53-1002156-01 29 April 2011 Access Gateway Administrator’s Guide Supporting Fabric OS v7.0.
Copyright © 2007-2011 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, BigIron, DCFM, DCX, Fabric OS, FastIron, IronView, NetIron, SAN Health, ServerIron, TurboIron, and Wingspan are registered trademarks, and Brocade Assurance, Brocade NET Health, Brocade One, Extraordinary Networks, MyBrocade, VCS, and VDX are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
Document History Document Title Publication Number Summary of Changes Publication Date Access Gateway Administrator’s Guide 53-1000430-01 First version. January 2007 Access Gateway Administrator’s Guide 53-1000633-01 Added support for the 200E. June 2007 Access Gateway Administrator’s Guide 53-1000605-01 Added support for new policies and changes to N_Port mappings. October 2007 Access Gateway Administrator’s Guide 53-1000605-02 Added support for new the March 2008 300 and 4424 models.
iv Access Gateway Administrator’s Guide 53-1002156-01
Contents About This Document In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . xiv What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Access Gateway mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Port mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 F_Port Static Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 Device mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Considerations for Access Gateway mapping . . . . . . . . . . . . . . 24 N_Port configurations . . . . . . . . . . . . . . . . . . . . .
Device Load Balancing policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42 Enabling the Device Load Balancing policy . . . . . . . . . . . . . . . . 42 Disabling the Device Load Balancing policy. . . . . . . . . . . . . . . . 42 Device Load Balancing policy considerations . . . . . . . . . . . . . . 42 Persistent ALPA policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43 Enabling the Persistent ALPA policy . . . . . . . . . . . . . . . . . . . . . .
Considerations for the Brocade 8000 . . . . . . . . . . . . . . . . . . . . . . . . 65 Port mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Policy and feature support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Fabric OS command support . . . . . . . . . . . . . . . . . . . . . . . . . . . 66 Considerations for the Brocade 6510 . . . . . . . . . . . . . . . . . . . . . . . . 66 Chapter 4 SAN Configuration with Access Gateway In this chapter . . .
Figures Figure 1 Switch function in Native mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Figure 2 Switch function in Access Gateway mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Figure 3 Port usage comparison . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Figure 4 Port mapping example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
x Access Gateway Administrator’s Guide 53-1002156-01-
Tables Table 1 Fabric OS components supported on Access Gateway . . . . . . . . . . . . . . . . . . . . . 3 Table 2 Port configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Table 3 Port state description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Table 4 Description of port mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
xii Access Gateway Administrator’s Guide 53-1002156-01
About This Document In this chapter • How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiii • Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv • What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xiv • Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xv • Notice to the reader . . . . . . . . . . . . .
In this chapter Supported hardware and software In those instances in which procedures or parts of procedures documented here apply to some switches but not to others, this guide identifies exactly which switches are supported and which are not. Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc., for Fabric OS v7.0, documenting all possible configurations and scenarios is beyond the scope of this document.
In this chapter Document conventions This section describes text formatting conventions and important notices formats.
In this chapter ATTENTION An Attention statement indicates potential damage to hardware or data. CAUTION A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data. DANGER A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.
In this chapter Key terms For definitions of SAN-specific terms, visit the Storage Networking Industry Association online dictionary at: http://www.snia.org/education/dictionary. For definitions specific to Brocade and Fibre Channel, see the Brocade Glossary. The following terms are used in this manual to describe Access Gateway mode and its components.
In this chapter Release notes are available on the MyBrocade website (http://my.brocade.com) and are also bundled with the Fabric OS firmware. Other industry resources • White papers, online demonstrations, and data sheets are available through the Brocade website at http://www.brocade.com/products/software.jhtml. • Best practice guides, white papers, data sheets, and other documentation are available through the Brocade Partner website.
In this chapter 2.
In this chapter xx Access Gateway Administrator’s Guide 53-1002156-01
Chapter 1 Access Gateway Basic Concepts In this chapter • Brocade Access Gateway overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Fabric OS features in Access Gateway mode. . . . . . . . . . . . . . . . . . . . . . . . . . • Access Gateway port types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Access Gateway hardware considerations. . . . . . . . . . . . . . . . . . . . . . . . . . . .
1 Brocade Access Gateway overview For comparison, Figure 1 illustrates switch function in Native mode and Figure 2 illustrates switch function in AG mode.
Fabric OS features in Access Gateway mode FIGURE 2 1 Switch function in Access Gateway mode Fabric OS features in Access Gateway mode Table 1 lists Fabric OS components that are supported on a switch when AG mode is enabled. “Yes” indicates that the feature is supported in Access Gateway mode. “No” indicates that the feature is not provided in AG mode. “NA” indicates the feature is not applicable in Access Gateway mode.
1 Fabric OS features in Access Gateway mode TABLE 1 Fabric OS components supported on Access Gateway (Continued) Feature Support DHCP Yes Encryption Configuration and Management No Environmental Monitor Yes Error Event Management Yes Extended Fabrics No Fabric Device Management Interface (FDMI) Yes* Fabric Manager Yes** Fabric Provisioning No Fabric Services No Fabric Watch Yes Please refer to the Fabric Watch Administrator's Guide for applicable support details.
Access Gateway port types TABLE 1 1 Fabric OS components supported on Access Gateway (Continued) Feature Support Speed Negotiation Yes Syslog Daemon Yes Trunking Yes** User-Defined Roles Yes ValueLineOptions (Static POD, DPOD) Yes Virtual Fabrics No3 Web Tools Yes Zoning NA 1. When a switch is behaving as an AG, RBAC features in Fabric OS are available, but there are some limitations. For more information on the limitations, refer to “Access Gateway hardware considerations” on page 6.
1 Access Gateway hardware considerations Access Gateway Ports Switch in AG mode Fabric Hosts N_Port Edge Switch F_Port N_Port N_Port F_Port NPIV enabled F_Port Fabric Switch Ports Fabric FIGURE 3 Hosts Switch in Native Fabric mode N_Port F_Port E_Port E_Port N_Port F_Port E_Port E_Port Fabric Switch Port usage comparison Table 2 shows a comparison of port configurations with AG to a standard fabric switch.
Chapter Configuring Ports in Access Gateway Mode 2 In this chapter • Enabling and disabling Access Gateway mode . . . . . . . . . . . . . . . . . . . . . . . . 7 • Access Gateway mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 • N_Port configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 Enabling and disabling Access Gateway mode Use the following steps to enable and disable Access Gateway mode.
2 Enabling and disabling Access Gateway mode You can display the port mappings and status of the host connections to the fabric on Access Gateway. 7. Enter the ag --mapshow command to display all the mapped ports. The ag --mapshow command shows all enabled N_Ports, even if those N_Ports are not connected.
Enabling and disabling Access Gateway mode 2 When you disable AG mode, the switch automatically reboots and comes back online using the fabric switch configuration; the AG parameters, such as port mapping, and Failover and Failback, are automatically removed. When the switch reboots, it starts in Fabric OS Native mode. To re-join the switch to the core fabric, refer to “Rejoining Fabric OS switches to a fabric” on page 73. 9. Enter the switchDisable command to disable the switch.
2 Access Gateway mapping Access Gateway mapping When operating in AG mode, you must specify pre-provisioned routes that AG will use to direct traffic from the devices (hosts or targets) on its F_Ports to the ports connected to the fabric using its N_Ports. This is unlike Native switch mode where the switch itself determines the best path between its F_Ports. This process of pre-provisioning routes in AG mode is called “mapping.
Access Gateway mapping Hosts Host_1 2 Fabric Access Gateway Edge Switch (Switch_A) F_1 F_A1 N_1 Host_2 NPIV enabled F_2 F_A2 Host_3 Host_4 N_2 NPIV enabled F_3 Edge Switch (Switch_B) F_4 F_B1 N_3 Host_5 NPIV enabled F_5 F_B2 N_4 FIGURE 4 Host_6 F_6 Host_7 F_7 Host_8 F_8 NPIV enabled Port mapping example Table 4 provides a description of the port mapping in Figure 4.
2 Access Gateway mapping TABLE 5 .
Access Gateway mapping TABLE 5 Access Gateway default port mapping (Continued) Brocade Model Total ports F_Ports N_Ports Default port mapping 5450 26 1-25 Not all ports may be present.
2 Access Gateway mapping Considerations for initiator and target ports The following connections are possible for the Fibre Channel Protocol (FCP) initiator (host) and target ports through AG: • All F_Ports connect to all initiator ports. • All F_Ports connect to all target ports. • Some F_Ports connect to initiator ports and some F_Ports connect to target ports. For the last case, communication between initiator and target ports is not supported if both are mapped to the same N_Port.
Access Gateway mapping 2 3. Enter the ag --mapshow command and specify the port number to display the list of mapped F_Ports. Verify that the added F_Ports appear in the list. switch:admin> ag --mapshow 13 N_Port Failover(1=enabled/0=disabled) Failback(1=enabled/0=disabled) Current F_Ports Configured F_Ports PG_ID PG_Name : : : : : : : 13 1 1 None 6;7 0 pg0 Removing F_Ports from an N_Port 1. Connect to the switch and log in using an account assigned to the admin role. 2.
2 Access Gateway mapping F_Port Static Mapping The F_Port Static Mapping feature allows you to change mapping of an F_Port to a different N_Port using a single Fabric OS command, rather than using two commands. Using two commands can be slow and can cause some time-critical applications to malfunction.
Access Gateway mapping 2 Device mapping Device mapping allows you to map individual N_Port ID Virtualization (NPIV) devices to N_Ports. By mapping device WWNs directly to an N_Port group (recommended) or specific N_Ports, traffic from the device will always go to the same N_Port or N_Port group, regardless of the F_Port where the device logs in.
2 Access Gateway mapping Hosts/Targets WWN1 Access Gateway F_1 N_1 F_2 N_2 WWN2 PG1 F_3 N_3 WWN3 F_4 N_4 WWN4 F_5 N_5 WWN5 PG2 F_6 N_6 FIGURE 5 Example of device mapping to N_Port groups Figure 6 shows an example of device mapping to specific N_Ports. Note that you can map one or multiple WWNs to one N_Port to allow multiple devices to log in through one N_Port.
Access Gateway mapping Hosts/Targets 2 Access Gateway WWN1 F_1 WWN2 F_2 N_1 N_2 WWN3 WWN4 F_3 WWN5 F_4 N_3 N_4 WWN6 FIGURE 6 WWN7 F_5 WWN8 F_6 N_5 Example device mapping to an N_Port Static versus dynamic mapping Device mapping can be classified as either “static” or “dynamic” as follows: • Device mapping to an N_Port and to an N_Port group are considered static.
2 Access Gateway mapping Use the following steps to map one or more devices to an N_Port group or remove device mapping from an N_Port group. 1. Connect to the switch and log in using an account assigned to the admin role. 2. To add one or multiple device WWNs to an N_Port group, enter the ag --addwwnpgmapping Port_Group command with the [WWN];[WWN] option. All the listed device WWNs will use the least-loaded N_Port in the port group when they log in, unless a specific device mapping can be used instead.
Access Gateway mapping 2 The --all option edits all the currently existing mappings. None of the --all options have any way to detect what devices are using the switch. This option edits the mappings that are in the list. To change all current device mappings to a different N_Port, enter the ag --addwwnmapping N_Port command with the --all option. The following command changes all the existing device mappings to use port 17. ag --addwwnmapping 17 --all 3.
2 Access Gateway mapping Enabling device mapping Use the following steps to enable device mapping for all or specific devices that were previously disabled. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the ag --wwnmappingenable command with the [WWN]; [WWN] option to enable mapping for specific WWNs. The following example enables two device WWNs.
Access Gateway mapping 2 Pre-provisioning You can use Fabric OS commands, Web Tools, and Fabric Manager to map devices that do not yet exist. This allows applicable management programs to push configuration changes without worrying about the order in which they are received. For example, if system administrators need to push a set of port group changes and a set of device mapping changes, they could push them in either order without error. This also applies to using Fabric OS commands for device mapping.
2 Access Gateway mapping • Make sure targets can be reached by the base device so that I/Os can resume if the mapped device fails over and I/Os move over to the base PID. • Reboot the server so that it initializes and uses configured device mapping. Considerations for Access Gateway mapping This section outlines considerations and limitations for Access Gateway mapping types.
N_Port configurations 2 NOTE Access Gateway algorithms reduce the chances of PID collisions, but they cannot be totally eliminated. In some cases, you may be able to configure your virtual or physical fabrics to further reduce PID collisions. • Device mapping is not supported when firmware is downgraded to Fabric OS v6.3.x or earlier. You must delete device mappings before downgrading or disable Device Load Balancing.
2 N_Port configurations FIGURE 7 Example of adding an external F_Port (F9) on an embedded switch NOTE A switch in Access Gateway mode must have at least one port configured as an N_Port. Therefore, the maximum number of F_Ports that can be mapped to an N_Port is the number of ports on the switch minus one. Displaying N_Port configurations Use the following steps to determine which ports on a switch are locked as N_Ports. 1. Connect to the switch and log in using an account assigned to the admin role.
N_Port configurations 2 Unlocking the N_Port configuration automatically changes the port to an F_Port. When you unlock an N_Port, the F_Ports are automatically unmapped and disabled. Following are procedures for unlocking N_Ports that are in locked mode. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the portcfgnport command to display which ports on the switch are locked as N_Ports.
2 28 N_Port configurations Access Gateway Administrator’s Guide 53-1002156-01
Chapter Managing Policies and Features in Access Gateway Mode 3 In this chapter • Access Gateway policies overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Advanced Device Security policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Automatic Port Configuration policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Port Grouping policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
3 Advanced Device Security policy WWN Based Load Balancing wwnloadbalance Disabled Access Gateway policy enforcement matrix Table 6 shows which combinations of policies can co-exist with each other.
Advanced Device Security policy 3 Enabling and disabling the ADS policy By default, the ADS policy is disabled. When you manually disable the ADS policy, all of the allow lists (global and per-port) are cleared. Before disabling the ADS policy, you should save the configuration using the configUpload command in case you need this configuration again. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the ag --policyenable ads command to enable the ADS policy.
3 Advanced Device Security policy switch:admin> ag --adsset "1;10;13" "*" WWN list set successfully as the Allow Lists of the F_Port[s] Setting the list of devices not allowed to log in 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the ag --adsset command with the appropriate options to set the list of devices not allowed to log in to specific ports. In the following example, ports 11 and 12 are set to “no access.
Advanced Device Security policy 3 Lists must be enclosed in quotation marks. List members must be separated by semicolons. Replace the F_Port list with an asterisk (*) to add the specified WWNs to all the F_Ports' allow lists. The ADS policy must be enabled for this command to succeed. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the ag --adsadd command with the appropriate options to add one or more new devices to the list of allowed devices.
3 Automatic Port Configuration policy Automatic Port Configuration policy The Automatic Port Configuration (APC) provides the ability to automatically discover port types (host, target, or fabric) and dynamically update the port maps when a change in port-type connection is detected. This policy is intended for a fully hands-off operation of Access Gateway. APC dynamically maps F_Ports across available N_Ports so they are evenly distributed.
Port Grouping policy 3 Access Gateway configuration has been restored to factory default 6. Enter the switchEnable command to enable the switch. Automatic Port Configuration policy considerations Following are the considerations for the Automatic Port Configuration (APC) policy: • The APC and the PG policies cannot be enabled at the same time.
3 Port Grouping policy F_Port1 N_Port1 F_Port2 F_Port3 Fabric-1 Storage Array-1 Fabric-2 Storage Array-2 N_Port2 F_Port4 PG1 AG F_Port5 N_Port3 F_Port6 F_Port7 N_Port4 F_Port8 PG2 FIGURE 8 Port grouping behavior When a dual redundant fabric configuration is used, F_Ports connected to a switch in AG mode can access the same target devices from both of the fabrics. In this case, you must group the N_Ports connected to the redundant fabric into a single port group.
Port Grouping policy 3 Deleting an N_Port from a port group Before deleting an N_Port, all F_Ports mapped to the N_Port should be remapped before the N_Port is deleted from a port group. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the ag --pgdel command with the appropriate options to delete an N_Port from a specific port group. In the following example, N_Port 13 is removed from port group 3.
3 Port Grouping policy Port Grouping policy modes You can enable and disable the Automatic Login Balancing and Managed Fabric Name Monitoring (MFNM) Port Grouping policy modes when you create port groups using the pgcreate command. Alternately, you can enable these modes using the ag --pgsetmodes command. Automatic Login Balancing mode If Automatic Login Balancing mode is enabled for a port group and an F_Port goes offline, logins in the port group are redistributed among the remaining F_Ports.
Port Grouping policy 3 3. Enter the ag --pgshow command to verify the port group was created.
3 Port Grouping policy ------------------------------------------------- Considerations when disabling Automatic Login Balancing mode Consider the following when disabling Automatic Login Balancing mode: • Be aware that modifying Automatic Login Balancing mode default settings using the agautomapbalance command may yield uneven distribution of F_Ports to N_Ports. In such cases, you might consider a manual login distribution that forces a rebalancing of F_Ports to N_Ports.
Port Grouping policy 3 Setting the current MFNM mode timeout value 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the ag --pgfnmtov command, followed by a value in seconds. switch:admin> ag --pgfnmtov 100 This sets the timeout value to 100 seconds. Port Grouping policy considerations Following are the considerations for the Port Grouping policy: • A port cannot be a member of more than one port group. • The PG policy is enabled by default in Fabric OS v6.
3 Device Load Balancing policy Device Load Balancing policy When Device Load Balancing policy is enabled, devices mapped to a port group always log into the least-loaded N_Port in that port group. This helps to distribute the login load on each of the N_Ports. This policy is intended for use in conjunction with device mapping. It provides an automatic approach to mapping devices to the least-loaded N_Port within an N_Port group.
Persistent ALPA policy 3 • If a device is mapped to a port that is currently part of a trunk, then the device will use that trunk. When trunking is used with the Device Load Balancing policy, then the load on each trunk will be proportional to the number of ports in that trunk. Use the ag -show command to determine the devices using a particular trunk. • When using the Device Load Balancing policy, make sure that all ports in the port group have the same NPIV login limit.
3 Persistent ALPA policy To ensure consistency among the different devices, after Persistent ALPA is enabled, all the ALPAs become persistent, whether or not they were logged in before the Persistent ALPA policy was enabled. Disabling the Persistent ALPA policy When you disable this policy, do not specify the value type (for example, flexible ALPA or stringent ALPA). Use the following steps. 1. Connect to the switch and log in using an account assigned to the admin role. 2.
Failover 3 NOTE All the device data must be persistent in case of a reboot. During a reboot, the tables will be dumped to the persistent_NPIV_config file. Persistent ALPA policy considerations The Persistent ALPA policy is not supported in the following situations: • When AG N_Ports are connected to the shared ports of 48-port Director blades. • Cisco fabrics. Enable Persistent FCID mode on the connecting Cisco switch to achieve the same functionality.
3 Failover Failover example The following example shows the failover sequence of events in a scenario where two fabric ports go offline, one after the other. Note that this example assumes that no preferred secondary N_Port is set for any of the F_Ports. • First, the Edge switch F_A1 port goes offline, as shown in Figure 10 on page 46 Example 1 (left), causing the corresponding Access Gateway N_1 port to be disabled. The ports mapped to N_1 fail over; F_1 fails over to N_2 and F_2 fails over to N_3.
Failover 3 Adding a preferred secondary N_Port (optional) F_Ports automatically fail over to any available N_Port. Alternatively, you can specify a preferred secondary N_Port in case the primary N_Port fails. If the primary N_Port goes offline, the F_Ports fail over to the preferred secondary N_Port (if it is online), then re-enable. If the secondary N_Port is offline, the F_Ports will disable. Define the preferred secondary N_Ports per F_Port.
3 Failover Adding a preferred secondary N-Port for device mapping (optional) Use the following steps to configure a secondary N_Port where devices will connect if their first or primary N_Port, if defined, is unavailable. 1. Connect to the switch and log in using an account assigned to the admin role. 2. To configure an N_Port as a failover port for one or multiple devices mapped to a specific N_Port, enter the ag --addwwnfailovermapping N_Port command with the “[WWN];[WWN]” option.
Failback policy 3 3. Enter the ag --failoverenable N_Port command to enable failover. switch:admin> ag --failoverenable 13 Failover policy is enabled for port 13 4. Enter the ag --failoverdisable N_Port command to disable failover. switch:admin> ag --failoverdisable 13 Failover policy is disabled for port 13 Enabling and disabling the Failover policy for a port group The failover policy can be enabled on a port group.
3 Failback policy Failback policy configurations in Access Gateway The following sequence describes how a failback event occurs: • When an N_Port comes back online, with the Failback policy enabled, the F_Ports that were originally mapped to it are temporarily disabled. • The F_Port is rerouted to the primary mapped N_Port, and then re-enabled. • The host establishes a new connection with the fabric. NOTE The failback period is quite fast and rarely causes an I/O error at the application level.
Failback policy 3 Enabling and disabling the Failback policy on an N_Port Use the following steps to enable or disable the Failback policy on N_Ports. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the ag --failbackshow n_portnumber command to display the failover setting. switch:admin> ag --failbackshow 13 Failback on N_Port 13 is not supported 3.
3 Trunking in Access Gateway mode ag --reliabilitycounterset “count” You can view counter settings using the following command. ag --reliabilitycountershow Considerations for Failback policy disable on unreliable links Consider the following when an N_Port link becomes reliable again after being unreliable: • • • • Preferred N_Port settings are enforced. If failback is enabled, configured F_Ports will fail back to the N_Port. If the configured F_Ports are offline, they will go back online.
Trunking in Access Gateway mode 3 Configuring trunking on the edge switch Because AG Trunking configuration is mostly on the Edge switch, information in this section is applicable to the Edge switch module and not the AG module. On the AG module, you only need to ensure that the trunking license is applied and enabled. On the Edge switch, you must first configure an F_Port trunk group and statically assign an Area_ID to the trunk group.
3 Trunking in Access Gateway mode Configuration management for trunk areas The portttrunkarea command does not allow ports from different admin domains (ADs) and ports from different logical switches to join the same trunk area (TA) group. When you assign a TA, the ports within the TA group will have the same Index. The Index that was assigned to the ports is no longer part of the switch.
Trunking in Access Gateway mode 3 4. Show the TA port configuration (ports still disabled). switch:admin> porttrunkarea --show enabled Slot Port Type State Master TI DI ------------------------------------------10 13 ---125 125 10 14 ---125 126 ------------------------------------------- 5. Enable the ports specified in step 3. Continuing with the example shown in step 3, this would mean enabling ports 13 and 14. switch:admin> portenable 10/13 switch:admin> portenable 10/14 6.
3 Trunking in Access Gateway mode 5. Enter the switchhow command to display the switch or port information, including created trunks. Disabling F_Port trunking Use the following steps to disable F_Port trunking. 1. Connect to the switch and log in using an account assigned to the admin role. 2. Enter the porttrunkarea --disable command.
Trunking in Access Gateway mode TABLE 8 3 Access Gateway trunking considerations for the Edge switch (Continued) Category Description Management Server Registered Node ID (RNID), Link Incident Record Registration (LIRR), and Query Security Attributes (QSA) Extended Link Service Requests (ELSs) are not supported on F_Port trunks. Trunk area The port must be disabled before assigning a Trunk Area on the Edge switch to the port or removing a Trunk Area from a trunk group.
3 Trunking in Access Gateway mode TABLE 8 Access Gateway trunking considerations for the Edge switch (Continued) Category Description FC8-48 blades F_Port trunking does not support shared area ports on the Brocade FC8-48 blades in a 48000. F_Port trunking is supported on all ports on the Brocade FC8-48 in the DCX and DCX-4S. FC4-32 blade If an FC4-32 blade has the Trunk Area enabled on ports 16 - 31 and the blade is swapped with a FC8-48 blade, the Trunk Area ports will be persistently disabled.
Trunking in Access Gateway mode TABLE 8 3 Access Gateway trunking considerations for the Edge switch (Continued) Category Description D,I. Zoning (D,I) AD (D, I) DCC and (PWWN, I) DCC Creating a Trunk Area may remove the Index (“I”) from the switch to be grouped to the Trunk Area. All ports in a Trunk Area share the same “I”. This means that Domain,Index (D,I), which refers to an “I”, that might have been removed, will no longer be part of the switch.
3 Adaptive Networking on Access Gateway Adaptive Networking on Access Gateway Adaptive Networking (AN) services ensure bandwidth for critical servers, virtual servers, or applications in addition to reducing latency and minimizing congestion. Adaptive Networking in Access Gateway works in conjunction with the Quality of Service (QoS) feature on Brocade fabrics. Fabric OS provides a mechanism to assign traffic priority, (high, medium, or low) for a given source and destination traffic flow.
Adaptive Networking on Access Gateway FIGURE 12 3 Starting point for QoS Upgrade and downgrade considerations for Adaptive Networking in AG mode Downgrading to Fabric OS v6.4.0 from Fabric OS 7.0.0 is supported. Note the following considerations when upgrading to Fabric OS v7.0.0 from Fabric OS v6.2.X and earlier and downgrading from Fabric OS v7.0.0 to Fabric OS v6.2.X and earlier: • If any of the AG QoS-enabled ports are active and you attempt a firmware downgrade, the downgrade is prevented.
3 Per-Port NPIV login limit • Ingress rate limiting is not enforced on trunked ports. Per-Port NPIV login limit The Per-Port NPIV login limit feature allows you to set a specific maximum NPIV login limit on individual ports. This feature works in both Native and Access Gateway modes. Using this feature, you can use additional tools to design and implement a virtual infrastructure. In Access Gateway mode, this feature allows smaller login limits for F_Ports and larger limits for N_Ports.
Advanced Performance Monitoring • • • • • • • 3 perfMonitorClear perfMonitorShow --class EE perfResourceShow perfCfgSave perfCfgClear perfCfgRestore fmmonitor You can also use Fabric Watch to configure thresholds corresponding to specific frame monitors Refer to the Fabric Watch Administrator's Guide for details.
3 Advanced Performance Monitoring • • • • • • • • Create a new frame type Delete a specified frame type. Delete the set of ports on which the specified frame type can be monitored. Add a set of ports for which a specific frame type can be monitored. Save a set of ports on which the specified frame type can be monitored. Show different frame types configured on the switch, as well as frame counters. Change properties for a particular frame type, such as thresholds and bit pattern.
Considerations for the Brocade 8000 3 Considerations for the Brocade 8000 This section provides information on differences in operation, Fabric OS command function, and features on the Brocade 8000 when operating in Access Gateway mode. Port mapping The Brocade 8000 contains FCoE and Fibre Channel ports. In Access Gateway mode, the FCoE ports are configured logically as F_Ports, while the Fibre Channel ports are configured as N_Ports.
3 Considerations for the Brocade 6510 Fabric OS command support This section describes how Fabric OS commands are supported on the Brocade 8000 in AG mode.
Chapter 4 SAN Configuration with Access Gateway In this chapter • Connectivity of multiple devices overview . . . . . . . . . . . . . . . . . . . . . . . . . . . • Direct target attachment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Target aggregation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Access Gateway cascading . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
4 Direct target attachment Direct target attachment FCP targets can directly connect to an AG module instead of through a fabric connection, as illustrated in Figure 13.
Target aggregation 4 Target aggregation Access Gateway mode is normally used as host aggregation. In other words, a switch in AG mode aggregates traffic from a number of host systems onto a single uplink N_Port. Similarly, many targets can be aggregated onto to a single uplink N_Port, as shown in Figure 14 Target aggregation has many applications.
4 Access Gateway cascading Access Gateway cascading Access Gateway cascading is an advanced configuration supported in Access Gateway mode. Access Gateway cascading allows you to further increase the ratio of hosts to fabric ports to beyond what a single switch in AG mode can support. Access Gateway cascading allows you to link two Access Gateway (AG) switches, back to back. The AG switch that is directly connected to the fabric is referred to as the Core AG.
Fabric and Edge switch configuration 4 Fabric and Edge switch configuration To connect devices to the fabric using Access Gateway, configure the fabric and Edge switches within the fabric that will connect to the AG module using the following parameters. These parameters apply to Fabric OS, M-EOS, and Cisco-based fabrics: • Install and configure the switch as described in the switch’s hardware reference manual before performing these procedures.
4 Connectivity to Cisco fabrics Enabling NPIV on M-EOS switches 1. Connect to the switch and log in as admin on the M-EOS switch. 2. Enable Open Systems Management Server (OSMS) services by entering the following commands. For the Mi10K switch, enter the following command. fc osmsState vfid state where vfid Virtual fabric identification number. state Can be enable for the enabled state or disable for the disabled state. For other McDATA switches, enter the following command.
Rejoining Fabric OS switches to a fabric 4 5. Enter the following commands to save the MDS switch connection: copy run start Your Cisco switch is now ready to connect to a switch in Access Gateway mode. Rejoining Fabric OS switches to a fabric When a switch reboots after AG mode is disabled, the Default zone is set to no access. Therefore, the switch does not immediately join the fabric to which it is connected.
4 74 Rejoining Fabric OS switches to a fabric Access Gateway Administrator’s Guide 53-1002156-01
Appendix A Troubleshooting Table 10 provides troubleshooting instructions for Access Gateway. TABLE 10 Troubleshooting Problem Cause Solution Switch is not in Access Gateway mode Switch is in Native switch mode Disable switch using the switchDisable command. Enable Access Gateway mode using the ag --modeenable command. Answer yes when prompted; the switch reboots. Log in to the switch. Display the switch settings using the switchShow command.
A TABLE 10 Troubleshooting Troubleshooting (Continued) Problem Cause Solution Access Gateway is mode not wanted Access Gateway must be disabled. Disable switch using the switchDisable command. Disable Access Gateway mode using the ag --modeDisable command. Answer yes when prompted; the switch reboots. Log in to the switch. Display the switch settings using the switchShow command. Verify that the field switchMode displays Fabric OS Native mode.
Index A B Access Gateway cascading, 70 comparison to standard switches, 5 compatible fabrics, 1 connecting devices, 67 connecting two AGs, 70 description, 1 displaying information, 72 features, 3 limitations, 6 mapping description, 11 port types, 5 Access Gateway mode comparison, 2, 3 disabling, 9 port types, 5 supported firmware versions, 67 terms, xvii verifying, 7 adaptive networking, 60 AG considerations, 61 upgrade and downgrade considerations, 61 adding devices to fabric, 32 address Identifier, 54
commands ag --addwwnfailovermapping, 48 ag --addwwnpgmapping, 20 ag --delwwnfailovermapping, 48 ag --delwwnpgmapping, 20 ag --failbackEnable, 51 ag --failbackShow, 51, 75 ag --failoverDisable, 49 ag --failoverEnable, 49 ag --failoverShow, 48, 75 ag --mapAdd, 14 ag --mapDel, 15 ag --mapShow, 8, 15 ag --modeDisable, 9, 76 ag --modeEnable, 7, 75 ag --modeShow, 7 ag --policydisable wwnloadbalance, 42 ag --policyenable wwnloadbalance, 42 ag --wwnmapping, 20, 21, 48 ag --wwnmappingdisable, 21 ag --wwnmappingenabl
F J F_Port adding external port on embedded switch, 26 description, 5 mapping, example, 11 maximum number mapped to N_Port, 26 settings, Edge switch, 71 shared area ports, 54 trunking setup, 53 fabric compatibility, 71 inband queries, 71 join, 73 logins, 71 management server platform, 71 zoning scheme, 71 Fabric OS management server platform service settings, 71 failback policy upgrade and downgrade considerations, 51 failback policy example, 46, 50 failover device mapping, 47 failover example, 46 failove
N N_Port configurations, 25 description, 5 displaying configurations, 26 failover in a PG, 41 mapping example, 11 masterless trunking, 53 maximum number supported, 26 multiple trunk groups, 59 trunk groups, 59 unlock, 26 unlocking, 27 N_Port configurations displaying, 26 N_Ports unlocking, 26 native switchMode, 71 non disruptive, 57 NPIV Edge switch, 71 enabling on Cisco switch, 72 enabling on M-EOS switch, 72 login limit, 62 support, 67 O optional features, xviii P per port NPIV login limit, 62 performan
Q U QoS firmware downgrade, 61 ingress rate limiting, 60 SID/DID traffic prioritization, 60 unlock N_Port, 26 upgrading, 57 V R VMware configuration for device mapping, 23 removing devices from switch, 32 removing trunk ports, 57 requirements, ports, 67 Z S zoning schemes, 71 setting, 73 settings FLOGI, 71 inband queries, 71 management server platform, 71 zone, no access, 73 static vs.
82 Access Gateway Administrator’s Guide 53-1002156-01
