S e n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Nexus 5000 Series Switch Fabric Manager Software Configuration Guide Software Release 4.0 June 2008 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.
S e n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Contents Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Preface This preface describes the audience, organization, and conventions of the Nexus 5000 Series Fabric Manager Configuration Guide. It also provides information on how to obtain related documentation. Audience This guide is for experienced network administrators who are responsible for configuring and maintaining Nexus 5000 Series switches.
Preface Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Chapter Title Description Chapter 9 Configuring Virtual Interfaces Provides descriptions of how to configure virtual interfaces using Fabric Manager. Chapter 10 Configuring Fibre Channel Interfaces Provides descriptions of how to configure Fibre Channel interfaces using Fabric Manager.
Preface Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Chapter Title Description Chapter 22 Advanced Features and Concepts Describes the advanced configuration features, including timeout values, the fctrace tool, and interoperating with non-Cisco switches. Chapter 23 Configuring FC-SP and DHCHAP Describes the DHCHAP protocol, which is an FC-SP protocol to provide authentication between Nexus 5000 Series switches and other devices.
Preface Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m [ ] Default responses to system prompts are in square brackets. !, # An exclamation point (!) or a pound sign (#) at the beginning of a line of code indicates a comment line. This document uses the following conventions: Note Caution Means reader take note. Notes contain helpful suggestions or references to material not covered in the manual. Means reader be careful.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 1 Product Overview The Nexus 5000 Series is a family of top-of-rack switches for the data center. The Nexus 5020 switch is a 10-Gigabit Ethernet and Fibre Channel over Ethernet (FCoE) switch with 1.04 Tbps switching throughput. The Nexus 5020 provides low-latency wire-speed switching for up to 52 10-Gigabit Ethernet ports. The Nexus 5020 switch supports FCoE to provide data center I/O consolidation (IOC).
Chapter 1 Product Overview New Technologies in the Nexus 5000 Series Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m IEEE 802.3x link-level flow control allows a congested receiver to signal the far end to pause the data transmission for a short period of time. The pause functionality is applied to all the traffic on the link. The priority flow control (PFC) feature applies pause functionality to specific classes of traffic on the Ethernet link.
Chapter 1 Product Overview Nexus 5000 Series Switch Hardware Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Virtual Interfaces When FCoE is enabled, a physical Ethernet cable carries traffic for a logical Ethernet connection and a logical Fibre Channel connection. The Nexus 5000 Series switch uses virtual interfaces to represent the logical connections that are carried on the same physical Ethernet.
Chapter 1 Product Overview Nexus 5000 Series Switch Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Ethernet Interfaces The Nexus 5020 switch has 40 fixed 10-Gigabit Ethernet ports equipped with SFP+ interface adapters. Up to 12 additional 10-Gigabit Ethernet ports are available on the expansion modules. All of the 10-Gigabit Ethernet ports support FCoE. Each port can be used as a downlink (connected to a server) or as an uplink (to the data center LAN).
Chapter 1 Product Overview Nexus 5000 Series Switch Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m FCoE and Fibre Channel Switching Nexus 5000 Series switches support data center I/O consolidation (IOC) by providing FCoE interfaces (to the servers) and native Fibre Channel interfaces (to the SAN).
Chapter 1 Product Overview Nexus 5000 Series Switch Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Ethanalyzer Ethanalyzer is a Cisco NX-OS protocol analyzer tool based on the Wireshark (formerly Ethereal) open source code. Ethanalyzer is a command-line version of Wireshark for capturing and decoding packets. You can use Ethanalyzer to troubleshoot your network and analyze the control-plane traffic.
Chapter 1 Product Overview Nexus 5000 Series Switch Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuration Verification and Rollback With the Nexus 5000 Series switch, you can verify the consistency of a configuration and the availability of necessary hardware resources before committing the configuration. A device can be preconfigured, and the verified configuration can be applied at a later time.
Chapter 1 Product Overview Typical Deployment Topologies Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • MAC ACLs and IP ACLs, including port-based ACLs (PACLs) and VLAN-based ACLs (VACLs). Virtual Device Contexts Cisco NX-OS can segment operating system and hardware resources into virtual device contexts (VDC) that emulate virtual devices. The Nexus 5000 Series switch does not support multiple VDCs. All switch resources are managed in the default VDC.
Chapter 1 Product Overview Typical Deployment Topologies Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 1-2 Ethernet TOR Switch Topology SAN-A LAN Core SAN-B Distribution layer NX-5000 Access Layer 187216 MDS9134 All of the server-side ports on the Nexus 5020 switch are running standard Ethernet. FCoE is not required, so the server ports are connected using 10-Gigabit Ethernet NICs.
Chapter 1 Product Overview Typical Deployment Topologies Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m IOC Topology Figure 1-3 shows a typical I/O consolidation (IOC) scenario for the Nexus 5020 switch. Figure 1-3 SAN-A I/O Consolidation Topology LAN Core SAN-B Distribution layer NX-5000 187214 Access Layer The Nexus 5020 switch connects to the server ports using FCoE. Ports on the server require converged network adapters.
Chapter 1 Product Overview Supported Standards Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Supported Standards Table 1-1 lists the standards supported by the Nexus 5000 Series switches. Table 1-1 IEEE Compliance Standard Description 802.1D MAC Bridges 802.1s Multiple Spanning Tree Protocol 802.1w Rapid Spanning Tree Protocol 802.1AE MAC Security (link layer cryptography) 802.3ad Link aggregation with LACP 802.3ae 10 Gigabit Ethernet 802.
Chapter 1 Product Overview Supported Standards Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 2 Installing Cisco Fabric Manager Cisco Fabric Manager provides an alternative to the command-line interface (CLI) for most switch configuration tasks. Fabric Manager provides a graphical user interface (GUI) that displays a real-time views of your Fibre Channel fabrics, and lets you manage the configuration of Cisco and third-party SAN switches.
Chapter 2 Installing Cisco Fabric Manager Information About Cisco Fabric Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Fabric Manager Server The Fabric Manager Server software must be installed before running Fabric Manager. On a Windows PC, the Fabric Manager Server is installed as a service and is administered using the Windows Services control panel.
Chapter 2 Installing Cisco Fabric Manager Understanding Switch Management Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the LAN Settings dialog box. Step 3 Check the Use a Proxy Server for your LAN check box and click Advanced. Step 4 Add your server IP Address or local host under the Exceptions section. Step 5 Click OK to save your changes. For additional information, see the “Running Fabric Manager Behind a Firewall” section on page 2-19.
Chapter 2 Installing Cisco Fabric Manager Understanding Switch Management Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 2-1 Supported Management Protocols Management Protocol Purpose SNMPv1, v2c, and v3 Includes over 80 distinct Management Information Bases (MIBs). Cisco Nexus 5000 Series switches support SNMP version 1, 2, and 3 and RMON V1 and V2.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m 5000 Series switch in the fabric through its Ethernet management port. You can then use this connection to manage the other switches using in-band (Fibre Channel) connectivity. Otherwise, you need to connect the mgmt0 port on each switch to your Ethernet network.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note We recommend that you install the latest version of the Fabric Manager applications. Fabric Manager is backward compatible with the NX-OS software running on the Nexus 5000 Series switches. When upgrading the switch, upgrade the Fabric Manager software first, and then upgrade the Cisco NX-OS software on the switch.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Minimum Hardware Requirements For a PC running Fabric Manager Server on large fabrics (1000 or more end devices), we recommend you use a Dual Core/Dual CPU high-speed system with 2 GB of RAM and 10 GB of free disk space. Installing the Database Fabric Manager requires an Oracle Database 10g Express or PostgreSQL database.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note The Oracle Database 10g Express option is only supported on Microsoft Windows. It is not supported on UNIX systems. For information about backing up the Oracle database, go to the following location: http://download.oracle.com/docs/cd/B25329_01/doc/admin.102/b25107/backrest.htm#i1004902 or use the exp/imp utility at: http://download.oracle.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note You can run CiscoWorks on the same PC as Fabric Manager, even though the Java requirements are different. When installing the later Java version for Fabric Manager, make sure it does not overwrite the earlier Java version required for CiscoWorks. Both versions of Java can coexist on your PC.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 2-2 Step 7 Click one of the radio buttons: • Fabric Manager Server (Licensed) to install the server components for Fabric Manager Server. • Fabric Manager Standalone to install the standalone version of Fabric Manager.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 2-3 Step 10 Database Options Dialog Box Click the Install PostgreSQL radio button to install Postgre SQL database. Click Use existing DB to specify which database you want to use. If you choose Install PostgreSQL, accept the defaults and enter a password. The PostgreSQL database will be installed.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 2-4 Step 13 User Options Dialog Box Enter a user name and password and click Next. You see the Authentication Options dialog box as shown in Figure 2-5. Figure 2-5 Step 14 Authentication Options Dialog Box Choose an authentication mode (Local, RADIUS, or TACACS) and click Next. Click Verify to test your login.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 2-6 Step 15 Configuration Options Dialog Box for Fabric Manager Standalone Check the FC Alias and SNMPv3 check boxes as desired and click Install if you are installing Fabric Manager Standalone. You see the Configuration Options dialog box for Fabric Manager Server as shown in Figure 2-7.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note Step 17 If you select a specific IP address during installation and change the server host IP address, you must modify the following two files, which are all located in the $INSTALL/conf directory: Change server.bindaddrs to the new IP address in the server.properties file and change wrapper.app.parameter.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 2-9 Note Step 18 Installation Complete If you installed Fabric Manager Standalone, you can choose to launch Fabric Manager or Device Manager by checking the Launch Fabric Manager or Launch Device Manager check boxes. Icons for Fabric Manager and Device Manager are automatically created on the desktop.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Installing Device Manager The Device Manager software executable file resides on the switch supervisor module. To install or upgrade the Device Manager software, access the supervisor module with a web browser and click the Install link on the web page that is displayed.
Chapter 2 Installing Cisco Fabric Manager Installing the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 2-11 Welcome to the Management Software Setup Wizard Window Step 3 Click Next to begin the installation. Step 4 Check the I accept the terms of the License Agreement check box and click Next. Step 5 Select an installation folder on your workstation for Device Manager.
Chapter 2 Installing Cisco Fabric Manager Upgrading the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Once the installation is finished, you see an installation completed message in the Cisco Device Manager Installer window as shown in Figure 2-13. Figure 2-13 Step 7 Installation Complete Click Finish to close the Cisco Device Manager Installer window.
Chapter 2 Installing Cisco Fabric Manager Running Fabric Manager Behind a Firewall Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Cisco Protocol Analyzer—Enables you to examine actual sequences of Fibre Channel frames easily using the Fibre Channel and SCSI decoders Cisco developed for Ethereal.
Chapter 2 Installing Cisco Fabric Manager Uninstalling the Management Software Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 2-2 Fabric Manager Port Usage Communication Type Port(s) Used Syslog Port 514 (UDP) Used by Fabric Manager Server and Performance Manager SNMP_TRAP Port 2162 (UDP) SNMP Chooses a random free local port (UDP) or 9198 (TCP) if SNMP proxy is enabled. The port can be changed in server.properties.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 3 Fabric Manager Server Fabric Manager Server is a platform for advanced SAN monitoring, troubleshooting, and configuration capabilities. The server capabilities are an integral part of the Cisco Fabric Manager application.
Chapter 3 Fabric Manager Server Installing and Configuring Fabric Manager Server Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Note Roaming user profiles—The licensed Fabric Manager Server uses the roaming user profile feature to store your preferences and topology map layouts on the server, so that your user interface will be consistent regardless of what computer you use to manage your storage networks.
Chapter 3 Fabric Manager Server Managing a Fabric Manager Server Fabric Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 7 Verify that Performance Manager is collecting data. See the “Verifying Performance Manager Collections” section on page 3-3. Unlicensed Versus Licensed Fabric Manager Server When you install Fabric Manager, the basic unlicensed version of Fabric Manager Server is installed with it.
Chapter 3 Fabric Manager Server Fabric Manager Server Properties File Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To continuously manage a fabric using Fabric Manager, perform this task: Step 1 Choose Server > Admin. You see the Control Panel dialog box with the Fabrics tab open, as shown in Figure 3-1. Note The Fabrics tab is only accessible to network administrators.
Chapter 3 Fabric Manager Server Modifying Fabric Manager Server Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m The server properties file contains these nine general sections: • GENERAL—Contains the general settings for the server. • SNMP SPECIFIC—Contains the settings for SNMP requests, responses, and traps. • SNMP PROXY SERVER SPECIFIC—Contains the settings for SNMP proxy server configuration and TCP port designation.
Chapter 3 Fabric Manager Server Modifying Fabric Manager Server Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 3-2 Step 3 FM User Dialog Box Set the user name and password for the new user, and then click Apply. To remove a Fabric Manager Server user using Fabric Manager, perform this task: Step 1 Click the Local FM Users tab in the Control Panel dialog box (see Figure 3-1). You see a list of Fabric Manager users.
Chapter 3 Fabric Manager Server Modifying Fabric Manager Server Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To change the polling period or full fabric rediscovery setting used by Fabric Manager Server using Fabric Manager, perform this task: Step 1 Choose Server > Admin. You see the Control Panel dialog box with the Fabrics tab open, as shown in Figure 3-1.
Chapter 3 Fabric Manager Server Modifying Fabric Manager Server Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 4 Authentication in Fabric Manager Fabric Manager contains interdependent software components that communicate with the switches in your fabric. These components use varying methods to authenticate to other components and switches. This chapter describes these authentication steps and the recommended authentication configuration for your fabric and components.
Chapter 4 Authentication in Fabric Manager Information About Fabric Manager Authentication Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 4-1 Fabric Manager Authentication Example AAA server Fabric Manager Server and Performance Manager Fabric Manager Client Local database 130715 Fabric Administrators launch Fabric Manager Client and select the seed switch that is used to discover the fabric.
Chapter 4 Authentication in Fabric Manager Discovering a Fabric Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Discovering a Fabric Fabric Manager Server monitors multiple physical fabrics under the same user interface. This facilitates managing redundant fabrics. A licensed Fabric Manager Server maintains up-to-date discovery information on all configured fabrics so that device status and interconnections are immediately available when you launch Fabric Manager Client.
Chapter 4 Authentication in Fabric Manager Authenticating Performance Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Authenticating Performance Manager Performance Manager uses the user name and password information stored in the Fabric Manager Server database. If this information changes on the switches in your fabric while Performance Manager is running, you need to update the Fabric Manager Server database and restart Performance Manager.
Chapter 4 Authentication in Fabric Manager Authenticating Fabric Manager Web Server Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 8 Choose Performance > Collector > Restart to restart Performance Manager and use the new user name and password. Authenticating Fabric Manager Web Server Fabric Manager Web Server does not communicate directly with any switches in the fabric.
Chapter 4 Authentication in Fabric Manager Authenticating Fabric Manager Web Server Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 5 Fabric Manager Client Cisco Fabric Manager Client is a java-based GUI application that provides access to the Fabric Manager applications from a remote workstation.
Chapter 5 Fabric Manager Client Launching Fabric Manager Client Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Launching Fabric Manager Client Note Network administrators must initially launch Fabric Manager Client using Fabric Manager Web Server, as described below. Once an administrator has installed the Fabric Manager Client icon on your desktop, you can double click on the icon to launch the Fabric Manager Client.
Chapter 5 Fabric Manager Client Launching Fabric Manager Client Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 5-2 Step 4 Download Page for Fabric Manager and Device Manager Click the link for either Fabric Manager or Device Manager. If you are launching Fabric Manager Client for the first time, you see a message asking whether you want to create shortcuts for Fabric Manager, as shown in Figure 5-3.
Chapter 5 Fabric Manager Client Launching Fabric Manager Client Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 5-4 Fabric Manager Login Dialog Box Step 7 Enter the Fabric Manager Server user name and password. Step 8 Check the Use SNMP Proxy check box if you want Fabric Manager Client to communicate with Fabric Manager Server through a TCP-based proxy server. Step 9 Click Login.
Chapter 5 Fabric Manager Client Launching Fabric Manager Client Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • If you have not configured the switch with a privacy protocol, then choose Auth-Privacy option MD5 (no privacy). • If you have configured the switch with your privacy protocol, choose your Auth-Privacy option. Note Step 13 If you want a clean discovery, remove the fabric and rediscover it. Click Discover.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note Changes made using Fabric Manager are applied to the running configuration of the switches that you are managing. If you have made changes to the configuration or performed an operation (such as activating zones), Fabric Manager prompts you to save your changes before you exit.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note 4 Status Bar (right side)—Shows the last entry displayed by the discovery process and the possible error message. 5 Fabric pane—Displays a map of the network fabric, including switches, hosts, and storage. It also provides tabs for displaying log and event data.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Toolbar The Fabric Manager main toolbar provides icons for accessing the most commonly used menu bar options as shown in Table 5-1. Table 5-1 Icon Fabric Manager Client Main Toolbar Description Opens switch fabric. Rediscovers current fabric. Searches the map. Creates VSAN. Launches DPVM wizard. Edits full zone database. Launches IVR zone wizard.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 5-1 Fabric Manager Client Main Toolbar (continued) Icon Description Launches QoS wizard. Configures users and roles. Launches IP-ACL wizard. Launches License Install wizard. Launches Software Install wizard. Performs switch health analysis. Performs fabric configuration analysis. Performs end-to-end connectivity analysis.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To change the fabric name using Fabric Manager, perform this task: Step 1 Choose Server > Admin. You see the Control Panel dialog box. Step 2 Double click the fabric name and enter the new name of the fabric. Step 3 Click Apply to change the name. Filtering Fabric Manager has a filtering mechanism that displays only the data that you are interested in.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Information Pane Use the Information pane to display tables of information associated with the option selected from the menu tree in the Logical Domains or Physical Attributes panes. The Information pane toolbar provides buttons for performing one or more of the operations shown in Table 5-2.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note The buttons that appear on the toolbar vary according to the option that you choose. They are activated or deactivated (dimmed) according to the field or other object that you choose in the Information pane.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 5-3 Icon or Graphic Fabric Manager Graphics (continued) Description A red X through a device or link indicates that the device is down or that the ISL is down. Fibre Channel HBA (or enclosure). Fibre Channel target (or enclosure). iSCSI host. Fibre Channel ISL and edge connection. Fibre Channel SAN port channel.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Log—Displays messages that describe Fabric Manager operations, such as fabric discovery. • Events—Displays information about the SNMP traps received by the management station. This includes combination events as detected by discovery and important traps, such as license and SNMP.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To save the map as a Visio diagram, choose Files > Export > Visio and choose Map or Map with link labels. The saved Visio diagram retains the viewing options that you selected from the Fabric pane. For example, if you collapse multiple links in the map and export the links as a Visio diagram, the Visio diagram shows those multiple links as one solid link.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note 1 The Fabric view tab for fabric 172.23.46.152. When selected, the Fabric view displays fabric 172.23.46.152. 2 The Fabric view tab for fabric 172.23.46.153. When selected, the Fabric view displays fabric 172.23.46.153. 3 SAN tab (selected), showing two fabrics. The same user name and password must be used to log into multiple fabrics.
Chapter 5 Fabric Manager Client Fabric Manager Client Quick Tour Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 4 Click OK to save the group. To add a switch or end port to an existing group in Fabric Manager, perform this task: Step 1 Right-click a switch or end device and choose Group > Add To > YourGroupName. You see the Edit User Defined Group dialog box as shown in Figure 5-9.
Chapter 5 Fabric Manager Client Setting Fabric Manager Preferences Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Status Bar The status bar at the bottom of the Fabric Manager window shows the last entry displayed by the discovery process, and the possible error message on the right side. The status bar displays a message stating that something has changed in the fabric and a new discovery is needed.
Chapter 5 Fabric Manager Client Network Fabric Discovery Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m The default SNMP preferences for Fabric Manager are as follows: • Retry request 1 time(s) after 5 sec timeout—You can set the retry value to 0-5, and the timeout value to 3-30. • Trace SNMP packets in Log—The default setting for this value is OFF. • Enable Audible Alert when Event Received—The default setting for this value is OFF.
Chapter 5 Fabric Manager Client Modifying the Device Grouping Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m database and collected using the Fabric Configuration Server’s request/response mechanisms that are defined by the FC-GS-3/4 standard. When you start Fabric Manager, you enter the IP address (or host name) of a seed switch for discovery.
Chapter 5 Fabric Manager Client Controlling Administrator Access with Users and Roles Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 5-11 Step 3 Alias Enclosure Click the Apply Changes icon to save these changes. Controlling Administrator Access with Users and Roles Cisco switches support role-based management access whether you are using the CLI or Cisco Fabric Manager.
Chapter 5 Fabric Manager Client Fabric Manager Troubleshooting Tools Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Virtual Interfaces—Creates virtual Ethernet interfaces and virtual Fibre Channel interfaces. Fabric Manager Troubleshooting Tools Fabric Manager has several troubleshooting tools available from the toolbar or Tools menu. Procedures for using these tools are described in Chapter 31, “Troubleshooting Your Fabric.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 6 Device Manager This chapter describes Cisco Device Manager and provides procedures for using it.
Chapter 6 Device Manager Launching Device Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Launching Device Manager You can launch Device Manager either from your desktop or from Fabric Manager. To launch Device Manager from your desktop, double-click the Device Manager icon and follow the instructions described in the “Integrating Cisco Fabric Manager with Other Management Tools” section on page 2-18.
Chapter 6 Device Manager Using Device Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Device—Opens an instance of Device Manager, sets management preferences, sets the page layout, opens a Telnet/SSH session with the current switch, exports a device image, and closes the Device Manager application. • Physical—Allows you to view and manage inventory, modules, temperature sensors, power supplies, fans, and the entire system.
Chapter 6 Device Manager Using Device Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 6-1 Device Manager Main Toolbar (continued) Icon Description VSANs Opens the VSAN dialog box that provides VSAN configuration for the switch. Save Configuration Saves the current running configuration to the startup configuration.
Chapter 6 Device Manager Using Device Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m – Brown—The port is administratively down. – Red—The port is down or has failed. – Amber—The port has a minor fault condition. – Gray—The port is unreachable. – Blue—The port is out of service.
Chapter 6 Device Manager Using the Quick Configuration Tool Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To create SAN port channels using Device Manager, click PortChannels from the Interface menu. For detailed instructions, see Chapter 14, “Configuring SAN Port Channels.” You can also use Fabric Manager to conveniently create a SAN port channel.
Chapter 6 Device Manager Setting Device Manager Preferences Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 6-2 Quick Configuration Tool Step 2 In the Switch Operational Type pane, click the Ethernet Switch radio button if you are configuring the switch as a pure Ethernet switch. Click the FCoE Switch radio button if you are configuring the switch as an I/O consolidation switch (with Fibre Channel and FCoE interfaces).
Chapter 6 Device Manager Setting Device Manager Preferences Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Show WorldWideName (WWN) Vendor—Displays the world wide name vendor name in any table or listing displayed by Device Manager. If Prepend is checked, the name is displayed in front of the IP address of the switch. If Replace is checked, the name is displayed instead of the IP address. The default setting is enabled (checked) with the Prepend option.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 7 Using Cisco Fabric Services Nexus 5000 Series switches provide Cisco Fabric Services (CFS) capability, which simplifies provisioning by automatically distributing configuration information to all switches in the network. Switch features can use the CFS infrastructure to distribute feature data or configuration data required by the feature.
Chapter 7 Using Cisco Fabric Services CFS Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m – Coordinated distributions: Only one distribution is allowed in the network at any given time. – Uncoordinated distributions: Multiple parallel distributions are allowed in the network except when a coordinated distribution is in progress.
Chapter 7 Using Cisco Fabric Services CFS Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Uncoordinated Distribution Uncoordinated distributions are used to distribute information that is not expected to conflict with that from a peer. Parallel uncoordinated distributions are allowed for a feature. Coordinated Distribution Coordinated distributions allow only one feature distribution at a given time. CFS uses locks to enforce this.
Chapter 7 Using Cisco Fabric Services CFS Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 7 Click the Apply Changes icon to commit the configuration changes for that feature and distribute the changes through CFS. To globally disable or enable CFS distribution on a switch using Device Manager, perform this task: Step 1 Choose Admin > CFS (Cisco Fabric Services). You see the CFS dialog box with the CFS status for all features on that switch.
Chapter 7 Using Cisco Fabric Services CFS Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 7-2 is the same as Figure 7-1 except that node C and node D are connected using Fibre Channel. All processes is the same in this example because node B has node C and node D the distribution list for IP. Node C does not forward to node D because node D is already in the distribution list from node B.
Chapter 7 Using Cisco Fabric Services CFS Support for Applications Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Physical topology level (physical scope) Some applications (such as NTP) need to distribute the configuration to the entire physical topology. • Between two selected switches Some applications operate only between selected switches in the network. CFS Merge Support CFS Merge is supported for CFS distribution over Fibre Channel.
Chapter 7 Using Cisco Fabric Services CFS Support for Applications Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CFS has the following requirements: • Implicit CFS usage—The first time you issue a CFS task for a CFS-enabled application, the configuration modification process begins and the application locks the network. • Pending database—The pending database is a temporary buffer to hold uncommitted information.
Chapter 7 Using Cisco Fabric Services CFS Support for Applications Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To enable CFS for a feature using Device Manager, perform this task: Step 1 Choose Admin > CFS (Cisco Fabric Services). You see the CFS dialog box with the CFS status for all features on that switch. Step 2 Decide which features need CFS. Set the Command column to either enable to enable CFS or disable to disable CFS.
Chapter 7 Using Cisco Fabric Services CFS Support for Applications Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To commit changes using Fabric Manager for CFS-enabled features, perform this task: Step 1 Choose the feature you want to enable CFS for. For example, expand Switches expand Events, and then choose CallHome from the Physical Attributes pane. The Information pane shows that feature with a CFS tab.
Chapter 7 Using Cisco Fabric Services CFS Regions Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Saving the Configuration Configuration changes that have not been applied yet (still in the pending database) are not shown in the running configuration. The configuration changes in the pending database overwrite the configuration in the effective database when you commit the changes.
Chapter 7 Using Cisco Fabric Services CFS Regions Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Moving a Feature to a Different Region, page 7-13 • Removing a Feature from a Region, page 7-14 • Deleting CFS Regions, page 7-14 About CFS Regions A CFS region is a user-defined subset of switches for a given feature or application in its physical distribution scope.
Chapter 7 Using Cisco Fabric Services CFS Regions Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Removing a Feature from a Region, page 7-14 Creating CFS Regions To create a CFS region using Fabric Manager, perform this task: Step 1 In the Physical Attributes pane, expand Switches and then choose CFS. The information pane displays the Global, IP Multicast, Feature by Region, and All Regions tabs. Step 2 Click the All Regions tab.
Chapter 7 Using Cisco Fabric Services CFS Regions Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 7-6 Step 4 Assign a Feature Dialog Box Choose a switch from the drop-down box. The features running on the selected switch are listed in the Feature drop-down box. Step 5 Choose a feature on that switch to associate a region. Step 6 Choose the region number from the list to associate a RegionId with the selected feature.
Chapter 7 Using Cisco Fabric Services CFS Regions Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 7-7 Step 3 Feature by Region Tab Double-click the RegionId cell in the required row. The cursor blinks in the cell prompting a change in the value. Step 4 Change the RegionId value to the required region. Step 5 Click the Apply Changes button on the tool bar to commit the change.
Chapter 7 Using Cisco Fabric Services Displaying CFS Distribution Information Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 7-9 shows a confirmation dialog box. Figure 7-9 Step 3 Deleting CFS Regions Click Yes to confirm deletion of the region. Note CFS cannot distribute over both IPv4 and IPv6 from the same switch.
Chapter 7 Using Cisco Fabric Services CFS Example Using Fabric Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 7-10 CFS Configuration Step 3 Choose enable for each switch from the Feature Admin drop-down list. Step 4 Repeat step 3 for all switches in the network. Note A warning displays if you do not enable CFS for all switches in the network for this feature.
Chapter 7 Using Cisco Fabric Services CFS Example Using Fabric Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 10 Click the Commit CFS Pending Changes icon to save the changes (see Figure 7-13). Figure 7-13 Step 11 The status changes to Running (see Figure 7-14). Figure 7-14 Step 12 Note Note Status Change to Running Choose abortChanges from the Config Action drop-down list for each switch that you enabled for CFS (see Figure 7-15).
Chapter 7 Using Cisco Fabric Services CFS Example Using Device Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To configure the master or seed switch for distribution for each feature using Fabric Manager, perform this task: Step 1 Choose the feature that needs a merge master for CFS. For example, expand Switches > Events, and then choose CallHome from the Physical Attributes pane. The Information pane shows that feature including a CFS tab.
Chapter 7 Using Cisco Fabric Services Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note When using CFS with features like device alias, you must choose commit at the end of each configuration. If the session is locked, you must exit the feature by selecting abort. Default Settings Table 7-1 lists the default settings for CFS configurations. Table 7-1 Default CFS Parameters Parameters Default CFS distribution on the switch Enabled.
Chapter 7 Using Cisco Fabric Services Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 8 Configuring Ethernet Interfaces This section describes the configuration of the Ethernet interfaces on the Nexus 5000 Series switches.
Chapter 8 Configuring Ethernet Interfaces Displaying Interface Information Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 8-1 Ethernet Information Pane Step 2 Select the VLAN tab to display the VLAN assigned to each interface. Step 3 Select the CDP Neighbors tab to display the CDP neighbor assigned to each interface.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 9 Configuring Virtual Interfaces This section describes the configuration of virtual interfaces on the Nexus 5000 Series switches.
Chapter 9 Configuring Virtual Interfaces Configuring Virtual Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 9 Configuring Virtual Interfaces Configuring Virtual Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 9-2 Create VIG Dialog Box Step 3 Choose a switch in the Switch pull-down menu. Step 4 Enter the Virtual Interface Group number in the Id field. Step 5 (Optional) Select a physical Ethernet interface to bind to the Virtual Interface Group. The newly created virtual interface group is displayed in the Virtual Interface Groups table.
Chapter 9 Configuring Virtual Interfaces Configuring Virtual Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 9-3 Virtual Interface Group Wizard Step 2 Follow the directions in the Virtual Interface Group Wizard. Choose the switch where the Virtual Interface Group will be created, the physical Ethernet port associated with the Virtual Interface Group, and the Virtual Interface Group ID. Step 3 Click Finish to commit and distribute the change.
Chapter 9 Configuring Virtual Interfaces Configuring Virtual Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the Virtual Interface Groups in the information pane as shown in Figure 9-1. Step 2 Select the Virtual Interface Group to be deleted. Step 3 Click the Delete Row icon. You see a dialog box asking you to confirm the deletion. Step 4 Click Yes to confirm the deletion. Step 5 Click the Apply icon to apply the change. .
Chapter 9 Configuring Virtual Interfaces Configuring Virtual Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Creating a Virtual Ethernet Interface To create a virtual Ethernet interface, perform this task: Step 1 In the Physical Attributes pane, expand Switches, expand Interfaces, expand Ethernet, expand FCoE, expand Virtual Interfaces, and then choose Ethernet. You see the Virtual Ethernet information pane as shown in Figure 9-5.
Chapter 9 Configuring Virtual Interfaces Configuring Virtual Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 6 Click the Apply icon to apply the change. Deleting a Virtual Ethernet Interface To delete a virtual Ethernet interface, perform this task: Step 1 In the Physical Attributes pane, expand Switches > Interfaces > Ethernet > FCoE, and then choose Virtual Ethernet Interfaces. You see the Virtual Ethernet information pane as shown in Figure 9-5.
Chapter 9 Configuring Virtual Interfaces Configuring Virtual Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Deleting a Virtual Fibre Channel Interface To delete a virtual Fibre Channel interface, perform this task: Step 1 In the Physical Attributes pane, expand Switches > Interfaces > Ethernet > FCoE, and then choose Virtual FC Interfaces. You see the Virtual Fibre Channel information pane.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 10 Configuring Fibre Channel Interfaces This chapter describes interface configuration for Fibre Channel interfaces and virtual Fibre Channel interfaces.
Chapter 10 Configuring Fibre Channel Interfaces Information About Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Each Fibre Channel port can be used as a downlink (connected to a server) or as an uplink (connected to the data center SAN network). The Fibre Channel interfaces support the following modes: F, NP, E, TE, and SD.
Chapter 10 Configuring Fibre Channel Interfaces Information About Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 10-1 Switch Port Modes Host N port ISL lin k F port E port F port N port Note 187233 E port Interfaces are automatically assigned VSAN 1 by default. See Chapter 15, “Configuring and Managing VSANs.
Chapter 10 Configuring Fibre Channel Interfaces Information About Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m F Port In fabric port (F port) mode, an interface functions as a fabric port. This port may be connected to a peripheral device (host or disk) operating as an N port. An F port can be attached to only one N port. F ports support class 3 service.
Chapter 10 Configuring Fibre Channel Interfaces Information About Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Interface States The interface state depends on the administrative configuration of the interface and the dynamic state of the physical link.
Chapter 10 Configuring Fibre Channel Interfaces Information About Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note Only some of the reason codes are listed in Table 10-4. If the administrative state is up and the operational state is down, the reason code differs based on the nonoperational reason code. Table 10-4 describes the reason codes for nonoperational states.
Chapter 10 Configuring Fibre Channel Interfaces Information About Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 10-4 Reason Codes for Nonoperational States (continued) Reason Code (long version) Description Isolation due to ELP failure The port negotiation failed. Isolation due to ESC failure The port negotiation failed. Isolation due to domain overlap The Fibre Channel domains (fcdomain) overlap.
Chapter 10 Configuring Fibre Channel Interfaces Configuring Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • For virtual Fibre Channel interfaces, BB_credits are not used.
Chapter 10 Configuring Fibre Channel Interfaces Configuring Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 10-3 Virtual Fibre Channel Interface Configuration Setting the Interface Administrative State To disable or enable an interface using Fabric Manager, perform this task: Step 1 In the Physical Attributes pane, expand Switches > Interfaces, and then choose FC Physical.
Chapter 10 Configuring Fibre Channel Interfaces Configuring Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To configure the interface using Fabric Manager, perform this task: Step 1 In the Physical Attributes pane, expand Switches > Interfaces, and then choose FC Physical. For a virtual Fibre Channel Interface, expand Switches > Interfaces > Ethernet > FCoE > Virtual FC Interfaces. You see the interface configuration in the Information pane.
Chapter 10 Configuring Fibre Channel Interfaces Configuring Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m See the Cisco Nexus 5000 Series Family CLI Configuration Guide to configure frame encapsulation on an interface. Configuring Receive Data Field Size You can configure the receive data field size for native Fibre Channel interfaces (but not for virtual Fibre Channel interfaces).
Chapter 10 Configuring Fibre Channel Interfaces Verifying Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Momentary synchronization loss. • Loose cable connection at one or both ends. • Improper GBIC or SFP connection at one or both ends. A bit error rate threshold is detected when 15 error bursts occur in a 5-minute period. By default, the switch disables the interface when the threshold is reached. You can reenable the interface.
Chapter 10 Configuring Fibre Channel Interfaces Verifying Fibre Channel Interfaces Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Verifying SFP Transmitter Types The SPF transmitter type can be displayed for a physical Fibre Channel interface (but not for a virtual Fibre Channel). The small form-factor pluggable (SFP) hardware transmitters are identified by their acronyms when displayed.
Chapter 10 Configuring Fibre Channel Interfaces Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 6 Click Close when you are finished gathering and displaying statistics. Default Settings Table 10-6 lists the default settings for native Fibre Channel interface parameters.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 11 Configuring Domain Parameters The Fibre Channel domain (fcdomain) feature performs principal switch selection, domain ID distribution, FC ID allocation, and fabric reconfiguration functions as described in the FC-SW-2 standards. The domains are configured on a per VSAN basis. If you do not configure a domain ID, the local switch uses a random ID.
Chapter 11 Configuring Domain Parameters Information About Fibre Channel Domains Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 11-1 Sample fcdomain Configuration Switch 2 (principal) Local WWN 20:01:ab:ba:cd:dc:f4:00 Configured domain ID 0 (zero) preferred 7.0.1 Switch 7 (subordinate) Local WWN 20:02:ab:ba:cd:dc:f4:00 7.0.
Chapter 11 Configuring Domain Parameters Information About Fibre Channel Domains Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About Domain Restart Fibre Channel domains can be started disruptively or nondisruptively. If you perform a disruptive restart, reconfigure fabric (RCF) frames are sent to other switches in the fabric and data traffic is disrupted on all the switches in the VSAN (including remotely segmented ISLs).
Chapter 11 Configuring Domain Parameters Information About Fibre Channel Domains Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 11-3 Configuring Domains Step 3 Choose disruptive or nonDisruptive in the Restart drop-down list for any switch in the fabric that you want to restart the fcdomain. Step 4 Click the Apply Changes icon to initiate the fcdomain restart. About Switch Priority By default, the configured priority is 128.
Chapter 11 Configuring Domain Parameters Information About Fibre Channel Domains Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 11-4 Step 2 Running Domain Configuration Click the Configuration tab. You see the switch configuration as shown in Figure 11-3. Step 3 Set Priority to a high value for the switch in the fabric that you want to be the principal switch. Step 4 Click the Apply Changes icon to save these changes.
Chapter 11 Configuring Domain Parameters Information About Fibre Channel Domains Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 11-5 Step 3 Configuring Domains Click the Apply Changes icon to save these changes.
Chapter 11 Configuring Domain Parameters Information About Fibre Channel Domains Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 2 Click the Domain Mgr tab. You see the information in Figure 11-6. Figure 11-6 Rejecting Incoming RCF Request Frames Step 3 Check the RcfReject check box for each interface that you want to reject RCF request frames on. Step 4 Click the Apply Changes icon to save these changes.
Chapter 11 Configuring Domain Parameters Domain IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 2 Click the Configuration tab and check the Auto Reconfigure check box for each switch in the fabric that you want to automatically reconfigure. Step 3 Click the Apply Changes icon to save these changes. Domain IDs Domain IDs uniquely identify a switch in a VSAN. A switch may have different domain IDs in different VSANs. The domain ID is part of the overall FC ID.
Chapter 11 Configuring Domain Parameters Domain IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuration Process Using the Preferred Option Switch 7 (subordinate) Switch 2 (principal) Local WWN 20:01:ab:ba:cd:dc:f4:00 Local WWN 20:02:ab:ba:cd:dc:f4:00 Configured domain ID 7 preferred 1. Request configured domain ID (7).
Chapter 11 Configuring Domain Parameters Domain IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note If you have configured an allow domain ID list, the domain IDs that you add must be in that range for the VSAN. See the “About Allowed Domain ID Lists” section on page 11-10. Specifying Static or Preferred Domain IDs When you assign a static domain ID type, you are requesting a particular domain ID.
Chapter 11 Configuring Domain Parameters Domain IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • The locally configured domain ID of the switch must be in the allowed list. • The intersection of the assigned domain IDs with other already configured domain ID lists must not be empty.
Chapter 11 Configuring Domain Parameters Domain IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About CFS Distribution of Allowed Domain ID Lists You can enable the distribution of the allowed domain ID list configuration information to all Cisco SAN switches in the fabric using the Cisco Fabric Services (CFS) infrastructure. This feature allows you to synchronize the configuration across the fabric from the console of a single switch.
Chapter 11 Configuring Domain Parameters Domain IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To commit pending domain configuration changes and release the lock using Fabric Manager, perform this task: Step 1 Expand Fabricxx > VSANxx > Domain Manager, and then choose Allowed in the Logical Domains pane for the fabric and VSAN that you want to set the allowed domain ID list for. You see the CFS configuration in the Information pane.
Chapter 11 Configuring Domain Parameters Domain IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 3 Click the Apply Changes icon to clear the fabric lock. Displaying Pending Changes To display the pending configuration changes using Fabric Manager, perform this task: Step 1 Expand Fabricxx > VSANxx > Domain Manager > Allowed in the Logical Domains pane for the fabric and VSAN that you want to set the allowed domain ID list for.
Chapter 11 Configuring Domain Parameters FC IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Enabling Contiguous Domain ID Assignments To enable contiguous domains in a specific VSAN (or a range of VSANs) using Fabric Manager, perform this task: Step 1 Expand Fabricxx > VSANxx, and then choose Domain Manager in the Logical Domains pane for the fabric and VSAN that you want to enable contiguous domains for.
Chapter 11 Configuring Domain Parameters FC IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About Persistent FC IDs When persistent FC IDs are enabled, the following occurs: • The current FC IDs in use in the fcdomain are saved across reboots. • The fcdomain automatically populates the database with dynamic entries that the switch has learned about after a device (host or disk) is plugged into a port interface.
Chapter 11 Configuring Domain Parameters FC IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring Persistent FC IDs To configure persistent FC IDs using Fabric Manager, perform this task: Step 1 Expand Fabricxx > VSANxx, and then choose Domain Manager in the Logical Domains pane for the fabric and VSAN that you want to configure the Persistent FC ID list for. You see the running configuration of the domain in the Information pane.
Chapter 11 Configuring Domain Parameters FC IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring Unique Area FC IDs for an HBA The following task uses an example configuration with a switch domain of 111(6f hex). The server connects to the switch over FCoE. The HBA port connects to interface vfc20/1 and the storage port connects to interface fc2/3 on the same switch.
Chapter 11 Configuring Domain Parameters FC IDs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 6 Check the Enable check box to enable the persistent FC ID feature in the switch (see Figure 11-13). Step 7 Click the Persistent FcIds tab and assign a new FC ID with a different area allocation in the FcId field. For example, in Figure 11-13 we replace 00 with ee. Figure 11-13 Setting the FC ID in Fabric Manager Step 8 Click Apply Changes to save the new FC ID.
Chapter 11 Configuring Domain Parameters Displaying fcdomain Statistics Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 1 Expand Fabricxx > All VSANs > Domain Manager in the Logical Domains pane for the fabric that you want to purge the Persistent FC IDs for. You see the running configuration of the domain in the Information pane. Step 2 Click the Persistent Setup tab. You see the persistent FC ID setup in the Information pane as shown in Figure 11-14.
Chapter 11 Configuring Domain Parameters Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Default Settings Table 11-2 lists the default settings for all fcdomain parameters.
Chapter 11 Configuring Domain Parameters Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 12 Configuring N-Port Virtualization N-port virtualization (NPV) reduces the number of Fibre Channel domain IDs used in a SAN fabric. Edge switches operating in NPV mode do not join a fabric; they pass traffic between the NPV core switch and the end devices, which eliminates the need for a unique domain ID in each edge switch.
Chapter 12 Configuring N-Port Virtualization Information About NPV Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 12-1 Cisco NPV Configuration–Interface View Host NPV Device N-Port F-Port NP-Port F-Port NPV Core Switch NPIV enable Host Note F-Port NP-Port F-Port 184631 N-Port NPV Device In-order data delivery is not required in NPV mode because the exchange between two end devices always takes the same uplink to the core from the NPV device.
Chapter 12 Configuring N-Port Virtualization Information About NPV Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m After completing its FLOGI request, the Nexus 5000 Series switch registers itself with the fabric name server using the following additional parameters: Note • Switch name and interface name (for example, fc2/4) of the NP port is embedded in the symbolic port name in the name server registration of the NPV device itself.
Chapter 12 Configuring N-Port Virtualization Guidelines and Limitations Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • The same device might log in using different fWWNs on the core switch (depending on the NPV link it uses) and may need to be zoned using different fWWNs.
Chapter 12 Configuring N-Port Virtualization Configuring NPV Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring NPV with Device Manager To use Device Manager to configure NPV, perform this task: Step 1 Launch Device Manager from the Nexus 5000 Series switch to enable NPV. Step 2 From the Admin drop-down menu, choose Feature Control. In the Action field, choose enable for the NPV feature and click Apply.
Chapter 12 Configuring N-Port Virtualization Configuring NPV Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 13 Configuring VSAN Trunking This chapter describes the VSAN trunking feature provided in Nexus 5000 Series switches.
Chapter 13 Configuring VSAN Trunking Information About VSAN Trunking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m VSAN Trunking Mismatches If you misconfigure VSAN configurations across E ports, issues can occur such as the merging of traffic in two VSANs (causing both VSANs to mismatch). The VSAN trunking protocol validates the VSAN interfaces at both ends of an ISL to avoid merging VSANs (see Figure 13-2).
Chapter 13 Configuring VSAN Trunking Configuring VSAN Trunking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 13 Configuring VSAN Trunking Configuring VSAN Trunking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring Trunk Mode To configure trunk mode using Fabric Manager, perform this task: Step 1 In the Physical Attributes pane, expand Switches > Interfaces, and then choose FC Physical. You see the interface configuration in the Information pane. Step 2 Click the Trunk Config tab to modify the trunking mode for the selected interface.
Chapter 13 Configuring VSAN Trunking Configuring VSAN Trunking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About Trunk-Allowed VSAN Lists Each Fibre Channel interface has an associated trunk-allowed VSAN list. In TE-port mode, frames are transmitted and received in one or more VSANs specified in this list. By default, the complete VSAN range (1 through 4093) is included in the trunk-allowed list.
Chapter 13 Configuring VSAN Trunking Configuring VSAN Trunking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Operational and Allowed VSAN Configuration Switch 2 VSAN1 VSAN2 VSAN3 Switch 1 VSAN1 VSAN2 VSAN3 VSAN4 VSAN5 VS VS AN ANs 1 s1 , 2, , 2, 5 a 5a re o re ope ra n th e a tional llow . ed list. Switch 3 VSAN1 VSAN2 VSAN4 VSAN5 79946 list. ed w o l l . ea nal n th eratio o re op 3a are nd 3 a s1 and AN Ns 1 VS A VS VSANs 1 and 2 are operational.
Chapter 13 Configuring VSAN Trunking Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Default Settings Table 13-2 lists the default settings for trunking parameters.
Chapter 13 Configuring VSAN Trunking Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 14 Configuring SAN Port Channels SAN port channels refer to the aggregation of multiple physical interfaces into one logical interface to provide higher aggregated bandwidth, load balancing, and link redundancy. On Nexus 5000 Series switches, SAN port channels can include physical Fibre Channel interfaces, but not virtual Fibre Channel interfaces.
Chapter 14 Configuring SAN Port Channels Information About SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 14 Configuring SAN Port Channels Information About SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Understanding Load Balancing Load-balancing functionality can be provided using the following methods: • Flow based—All frames between source and destination follow the same links for a given flow. That is, whichever link is selected for the first exchange of the flow is used for all subsequent exchanges.
Chapter 14 Configuring SAN Port Channels Information About SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 14-4 illustrates how exchange-based load balancing works. When the first frame in an exchange is received for forwarding on an interface, link 1 is chosen by a hash algorithm. All remaining frames in that particular exchange are sent on the same link. For exchange 1, no frame uses link 2.
Chapter 14 Configuring SAN Port Channels Configuring SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring SAN Port Channels SAN port channels are created with default values. You can change the default configuration just as any other physical interface. Figure 14-5 provides examples of valid SAN port channel configurations.
Chapter 14 Configuring SAN Port Channels Configuring SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 14 Configuring SAN Port Channels Configuring SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m If the following requirements are not met, a SAN port channel error is detected: • Each switch on either side of a SAN port channel must be connected to the same number of interfaces. • Each interface must be connected to a corresponding interface on the other side (see Figure 14-6 for an example of an invalid configuration).
Chapter 14 Configuring SAN Port Channels Configuring SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 14-8 Step 3 Click Next. Step 4 Select the ISLs. Select Switch Pairs Figure 14-9 shows a list of the ISLs.
Chapter 14 Configuring SAN Port Channels Configuring SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 7 If you chose to dynamically form a SAN port channel from selected ISLs, you see the final Port Channel Wizard screen (see Figure 14-10). Set the VSAN List, Trunk Mode, and Speed and proceed to Step 11.
Chapter 14 Configuring SAN Port Channels Configuring SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m The SAN port channel is created. It may take a few minutes before the new port channel is visible in the Fabric pane. About SAN Port Channel Modes You can configure each SAN port channel with a channel group mode parameter to determine the port channel protocol behavior for all member ports in this channel group.
Chapter 14 Configuring SAN Port Channels Configuring SAN Port Channels Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To configure active mode using Fabric Manager, perform this task: Step 1 Expand ISLs, and then choose Port Channels in the Physical Attributes pane. You see the port channels configured in the Information pane. Step 2 Click the Protocols tab. From the Mode drop-down list, choose the appropriate mode for the Port Channel.
Chapter 14 Configuring SAN Port Channels Interfaces in a SAN Port Channel Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 5 Check the Delete Port Channel If Empty check box to delete this port channel. Step 6 Click Finish to save any modifications or click Cancel to discard any changes. Interfaces in a SAN Port Channel You can add or remove a physical Fibre Channel interface (or a range of interfaces) to an existing SAN port channel.
Chapter 14 Configuring SAN Port Channels Interfaces in a SAN Port Channel Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m A port addition procedure fails if the capability and administrative parameters in the remote switch are incompatible with the capability and administrative parameters in the local switch. If the compatibility check is successful, the interfaces are operational and the corresponding compatibility parameter settings apply to these interfaces.
Chapter 14 Configuring SAN Port Channels Interfaces in a SAN Port Channel Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Forcing an Interface Addition You can force the port configuration to be overwritten by the SAN port channel. In this case, the interface is added to a SAN port channel. Note • If you use the default On mode to avoid inconsistent states across switches and to maintain consistency across switches, then the ports shut down.
Chapter 14 Configuring SAN Port Channels Port Channel Protocol Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 2 Click the Channels tab and find the switch and SAN port channel that you want to edit. Step 3 Remove the interface or list of interfaces that you want deleted in the Members the Admin column. Step 4 Click the Apply Changes icon to save any modifications.
Chapter 14 Configuring SAN Port Channels Port Channel Protocol Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m switches. Link A3-B3 can join the channel groups (and the port channels) if the respective ports have compatible configurations. Link A4-B4 operates as an individual link, because it is not compatible with the existing member ports in the channel group.
Chapter 14 Configuring SAN Port Channels Port Channel Protocol Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Autocreation Guidelines When using the autocreation protocol, follow these guidelines: Tip • A port is not allowed to be configured as part of a SAN port channel when the autocreation feature is enabled. These two configurations are mutually exclusive. • Autocreation must be enabled in both the local and peer ports to negotiate a SAN port channel.
Chapter 14 Configuring SAN Port Channels Port Channel Protocol Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About Manually Configured Channel Groups A user-configured channel group cannot be converted to an autocreated channel group. However, you can convert an autocreated channel group to a manual channel group. This task is irreversible.
Chapter 14 Configuring SAN Port Channels Verifying SAN Port Channel Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Verifying SAN Port Channel Configuration You can use the Information pane in Fabric Manager to verify your port channel configuration (see Figure 14-16). Figure 14-16 Port Channel Summary in Fabric Manager Default Settings Table 14-3 lists the default settings for SAN port channels.
Chapter 14 Configuring SAN Port Channels Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 15 Configuring and Managing VSANs You can achieve higher security and greater stability in Fibre Channel fabrics by using virtual SANs (VSANs). VSANs provide isolation among devices that are physically connected to the same fabric. With VSANs you can create multiple logical SANs over a common physical infrastructure.
Chapter 15 Configuring and Managing VSANs Information About VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Fabric-related configurations in one VSAN do not affect the associated traffic in another VSAN. • Events causing traffic disruptions in one VSAN are contained within that VSAN and are not propagated to other VSANs. Figure 15-1 shows a fabric with three switches, one on each floor.
Chapter 15 Configuring and Managing VSANs Information About VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 15-2 H2 Example of Two VSANs AS1 H3 AS2 AS3 H1 FC SA1 FC SA2 FC SA3 FC SA4 Link in VSAN 2 79533 Link in VSAN 7 Trunk link The four switches in this network are interconnected by VSAN trunk links that carry both VSAN 2 and VSAN 7 traffic. You can configure a different inter-switch topology for each VSAN.
Chapter 15 Configuring and Managing VSANs Information About VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m VSAN Advantages VSANs offer the following advantages: • Traffic isolation—Traffic is contained within VSAN boundaries and devices reside only in one VSAN ensuring absolute separation between user groups, if desired. • Scalability—VSANs are overlaid on top of a single physical fabric.
Chapter 15 Configuring and Managing VSANs Configuring VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 15-3 VSANS with Zoning Physical Topology AS2 Zone A H2 VSAN 2 AS3 SA1 Zone C H1 Zone B SA4 H3 Zone D Zone A AS1 SA2 SA3 79534 VSAN 7 Configuring VSANs VSANs have the following attributes: • VSAN ID—The VSAN ID identifies the VSAN as the default VSAN (VSAN 1), user-defined VSANs (VSAN 2 to 4093), and the isolated VSAN (VSAN 4094).
Chapter 15 Configuring and Managing VSANs Configuring VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 15 Configuring and Managing VSANs Configuring VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 15-5 Note Create VSAN Dialog Box If you check the Static Domain IDs check box, Fabric Manager creates the VSAN in suspended mode and then automatically activates the VSAN. Step 2 Check the switches that you want in this VSAN. Step 3 Fill in the VSAN Name and VSAN ID fields. Step 4 Set the LoadBalancing value and the InterOperValue.
Chapter 15 Configuring and Managing VSANs Configuring VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About Port VSAN Membership Port VSAN membership on the switch is assigned on a port-by-port basis. By default each port belongs to the default VSAN. You can assign VSAN membership to ports using one of two methods: • Statically—Assigning VSANs to ports. See the “Assigning Static Port VSAN Membership” section on page 15-8.
Chapter 15 Configuring and Managing VSANs Configuring VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note Caution Note When you configure a port in VSAN 4094 or move a port to VSAN 4094, that port is immediately isolated. Do not use an isolated VSAN to configure ports. Up to 256 VSANs can be configured in a switch. Of these, one is a default VSAN (VSAN 1), and another is an isolated VSAN (VSAN 4094). User-specified VSAN IDs range from 2 to 4093.
Chapter 15 Configuring and Managing VSANs Configuring VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 15 Configuring and Managing VSANs Configuring VSANs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 15-7 Deleting a VSAN You see a confirmation dialog box. Step 3 Click Yes to confirm the deletion or No to close the dialog box without deleting the VSAN. About Load Balancing Load-balancing attributes indicate the use of the source-destination ID (src-dst-id) or the originator exchange OX ID (src-dst-ox-id, the default) for load-balancing path selection.
Chapter 15 Configuring and Managing VSANs Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 3 Click Apply Changes to save these changes, or click Undo Changes to discard any unsaved changes. About Interop Mode Interoperability enables the products of multiple vendors to connect with each other. Fibre Channel standards guide vendors to create common external Fibre Channel interfaces.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 16 Configuring and Managing Zones Zoning enables you to set up access control between storage devices or user groups. If you have administrator privileges in your fabric, you can create zones to increase network security and to prevent data loss or corruption. Zoning is enforced by examining the source-destination ID field.
Chapter 16 Configuring and Managing Zones Information About Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Zoning Features Zoning includes the following features: • A zone consists of multiple zone members. – Members in a zone can access each other; members in different zones cannot access each other. – If zoning is not activated, all devices are members of the default zone.
Chapter 16 Configuring and Managing Zones Information About Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note • Default zone membership includes all ports or WWNs that do not have a specific membership association. Access between default zone members is controlled by the default zone policy. • You can configure up to 8000 zones per VSAN and a maximum of 8000 zones for all VSANs on the switch. Interface-based zoning only works with Cisco SAN switches.
Chapter 16 Configuring and Managing Zones Information About Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-2 Fabric with Three Zones Zone 1 H1 S1 H2 Zone 3 S2 H3 Zone 2 S3 79536 Fabric Zone Implementation Nexus 5000 Series switches automatically support the following basic zone features (no additional configuration is required): • Zones are contained in a VSAN. • Hard zoning cannot be disabled. • Name server queries are soft-zoned.
Chapter 16 Configuring and Managing Zones Information About Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Active and Full Zone Set Configuration Guidelines Before configuring a zone set, consider the following guidelines: Note • Each VSAN can have multiple zone sets but only one zone set can be active at any given time. • When you create a zone set, that zone set becomes a part of the full zone set.
Chapter 16 Configuring and Managing Zones Information About Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 16 Configuring and Managing Zones Configuring Zones Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 16 Configuring and Managing Zones Configuring Zones Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note The Device Alias radio button is visible only if device alias is in enhanced mode. For more information, see the “Configuring Device Alias Modes” section on page 17-4. Tip Expand Switches from the Physical Attributes pane to retrieve the switch world-wide name (sWWN). If you do not provide a sWWN, the software automatically uses the local sWWN.
Chapter 16 Configuring and Managing Zones Configuring Zones Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-6 Edit Local Full Zone Database Dialog Box If you want to view zone membership information, right-click in the All Zone Membership(s) column, and then choose Show Details for the current row or all rows from the pop-up menu. Step 3 Click Zones in the left pane and click the Insert icon to create a zone.
Chapter 16 Configuring and Managing Zones Configuring Zones Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-8 Step 8 Enter a zone set name and click OK. Note Step 9 Zoneset Name Dialog Box One of these symbols ($, -, ^, _) or all alphanumeric characters are supported. In interop mode 2 and 3, this symbol (_) or all alphanumeric characters are supported.
Chapter 16 Configuring and Managing Zones Configuring Zones Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-10 Step 3 Edit Local Full Zone Database Dialog Box Select the members you want to add from the Fabric pane and click Add to Zone or click the zone where you want to add members and click the Insert icon. You see the Add Member to Zone dialog box as shown in Figure 16-11.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 5 Click Add to add the member to the zone. Note When configuring a zone member, you can specify that a single LUN has multiple IDs depending on the operating system. You can select from six different operating systems.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • About FC Alias Creation, page 16-17 • Creating FC Aliases, page 16-17 • Adding Members to Aliases, page 16-18 • Converting Zone Members to pWWN-Based Members, page 16-20 • Zone Enforcement, page 16-21 About Zone Set Creation In Figure 16-13, two separate sets are created, each with its own membership hierarchy and zone members.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 2 Choose a VSAN and click OK. You see the Edit Local Full Zone Database dialog box for the selected VSAN. Step 3 Click Activate to activate the zone set. You see the preactivation check dialog box as shown in Figure 16-14. Figure 16-14 Step 4 Pre-Activation Check Dialog Box Click Yes to review the differences. You see the Local vs.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the Zone Log dialog box, which shows if the zone set activation was successful (see Figure 16-17). Figure 16-17 Zone Log Dialog Box To deactivate an existing zone set, perform this task: Step 1 Right-click the zone set you want to deactivate, and then choose Deactivate from the pop-up menu.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note The default zone members are explicitly listed only when the default zone policy is configured as permit. When the default zone policy is configured as deny, the members of this zone are not shown. See the “Verifying Zone Information” section on page 16-28.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-18 Default Zone Policies The active zone set is shown in italic type. After you make changes to the active zone set and before you activate the changes, the zone set is shown in boldface italic type. Step 3 In the Default Zone Behavior field, choose either permit or deny from the drop-down list.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-19 Step 4 Creating an FC Alias Click the Insert icon to create an alias. You see the Create Alias dialog box as shown in Figure 16-20. Figure 16-20 Create Alias Dialog Box Step 5 Set the Alias Name and the pWWN. Step 6 Click OK to create the alias.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-21 Edit Local Full Zone Database Dialog Box Step 3 Click the alias (in the FC-Aliases folder) where you want to add members. Step 4 Select the member(s) you want to add from the Fabric pane (see Figure 16-21) and click Add to Alias. Fabric Manager provides an alternative method for adding members to the alias. Instead of step 4, perform steps 5 through 7.
Chapter 16 Configuring and Managing Zones Zone Sets Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note The Device Alias radio button is visible only if device alias is in enhanced mode. For more information, see Configuring Device Alias Modes, page 17-4. Step 6 Click the browse button and choose a port name or check the LUN check box and click the browse button to configure LUNS. Step 7 Click Add to add the member to the alias.
Chapter 16 Configuring and Managing Zones Zone Set Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Zone Enforcement Zoning can be enforced in two ways: soft and hard. Each end device (N port) discovers other devices in the fabric by querying the name server. When a device logs in to the name server, the name server returns the list of other devices that can be accessed by the querying device.
Chapter 16 Configuring and Managing Zones Zone Set Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To enable full zone set and active zone set distribution to all switches on a per VSAN basis using Fabric Manager, perform this task: Step 1 Expand a VSAN and choose a zone set in the Logical Domains pane. You see the zone set configuration in the Information pane. The Active Zones tab is the default. Step 2 Click the Policies tab.
Chapter 16 Configuring and Managing Zones Zone Set Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About Recovering from Link Isolation When two switches in a fabric are merged using a TE or E port, these TE and E ports may become isolated when the active zone set databases are different between the two switches or fabrics.
Chapter 16 Configuring and Managing Zones Zone Set Duplication Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-25 Zone Merge Failure Recovery Dialog Box Step 3 Click the Import Active Zoneset or the Export Active Zoneset radio button. Step 4 Choose the switch from which to import or export the zone set information from the drop-down list. Step 5 Choose the VSAN from which to import or export the zone set information from the drop-down list.
Chapter 16 Configuring and Managing Zones Zone Set Duplication Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Migrating a Non-MDS Database, page 16-28 • Clearing the Zone Server Database, page 16-28 Copying Zone Sets On Nexus 5000 Series switches, you cannot edit an active zone set. However, you can copy an active zone set to create a new zone set that you can edit.
Chapter 16 Configuring and Managing Zones Zone Set Duplication Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the Select VSAN dialog box. Step 2 Choose a VSAN and click OK. You see the Edit Local Full Zone Database dialog box for the selected VSAN. Step 3 Choose File > Backup to back up the existing zone configuration to a workstation using TFTP, or choose File > Restore to restore a saved zone configuration.
Chapter 16 Configuring and Managing Zones Zone Set Duplication Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-28 Edit Local Full Zone Database Dialog Box Step 3 Click a zone or zone set in the left pane. Step 4 Choose Edit > Rename. An edit box appears around the zone or zone set name. Step 5 Enter a new name. Step 6 Click Activate or Distribute.
Chapter 16 Configuring and Managing Zones Verifying Zone Information Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 16-29 Clone Zoneset Dialog Box Step 4 Change the name for the cloned entry. Step 5 Click OK to save the new clone. The cloned database now appears along with the original database.
Chapter 16 Configuring and Managing Zones Enhanced Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 2 Click the Read Only Violations, Statistics tab or the LUN Zoning Statistics tab to view statistics for the selected zone. Enhanced Zoning The zoning feature complies with the FC-GS-4 and FC-SW-3 standards.
Chapter 16 Configuring and Managing Zones Enhanced Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 16-2 Advantages of Enhanced Zoning (continued) Basic Zoning Enhanced Zoning Enhanced Zoning Advantages The Cisco-specific zone member types (symbolic node name, and other types) may be used by other non-Cisco switches. During a merge, the Cisco-specific types can be misunderstood by the non-Cisco switches.
Chapter 16 Configuring and Managing Zones Enhanced Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Enabling Enhanced Zoning By default, the enhanced zoning feature is disabled in all switches in the Nexus 5000 Series. To enable enhanced zoning in a VSAN using Fabric Manager, perform this task: Step 1 In the Logical Domains pane, expand a VSAN, and then choose a zone set. You see the zone set configuration in the Information pane. Step 2 Click the Enhanced tab.
Chapter 16 Configuring and Managing Zones Enhanced Zoning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m The merge process operates as follows: 1. The software compares the protocol versions. If the protocol versions differ, then the ISL is isolated. 2. If the protocol versions are the same, then the zone policies are compared. If the zone policies differ, then the ISL is isolated. 3.
Chapter 16 Configuring and Managing Zones Compacting the Zone Database Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Compacting the Zone Database You can delete excess zones and compact the zone database for the VSAN. Note A merge failure occurs when a switch supports more than 2000 zones per VSAN but its neighbor does not.
Chapter 16 Configuring and Managing Zones Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 17 Distributing Device Alias Services Switches in the Nexus 5000 Series support Distributed Device Alias Services (device aliases) on a fabric-wide basis.
Chapter 17 Distributing Device Alias Services Information About Device Aliases Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • The device alias application uses the Cisco Fabric Services (CFS) infrastructure to enable efficient database management and distribution. Device aliases use the coordinated distribution mode and the fabric-wide distribution scope (see Chapter 7, “Using Cisco Fabric Services”). • Basic and enhanced modes.
Chapter 17 Distributing Device Alias Services Device Alias Databases Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Device Alias Databases The device alias feature uses two databases to accept and implement device alias configurations. • Effective database—The database currently used by the fabric. • Pending database—Your subsequent device alias configuration changes are stored in the pending database.
Chapter 17 Distributing Device Alias Services Device Alias Databases Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • If two fabrics running in different device alias modes are joined together, the device alias merge will fail. There is no automatic conversion to one mode or the other during the merge process. In this situation, you must to select one mode over the other.
Chapter 17 Distributing Device Alias Services Device Alias Databases Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About Device Alias Distribution By default, device alias distribution is enabled. The device alias feature uses CFS to distribute the modifications to all switches in a fabric. If device alias distribution is disabled, database changes are not distributed to the switches in the fabric.
Chapter 17 Distributing Device Alias Services Device Alias Databases Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Creating a Device Alias To lock the fabric using Fabric Manager, perform this task: Note Step 1 You create a device alias for a locked fabric in the pending database. Expand End Devices, and then choose Device Alias in the Physical Attributes pane. You see the device alias configuration in the Information pane.
Chapter 17 Distributing Device Alias Services Legacy Zone Alias Conversion Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 5 Click Apply Changes to commit and distribute these changes, or click Undo Changes to discard any unsaved changes. Discarding Changes If you discard the changes made to the pending database, the following events occur: 1. The effective database contents remain unaffected. 2. The pending database is emptied of its contents. 3.
Chapter 17 Distributing Device Alias Services Database Merge Guidelines Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To change whether Fabric Manager uses FC aliases or global device aliases, perform this task: Step 1 Click Server > Admin. You see the Control Panel dialog box with the Fabrics tab open (see Figure 17-4).
Chapter 17 Distributing Device Alias Services Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Default Settings Table 17-2 lists the default settings for device alias parameters. Table 17-2 Default Device Alias Parameters Parameters Default Device alias distribution Enabled. Device alias mode Basic. Database in use Effective database. Database to accept changes Pending database.
Chapter 17 Distributing Device Alias Services Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 18 Configuring Fibre Channel Routing Services and Protocols Fabric Shortest Path First (FSPF) is the standard path selection protocol used by Fibre Channel fabrics. The FSPF feature is enabled by default on the E mode and TE mode Fibre Channel interfaces on Nexus 5000 Series switches. Except in configurations that require special consideration, you do not need to configure any FSPF services.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols Information About FSPF Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Uses a topology database to keep track of the state of the links on all switches in the fabric and associates a cost with each link. • Guarantees a fast reconvergence time in case of a topology change.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Global Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 18-2 Fault Tolerant Fabric with Redundant Links A B C 1 2 D E 79542 4 3 For example, if all links are of equal speed and no SAN port channels exist, the FSPF calculates four equal paths from A to C: A1-E-C, A2-E-C, A3-D-C, and A4-D-C. If SAN port channels exist, these paths are reduced to two.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Global Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 18-1 displays the default settings for switch responses. Table 18-1 LSR Default Settings LSR Option Default Description Acknowledgment interval (RxmtInterval) 5 seconds The time a switch waits for an acknowledgment from the LSR before retransmission.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Resetting FSPF to the Default Configuration To return the FSPF VSAN global configuration to its factory default using Fabric Manager, perform this task: Step 1 Expand a Fabric, expand a VSAN and then choose FSPF for a VSAN that you want to configure for FSPF.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Viewing FSPF Statistics, page 18-10 About FSPF Link Cost FSPF tracks the state of links on all switches in the fabric, associates a cost with each link in its database, and then chooses the path with a minimal cost. The cost associated with an interface can be administratively changed to implement the FSPF route selection.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring Hello Time Intervals To configure the FSPF Hello time interval using Fabric Manager, perform this task: Step 1 In the Physical Attributes pane, expand Switches > Interfaces, and then choose FC Physical. You see the interface configuration in the Information pane. Step 2 Click the FSPF tab.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring Retransmitting Intervals To configure the FSPF retransmit time interval using Fabric Manager, perform this task: Step 1 In the Physical Attributes pane, expand Switches > Interfaces, and then choose FC Physical. You see the interface configuration in the Information pane. Step 2 Click the FSPF tab.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Interface Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 18-6 Step 3 FSPF Database Information in the LSDB LSRs Tab Click Close to close the dialog box. Viewing FSPF Statistics To view FSPF statistics using Fabric Manager, perform this task: Step 1 Expand a Fabric, expand a VSAN, and then choose FSPF in the Logical Domains pane. You see the FSPF configuration dialog box.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols FSPF Routes Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the FSPF interface statistics in the Information pane. FSPF Routes FSPF routes traffic across the fabric, based on entries in the FSPF database. These routes can be learned dynamically, or configured statically.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 18-9 Step 2 Fibre Channel Static Route Configuration Dialog Box Click Create to create a static route. You see the Create Route dialog box as shown in Figure 18-10. Figure 18-10 Create Fibre Channel Route Dialog Box Step 3 Choose the VSAN ID that for which you are configuring this route.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Use IOD only if your environment cannot support out-of-order frame delivery. Tip If you enable the in-order delivery feature, the graceful shutdown feature is not implemented.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 18-12 Frame 2 Frame 1 Frame 4 Frame 3 Switch 2 Old path New path 85475 Switch 1 Link Congestion Delivery In Figure 18-12, the port of the old path (red dot) is congested. In this scenario, Frame 3 and Frame 4 can be delivered before Frame 1 and Frame 2.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols In-Order Delivery Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Enabling In-Order Delivery Globally To ensure that the in-order delivery parameters are uniform across all VSANs on the switch, enable in-order delivery globally. Only enable in-order delivery globally if this is a requirement across your entire fabric. Otherwise, enable IOD only for the VSANs that require this feature.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the general VSAN attributes in the Information pane as shown in Figure 18-14. Figure 18-14 General VSAN Attributes Step 3 Double-click the Network Latency field and change the value. Step 4 Click Apply Changes to save these changes, or click Undo Changes to discard any unsaved changes.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 18-2 Default FSPF Settings (continued) Parameters Default Static route cost If the cost (metric) of the route is not specified, the default is 10. Remote destination switch If the remote destination switch is not specified, the default is direct. Multicast routing Uses the principal switch to compute the multicast tree.
Chapter 18 Configuring Fibre Channel Routing Services and Protocols Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases This chapter describes the fabric login (FLOGI) database, the name server features, the Fabric-Device Management Interface (FDMI), and Registered State Change Notification (RSCN) information provided in Nexus 5000 Series switches.
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases Name Server Proxy Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 19-1 FLOGI Physical Interfaces Name Server Proxy The name server functionality maintains a database containing the attributes for all hosts and storage devices in each VSAN. Name servers allow a database entry to be modified by a device that originally registered the information.
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases Name Server Proxy Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 19-2 Name Server Proxies Step 3 Double-click the PortName field and enter a new value to register a new name server proxy. Step 4 Click Apply Changes to save these changes, or click Undo Changes to cancel any unsaved changes.
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases FDMI Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 19-3 Name Server Dialog Box The General tab is the default tab; you see the name server database. Step 2 Click the Statistics tab. You see the name server statistics. Step 3 Click Close to close the dialog box.
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases RSCN Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m RSCN The Registered State Change Notification (RSCN) is a Fibre Channel service that informs hosts about changes in the fabric. Hosts can receive this information by registering with the fabric controller (through SCR).
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases RSCN Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 19-4 RSCN Statistics About the multi-pid Option If the RSCN multi-pid option is enabled, then RSCNs generated to the registered Nx ports may contain more than one affected port IDs. In this case, zoning rules are applied before putting the multiple affected port IDs together in a single RSCN.
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases RSCN Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 19-5 RSCN Multi-PID Step 3 Check the Enable check box. Step 4 Click Apply Changes to save these changes, or click Undo Changes to cancel any unsaved changes. Clearing RSCN Statistics You can clear the counters and later view the counters for a different set of events.
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note Before performing a downgrade, make sure that you revert the RCSN timer value in your network to the default value. Failure to do so will disable the links across your VSANs and other devices. Compatibility across various software releases during an upgrade or downgrade is supported by conf-check provided by CFS.
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 19 Managing FLOGI, Name Server, FDMI, and RSCN Databases Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 20 Configuring SPAN The Switched Port Analyzer (SPAN) feature (sometimes called port mirroring or port monitoring) selects network traffic for analysis by a network analyzer. The network analyzer can be a Cisco SwitchProbe, a Fibre Channel Analyzer, or other Remote Monitoring (RMON) probes.
Chapter 20 Configuring SPAN Information About SPAN Destinations Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Can be any port type: Ethernet, virtual Ethernet, Fibre Channel, virtual Fibre Channel, Port Channel, SAN-Port Channel, VLAN, and VSAN. • Cannot be monitored in multiple SPAN sessions. • Cannot be a destination port. • Each source port can be configured with a direction (ingress, egress, or both) to monitor.
Chapter 20 Configuring SPAN Configuring SPAN Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Receives copies of sent and received traffic for all monitored source ports. If a destination port is oversubscribed, it can become congested. This congestion can affect traffic forwarding on one or more of the source ports. Configuring SPAN You can configure a SPAN session to duplicate packets from source ports to the specified destination ports on the switch.
Chapter 20 Configuring SPAN Configuring SPAN Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 20-1 Create SPAN Sessions Dialog Box Step 4 Choose the session ID (from 1-16) using the up or down arrows and click Create. Step 5 Repeat Step 4 for each session that you want to create. Step 6 Enter the destination interface in the Dest Interface field for the appropriate session.
Chapter 20 Configuring SPAN Default SPAN Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the Source Interfaces Interface Sources dialog box as shown in Figure 20-3. Figure 20-3 Source Interfaces Interface Sources Dialog Box Step 6 Click the browse button to display the list of available FC ports. Step 7 Choose a port and click OK. Step 8 Check the direction (receive or transmit) that you want.
Chapter 20 Configuring SPAN Default SPAN Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 20-1 Default SPAN Configuration Parameters (continued) Parameters Default Encapsulation Disabled. SD port Output frame format is Fibre Channel.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 21 Discovering SCSI Targets This chapter describes the SCSI LUN discovery feature provided in switches in the Nexus 5000 Series. It includes the following sections: • Information About SCSI LUN Discovery, page 21-1 • Displaying SCSI LUN Information, page 21-3 Information About SCSI LUN Discovery Small Computer System Interface (SCSI) targets include disks, tapes, and other storage devices.
Chapter 21 Discovering SCSI Targets Information About SCSI LUN Discovery Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Starting SCSI LUN Discovery To begin SCSI LUN discovery using Device Manager, perform this task: Step 1 Choose FC > Advanced > LUNs. You see the LUN Configuration dialog box as shown in Figure 21-1. Figure 21-1 LUN Configuration Dialog Box Step 2 Set StartDiscovery to local, remote or both. Step 3 Choose the DiscoveryType and OS.
Chapter 21 Discovering SCSI Targets Displaying SCSI LUN Information Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 5 Click Apply to begin discovery. Displaying SCSI LUN Information To display the results of the discovery using Device Manager, perform this task: Step 1 Choose FC > Advanced > LUNs You see the LUN Configuration dialog box. Step 2 Click the LUN tab or the Targets tab.
Chapter 21 Discovering SCSI Targets Displaying SCSI LUN Information Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 22 Advanced Features and Concepts This chapter describes the advanced Fibre Channel features provided in Nexus 5000 Series switches.
Chapter 22 Advanced Features and Concepts Fibre Channel Timeout Values Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Timer Configuration Across All VSANs You can modify Fibre Channel protocol related timer values for the switch. Caution The D_S_TOV, E_D_TOV, and R_A_ TOV values cannot be globally changed unless all VSANs in the switch are suspended.
Chapter 22 Advanced Features and Concepts Fibre Channel Timeout Values Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 22-2 Configure Timers in Device Manager Timer Configuration Per-VSAN You can also issue the fctimer for a specified VSAN to configure different TOV values for VSANs with special links such as Fibre Channel. You can configure different E_D_TOV, R_A_TOV, and D_S_TOV values for individual VSANs.
Chapter 22 Advanced Features and Concepts Fibre Channel Timeout Values Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 3 Click Apply to save these changes. About fctimer Distribution You can enable per-VSAN fctimer fabric distribution for all Cisco SAN switches in the fabric. When you perform fctimer configurations, and distribution is enabled, that configuration is distributed to all the switches in the fabric.
Chapter 22 Advanced Features and Concepts World Wide Names Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note The number of pending fctimer configuration operations cannot be more than 15. After 15 operations, you must commit or abort the pending configurations before performing any more operations. See the “CFS Merge Support” section on page 7-6 for additional information.
Chapter 22 Advanced Features and Concepts FC ID Allocation for HBAs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring a Secondary MAC Address To allocate secondary MAC addresses using Device Manager, perform this task: Step 1 Choose FC > Advanced > WWN Manager. You see the list of allocated WWNs as shown in Figure 22-4.
Chapter 22 Advanced Features and Concepts Switch Interoperability Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Default Company ID List All Nexus 5000 Series switches contain a default list of company IDs that require area allocation. Using the company ID reduces the number of configured persistent FC ID entries. You can configure or modify these entries using the CLI. Caution Persistent entries take precedence over company ID configuration.
Chapter 22 Advanced Features and Concepts Switch Interoperability Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Not all vendors follow the standards in the same way, which results in the need for interoperability modes. This section briefly explains the basic concepts of these modes.
Chapter 22 Advanced Features and Concepts Switch Interoperability Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 22-2 Changes in Switch Operation When Interoperability Is Enabled (continued) Switch Feature Changes if Interoperability Is Enabled Default zone The default zone operation of permit (all nodes can see all other nodes) or deny (all nodes are isolated when not explicitly placed in a zone) may change.
Chapter 22 Advanced Features and Concepts Switch Interoperability Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 1 Choose VSANxxx > VSAN Attributes from the Logical Domains pane. Step 2 Choose Interop-1 from the Interop drop-down list. Step 3 Click Apply Changes to save this interop mode. Step 4 Expand VSANxxx, and then choose Domain Manager from the Logical Domains pane.
Chapter 22 Advanced Features and Concepts Switch Interoperability Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Verifying Interoperating Status This section highlights the steps used to verify if the fabric is up and running in interoperability mode.
Chapter 22 Advanced Features and Concepts Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note The Cisco switch name server shows both local and remote entries, and does not time out the entries. Default Settings Table 22-3 lists the default settings for the features included in this chapter.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 23 Configuring FC-SP and DHCHAP Fibre Channel Security Protocol (FC-SP) capabilities provide switch-to-switch and host-to-switch authentication to overcome security challenges for enterprise-wide fabrics. Diffie-Hellman Challenge Handshake Authentication Protocol (DHCHAP) is an FC-SP protocol that provides authentication between Nexus 5000 Series switches and other devices.
Chapter 23 Configuring FC-SP and DHCHAP DHCHAP Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Nexus 5000 Series switches support authentication features to address physical security (see Figure 23-1). Figure 23-1 Switch and Host Authentication Trusted hosts RADIUS server FC-SP (DH-CHAP) Unauthorized hosts and switches FC-SP (DH-CHAP) 105209 Storage Subsytems DHCHAP DHCHAP is an authentication protocol that authenticates the devices connecting to a switch.
Chapter 23 Configuring FC-SP and DHCHAP DHCHAP Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To configure DHCHAP authentication using the local password database, perform this task: Step 1 Enable DHCHAP. Step 2 Identify and configure the DHCHAP authentication modes. Step 3 Configure the hash algorithm and DH group. Step 4 Configure the DHCHAP password for the local switch and other switches in the fabric.
Chapter 23 Configuring FC-SP and DHCHAP DHCHAP Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About Enabling DHCHAP By default, the DHCHAP feature is disabled in all Nexus 5000 Series switches. You must explicitly enable the DHCHAP feature to access the configuration and verification commands for fabric authentication. When you disable this feature, all related configurations are automatically discarded.
Chapter 23 Configuring FC-SP and DHCHAP DHCHAP Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Note Whenever DHCHAP port mode is changed to a mode other than the Off mode, reauthentication is performed. Table 23-1 identifies switch-to-switch authentication between two Cisco switches in various modes.
Chapter 23 Configuring FC-SP and DHCHAP DHCHAP Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m About the DHCHAP Hash Algorithm Cisco SAN switches support a default hash algorithm priority list of MD5 followed by SHA-1 for DHCHAP authentication. Tip Caution If you change the hash algorithm configuration, then change it globally for all switches in the fabric. RADIUS and TACACS+ protocols always use MD5 for CHAP authentication.
Chapter 23 Configuring FC-SP and DHCHAP DHCHAP Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 1 Expand Switches > Security, and then choose FC-SP. Step 2 Click the General/Password tab. Step 3 Change the DHCHAP GroupList for each switch in the fabric. Step 4 Click the Apply Changes icon to save the updated hash algorithm priority list.
Chapter 23 Configuring FC-SP and DHCHAP DHCHAP Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 6 Click Create to save the updated password. About Password Configuration for Remote Devices You can configure passwords in the local authentication database for other devices in a fabric. The other devices are identified by their device name, which is also known as the switch WWN or device WWN.
Chapter 23 Configuring FC-SP and DHCHAP DHCHAP Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m When changing the timeout value, consider the following factors: • The existing RADIUS and TACACS+ timeout values. • The same value must also be configured on all switches in the fabric. Configuring the DHCHAP Timeout Value To configure the DHCHAP timeout value using Fabric Manager, perform this task: Step 1 Expand Switches > Security, and then choose FC-SP.
Chapter 23 Configuring FC-SP and DHCHAP Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Default Settings Table 23-2 lists the default settings for all fabric security features in any switch.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 24 Configuring Port Security Nexus 5000 Series switches provide port security features that reject intrusion attempts and report these intrusions to the administrator. Note Port security is supported on virtual Fibre Channel ports and physical Fibre Channel ports.
Chapter 24 Configuring Port Security Information About Port Security Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m This section includes the following topics: • Port Security Enforcement, page 24-2 • About Auto-Learning, page 24-2 • Port Security Activation, page 24-3 Port Security Enforcement To enforce port security, configure the devices and switch port interfaces through which each device or switch is connected, and activate the configuration.
Chapter 24 Configuring Port Security Configuring Port Security Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Port Security Activation By default, the port security feature is not activated in Nexus 5000 Series switches. When you activate the port security feature, the following operations occur: • Auto-learning is also automatically enabled, which means: – From this point, auto-learning happens only for the devices or interfaces that were not logged into the switch.
Chapter 24 Configuring Port Security Configuring Port Security Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m See the “Committing the Changes” section on page 24-17. All switches have port security activated with auto-learning enabled. Step 5 Wait until all switches and all hosts are automatically learned. Step 6 Disable auto-learn on each VSAN. See the“Disabling Auto-Learning” section on page 24-11.
Chapter 24 Configuring Port Security Enabling Port Security Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring Port Security with Manual Database Configuration To configure port security and manually configure the port security database, perform this task: Step 1 Enable port security. See the “Enabling Port Security” section on page 24-5. Step 2 Manually configure all port security entries into the configure database on each VSAN.
Chapter 24 Configuring Port Security Port Security Activation Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 24-2 Port Security CFS Step 3 Enable CFS on all participating switches in the VSAN by clicking each entry in the Global column and selecting enable. Step 4 Click Apply Changes to enable CFS distribution for the port security feature. Step 5 Click the Control tab.
Chapter 24 Configuring Port Security Port Security Activation Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Displaying Port Security Statistics, page 24-9 • Displaying Port Security Violations, page 24-10 Activating Port Security To activate port security using Fabric Manager, perform this task: Step 1 Expand a VSAN and then choose Port Security in the Logical Domains pane. You see the port security configuration for that VSAN in the Information pane.
Chapter 24 Configuring Port Security Port Security Activation Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Forcing Port Security Activation If the port security activation request is rejected, you can force the activation. Note If you force the activation, existing devices are logged out if they violate the active database.
Chapter 24 Configuring Port Security Port Security Activation Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Copying an Active Database to the Config Database To copy the active database to the config database using Fabric Manager, perform this task: Step 1 Expand a VSAN and then choose Port Security in the Logical Domains pane. You see the port security configuration for that VSAN in the Information pane. Step 2 Click the Actions tab.
Chapter 24 Configuring Port Security Auto-Learning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Displaying Port Security Violations Port violations are invalid login attempts (for example, login requests from unauthorized Fibre Channel devices). You can display a list of these attempts on a per-VSAN basis, using Fabric Manager. To display port security violations, perform this task: Step 1 Expand a VSAN and then choose Port Security in the Logical Domains pane.
Chapter 24 Configuring Port Security Auto-Learning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Enabling Auto-Learning To enable auto-learning using Fabric Manager, perform this task: Step 1 Expand a VSAN and then choose Port Security in the Logical Domains pane. You see the port security configuration for that VSAN in the Information pane as shown in Figure 24-4. Figure 24-4 Port Security Configuration Step 2 Click the Actions tab.
Chapter 24 Configuring Port Security Auto-Learning Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Auto-Learning Device Authorization Table 24-1 summarizes the authorized connection conditions for device requests.
Chapter 24 Configuring Port Security Port Security Manual Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 24-2 Authorization Results for Scenario (continued) Device Connection Request Authorization Condition Reason P1, N1, F3 Permitted 5 Wildcard match for F3. P1, N4, F5 Denied 2 P1 is bound to F1. P5, N1, F5 Denied 2 N1 is only allowed on F2. P3, N3, F4 Permitted 1 No conflict. S1, F10 Permitted 1 No conflict.
Chapter 24 Configuring Port Security Port Security Manual Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m WWN Identification Guidelines If you decide to manually configure port security, note the following guidelines: • Identify switch ports by the interface or by the fWWN. • Identify devices by the pWWN or by the nWWN. • If an N port is allowed to log in to SAN switch port F, then that N port can only log in through the specified F port.
Chapter 24 Configuring Port Security Port Security Configuration Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 24-5 Create Port Security Dialog Box Step 4 Double-click the device from the available list for which you want to create the port security setting. Step 5 Double-click the port from the available list to which you want to bind the device. Step 6 Click Create to create the port security setting.
Chapter 24 Configuring Port Security Port Security Configuration Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m This section contains the following topics: • Enabling Distribution, page 24-16 • Locking the Fabric, page 24-16 • Committing the Changes, page 24-17 • Activation and Auto-Learning Configuration Distribution, page 24-17 Enabling Distribution All the configurations performed in distributed mode are stored in a pending (temporary) database.
Chapter 24 Configuring Port Security Port Security Configuration Distribution Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Committing the Changes If you commit the changes made to the configurations, the configurations in the pending database are distributed to other switches. On a successful commit, the configuration change is applied throughout the fabric and the lock is released.
Chapter 24 Configuring Port Security Database Merge Guidelines Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 24-3 Scenarios for Activation and Auto-learning Configurations in Distributed Mode (continued) Scenario Actions A and B exist in the configuration database, activation is not done and devices C,D are logged in.
Chapter 24 Configuring Port Security Database Interaction Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Deleting the Port Security Database, page 24-20 • Clearing the Port Security Database, page 24-21 Database Scenarios Figure 24-6 illustrates various scenarios showing the active database and the configuration database status based on port security configurations.
Chapter 24 Configuring Port Security Database Interaction Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Copying the Port Security Database Tip We recommend that you copy the active database to the config database after disabling auto-learning. This action will ensure that the configuration database is in synchronization with the active database.
Chapter 24 Configuring Port Security Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 3 Choose the appropriate configuration database and click the Delete Row button. Step 4 Click Yes if you want to delete the configuration database.
Chapter 24 Configuring Port Security Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Table 24-4 Default Security Settings (continued) Parameters Default Port security Disabled. Distribution Disabled. Note Enabling distribution enables it on all VSANs in the switch.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 25 Configuring Fabric Binding This chapter describes the fabric binding feature provided in Nexus 5000 Series switches.
Chapter 25 Configuring Fabric Binding Information About Fabric Binding Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Port Security Versus Fabric Binding Port security and fabric binding are two independent features that can be configured to complement each other. Table 25-1 compares the two features. Table 25-1 Fabric Binding and Port Security Comparison Fabric Binding Port Security Uses a set of sWWNs and a persistent domain ID. Uses pWWNs/nWWNs or fWWNs/sWWNs.
Chapter 25 Configuring Fabric Binding Configuring Fabric Binding Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring Fabric Binding The fabric binding feature ensures ISLs are only enabled between specified switches in the fabric binding configuration. Fabric binding is configured on a per-VSAN basis.
Chapter 25 Configuring Fabric Binding Configuring Fabric Binding Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Enabling Fabric Binding The fabric binding feature must be enabled in each switch in the fabric that participates in the fabric binding. By default, this feature is disabled in Nexus 5000 Series switches. The configuration and verification commands for the fabric binding feature are only available when fabric binding is enabled on a switch.
Chapter 25 Configuring Fabric Binding Configuring Fabric Binding Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the Create Config Database dialog box as shown in Figure 25-2. Figure 25-2 Create Config Database Dialog Box Step 5 Select the switches that you want to add. Step 6 Add the sWWN and domain ID of a switch to the configured database list. You can add the sWWN and the domain ID of more than one switches to the configured database list.
Chapter 25 Configuring Fabric Binding Configuring Fabric Binding Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 2 Click the Actions tab in the Information pane (see Figure 25-3). Figure 25-3 Fabric Binding Actions Tab Step 3 In the Action drop-down list, choose activate or deactivate or force activate for the Fabric Binding on the switch. Step 4 Click the Apply Changes icon to save your changes. The Enabled column for the switch now displays True.
Chapter 25 Configuring Fabric Binding Configuring Fabric Binding Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 4 Click the Apply Changes icon to save your changes. Creating a Fabric Binding Configuration To create a fabric binding configuration using Fabric Manager, perform this task: Step 1 Expand a VSAN with fabric binding in the Logical Domains pane. Expand Fabric Binding. Step 2 Click the Config Database tab in the Information pane.
Chapter 25 Configuring Fabric Binding Configuring Fabric Binding Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Copying Fabric Binding to the Configuration File To copy the active fabric binding to the configuration file using Fabric Manager, perform this task: Step 1 Expand a VSAN with fabric binding in the Logical Domains pane. Expand Fabric Binding. Step 2 Click the Actions tab in the Information pane (see Figure 25-3).
Chapter 25 Configuring Fabric Binding Configuring Fabric Binding Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 25-5 Fabric Binding Active Database Saving Fabric Binding Configurations When you save the fabric binding configuration, the config database and the active database are both saved to the startup configuration and are available after a reboot.
Chapter 25 Configuring Fabric Binding Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Deleting the Fabric Binding Database To delete the configured database for a specified VSAN using Fabric Manager, perform this task: Step 1 Expand a VSAN with fabric binding in the Logical Domains pane. Expand Fabric Binding. Step 2 Click the Config Database tab in the Information pane. Step 3 Select the database that you want to delete. Step 4 Click Delete Row.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 26 Configuring Fabric Configuration Servers This chapter describes the Fabric Configuration Server (FCS) feature provided in the Nexus 5000 Series switches.
Chapter 26 Configuring Fabric Configuration Servers Information About FCS Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m In Figure 26-1 Management Application 1 (M1) is connected through an F port with port VSAN ID 1, and Management Application 2 (M2) is connected through an F port with port VSAN ID 2. M1 can query the FCS information of switches S1 and S3, and M2 can query switches S3 and S4. Switch S2 information is not known to both of them.
Chapter 26 Configuring Fabric Configuration Servers Displaying FCS Discovery Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Displaying FCS Discovery To display FCS discovery information using Device Manager, perform this task: Step 1 Choose FC > Advanced > Fabric Config Server. You see the Fabric Config Server dialog box as shown in Figure 26-2. Figure 26-2 Fabric Config Server Dialog Box Step 2 Click the Discovery tab.
Chapter 26 Configuring Fabric Configuration Servers Creating an FCS Platform Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 26-3 Step 3 FCS Interconnect Elements Tab Click Close to close the dialog box. Creating an FCS Platform To create an FCS platform using Device Manager, perform this task: Step 1 Choose FC > Advanced > Fabric Config Server. You see the Fabric Config Server dialog box. Step 2 Click the Platforms (Enclosures) tab. Step 3 Click Create.
Chapter 26 Configuring Fabric Configuration Servers Displaying FCS Fabric Ports Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 26-4 Create Fabric Config Server Dialog Box Step 4 Enter the VSAN ID, or choose the ID from the drop-down list of available VSAN IDs. Step 5 Enter the Fabric Configuration Server name in the Name field. Step 6 Choose the type of server (Gateway, Host, Storage). Step 7 Enter the WWNs for the server.
Chapter 26 Configuring Fabric Configuration Servers Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 26-5 Step 3 FCS Fabric Ports Tab Click Refresh to update the display. Default Settings Table 26-1 lists the default FCS settings.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 27 Configuring Port Tracking Nexus 5000 Series switches offer the port tracking feature on physical Fibre Channel interfaces (but not on virtual Fibre Channel interfaces). This feature uses information about the operational state of the link to initiate a failure in the link that connects the edge device.
Chapter 27 Configuring Port Tracking Configuring Port Tracking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 27-1 Traffic Recovery Using Port Tracking ISL2 X Direct link 1 WAN or MAN X FC WAN or MAN 120490 FC The port tracking feature monitors and detects failures that cause topology changes and brings down the links connecting the attached devices.
Chapter 27 Configuring Port Tracking Configuring Port Tracking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Tracking Multiple Ports, page 27-6 • About Monitoring Ports in a VSAN, page 27-6 • Monitoring Ports in a VSAN, page 27-6 • About Forceful Shutdown, page 27-6 • Forcefully Shutting Down a Tracked Port, page 27-6 Enabling Port Tracking The port tracking feature is disabled by default in Nexus 5000 Series switches.
Chapter 27 Configuring Port Tracking Configuring Port Tracking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Operationally Binding a Tracked Port When you configure the first tracked port, operational binding is automatically in effect. When you use this method, you have the option to monitor multiple ports or monitor ports in one VSAN.
Chapter 27 Configuring Port Tracking Configuring Port Tracking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m If tracking is established, you see Success in the lower left corner of the dialog box as shown in Figure 27-5. Figure 27-5 Step 10 Successful Port Tracking Established Click Close to close the dialog box.
Chapter 27 Configuring Port Tracking Configuring Port Tracking Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Tracking Multiple Ports To track multiple ports, see the “Operationally Binding a Tracked Port” section on page 27-4.
Chapter 27 Configuring Port Tracking Default Port Tracking Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Default Port Tracking Settings Table 27-1 lists the default settings for port tracking parameters.
Chapter 27 Configuring Port Tracking Default Port Tracking Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 28 Network Monitoring The primary purpose of Fabric Manager is to manage the network. In particular, SAN discovery and network monitoring are two of its key network management capabilities.
Chapter 28 Network Monitoring Information About SAN Discovery and Topology Mapping Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Topology Mapping Fabric Manager is built upon a topology representation of the fabric. Fabric Manager provides an accurate view of multiple fabrics in a single window by displaying topology maps based on device discovery information. You can modify the topology map icon layout with an easy-to-use, drag-and-drop interface.
Chapter 28 Network Monitoring Information About SAN Discovery and Topology Mapping Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 28-1 Step 3 Fabric Manager Preferences Click Apply, then OK to save this change. Using Enclosures with Fabric Manager Topology Maps Because not all devices are capable of responding to FC-GS-3 requests, different ports of a single server or storage subsystem may be displayed as individual end devices on the topology map.
Chapter 28 Network Monitoring Health and Event Monitoring Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m the Summary tab in the Information pane to get a count of the number of VSANS, switches, hosts, and storage elements in the fabric. See the “Fabric Manager Client Quick Tour” section on page 5-6 for more information on the Fabric Manager user interface.
Chapter 28 Network Monitoring Health and Event Monitoring Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Event Information in Fabric Manager Web Server Reports The Fabric Manager web server client displays collections of information gathered by the Performance Manager. This information includes events sent to the Fabric Manager Server from the fabric. To open these reports, choose Performance Manager > Reports.
Chapter 28 Network Monitoring Health and Event Monitoring Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 29 Performance Manager The primary purpose of Fabric Manager is to manage the network. A key management capability is network performance monitoring.
Chapter 29 Performance Manager Information About Performance Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m This section includes the following topics: • Data Interpolation, page 29-2 • Data Collection, page 29-2 • Using Performance Thresholds, page 29-2 • Flow Setup Wizards, page 29-3 Data Interpolation One of the unique features of Performance Manager is its ability to interpolate data when statistical polling results are missing or delayed.
Chapter 29 Performance Manager Information About Performance Manager Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Baseline thresholds create a threshold that adapts to the typical traffic pattern for each link for the same time window each day, week, or every two weeks. Baseline thresholds are set as a percent of the average (110 percent to 500 percent), where 100 percent equals the calculated weighted average.
Chapter 29 Performance Manager Flow Statistics Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Flow Statistics Configuration Flow statistics count the ingress traffic in the aggregated statistics table. You can collect two kinds of statistics: • Aggregated flow statistics to count the traffic for a VSAN. • Flow statistics to count the traffic for a source and destination ID pair in a VSAN.
Chapter 29 Performance Manager Flow Statistics Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 29-2 Step 2 Flow Statistics in Fabric Manager Click the Create icon to create a flow. Note If you are managing your fabrics with Performance Manager, you need to set up an initial set of flows and collections on the fabric. Note When creating flows, make sure the device type is set correctly.
Chapter 29 Performance Manager Flow Statistics Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m You see the Review Traffic Flows dialog box as shown in Figure 29-4. Figure 29-4 Review Traffic Flows Dialog Box Step 8 Remove any flows you are not interested in. Step 9 Click Finish to create the flow.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 30 Nexus 5000 Management Software FAQ This chapter answers some of the most frequently asked questions about Cisco Fabric Manager and Device Manager.
Chapter 30 Nexus 5000 Management Software FAQ General Fabric Manager Issues Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • Save the file and exit the editor. • Restart the Fabric Manager server.
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m CH A P T E R 31 Troubleshooting Your Fabric This chapter describes basic troubleshooting methods used to resolve issues with switches.
Chapter 31 Troubleshooting Your Fabric Troubleshooting Tools and Techniques Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Traffic Analyzer—Another option is to launch the Cisco Traffic Analyzer for Fibre Channel from the Fabric Manager Server to analyze the traffic in greater depth. The Cisco Traffic Analyzer allows you to breakdown traffic by VSANs and protocols and to examine SCSI traffic at a logical unit number (LUN) level.
Chapter 31 Troubleshooting Your Fabric Analyzing Switch Device Health Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m The Cisco Traffic Analyzer for Fibre Channel presents reports with network wide statistics. The Summary Traffic report shows what percentage of traffic was within different ranges of frames sizes. A breakdown of the percentage of traffic for each protocol such as SCSI and ELS, is provided.
Chapter 31 Troubleshooting Your Fabric Analyzing Switch Fabric Configuration Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 31-1 Results of a Switch Health Analysis Step 3 Click Clear to remove the contents of the Switch Health Analysis window. Step 4 Click Close to close the window.
Chapter 31 Troubleshooting Your Fabric Analyzing End-to-End Connectivity Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 31-2 Results of a Fabric Configuration Analysis Step 6 Check the check boxes in the Resolve column for the issues you want to resolve. Step 7 To resolve the issues, click Resolve Issues. Step 8 Click Clear to remove the contents of the window. Step 9 Click Close to close the window.
Chapter 31 Troubleshooting Your Fabric Analyzing End-to-End Connectivity Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 8 Click Analyze. The End to End Connectivity Analysis window displays the selected endpoints including the switch to which each is attached, and the source and target ports used to connect it, as shown in Figure 31-3.
Chapter 31 Troubleshooting Your Fabric Using the Ping Tool (fcping) Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 10 Click Close to close the window. Using the Ping Tool (fcping) You can use the Ping tool to determine connectivity from another switch to a port on your switch. To use the Ping tool in Fabric Manager to determine connectivity, perform this task: Step 1 Choose Tools > Ping.
Chapter 31 Troubleshooting Your Fabric Analyzing the Results of Merging Zones Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To use the Trace Route option in Fabric Manager to verify connectivity, perform this task: Step 1 Choose Tools > Trace Route. You see the Trace Route dialog box. Step 2 Choose the source switch from the Source Switch drop-down list. Step 3 Choose the VSAN for which to verify connectivity from the VSAN drop-down list.
Chapter 31 Troubleshooting Your Fabric Using the Show Tech Support Command Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 31-6 Results of Zone Merge Analysis Step 6 Click Clear to remove the contents of the window. Step 7 Click Close to close the window. Using the Show Tech Support Command The show tech support command is useful when collecting a large amount of information about your switch for troubleshooting purposes.
Chapter 31 Troubleshooting Your Fabric Using the Show Tech Support Command Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m The default is 30 seconds. Step 4 Select the folder where you want the text files (containing the show tech support command information) to be written. Step 5 Check the Save Map check box if you want to save a screenshot of your map as a JPG file. Step 6 Check the Compress all files as check box to compress the files into a zip file.
Chapter 31 Troubleshooting Your Fabric Running CLI Commands Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Running CLI Commands You can use the Run CLI Commands feature to run a CLI command on multiple switches. To run CLI commands using Fabric Manager, perform this task: Step 1 Choose Tools > Run CLI Commands. You see the Run CLI Commands dialog box with all switches selected as shown in Figure 31-8.
Chapter 31 Troubleshooting Your Fabric Locating Other Switches Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 31-9 Step 6 Run CLI Commands Status Click Close to close the dialog box. Adjusting for Daylight Savings Time Note Starting in 2007, daylight savings time in the United States starts on the second Sunday in March and ends on the first Sunday in November.
Chapter 31 Troubleshooting Your Fabric Locating Other Switches Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m To locate switches that are not included in the currently discovered fabric using Fabric Manager, perform this task: Step 1 Choose File > Locate Switches and Devices. You see the Locate Switches dialog box. Step 2 In the Comma Separated Subnets field, enter a range of specific addresses belonging to a specific subnet to limit the research for the switches.
Chapter 31 Troubleshooting Your Fabric Fibre Channel Timeout Values Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 6 Click Close to close this dialog box. Fibre Channel Timeout Values You can modify Fibre Channel protocol related timer values for the switch by configuring the following timeout values (TOVs): Note Caution • Distributed services TOV (D_S_TOV)—The valid range is from 5,000 to 10,000 milliseconds. The default is 5,000 milliseconds.
Chapter 31 Troubleshooting Your Fabric Fibre Channel Timeout Values Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Step 6 Click Close to close the dialog box. To configure timer policies in Device Manager, perform this task: Step 1 Choose FC > Advanced > Timers/Policies. You see timer policies for a single switch in the dialog box as shown in Figure 31-12.
Chapter 31 Troubleshooting Your Fabric Configuring a Fabric Analyzer Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m If a VSAN is not specified when you change the policies, the changed value is applied to all VSANs in the switch. Step 2 Expand Switches, expand FC Services, and choose Timers & Policies in the Physical Attributes tree. You see timeouts for only switches in the selected VSAN shown in the Information pane.
Chapter 31 Troubleshooting Your Fabric Configuring a Fabric Analyzer Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Chapter 31 Troubleshooting Your Fabric Configuring a Fabric Analyzer Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Remote Capture Daemon This daemon is the server end of the remote capture component. The Wireshark analyzer running on a host is the client end. They communicate with each other using the Remote Capture Protocol (RPCAP). RPCAP uses two endpoints, a TCP-based control connection and a TCP or UDP-based data connection based on TCP (default) or UDP.
Chapter 31 Troubleshooting Your Fabric Configuring a Fabric Analyzer Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Sending Captures to Remote IP Addresses Caution You must use the eth2 interface to capture control traffic on a supervisor module. To capture remote traffic, use one of the following options: • The capture interface can be specified in Wireshark as the remote device: rpcap:///eth2 For example: rpcap://cp-16/eth2 rpcap://17.
Chapter 31 Troubleshooting Your Fabric Configuring a Fabric Analyzer Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • To view all FLOGI frames, use this expression: fcels.opcode == FLOGI • To view all FLOGI frames in VSAN 1, use this expression: fcels.opcode == FLOGI && mdshdr.
Chapter 31 Troubleshooting Your Fabric Configuring a Fabric Analyzer Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m • To capture only class Fibre Channel ELS frames, use this expression: els • To capture only name server frames, use this expression: dns • To capture only SCSI command frames, use this expression: fcp_cmd Note This feature is part of libpcap and you can obtain more information from http://www.tcpdump.org.
Chapter 31 Troubleshooting Your Fabric Configuring World Wide Names Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Configuring World Wide Names The world wide name (WWN) in the switch is equivalent to the Ethernet MAC address. As with the MAC address, you must uniquely associate the WWN to a single device. The principal switch selection and the allocation of domain IDs rely on the WWN.
Chapter 31 Troubleshooting Your Fabric FC ID Allocation for HBAs Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m Figure 31-15 Setting Secondary MAC Addresses Step 4 Enter the secondary MAC address in the Secondary Mac Base field. Step 5 Enter the range for the secondary MAC address in the Secondary Mac Range field. Step 6 Click the Apply Changes icon.
Chapter 31 Troubleshooting Your Fabric Default Settings Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m authentication F 23-1 default settings fabric binding Fabric Shortest Path First. See FSPF activation 25-5 fabric WWNs.
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m configuring mode 1 H default settings hard zoning description description 16-21 22-8 22-12 22-8 IOD.
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m discovering targets trunking restrictions 21-1 displaying information starting discoveries timeout values. See TOVs 21-3 TOVs 21-1 configuring for a VSAN SD port mode description 13-1 10-4 interface modes 10-4 secondary MAC addresses configuring default settings 22-12 interoperability 22-8 ranges 22-1 tracked ports 22-5 binding operationally small computer system interface.
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o . c o m V trunk-allowed 13-1 trunking ports 15-8 VSAN IDs allowed list 13-7 description 15-5 W multiplexing traffic range 10-4 world wide names.
Index Se n d c o m m e n t s t o n x 5 0 0 0 - d o c f e e d b a ck @ c i s c o .