Fabric OS Administrator’s Guide 143
53-1001763-02
SCC policies 7

SCC policies

The switch connection control (SCC) policy is used to restrict which switches can join the fabric.
Switches are checked against the policy each time an E_Port-to-E_Port connection is made. The
policy is named SCC_POLICY and accepts members listed as WWNs, domain IDs, or switch names.
Only one SCC policy can be created.
By default, any switch is allowed to join the fabric; the SCC policy does not exist until it is created.
When connecting a Fibre Channel router to a fabric or switch that has an active SCC policy, the
front domain of the Fibre Channel router must be included in the SCC policy.
SCC policy states are shown in Table 30.
Virtual Fabric considerations: In a logical fabric environment the SCC policy enforcement is not
done on the logical ISL. For a logical ISL-based switch, the SCC policy enforcement is considered as
the reference and the logical ISL is formed if the SCC enforcement passes on the extended ISL. The
following functionality changes:
A logical switch supports an SCC policy. You can configure and distribute an SCC policy on a
logical switch.
SCC enforcement is performed on a ISL based on the SCC policy present on the logical switch.
For more information on Virtual Fabrics, refer to Chapter 10, “Managing Virtual Fabrics”.

Creating an SCC policy

1. Connect to the switch and log in using an account assigned to the admin role.
2. Enter the secPolicyCreate “SCC_POLICY” command.
3. Save or activate the new policy by entering either the secPolicySave or the secPolicyActivate
command.
If neither of these commands is entered, the changes are lost when the session is logged out.
Example of creating an SCC policy
For example, to create an SCC policy that allows switches that have domain IDs 2 and 4 to join
the fabric:
switch:admin> secpolicycreate "SCC_POLICY", "2;4"
SCC_POLICY has been created
switch:admin> secpolicysave
TABLE 30 SCC policy states
Policy state SCC policy enforcement
No active policy All switches can connect to the switch with the specified policy.
Active policy that has no members All neighboring switches are segmented.
Active policy that has members The neighboring switches not specified in the SCC policy are
segmented.