT_NUMBER, FCIP_TUNNEL_CIRCUIT.SLOT_NUMBER as FCIP_SLOT_NUMBER, FCIP_TUNNEL_CIRCUIT.VE_PORT_NUMBER as FCIP_PORT_NUMBER, MAPS_EVENT_CAUSE_ACTION.CAUSE, MAPS_EVENT_CAUSE_ACTION.
I Views TEMP_FOUNDRY_MODULE.CODE_FLASH_SIZE, TEMP_FOUNDRY_MODULE.MODULE_TYPE, TEMP_MODULE.DESCRIPTION as MODULE_TYPE_TXT from ( select distinct MODULE.MODULE_ID, MODULE.NUM_PORTS, MODULE.IS_PRESENT, MODULE.IS_MANAGEMENT_MODULE, MODULE.NUM_CPUS, MODULE.HW_REVISION, MODULE.SW_REVISION, SLOT.SLOT_NUM, PHYSICAL_DEVICE.DEVICE_ID, PHYSICAL_DEVICE.PHYSICAL_DEVICE_ID, PHYSICAL_DEVICE.UNIT_NUMBER, PHYSICAL_DEVICE.UNIT_PRESENT, DEVICE.MANAGED_ELEMENT_ID, DEVICE.IP_ADDRESS, MODULE.
Views I AG_F_PORT.REMOTE_NODE_WWN from NPORT_WWN_MAP, SWITCH_PORT AG_N_PORT, SWITCH_PORT AG_F_PORT, VIRTUAL_SWITCH AG_SWITCH where NPORT_WWN_MAP.VIRTUAL_SWITCH_ID = AG_N_PORT.VIRTUAL_SWITCH_ID and NPORT_WWN_MAP.N_PORT = AG_N_PORT.USER_PORT_NUMBER and NPORT_WWN_MAP.VIRTUAL_SWITCH_ID = AG_F_PORT.VIRTUAL_SWITCH_ID and NPORT_WWN_MAP.DEVICE_PORT_WWN = AG_F_PORT.REMOTE_PORT_WWN AND AG_N_PORT.VIRTUAL_SWITCH_ID = AG_SWITCH.ID and AG_SWITCH.
I Views when TEMP_DEVICE.OPER_STATUS = 5 then 'DOWN' else 'UNKNOWN' end as OPER_STATUS_TXT, TEMP_DEVICE.FABRIC_WATCH_STATUS, TEMP_DEVICE.FABRIC_WATCH_STATUS_REASON, TEMP_DEVICE.ADMIN_STATUS, case when TEMP_DEVICE.ADMIN_STATUS = 1 then 'TROUBLESHOOTING' else 'NORMAL' end as ADMIN_STATUS_TXT, TEMP_DEVICE.ADMIN_STATUS_LAST_UPDATED, TEMP_DEVICE.MEMO, TEMP_DEVICE.MEMO_LAST_UPDATED, TEMP_DEVICE.SYS_OID, TEMP_DEVICE.RBRIDGE_ID, TEMP_DEVICE.IP_ADDRESS, TEMP_FOUNDRY_DEVICE.PRODUCT_TYPE, case when TEMP_DEVICE.
Views I else 'UNKNOWN' end as CATEGORY_TXT, TEMP_DEVICE.SUB_CATEGORY, case when TEMP_DEVICE.SUB_CATEGORY = 1 then 'DCB 8000' when TEMP_DEVICE.SUB_CATEGORY = 2 then 'DCB 8470' when TEMP_DEVICE.SUB_CATEGORY = 3 then 'DCB M8428' when TEMP_DEVICE.SUB_CATEGORY = 4 then 'DCX' when TEMP_DEVICE.SUB_CATEGORY = 5 then 'DCX-4S' when TEMP_DEVICE.SUB_CATEGORY = 6 then 'VCS/VDX' when TEMP_DEVICE.SUB_CATEGORY = 7 then 'VDX 6720-24' when TEMP_DEVICE.SUB_CATEGORY = 8 then 'VDX 6720-60' when TEMP_DEVICE.
I Views PORT_BOTTLENECK_CONF_INFO This view provides combine port bottleneck configuration and enough information from switch port for the client to identify the port. create or replace view PORT_BOTTLENECK_CONF_INFO as select PORT_BOTTLENECK_CONFIG.SWITCH_PORT_ID, PORT_BOTTLENECK_CONFIG.BOTTLENECK_DETECT_ENABLED, PORT_BOTTLENECK_CONFIG.ALERTS_ENABLED, PORT_BOTTLENECK_CONFIG.CONGESTION_THRESHOLD, PORT_BOTTLENECK_CONFIG.LATENCY_THRESHOLD, PORT_BOTTLENECK_CONFIG.WINDOW_, PORT_BOTTLENECK_CONFIG.
Views I SWITCH_PORT.PORT_NUMBER, SWITCH_PORT.SLOT_NUMBER, SWITCH_PORT.FICON_SUPPORTED, SWITCH_PORT.STATE, SWITCH_PORT.USER_PORT_NUMBER, VIRTUAL_SWITCH.NAME as VIRTUAL_SWITCH_NAME, VIRTUAL_SWITCH.ID as SWITCH_ID, FABRIC.NAME as FABRIC_NAME, FABRIC.MANAGED as FABRIC_MANAGED, PORT_GROUP.ID as PORT_GROUP_ID, PORT_GROUP_MEMBER.ID as PORT_GROUP_MEMBER_ID from SWITCH_PORT, VIRTUAL_SWITCH, FABRIC, FABRIC_MEMBER, PORT_GROUP_MEMBER, PORT_GROUP where VIRTUAL_SWITCH .ID = SWITCH_PORT.
I Views PORT_PROFILE.ACTIVATED, PORT_PROFILE_QOS_MAP.DCB_MODE, PORT_PROFILE_QOS_MAP.ETHERNET_MODE, PORT_PROFILE_QOS_MAP.PAUSE_TX, PORT_PROFILE_QOS_MAP.PAUSE_RX, PORT_PROFILE_QOS_MAP.COS_COS, PORT_PROFILE_QOS_MAP.TRAFFIC_CLASS, PORT_PROFILE_QOS_MAP.COS, PORT_PROFILE_QOS_MAP.CEE_MAP, PORT_PROFILE_QOS_PFC_MAP.COS0_TX, PORT_PROFILE_QOS_PFC_MAP.COS0_RX, PORT_PROFILE_QOS_PFC_MAP.COS1_TX, PORT_PROFILE_QOS_PFC_MAP.COS1_RX, PORT_PROFILE_QOS_PFC_MAP.COS2_TX, PORT_PROFILE_QOS_PFC_MAP.
Views I select PORT_PROFILE_MAC_MAP.PROFILE_ID, PORT_PROFILE_MAC_MAP.MAC, PORT_PROFILE_MAC_MAP.NAME as MAC_NAME, VM_VIRTUAL_ETHERNET_ADAPTER.PORT_GROUP_NAME, VM_VIRTUAL_ETHERNET_ADAPTER.DISPLAY_LABEL, VM_VIRTUAL_MACHINE.NAME as VM_NAME, VM_VCENTER_MEMBER.HOST_NAME as HOST_NAME, VM_VCENTER.NAME as VCENTER_NAME, INTERFACE.IDENTIFIER from PORT_PROFILE_MAC_MAP left outer join VM_VIRTUAL_ETHERNET_ADAPTER on PORT_PROFILE_MAC_MAP.MAC = VM_VIRTUAL_ETHERNET_ADAPTER.
I Views sflow_hour_summary.out_priority, sflow_hour_summary.in_vlan, sflow_hour_summary.out_vlan, sflow_hour_summary.l3_protocol, sflow_hour_summary.l4_src_port, sflow_hour_summary.l4_dest_port, sflow_hour_summary.time_in_seconds, sflow_hour_summary.src_mac, sflow_hour_summary.dest_mac, sflow_hour_summary.l3_src_addr, sflow_hour_summary.l3_dest_addr, sflow_hour_summary.tcp_flags, sflow_hour_summary.local_as, sflow_hour_summary.src_as, sflow_hour_summary.src_peer_as, sflow_hour_summary.
Views I LEFT JOIN vm_address_info vm3 ON sflow_staging.l3_src_addr = vm3.vm_address LEFT JOIN vm_address_info vm2 ON sflow_staging.dest_mac = vm2.mac_address LEFT JOIN vm_address_info vm4 ON sflow_staging.l3_dest_addr = vm4.vm_address WHERE sflow_staging.slnum >= (( SELECT sflow_staging_slnum.min_slnum FROM sflow_staging_slnum LIMIT 1)); SFLOW_MINUTE_L3_VIEW create or replace view SFLOW_MINUTE_L3_VIEW AS select SFLOW_MINUTE_L3.DEVICE_ID, SFLOW_MINUTE_L3.TIME_IN_SECONDS, SFLOW_MINUTE_L3.
I Views from SFLOW_STAGING LEFT JOIN VM_ADDRESS_INFO VM1 ON SFLOW_STAGING.L3_SRC_ADDR = VM1.VM_ADDRESS LEFT JOIN VM_ADDRESS_INFO VM2 ON SFLOW_STAGING.L3_DEST_ADDR = VM2.VM_ADDRESS where SFLOW_STAGING.SLNUM >= (( SELECT SFLOW_STAGING_SLNUM.MIN_SLNUM FROM SFLOW_STAGING_SLNUM LIMIT 1)); SFLOW_MINUTE_MAC_VIEW create or replace view SFLOW_MINUTE_MAC_VIEW AS select SFLOW_MINUTE_MAC.DEVICE_ID, SFLOW_MINUTE_MAC.TIME_IN_SECONDS, SFLOW_MINUTE_MAC.SRC_MAC, SFLOW_MINUTE_MAC.DEST_MAC, SFLOW_MINUTE_MAC.
Views I VM2.VM_HOST_ADDRESS AS DEST_VM_HOST_ADDRESS, VM1.VM_ID AS SRC_VM_ID, VM2.VM_ID AS DEST_VM_ID, VM1.VM_HOST_ID AS SRC_VM_HOST_ID, VM2.VM_HOST_ID AS DEST_VM_HOST_ID FROM SFLOW_STAGING LEFT JOIN VM_ADDRESS_INFO VM1 ON SFLOW_STAGING.SRC_MAC = VM1.MAC_ADDRESS LEFT JOIN VM_ADDRESS_INFO VM2 ON SFLOW_STAGING.DEST_MAC = VM2.MAC_ADDRESS WHERE SFLOW_STAGING.SLNUM >= (( SELECT SFLOW_STAGING_SLNUM.
I Views SENSOR_INFO create or replace view SENSOR_INFO as select SENSOR.ID, SENSOR.CORE_SWITCH_ID, SENSOR.SENSOR_ID, SENSOR.CURRENT_READING, SENSOR.TYPE, SENSOR.SUB_TYPE, SENSOR.DESCRIPTION, SENSOR.STATUS, SENSOR.OPERATIONAL_STATUS, SENSOR.PART_NUMBER, SENSOR.SERIAL_NUMBER, SENSOR.VERSION, SENSOR.CREATION_TIME, SENSOR.LAST_UPDATE_TIME, SENSOR.FRU_TYPE, SENSOR.UNIT_NUMBER, SENSOR.STATE, CORE_SWITCH.WWN as PHYSICAL_SWITCH_WWN, VIRTUAL_SWITCH.SWITCH_MODE as VIRTUAL_SWITCH_MODE, VIRTUAL_SWITCH.
Views I and SC.CARD_TYPE = 0 union select SC.ID SMART_CARD_ID, SC.CARD_TYPE, SC.CARD_INFO, SC.CARDCN_ID, SC.FIRST_NAME, SC.LAST_NAME, SC.NOTES, SC.CREATION_TIME, -1 ENGINE_ID, EG.ID ENCRYPTION_GROUP_ID, EG.NAME GROUP_NAME, RCGM.POSITION_ CARD_POSITION, -1 CRYPTO_SWITCH_ID, -1 SLOT_NUMBER from SMART_CARD SC, ENCRYPTION_GROUP EG, RECOVERY_CARD_GROUP_MAPPING RCGM where SC.ID = RCGM.SMART_CARD_ID and EG.ID = RCGM.ENCRYPTION_GROUP_ID and SC.CARD_TYPE = 1 union select SC.ID SMART_CARD_ID, SC.CARD_TYPE, SC.
I Views SWITCH_CONFIG.CONFIG_DATA, SWITCH_CONFIG.CEE_CONFIG_DATA, SWITCH_CONFIG.KEEP_COPY, SWITCH_CONFIG.CREATED_BY, SWITCH_CONFIG.COMMENTS, SWITCH_CONFIG.CONFIG_TYPE, SWITCH_CONFIG_DETAIL.IP_ADDRESS, SWITCH_CONFIG_DETAIL.WWN, SWITCH_CONFIG_DETAIL.PHYSICAL_SWITCH_WWN, SWITCH_CONFIG_DETAIL.MODEL_NUMBER as SWITCH_MODEL_NUMBER from SWITCH_CONFIG, SWITCH_CONFIG_DETAIL where SWITCH_CONFIG.ID= SWITCH_CONFIG_DETAIL.
Views I VIRTUAL_SWITCH.LAST_UPDATE_TIME, VIRTUAL_SWITCH.USER_NAME, VIRTUAL_SWITCH.PASSWORD, VIRTUAL_SWITCH.MANAGEMENT_STATE, VIRTUAL_SWITCH.STATE, VIRTUAL_SWITCH.STATUS, VIRTUAL_SWITCH.STATUS_REASON, VIRTUAL_SWITCH.FABRIC_IDID_MODE, VIRTUAL_SWITCH.LOGICAL_ID, VIRTUAL_SWITCH.USER_DEFINED_VALUE_1, VIRTUAL_SWITCH.USER_DEFINED_VALUE_2, VIRTUAL_SWITCH.USER_DEFINED_VALUE_3, VIRTUAL_SWITCH.FMS_MODE, VIRTUAL_SWITCH.DYNAMIC_LOAD_SHARING, VIRTUAL_SWITCH.PORT_BASED_ROUTING, VIRTUAL_SWITCH.
I Views CORE_SWITCH_DETAILS.SUB_TYPE, CORE_SWITCH_DETAILS.PARTITION, CORE_SWITCH_DETAILS.MAX_NUM_OF_BLADES, CORE_SWITCH_DETAILS.SNMP_INFORMS_ENABLED, CORE_SWITCH_DETAILS.VENDOR_VERSION, CORE_SWITCH_DETAILS.VENDOR_PART_NUMBER, CORE_SWITCH_DETAILS.CONTACT, CORE_SWITCH_DETAILS.LOCATION, CORE_SWITCH_DETAILS.DESCRIPTION, CORE_SWITCH_DETAILS.RNID_SEQUENCE_NUMBER, CORE_SWITCH_DETAILS.FIRMWARE_VERSION as CSD_FIRMWARE_VERSION, CORE_SWITCH_DETAILS.CHASSIS_PACKAGE_TYPE, CORE_SWITCH_DETAILS.
Views I SWITCH_PORT.AREA_ID, SWITCH_PORT.MAC_ADDRESS, SWITCH_PORT.PORT_MOD, SWITCH_PORT.TYPE, SWITCH_PORT.FULL_TYPE, SWITCH_PORT.STATUS, SWITCH_PORT.HEALTH, SWITCH_PORT.STATUS_MESSAGE, SWITCH_PORT.PHYSICAL_PORT, SWITCH_PORT.LOCKED_PORT_TYPE, SWITCH_PORT.CATEGORY, SWITCH_PORT.PROTOCOL, SWITCH_PORT.SPEED, SWITCH_PORT.SPEEDS_SUPPORTED, SWITCH_PORT.MAX_PORT_SPEED, SWITCH_PORT.DESIRED_CREDITS, SWITCH_PORT.BUFFER_ALLOCATED, SWITCH_PORT.ESTIMATED_DISTANCE, SWITCH_PORT.ACTUAL_DISTANCE, SWITCH_PORT.
I Views SWITCH_PORT.SPEED_NEGOTIATED, SWITCH_PORT.IDENTIFIER, SWITCH_PORT.PORT_CAPABILITIES, SWITCH_PORT.FAKE_PORT, SWITCH_PORT.XISL_PORT_LIST, SWITCH_PORT.PORT_COMMISSION_STATE, SWITCH_PORT.FEATURES_ENABLED, SWITCH_PORT.FEATURES_ACTIVE, SWITCH_PORT.DISABLED_REASON, VIRTUAL_SWITCH.WWN as VIRTUAL_SWITCH_WWN, VIRTUAL_SWITCH.ROLE as SWITCH_ROLE, VIRTUAL_SWITCH.VIRTUAL_FABRIC_ID as VIRTUAL_FABRIC_ID, VIRTUAL_SWITCH.DOMAIN_ID as DOMAIN_ID, VIRTUAL_SWITCH.INTEROP_MODE as INTEROP_MODE, VIRTUAL_SWITCH.
Views I VIRTUAL_SWITCH.BASE_SWITCH, VIRTUAL_SWITCH.MAX_ZONE_CONFIG_SIZE, VIRTUAL_SWITCH.CREATION_TIME, VIRTUAL_SWITCH.LAST_UPDATE_TIME, VIRTUAL_SWITCH.USER_NAME, VIRTUAL_SWITCH.PASSWORD, VIRTUAL_SWITCH.MANAGEMENT_STATE, VIRTUAL_SWITCH.STATE, VIRTUAL_SWITCH.STATUS, VIRTUAL_SWITCH.STATUS_REASON, VIRTUAL_SWITCH.MONITORED, VIRTUAL_SWITCH.USER_DEFINED_VALUE_1, VIRTUAL_SWITCH.USER_DEFINED_VALUE_2, VIRTUAL_SWITCH.USER_DEFINED_VALUE_3, FABRIC_MEMBER.FABRIC_ID, FABRIC_MEMBER.TRUSTED, FABRIC_MEMBER.
I Views TIME_SERIES_DATA_INFO CREATE VIEW time_series_data_info AS ( ( ( ( ( ( select * from TIME_SERIES_DATA_1 union all select TIME_SERIES_DATA_1_30MIN.TIME_IN_SECONDS, TIME_SERIES_DATA_1_30MIN.TARGET_TYPE, TIME_SERIES_DATA_1_30MIN.MEASURE_ID, TIME_SERIES_DATA_1_30MIN.TARGET_ID, TIME_SERIES_DATA_1_30MIN.COLLECTOR_ID, TIME_SERIES_DATA_1_30MIN.MEASURE_INDEX, TIME_SERIES_DATA_1_30MIN.ME_ID, TIME_SERIES_DATA_1_30MIN.VALUE, TIME_SERIES_DATA_1_30MIN.
Views I TIME_SERIES_DATA_2_2HOUR.VALUE, TIME_SERIES_DATA_2_2HOUR.SUM_VALUE from TIME_SERIES_DATA_2_2HOUR) union all select TIME_SERIES_DATA_2_1DAY.TIME_IN_SECONDS, TIME_SERIES_DATA_2_1DAY.TARGET_TYPE, TIME_SERIES_DATA_2_1DAY.MEASURE_ID, TIME_SERIES_DATA_2_1DAY.TARGET_ID, TIME_SERIES_DATA_2_1DAY.COLLECTOR_ID, TIME_SERIES_DATA_2_1DAY.MEASURE_INDEX, TIME_SERIES_DATA_2_1DAY.ME_ID, TIME_SERIES_DATA_2_1DAY.VALUE, TIME_SERIES_DATA_2_1DAY.
I Views (measure.name::text || '.'::text) || tsd.measure_index::text AS collectible_name, measure.detail AS collectible_detail, tsd.value, tsd.time_in_seconds, tsd.measure_index FROM time_series_data_info tsd JOIN switch_port sp ON tsd.target_type = 4 AND tsd.target_id = sp.id JOIN virtual_switch vs ON sp.virtual_switch_id = vs.id JOIN device de ON vs.managed_element_id = de.managed_element_id JOIN pm_data_collector ON pm_data_collector.id = tsd.collector_id JOIN measure ON measure.id = tsd.
Views I SOURCE_DEVICE.DEVICE_ID AS SOURCE_DEVICE_ID, TRILL.DEST_DOMAIN_ID, TRILL.DEST_PORT_NUMBER, TRILL.DEST_PORT_NAME as DEST_SWITCH_PORT_NAME, TRILL.DEST_ME_ID, DEST_DEVICE.DEVICE_ID AS DEST_DEVICE_ID from TRILL, device VCS_DEVICE, device SOURCE_DEVICE, VIRTUAL_SWITCH SOURCE_VIRTUAL_SWITCH, device DEST_DEVICE, VIRTUAL_SWITCH DEST_VIRTUAL_SWITCH where SOURCE_DEVICE.MANAGED_ELEMENT_ID = TRILL.SOURCE_ME_ID and DEST_DEVICE.MANAGED_ELEMENT_ID = TRILL.DEST_ME_ID and VCS_DEVICE.MANAGED_ELEMENT_ID = TRILL.
I Views ROLE.ID ROLE_ID, ROLE.NAME ROLE_NAME, USER_.NAME USER_NAME from USER_, RESOURCE_GROUP, ROLE, USER_RESOURCE_MAP, USER_ROLE_MAP where USER_ROLE_MAP.USER_NAME = USER_.NAME and USER_ROLE_MAP.ROLE_ID = ROLE.ID and USER_RESOURCE_MAP.RESOURCE_GROUP_ID = RESOURCE_GROUP.ID and USER_RESOURCE_MAP.USER_NAME = USER_.NAME; VIRTUAL_FCOE_PORT_INFO create or replace view VIRTUAL_FCOE_PORT_INFO as select VIRTUAL_FCOE_PORT.ID, VIRTUAL_FCOE_PORT.VIRTUAL_SWITCH_ID, VIRTUAL_FCOE_PORT.PORT_WWN, VIRTUAL_FCOE_PORT.
Views I VIRTUAL_PORT_WWN_DETAILS.SWITCH_PORT_NUMBER, VIRTUAL_PORT_WWN_DETAILS.SLOT_NUMBER, coalesce(CS1.IP_ADDRESS, CS2.IP_ADDRESS, UDDD.IP_ADDRESS) as IP_ADDRESS, coalesce(VS1.NAME, VS2.NAME, UDDD.NAME) as SWITCH_NAME, coalesce(VS1.WWN, VS2.WWN) as SWITCH_WWN, VIRTUAL_PORT_WWN_DETAILS.AG_NODE_WWN, VIRTUAL_PORT_WWN_DETAILS.AG_PORT_NUMBER, VIRTUAL_PORT_WWN_DETAILS.STATUS, VIRTUAL_PORT_WWN_DETAILS.TYPE, VIRTUAL_PORT_WWN_DETAILS.USER_VPWWN, VIRTUAL_PORT_WWN_DETAILS.AUTO_VPWWN, VIRTUAL_PORT_WWN_DETAILS.
I Views AND VM_VIRTUAL_MACHINE.HOST_ID = VM_VCENTER_MEMBER.VM_HOST_ID; VM_CONNECTIVITY_INFO This view combines fabric and VM information to derive end to end connectivity information for the VM. create or replace view VM_CONNECTIVITY_INFO as select VM_VCENTER.HOST AS VCENTER_HOST, DEVICE_PORT.SWITCH_PORT_WWN, DEVICE_PORT.DOMAIN_ID, device_port.id as device_port_id, DEVICE_PORT.NUMBER, CORE_SWITCH.IP_ADDRESS, CORE_SWITCH.NAME AS CORE_NAME, VM_VCENTER.ID AS VCENTER_ID, DEVICE_ENCLOSURE.
Views I VM_DATA_CENTER, VM_HOST where VM_PATH.HBA_PORT = DEVICE_PORT.WWN and VM_PATH.VM_ID = VM_VIRTUAL_MACHINE.ID and VM_PATH.STORAGE_ID = VM_STORAGE.ID and VM_STORAGE.HOST_ID = DEVICE_ENCLOSURE.ID and DEVICE_ENCLOSURE.ID = VM_HOST.DEVICE_ENCLOSURE_ID and DEVICE_ENCLOSURE.ID = VM_VIRTUAL_MACHINE.HOST_ID and VM_HOST.VM_DATACENTER_ID = VM_DATA_CENTER.ID and VM_DATA_CENTER.VCENTER_ID = VM_VCENTER.ID and DEVICE_PORT.SWITCH_PORT_WWN = SWITCH_PORT.WWN and SWITCH_PORT.VIRTUAL_SWITCH_ID = VIRTUAL_SWITCH.
I Views CORE_SWITCH, SWITCH_PORT, VIRTUAL_SWITCH, DEVICE_NODE, FABRIC, DEVICE_PORT_MAC_ADDRESS_MAP, GIGE_PORT, VM_STORAGE, VM_PATH, DEVICE_ENCLOSURE, VM_VIRTUAL_MACHINE, VM_VCENTER, VM_DATA_CENTER, VM_HOST where VM_PATH.HBA_PORT = DEVICE_PORT.WWN and VM_PATH.VM_ID = VM_VIRTUAL_MACHINE.ID and VM_PATH.STORAGE_ID = VM_STORAGE.ID and VM_STORAGE.HOST_ID = DEVICE_ENCLOSURE.ID and DEVICE_ENCLOSURE.ID = VM_HOST.DEVICE_ENCLOSURE_ID and DEVICE_ENCLOSURE.ID = VM_VIRTUAL_MACHINE.HOST_ID and VM_HOST.
Views I VM_EE_MONITOR_INFO This view provides combined ee_monitor, ee_monitor_stats, device_port and device_node tables to get the EE Monitor information for vmplug-in. create or replace view VM_EE_MONITOR_INFO as select distinct EE_MONITOR.NAME, EE_MONITOR.SWITCH_PORT_ID, EE_MONITOR.SOURCE_PORT_ID, EE_MONITOR.DEST_PORT_ID, EE_MONITOR_STATS.TX, EE_MONITOR_STATS.RX, EE_MONITOR_STATS.CRCERRORS, EE_MONITOR_STATS.CREATION_TIME, SOURCE_PORT.PORT_ID as SID, DEST_PORT.PORT_ID as DID, SOURCE_NODE.
I Views VM_HOST.NODE_WWN as HOST_NODE_WWN, VM_HOST.HYPERVISOR_NAME, VM_HOST.HYPERVISOR_TYPE, VM_HOST.CPU_COUNT, VM_HOST.CPU_TYPE, VM_HOST.CPU_RESOURCES as HOST_CPU_RESOURCES, VM_HOST.MEM_RESOURCES as HOST_MEM_RESOURCES, VM_HOST.LICENSE_SERVER, VM_HOST.BOOT_TIME as HOST_BOOT_TIME, VM_HOST.CLUSTER_NAME as CLUSTER_NAME, VM_VIRTUAL_MACHINE.ID as VM_ID, VM_VIRTUAL_MACHINE.HYPERVISOR_VM_ID, VM_VIRTUAL_MACHINE.NAME as VM_NAME, VM_VIRTUAL_MACHINE.DESCRIPTION as VM_DESCRIPTION, VM_VIRTUAL_MACHINE.
Views I VM_PATH.TARGET_PORT, VM_PATH.HBA_NODE, VM_PATH.VM_NODE_WWN, VM_PATH.TARGET_NODE as PATH_TARGET_NODE, VM_PATH.HBA_NAME, VM_PATH.USAGE as PATH_USAGE, VM_PATH.ENABLED as PATH_ENABLED, VM_PATH.ACTIVE as PATH_ACTIVE, VM_PATH.PREFERRED as PATH_PREFERRED from VM_STORAGE join VM_PATH on VM_STORAGE.ID = VM_PATH.STORAGE_ID; VM_STATISTICS_INFO This view gets the FC port statistics for the VM Connectivity data. create or replace view VM_STATISTICS_INFO as select distinct DEVICE_PORT.
I Views and SWITCH_PORT.ID = FC_PORT_STATS.PORT_ID and SWITCH_PORT.VIRTUAL_SWITCH_ID = VIRTUAL_SWITCH.ID and VIRTUAL_SWITCH.CORE_SWITCH_ID = CORE_SWITCH.ID and FC_PORT_STATS.CREATION_TIME in (select MAX(CREATION_TIME) from FC_PORT_STATS group by PORT_ID) union select DEVICE_PORT.SWITCH_PORT_WWN, DEVICE_PORT.DOMAIN_ID, DEVICE_ENCLOSURE.IP_ADDRESS as HYPERVISOR_HOST, VM_PATH.HBA_PORT as ADAPTER_PORT_WWN, VM_VIRTUAL_MACHINE.HYPERVISOR_VM_ID, VM_VIRTUAL_MACHINE.NAME as VM_NAME, CORE_SWITCH.
Views I VR_CONN_MODULE_INFO create or replace view VR_CONN_MODULE_INFO as select distinct VR_CONN_MODULE.ID, VR_CONN_MODULE.VR_CONN_DOMAIN_ID, VR_CONN_MODULE.VCEM_ASSIGNED_ID, VR_CONN_MODULE.WWN, VR_CONN_MODULE.PRODUCT_NAME, VR_CONN_MODULE.SERIAL_NUMBER, VR_CONN_MODULE.STATUS, VR_CONN_MODULE.IO_BAY, VR_CONN_MODULE.VENDOR, VR_CONN_MODULE.CREATION_TIME, VR_CONN_MODULE.LAST_UPDATE_TIME, VR_CONN_DOMAIN.NAME as DOMAIN_NAME, VR_CONN_DOMAIN.GUID as DOMAIN_GUID, VR_CONN_DOMAIN.
I Views VR_CONN_MODULE.SERIAL_NUMBER, VR_CONN_MODULE.STATUS, VR_CONN_MODULE.IO_BAY, VR_CONN_MODULE.VENDOR, VR_CONN_MODULE.CREATION_TIME, VR_CONN_MODULE.LAST_UPDATE_TIME, VR_CONN_DOMAIN.NAME as DOMAIN_NAME, VR_CONN_DOMAIN.GUID as DOMAIN_GUID, VR_CONN_DOMAIN.FIRMWARE_VERSION, VR_CONN_DOMAIN_GROUP.NAME as DOMAIN_GROUP_NAME, VCEM_PROFILE.ID as VCEM_PROFILE_ID, VCEM_PROFILE.DISCOVERY_STATUS, VCEM_PROFILE.LAST_FAILURE_TIMESTAMP as VCEM_LAST_FAILED_TIME, VCEM_PROFILE.
Views I VR_CONN_MODULE.IO_BAY, VR_CONN_DOMAIN.ID as VR_CONN_DOMAIN_ID, VCEM_PROFILE.ID as VCEM_PROFILE_ID, SWITCH_PORT.ID as SWITCH_PORT_ID, VIRTUAL_SWITCH.ID as VIRTUAL_SWITCH_ID from VR_CONN_MODULE_PORT inner join VR_CONN_MODULE on VR_CONN_MODULE.ID = VR_CONN_MODULE_PORT.VR_CONN_MODULE_ID inner join VR_CONN_DOMAIN on VR_CONN_DOMAIN.ID = VR_CONN_MODULE.VR_CONN_DOMAIN_ID inner join VCEM_PROFILE on VCEM_PROFILE.ID = VR_CONN_DOMAIN.VCEM_PROFILE_ID left outer join SWITCH_PORT on SWITCH_PORT.
I Views inner join VR_CONN_DOMAIN on VR_CONN_DOMAIN.GUID = VR_CONN_SERVER_PROFILE.BAY_ENCLOSURE_UUID inner join VCEM_PROFILE on VCEM_PROFILE.ID = VR_CONN_SERVER_PROFILE.VCEM_PROFILE_ID inner join VR_CONN_MODULE on VR_CONN_MODULE.VR_CONN_DOMAIN_ID = VR_CONN_DOMAIN.ID and VR_CONN_MODULE.IO_BAY = VR_CONN_FC_CONNECTION.CONNECTION_BAY inner join VR_CONN_MODULE_PORT on VR_CONN_MODULE_PORT.VR_CONN_MODULE_ID = VR_CONN_MODULE.ID and VR_CONN_MODULE_PORT.POSITION_ = VR_CONN_FC_CONNECTION.
Views I VM_HOST_VIRTUAL_NIC, VM_VCENTER_MEMBER, VM_VCENTER where VM_HOST_VIRTUAL_NIC.VM_HOST_ID = VM_VCENTER_MEMBER.VM_HOST_ID AND VM_VCENTER_MEMBER.VM_VCENTER_ID = VM_VCENTER.ID union all select VM_PHYSICAL_NIC.MAC_ADDRESS, VM_PHYSICAL_NIC.DEVICE_NAME, NULL::UNKNOWN AS PORT_GROUP_NAME, NULL::UNKNOWN AS VIRTUAL_MACHINE_NAME, VM_VCENTER_MEMBER.HOST_NAME, VM_VCENTER.NAME AS VCENTER_NAME from VM_PHYSICAL_NIC, VM_VCENTER_MEMBER, VM_VCENTER where VM_PHYSICAL_NIC.VM_HOST_ID = VM_VCENTER_MEMBER.
I Views ZONE_DB.LAST_APPLIED, ZONE_DB.LAST_APPLIED_BY, ZONE_DB.DEFAULT_ZONE_STATUS, ZONE_DB.MCDATA_DEFAULT_ZONE, ZONE_DB.MCDATA_SAFE_ZONE, ZONE_DB.ZONE_TXN_SUPPORTED, ZONE_DB.ZONE_CONFIG_SIZE, ZONE_DB.ZONE_AVAILABLE_SIZE, ZONE_DB_CONFIG.ID AS CONFIG_ID, ZONE_DB_CONFIG.DEFINED_CONTENT, ZONE_DB_CONFIG.ACTIVE_CONTENT, ZONE_DB_CONFIG.TI_ZONE_CONTENT from ZONE_DB, ZONE_DB_CONFIG where ZONE_DB.ID = ZONE_DB_CONFIG.
Views I where SLNUM <= (select MAX_SLNUM from SFLOW_MINUTE_BGP_SLNUM fetch first 1 rows only) union all select DEVICE_ID, TIME_IN_SECONDS, SRC_AS, SFLOW_IP_ROUTE_INFO_ID, IN_VLAN, OUT_VLAN, FRAMES, BYTES from SFLOW_STAGING where SLNUM >= (select MIN_SLNUM from SFLOW_STAGING_SLNUM fetch first 1 rows only) and SRC_AS != 0 OR SFLOW_IP_ROUTE_INFO_ID != 0; -- Name: sflow_minute_l3_view; Type: VIEW; Schema: dcm; Owner: dcmadmin create or replace view SFLOW_MINUTE_L3_VIEW as select DEVICE_ID, TIME_IN_SECONDS, L3
I Views V.VLAN_DB_ID = PV.VLAN_DB_ID; create view PROTOCOL_VLAN_INFO as select V.*, PORT_VLAN_DB_ID, IS_DYNAMIC, PROTOCOL from VLAN V, SUB_PORT_VLAN SPV, PROTOCOL_VLAN PV where V.VLAN_DB_ID = SPV.VLAN_DB_ID AND SPV.VLAN_DB_ID = PV.VLAN_DB_ID; -- Name: wired_interface; Type: VIEW; Schema: dcm; Owner: dcmadmin CREATE VIEW wired_interface AS SELECT l2.device_id, l2.device_ip_address, l2.physical_device_id, l2.unit_number, l2.slot_id, l2.slot_num, l2.module_id, l2.physical_port_id, l2.port_num, l2.
Views I PHYSICAL_DEVICE_INFO create or replace view PHYSICAL_DEVICE_INFO as select PHYSICAL_DEVICE.PHYSICAL_DEVICE_ID as PD_PHYSICAL_DEVICE_ID, PHYSICAL_DEVICE.DEVICE_ID, PHYSICAL_DEVICE.DESCRIPTION, PHYSICAL_DEVICE.NUM_SLOTS, PHYSICAL_DEVICE.TABLE_SUBTYPE, PHYSICAL_DEVICE.UNIT_NUMBER, PHYSICAL_DEVICE.UNIT_NEIGHBOR1, PHYSICAL_DEVICE.UNIT_NEIGHBOR2, PHYSICAL_DEVICE.UNIT_PRESENT, FOUNDRY_PHYSICAL_DEVICE.PHYSICAL_DEVICE_ID as FPD_PHYSICAL_DEVICE_ID, FOUNDRY_PHYSICAL_DEVICE.
I Views coalesce (CS_VS.IP_ADDRESS, CS_ME.IP_ADDRESS, DEVICE_ENCLOSURE.IP_ADDRESS) as SAN_IP_ADDRESS, VIRTUAL_SWITCH.VIRTUAL_FABRIC_ID, coalesce (VIRTUAL_SWITCH.WWN, CS_ME.WWN, DEVICE.NODE_WWN) as NODE_WWN from MANAGED_ELEMENT left outer join VIRTUAL_SWITCH on MANAGED_ELEMENT.ID = VIRTUAL_SWITCH.MANAGED_ELEMENT_ID left outer join CORE_SWITCH CS_ME on (MANAGED_ELEMENT.ID = CS_ME.MANAGED_ELEMENT_ID) left outer join CORE_SWITCH CS_VS on (CS_VS.ID = VIRTUAL_SWITCH.
Views I WHERE snmp_expression.expression_id = se.expression_id) AS collectible_detail, se.value, se.time_in_seconds, '' AS mib_index FROM snmp_expr_data_info se JOIN device de ON se.target_id = de.device_id WHERE se.target_type = 0 UNION ALL SELECT de.device_id, de.ip_address AS device_ip, sd.target_type, de.device_id AS target_id, de.sys_name AS target_name, 0 AS collectible_type, sd.mib_object_id AS collectible_id, sd.collector_id, ( SELECT perf_collector.
I Views FROM snmp_expression WHERE snmp_expression.expression_id = se.expression_id) AS collectible_detail, se.value, se.time_in_seconds, '' AS mib_index FROM snmp_expr_data_info se JOIN interface ifs ON se.target_type = 1 AND se.target_id = ifs.interface_id JOIN device de ON ifs.device_id = de.device_id) UNION ALL SELECT de.device_id, de.ip_address AS device_ip, sd.target_type, sp.id AS target_id, sp.name AS target_name, 0 AS collectible_type, sd.mib_object_id AS collectible_id, sd.
Views I VM_DV_PORT_GROUP.NAME as PGRP_NAME, VM_DV_SWITCH.NAME as VSWITCH_NAME, VNIC_DV_PORT.NAME as DVPORT_NAME, VM_PHYSICAL_NIC.DEVICE_NAME as PNIC_NAME, VM_PHYSICAL_NIC.MAC_ADDRESS as PNIC_MAC, DEVICE.SYS_NAME as SWITCH_NAME, DEVICE.IP_ADDRESS as SWITCH_IP, PHYSICAL_PORT.PORT_NUM as SWITCH_PORT, INTERFACE.PORT_STATUS as SWITCH_PORT_STATUS from VM_HOST left join VM_VIRTUAL_MACHINE on VM_HOST.DEVICE_ENCLOSURE_ID = VM_VIRTUAL_MACHINE.
I Views VM_STD_VSWITCH_PORT_GROUP, VM_STANDARD_VIRTUAL_SWITCH, VM_PHYSICAL_NIC, VM_HOST_END_DEV_CONNECTIVITY, INTERFACE, DEVICE, PHYSICAL_INTERFACE, PHYSICAL_PORT where VM_VIRTUAL_MACHINE.ID = VM_VIRTUAL_ETHERNET_ADAPTER.VIRTUAL_MACHINE_ID and VM_VIRTUAL_ETHERNET_ADAPTER.VM_STD_VSWITCH_PORT_GROUP_ID is not null and VM_VIRTUAL_ETHERNET_ADAPTER.VM_STD_VSWITCH_PORT_GROUP_ID = VM_STD_VSWITCH_PORT_GROUP.ID and VM_STD_VSWITCH_PORT_GROUP.VM_STANDARD_VIRTUAL__SWITCH_ID = VM_STANDARD_VIRTUAL_SWITCH.
Views I end; $BODY$ LANGUAGE plpgsql VOLATILE COST 100; ALTER FUNCTION reset_vcs_licensed(integer) OWNER TO dcmadmin; TRILL_TRUNK_INFO create or replace view TRILL_TRUNK_INFO as select TRILL_TRUNK_GROUP.ID, TRILL_TRUNK_GROUP.ME_ID, TRILL_TRUNK_GROUP.MASTER_PORT_NUMBER, TRILL_TRUNK_MEMBER.PORT_NUMBER as MEMBER_PORT_NUMBER, MEMBER_DEVICE.DEVICE_ID, MASTER_INTERFACE.INTERFACE_ID as MASTER_INTERFACE_ID, MASTER_INTERFACE.IF_NAME as MASTER_IF_NAME, MEMBER_INTERFACE.
I Views l2.speed_in_mb, l2.physical_address, l2.interface_id AS radioif_id, wireless.radio_type, wireless.is_enabled, wireless.is_auto_channel, wireless.tx_power, wireless.channel_number, wireless.max_data_rate, wireless.beacon_rate, wireless.dtim, wireless.rts_threshold, wireless.is_turbo_mode, wireless.radio_g_mode, wireless.max_associated_clients FROM ((SELECT DISTINCT d.device_id, d.ip_address AS device_ip_address, pd.physical_device_id, pd.unit_number, s.slot_id, s.slot_num, msp.module_id, pp.
Views I L2.IDENTIFIER, L2.TABLE_SUBTYPE, case when L2.TABLE_SUBTYPE like 'GBIT_ETHERNET_INTERFACE' then 'GIGABIT ETHERNET' when L2.TABLE_SUBTYPE like 'POS_INTERFACE' then 'POS' else L2.TABLE_SUBTYPE end as TABLE_SUBTYPE_TXT, L2.TAG_MODE, case when L2.TAG_MODE = 1 then 'TAGGED' when L2.TAG_MODE = 2 then 'UNTAGGED' when L2.TAG_MODE = 3 then 'DUAL' else null end as TAG_MODE_TXT, L2.USER_DEFINED_VALUE_1, L2.USER_DEFINED_VALUE_2, L2.USER_DEFINED_VALUE_3, L2.SPEED_IN_MB, L2.PHYSICAL_ADDRESS, L2.
I Views CEE_PORT.IF_NAME, CEE_PORT.IF_MODE, CEE_PORT.L2_MODE, CEE_PORT.VLAN_ID, CEE_PORT.LAG_ID, CEE_PORT.IP_ADDRESS, CEE_PORT.MAC_ADDRESS, CEE_PORT.PORT_SPEED, CEE_PORT.ENABLED, CEE_PORT.OCCUPIED, CEE_PORT.LAST_UPDATE, CEE_PORT.NET_MASK, CEE_PORT.PROTOCOL_DOWN_REASON, CEE_PORT.MAC_ACL_POLICY, CEE_PORT.QOS_TYPE, CEE_PORT.QOS_NAME, CEE_PORT.DOT1X_ENABLED, CEE_PORT.PORT_ROLE, CEE_PORT.AMPP_PROFILE_MODE, CORE_SWITCH.IP_ADDRESS as PHYSICAL_SWITCH_IP, CORE_SWITCH.WWN as PHYSICAL_SWITCH_WWN, GIGE_PORT.
A access levels defined, 1956 features, 1956–1958, 1958–??, 1959–?? roles, 1956 accessing FTP server folder, 224 ACK emulation, device level, 1131 activating Allow/Prohibit Matrix configuration, 1192 LSAN zones, 1077 zone configuration, 1062 active session management, roles and access levels, 1956 active sessions, viewing, 9 adapter software using to manage driver files, 649 adapters HBA models, 642 types of, 642 types of converged network adapters, 643 types of fabric adapters, 643 types of HBAs, 642 Adapt
starting, 172 status, determining, 379 switch configuration, 530 viewing status, 171 Backup Scheduler, 1241, 1291, 1292 base switch, creating, 839 blade processor links, 865 blade processors configuring links, 866 boot image repository and host adapters, 652 backing up files, 654 deleting image, 654 downloading an image to a selected host, 653 importing, 652 boot images deleting from the Management application, 1290 deploying to devices, 1290 management of, 1288 boot LUN zones about, 1083 creating, 1084 del
storage encryption privileges, 853 storage port mapping, 597 configuration backup scheduling, 1241 configuration file searching, 534 viewing, 533 configuration files, saving, 528, 529 configuration management roles and access levels, 1956 configuration repository backup, 530 saving status, 1224 searching, 1221 using to export the device configuration, 1230 configuration repository management, overview, 527 configuration snapshot generating a report, 1236 saving, 1239 configuration snapshots comparing two si
views, 400 zone, 1050 zone alias, 1056 zone configuration, 1060 zone databases, 1065 zone members, 1052 zone sets, 1060 CSR exporting from properties, 1026 submitting to a CA, 872 CUP, FICON, 1179 customized views, copying, 403 customized views, deleting, 403 customized views, editing, 402 customizing, product list columns, 400, 402 D data historical performance, 1470 real time performance, 1466 data backup, 167 data backup and restore, 670 data collection historical performance, 1471 historical performanc
disabling bottleneck detection, 1494 call home centers, 463 default zone for fabrics, 1056 fabric binding, 1150 FCIP tunnels, 1139, 1140 historical performance data collection, 1472 login banner, 193 port connectivity view filter, 558 ports, 557 traffic isolation zone, 1082 traffic isolation zone failover, 1083 disabling backup, 170 disabling connection utilization, 1502 Discover menu, 1890, 1899 discovering a fabric, 48 discovery, 48 configuring, 50 description of, 645 in-band, enabling, 50 out-of-band, en
configuring in a multi-path environment, 976 gathering information before using the setup wizard, 865, 921 launching the encryption targets dialog box, 1011 node initialization, 866 preparation, 921 selecting mode for LUNs, 990 viewing and editing group properties, 1027 encryption engine rebalancing, 998 encryption engines adding to HA clusters, 1036 effects of zeroizing, 1009 recovering from zeroizing, 1009 removing from HA clusters, 1036 support for tape pools, 1040 zeroizing, 1009 encryption group adding
event filters table removing event filters, 469 event logs, 1771 copying entries, 1772 copying parts, 1771 exporting entries, 1772 viewing, 1771 event management overview, 1707 roles and access levels, 1957 event notification configuring e-mail notification, 1708 overview, 1495 event notification, description, 1708 event policies viewing events, 1713 event types, 668 events Ethernet, 177 event types, 668 filtering, 669, 1776 monitoring methods, 1707 storage, 178 viewing, 1713 expanding groups, 410 explicit
viewing, 1136 Fastwrite, 1110 FC port properties viewing, 1136 IPsec implementation, 1106 L2CoS, 1109 management roles and access levels, 1958 performance graphs, Ethernet ports displaying, 1141 performance graphs, FC ports displaying, 1141 properties viewing, 1134 QoS implementation, 1108 services licensing, 1096 Tape Pipelining, 1110 tunneling, 1096 tunnels configuring, 1120 deleting, 1140 disabling, 1139, 1140 enabling, 1139, 1140 modifying, 1122 VE/VEX port properties viewing, 1136 FCIP configuration ad
management, overview, 544 overwriting, 546 update for NOS, 622, 1297 firmware management roles and access levels, 1957 firmware repository deleting firmware files, 549 displaying, 547 importing into, 548 first-time configurations, 873 Flow Generator limitations, 1604, 1606, 1607 prerequisites, 1604, 1606, 1607 flow vision performance graph, 1601 flyovers configuring, 179 turning on and off, 182 viewing, 182 FSPF link cost calculation when ARL is used, 1103 FTP overview, 223 server accessing the folder, 224
high integrity fabric roles and access levels, 1958 high integrity fabric configuration setttings, 1195 high integrity fabrics (HIF), requirements, 1179 historical performance data disabling collection, 1472 enabling collection, 1471 graphing, 1472 overview, 1470 saving graph configuration, 1472 historical performance graph deleting, 1477 host adapter discovery, 646 host adapters adding a port configuration, 656 and boot image repository, 652 and connectivity map, 649 and driver repository, 651 and fault ma
exporting and saving to a file, 1858 information contained within, 1859 IP address report, 1869 IP subnet report, 1868 layer 3 VLAN report, 1868 MAC address report, 1870 module report, 1867 port VLAN report, 1867 viewing, 1858 IP routes, configuring, 1120 IPsec FCIP, 1106 IPSec policies configuring, 1129 iSCSI devices, identifying inactive, 564, 1970 iSCSI properties dialog box, 1968 ISL protocol threshold, 1160 adding, 1166 K KAC importing signed certificate, 873, 914 KAC certificate setting expiry, 872 u
logon conflicts, 1062 logs event, 1771 LSAN zone creating, 1074 LSAN zones activating, 1077 LSAN zoning configuring, 1073 overview, 1072 roles and access levels, 1958 LUN choosing to be added to an encryption target container, 989 M Main window master log, 376 minimap, 377 main window SAN tab, 362 Management application server and client, 3 management application main window, 2, 362 user interface, 1 Management application feature listing, 27 Management application services monitoring and managing, 488 man
Monitor menu, 1894, 1902 Monitoring requirements sFlow, 1559 SNMP, 1505 monitoring connection utilization, 1500 end-to-end, 1478 end-to-end, configuring, 1479 end-to-end, displaying, 1480, 1481 monitoring fabrics, 62 monitoring pairs deleting, 1482 refreshing, 1481 monitoring statistics, 645 MPLS Manager licenses, 1324, 1357, 1362, 1373, 1374 MSTP adding an instance, 1317 assigning an instance to a VLAN, 1317 configuring on a product, 1316 multi-path configuration for encrypted storage using the Management
port display, changing, 409 port label, changing, 408 product label, changing, 408 showing connected ports, 560 viewing port types, 560 viewing ports, 559 zooming in, 386 zooming out, 386 port connection properties, viewing, 561 port connectivity view disabling filter, 558 enabling filter, 558 filtering results, 557 refreshing, 557 resetting filter, 558 viewing details, 558 port connectivity, viewing, 553 port display, changing, 409 port fencing inheritance avoiding, 1170 port fencing, description, 1155 por
R Radius server configuring, 492 RBAC user privileges, 1935 RDR application considerations, 1117 real time performance, 1466 exporting data, 1469, 1477 filtering data, 1468 graph, 1467 real time performance data thresholds, 1495 real-time performance graph configure, 1511 reassigning storage ports to storage array, 599 redirection zones, 1012 refreshing end-to-end monitoring pairs, 1481 port optics view, 567 zone databases, 1067 refreshing the port connectivity view, 557 registering SNMP traps, 1724 remote
search names, 189 WWN, 190 searching configuration file, 534 members in zones, 1090 Potential Members list, 1090 zones in zone configuration, 1090 Zones list, 1091 security configuring, 191 roles and access levels, 1957 security authentication configuring using the GUI, 666 security tab encryption group properties security tab, 1034 security tab on management application using to back up a master key, 1035 using to create a master key, 1035 using to restore a master key, 1035 seed switch, 48, 66 change requ
registering, 1724 reverting a trap to its default, 1726 unregistering, 1725 SNMP v3, adding and editing credentials, 1721 software configuration, 196 software configuration properties roles and access levels, 1957 software files obtaining through the image repository, 1287 software image management, 1291 software images automatically retrieving from devices, 1292 deleting from the Management application, 1293 manually importing, 1291 reverting to previously-archived, 1293 viewing, 1291 spanning tree protoco
syslogs adding a recipient, 1727 removing a recipient, 1728 system collectors ediing, 1517 editing, 1517 system data collectors, 1527 duplicating, 1527 T tab Authentication (SMC), 493, 495, 498, 503, 504, 505 Services (SMC), 505 tab Ports (SMC), 491 tab Technical Support Information (SMC), 506 tab, Services (SMC), 488 table # Brocade events, 1926 # CONSRV event, 1925 # thermal event reason codes, 1926 call home event, 1932 features, user groups access levels, 1956–1958, 1958–??, 1959–?? privileges and appl
threshold policies assigning, 1499 copying, 1498 creating, 1495 deleting, 1499 threshold prioities, 1158 thresholds, 1158 assigning, 1169 editing, 1171 finding specific, 1175 overview, 1495 removing, 1176 viewing, 1175 viewing on a specific device, 1175 thresholds table removing thresholds, 1177 TIN/TUP emulation, 1131 tips, turning on and off, 182 tips, viewing, 182 TLS certificates, 884 tool tips, turning on and off, 182 tool tips, viewing, 182 toolbox, 365, 373 tools adding, 471 adding menu options, 479
users, total, 380 using from encryption group properties dialog, 1010 V VDX 2740 embedded switch, 622 VE_Ports, 1119 VEX_Port, 1119 view management, 400 roles and access levels, 1959 View menu, 1887, 1889, 1898 view options, changing, 386 View window product list, 366 View window, toolbox, 365, 373 viewing call home status, 464 configuration file, 533 disabling port connectivity filter, 558 enabling port connectivity filter, 558 event logs, 1771 events, 1713 FCIP connection properties, 1133 FCIP Ethernet p
W Web Tools, launching, 474 Windows authentication configuring, 503 Windows installation ODBC driver installation, 21 WWN searching by, 190 Z zeroization setting, 1010 zeroizing effects of using on encryption engine, 1009 zone adding to comnfiguration, 1061 alias, 1056 creating, 1050 creating LSAN, 1074 database size, 1048 merging, 1048 removing, 1061 traffic isolation, adding members, 1080 traffic isolation, creating, 1080 traffic isolation, disabling, 1082 traffic isolation, disabling failover, 1083 traf
zoning online roles and access levels, 1958 zoning reports generating, 1857 zoning set edit limits, roles and access levels, 1958 zooming in, 386 zooming out, 386 2352 Brocade Network Advisor SAN + IP User Manual 53-1002949-01
