Manuals / Q-Logic / Computer Equipment / Switch

Q-Logic 59022-03 D Access Control List Hard Zones, Virtual Private Fabric Hard Zones, Aliases

Models: 59022-03 D

1 168
Download 168 pages 58.68 Kb
Page 43
Image 43

￿

3 – Managing Fabrics

Zoning a Fabric

 

 

 

 

3.4.1.1.2

Access Control List Hard Zones

Access Control List (ACL) zoning divides the fabric for purposes of controlling discovery and inbound traffic. ACL zoning is a type of hard zoning that is hardware enforced. This type of zoning is useful for controlling access to certain devices without totally isolating them from the fabric. Members can communicate with each other and transmit outside the ACL zone, but cannot receive inbound traffic from outside the zone. The ACL zone boundary is secure against inbound traffic. ACL zones can overlap; that is, a port can be a member of more than one ACL zone. ACL zones that include members from multiple switches need not include the ports of the inter-switch links. ACL zone boundaries supersede soft zone boundaries, but yield to VPF zone boundaries. Membership can be defined only by port ID and domain ID. ACL zoning supports all port modes except TL_Ports.

3.4.1.1.3

Virtual Private Fabric Hard Zones

Virtual Private Fabric (VPF) zoning divides the fabric for purposes of controlling discovery and both inbound and outbound traffic. This type of zoning is useful for providing security and reserving paths between devices to guarantee bandwidth. VPF zoning is a type of hard zoning that is hardware enforced. Members can only transmit to and receive from members of the same VPF zone. The VPF zone boundary is secure against both inbound and outbound traffic. VPF zones that include members from multiple switches must include the ports of the inter-switch links. VPF zones cannot overlap; that is, a port can be a member of only one VPF zone. VPF zone boundaries supersede both soft and ACL zone boundaries. Membership can be defined only by port ID and domain ID. VPF zoning supports all port modes.

3.4.1.2

Aliases

To make it easier to add a group of ports or devices to one or more zones, you can create an alias. An alias is a named set of ports or devices that are grouped together for convenience. Unlike zones, aliases impose no communication restrictions between its members. You can add an alias to one or more zones. However, you cannot add a zone to an alias, nor can an alias be a member of another alias.

59022-03 D

3-11

Page 42 Page 44
Page 43
Image 43
Q-Logic 59022-03 D manual Access Control List Hard Zones, Virtual Private Fabric Hard Zones, Aliases
Page 42 Page 44