Manuals / Brands / Baby / Model Vehicle / Brocade Communications Systems / Baby / Model Vehicle

Brocade Communications Systems 53-1003126-02 Supported Fabric OS commands

1 104

Download 104 pages, 1.65 Mb

To perform authentication with switch policy, the on and off policy modes are supported on the AG

switch. To perform authentication with device policy, the on, off, and passive modes are supported on

the AG switch.

Behavior of sending AG switch and receiving fabric switch with different policies configuredTABLE 2

Fabric switch with device

policy mode ON

Fabric switch with device

policy mode PASSIVE

Fabric switch with device

policy mode OFF

AG switch with

switch policy

mode on

Authorization negotiation -

accept

DH-CHAP/FCAP:

Success - N_Port

Failure - disable

Authorization negotiation -

accept

DH-CHAP/FCAP:

Success - N_Port

Failure - disable

Authorization negotiation -

reject

N_Port without

authentication

AG switch with

switch policy off

No negotiation

No light

No Negotiation

N_Port without authenctication.

No negotiation

N_Port without

authentication

Behavior of sending device (HBA) and receiving AG switch with different policies

configured

TABLE 3

AG switch with device

policy mode ON

AG switch with device

policy mode PASSIVE

AG switch with device

policy mode OFF

HBA authentication enabled Authorization negotiation

- accept

DH-CHAP

Success - F_Port

Failure - disable

Authorization negotiation -

accept

DH-CHAP

Success - F_Port

Failure - disable

Authorization negotiation

- reject

F_Port without

authentication

HBA authenticationdisabled No negotiation

No light

No negotiation

F_Port without

authentication

No negotiation

F_Port without

authentication

Supported Fabric OS commands

All Fabric OS commands for authentication policy apply to AG switches, including the following:

• authutil -- policy

• authutil --show

• authutil --set

• secauthsecret --set

• secauthsecret --show

NOTE

Although authutil --authinit is not supported in AG mode, it is supported in native mode.

Supported Fabric OS commands

22 Access Gateway Administrator's Guide

53-1003126-02

Contents

Main Page Contents Page Page Page Preface Document conventions Text formatting conventions Command syntax conventions Notes, cautions, and warnings Notes, cautions, and warnings Brocade resources Contacting Brocade Technical Support Brocade customers Brocade OEM customers Brocade resources Document feedback Document feedback About This Document Supported hardware and software Whats new in this document Changes made for Fabric OS 7.3.0a Key terms for Access Gateway Key terms for Access Gateway About This Document Page Access Gateway Basic Concepts Brocade Access Gateway overview Comparing Native Fabric and Access Gateway modes Page Fabric OS features in Access Gateway mode Fabric OS features in Access Gateway mode Page Fabric OS components supported on Access Gateway (Continued)TABLE 1 Buffer credit recovery support Forward error correction support Buffer credit recovery support Virtual Fabrics support Device authentication support Supported policy modes Virtual Fabrics support Supported Fabric OS commands Supported Fabric OS commands Limitations and considerations AG mode without all POD licenses Password distribution support Limitations and considerations FDMI support Access Gateway port types Comparison of Access Gateway ports to standard switch ports FDMI support Page Access Gateway hardware considerations Access Gateway hardware considerations Configuring Ports in Access Gateway Mode Enabling and disabling Access Gateway mode Port state description Port state description Access Gateway mapping Port mapping Access Gateway mapping Default port mapping Default port mapping Page Page Page Page Considerations for initiator and target ports Adding F_Ports to an N_Port Considerations for initiator and target ports Removing F_Ports from an N_Port F_Port Static Mapping Removing F_Ports from an N_Port Considerations for using F_Port Static Mapping with other AG features and policies Upgrade and downgrade considerations Device mapping Considerations for using F_Port Static Mapping with other AG features and policies Page Page Page Device mapping to port groups (recommended) Device mapping to port groups (recommended) Device mapping to N_Ports Disabling device mapping Device mapping to N_Ports Enabling device mapping Displaying device mapping information Pre-provisioning Enabling device mapping VMware configuration considerations Considerations for Access Gateway mapping VMware configuration considerations Mapping priority Device mapping considerations Mapping priority N_Port configurations N_Port configurations Displaying N_Port configurations Unlocking N_Ports Persisting port online state Displaying N_Port configurations D_Port support Limitations and considerations D_Port support Saving port mappings Saving port mappings Page Managing Policies and Features in Access Gateway Mode Access Gateway policies overview Displaying current policies Access Gateway policy enforcement matrix Advanced Device Security policy How the ADS policy works Enabling and disabling the ADS policy Advanced Device Security policy Allow lists Setting the list of devices allowed to log in Allow lists Setting the list of devices not allowed to log in Removing devices from the list of allowed devices Adding new devices to the list of allowed devices Setting the list of devices not allowed to log in Displaying the list of allowed devices on the switch Automatic Port Configuration policy How the APC policy works Enabling and disabling the APC policy Enabling the APC policy Displaying the list of allowed devices on the switch Port Grouping policy Disabling the APC policy How port groups work How port groups work Adding an N_Port to a port group Deleting an N_Port from a port group Removing a port group Adding an N_Port to a port group Renaming a port group Disabling the Port Grouping policy Port Grouping policy modes Automatic Login Balancing mode Managed Fabric Name Monitoring mode Creating a port group and enabling Automatic Login Balancing mode Rebalancing F_Ports Considerations when disabling Automatic Login Balancing mode Creating a port group and enabling Automatic Login Balancing mode Enabling MFNM mode Disabling MFNM mode Displaying the current MFNM mode timeout value Setting the current MFNM mode timeout value Port Grouping policy considerations Device Load Balancing policy Enabling the Device Load Balancing policy Upgrade and downgrade considerations for the Port Grouping policy Disabling the Device Load Balancing policy Device Load Balancing policy considerations Persistent ALPA policy Disabling the Device Load Balancing policy Enabling the Persistent ALPA policy Disabling the Persistent ALPA policy Persistent ALPA device data Removing device data from the database Enabling the Persistent ALPA policy Failover policy Displaying device data Failover with port mapping Failover configurations in Access Gateway Failover example Failover with port mapping Page Page Adding a preferred secondary N_Port (optional) Deleting F_Ports from a preferred secondary N_Port Failover with device mapping Adding a preferred secondary N_Port (optional) Adding a preferred secondary N_Port for device mapping (optional) Deleting a preferred secondary N_Port for device mapping (optional) Enabling and disabling the Failover policy on an N_Port Adding a preferred secondary N_Port for device mapping (optional) Enabling and disabling the Failover policy for a port group Upgrade and downgrade considerations for the Failover policy Failback policy Enabling and disabling the Failover policy for a port group Failback policy configurations in Access Gateway Failback example Failback policy configurations in Access Gateway Enabling and disabling the Failback policy on an N_Port Enabling and disabling the Failback policy on an N_Port Enabling and disabling the Failback policy for a port group Upgrade and downgrade considerations for the Failback policy Failback policy disabled on unreliable links (N_Port monitoring) Considerations for Failback policy disabled on unreliable links Enabling and disabling the Failback policy for a port group Trunking in Access Gateway mode How trunking works Configuring trunking on the Edge switch Trunking in Access Gateway mode Trunk group creation Configuration management for trunk areas Trunk area assignment example Assigning a trunk area Trunk group creation Enabling the DCC policy on a trunk Enabling trunking Enabling the DCC policy on a trunk Disabling F_Port trunking Monitoring trunking AG trunking considerations for the Edge switch Disabling F_Port trunking Access Gateway trunking considerations for the Edge switch (Continued)TABLE 10 Managing Policies and Features in Access Gateway Mode Access Gateway trunking considerations for the Edge switch (Continued)TABLE 10 Trunking considerations for Access Gateway mode Upgrade and downgrade considerations for trunking in Access Gateway mode Trunking considerations for Access Gateway mode Adaptive Networking on Access Gateway QoS: Ingress rate limiting QoS: SID/DID traffic prioritization Adaptive Networking on Access Gateway Upgrade and downgrade considerations for Adaptive Networking in AG mode Adaptive Networking on Access Gateway considerations Upgrade and downgrade considerations for Adaptive Networking in AG mode Per-Port NPIV login limit Setting the login limit Duplicate PWWN handling during device login Per-Port NPIV login limit Performance Monitoring Flow Monitor Performance Monitoring Legacy performance monitoring features End-to-end monitors Frame monitors Legacy performance monitoring features Limitations for using legacy APM features Limitations for using legacy APM features Page SAN Configuration with Access Gateway Connectivity of multiple devices overview Considerations for connecting multiple devices Direct target attachment Considerations for direct target attachment Considerations for direct target attachment Target aggregation Target aggregation Access Gateway cascading Access Gateway cascading considerations Access Gateway cascading Fabric and Edge switch configuration Verifying the switch mode Fabric and Edge switch configuration Enabling NPIV on M-EOS switches Connectivity to Cisco fabrics Enabling NPIV on a Cisco switch Enabling NPIV on M-EOS switches Rejoining Fabric OS switches to a fabric Reverting to a previous configuration Rejoining Fabric OS switches to a fabric Page Troubleshooting Troubleshooting (Continued)TABLE 12 Troubleshooting Index A B C D E F H I J L M N Q R S T U