Please add breadcrumbs in author

Configure Zoning, Release 12.2.1

Tech Article
 
Last updated: April 8, 2024
PDF
Is this helpful? Feedback

New and Changed Information

The following table provides an overview of the significant changes up to this current release. The table does not provide an exhaustive list of all changes or of the new features up to this release.

Release Version Feature Description

There were no major changes from the previous release.

Zoning

Zoning enables you to set up access control between storage devices or user groups. If you have administrator privileges in your fabric, you can create zones to increase the network security and to prevent data loss or corruption. Zoning is enforced by examining the source-destination ID field.

From SAN Controller Release 12.0.1a, Regular zones, and IVR zones are merged into a single zoning page.

note.svg

When device aliases are used for zoning in Web UI, end devices must be logged into the fabric thus web GUI can configure zoning using device aliases. If end nodes are not logged in, PWWN can be used for zoning.

The following table describes the fields and icons that appear on SAN Controller Manage > Zoning tab.

Field Description

Zoning Type

Provides support for regular and Inter-VSAN Routing (IVR) zone types. Click the Regular or IVR radio button to select the required zoning type.

Fabric

Specifies the fabric for which you are configuring zones.

If the admin has locked the fabric, you can view a lock icon next to the fabric field.

VSAN

Specifies the VSAN for which you are configuring regular zones.

This field is enabled only if you select Regular in the Zoning Type field.

Region ID

Specifies the region name for which you are configuring IVR zones.

This field is enabled only if you select IVR in the Zoning Type field.

Enhanced Zoning

Configures enhanced zoning capability on the switch. Click the icon next to VSAN text field to view Enhanced Zoning window.

note.svg

Enhanced Zoning is supported only for Regular zone.

For more details, refer to Enhanced Zoning section.

Cisco Fabric Services (CFS)

Configures CFS on the switch. Click the icon next to the Region ID field to view CFS window.

note.svg

CFS is supported only for IVR Zoning.

For more details, refer to CFS section.

Switch

Specifies the switch that you want to add to a zone.

Actions

In the Zoning area, click Actions to view the following items:

  • Changes

  • Database

  • Clear Server Cache

  • Discovery Sync

  • View Unzoned End Devices

  • Zone Migration

Changes

In the Zoning area, choose Actions > Changes.

  • Enable smart zoning - Enables smart zoning configuration for all the switches.

  • Commit changes - Commits the Zoning configuration changes to all the switches. This field is only applicable when a zone is in the enhanced or smart mode.

  • Discard Pending - Discards the changes in progress.

Database

In the Zoning area, choose Actions > Database.

  • Backup database - Enables you to backup the current VSAN or all the VSANs.

  • Restore database - Enables you to restore the VSANs.

Clear Server Cache

Clears the cache on the server.

Discovery Sync

Synchronizes zoning modules with discovery.

View Unzoned End Devices

Displays a list of unzoned end devices of a fabric. You can view the unzoned devices in all fabrics or the current fabric.

Zone Migration

Opens the Zone Migration wizard for migrating Brocade SAN fabrics into Cisco MDS 9000 SAN fabrics. See Migrate Zones for more information.

Enhanced Zoning

From SAN Controller Release 12.0.1a, Enhanced Zoning feature is added for Regular Zoning type.

Enhanced zoning performs all configurations within a single configuration session for regular zoning. When you begin a session, the switch locks the entire fabric to implement the changes.

Choose Regular radio button on Zoning type, Click configurations icon next to VSAN field to view Enhanced zoning window.

The Enhanced Zoning window has the following fields and their descriptions.

Field Description

Switch

Specifies IP address of the switch.

Mode

Displays mode of the switch, that can be one of the following:

  • Basic

  • Enhanced

Result

Displays the activation results, which can be one of the following:

  • Success

  • Failed

Config DB locked by

Displays the role name of locked configuration database.

Action

Displays the action on the switch, that can be one of the following:

  • No operation

  • Commit changes

  • Cleanup

Click edit icon on last column to select required action and click check mark icon to save.

Last Action Results

Displays status of last configuration database.

Enforce full DB merge

Displays status as enabled or disabled. Click edit icon on last column to select required action and click check mark icon to save.

Enabling it ensures that both the active and local zones are merged and are identical on all switches for a VSAN.

Read from

For enhanced zones or IVR CFS enabled zones when a change is made to zoning DB on a switch, all zone data is pushed into a pending database, until commit command is issued.

This flag helps user to get data either from pending zone DB (Copy DB) or regular zone DB (Effective DB). Click edit icon on last column to select required action and click check mark icon to save.

Activation Date

Specifies date of the zoneset activated.

To perform various operations on Enhanced Zoning window from SAN Controller Web UI, perform the following steps:

  1. Choose Virtual Management > Zoning, choose required Zone Type, Fabric, and VSAN.

  2. Click configurations icon adjacent VSAN field

    The Enhanced Zoning window is displayed.

  3. Click Edit icon next to Read from column, to select required database and click Tick icon to save.

  4. To change the mode from basic to enhanced, choose Actions > Set Mode to Enhanced, and click Apply.

  5. You can follow the same procedure to set mode from enhanced to basic, choose Actions > Set Mode to Basic, and click Apply.

CFS

Cisco Fabric Services (CFS) provides a common infrastructure for automatic configuration synchronization in the fabric for IVR zoning. When a CFS is configured on one switch and same properties can be transmitted on other switches. You can enable or disable IVR on the switch. Furthermore, you can enable or disable both CFS and global CFS on the selected switch.

Choose IVR radio button on Zoning type, Click set-up assistant icon next to VSAN field to view CFS window.

You can view below tabs on CFS window:

  • Control

  • IVR

  • Action

The following table describes the fields that appear on Control tab.

Fields Description

Switch

Specifies IP address of the switch.

IVR Status

Displays whether IVR is enabled or disabled on the switch.

Edit

Click Edit icon to enable or disable IVR on the switch and click tick mark to save changes.

Refresh

Click Refresh icon to refresh table.

Apply

Click Apply to save changes for each modification on the switch.

Done

Click Done to save all changes and to exit from CFS window.

The following table describes the fields and descriptions that appears on IVR tab.

Fields Description

Switch

Specifies IP address of the switch.

CFS Status

Specifies whether CFS status is enabled or disabled.

Global CFS

Specifies whether this feature is enabled or disabled on the switch.

Read from

Specifies status:

  • Effective DB

  • Copy DB

Lock Owner

Specifies switch is locked by admin.

Merge Status

Specifies fabric merge that occurred.

Region ID

Specifies the region id of the switch.

Edit

Click Edit icon to perform changes in Read from and Region ID column for selected row.

Apply

Click Apply to save changes for each modification on the switch

Refresh

Click Refresh icon to refresh table.

Done

Click Done to save all changes and to exit from CFS window.

To perform various operations on a switch in the IVR tab from SAN Controller Web UI, perform the following steps:

  1. Select a switch, choose Actions > Commit and click Apply to enable IVR on a switch.

    note.svg

    You can commit changes only CFS is enabled on selected switch.

  2. Select a switch, choose Actions > Abort and click Apply to disable IVR on a switch.

  3. Select a switch, choose Actions > Clear and click Apply to clear IVR information on a switch.

  4. Select a switch, choose Actions > Enable CFS and click Apply to enable CFS on a switch.

  5. Select a switch, choose Actions > Disable Global CFS and click Apply to enable CFS globally on a switch.

    The following table describes the fields and descriptions that appears on Action tab.

Actions Description

Switch

Specifies IP address of the switch.

Active

Specifies switch active status is true or false.

Activation Time

Specifies the activation date and time.

IVR NAT Status

Specifies IVR status is enabled or disabled.

Auto Discover Topology

Specifies whether auto discover topology status is true or false

Edit

Click Edit icon to perform changes in IVR NAT Status and Auto Discover Topology columns for selected row.

Region ID

Specifies the region id of the switch.

Edit

Click Edit icon to perform changes in Read from and Region ID column for selected row.

Apply

Click Apply to save changes for each modification on the switch

Refresh

Click Refresh icon to refresh table.

Done

Click Done to save all changes and to exit from CFS window.

Migrate Zones

This topic describes the steps to migrate SAN zones from a Brocade switch to a Cisco MDS switch. Migrating SAN zones involves the following two steps:

  • Generating and downloading the zoning configuration from the Brocade switch locally.

  • Converting and applying the Brocade zoning configuration to a Cisco MDS switch.

To migrate zones from a Brocade switch to a Cisco MDS switch, perform the following steps:

  1. In the Cisco Nexus Dashboard Fabric Controller Web UI, choose Manage > Zoning.

  2. In the Zoning area, choose Actions > Zone Migration.

    The Zone Migration wizard opens.

  3. To generate and collect the zoning configuration from the switch and to download it locally, click the Fetch Active Zones From Brocade Switch radio button.

  4. Enter the IP address of the discovered Brocade switch in the Brocade Switch IP Address field and click Fetch.

    The system downloads a text file with the configuration from the Brocade switch onto your local drive.

  5. Click the Migrate Brocade Zones Configuration to MDS radio button and select the configuration file that you have downloaded in the previous step.

  6. In the VSAN Index field, enter the VSAN to which the zone must be added.

    The valid range is 1 to 4093.

  7. [Optional] Check the enable enhanced zone and enable enhanced Device Alias check boxes.

    It is recommended to enable enhanced zone and enhanced device-alias modes in new deployments.

  8. Click Migrate to generate a Cisco compatible zone configuration file.

    The system converts the Brocade switch configuration to a format compatible with Cisco MDS 9000 series switches and downloads the file to your local drive.

  9. To apply the configuration changes to the desired Cisco MDS switch, execute the contents of the file generated from the previous step on the CLI console on the switch.

Zonesets

Based on the selected Fabric, VSAN and Switch, the Zoneset area displays the configured zonesets and their status. You can create, copy, delete, or edit the zonesets. Further, the zonesets can be activated or deactivated.

The following table describes the fields and descriptions that appear on SAN Controller Zoning Zonesets table.

Field Description

Zoneset Name

Lists all the names that are configured under the selected Zoneset.Click on the Zoneset name to view the summary information in a slide-in pane. Click Edit Zoning to edit and activate zoneset.

Modified

Displays if the zoneset is modified or not.

Activation Date

Specifies date of the zoneset activated.

Procedure

  1. To create zonesets from SAN Controller Web UI, choose Actions > Create Zoneset.

    The Create Zoneset window appears.

  2. Enter a valid name for the zoneset, and click Create zoneset.

    A zoneset is created and is listed in the Zoneset area.

  3. To copy or clone zonesets, choose radio button and choose Actions > Copy / Clone Zoneset or click the ellipsis icon in last column of the required zone name.

    The Clone or Copy Zoneset window shows two options.

    Choose the appropriate radio button. You can choose one of the following:

    • Copy: Creates a new zoneset that consists copies of the zones in the initial zoneset.

      • You can prepend or append a string to identify the copied zoneset. Enter a valid string in the Tag field, and choose the Prepend names or Append names radio button.

      • Clone: To create a new zoneset with a new name consisting of the same zones as the source zoneset.

        In the Name field, enter a valid name for the new zoneset.

    • Click Copy zoneset to clone or copy the zoneset.

      The cloned or the copied zoneset appears in the Zoneset area.

  4. To delete the zoneset, choose the zoneset radio button next to Zoneset Name column and choose Actions > Delete Zoneset.

    A confirmation window appears. Click Yes to delete the zoneset.

  5. To edit the zone name, choose the zone radio button next to the Zoneset Name column and choose Actions> > Edit zones & members or click ellipse icon in last column on required zone name.

    The Zoneset page for the selected fabric is displayed.

    Choose check box next to Zone Name column, choose Actions > Rename zone.

    Enter the new name for the zoneset. Click Rename.

  6. To deactivate a zoneset, choose the zoneset radio button next to the Zoneset Name column and click Actions > Deactivate.

    A confirmation window appears. Click Yes to deactivate the zoneset.

  7. To activate a zoneset, choose radio button next to the Zoneset Name column and click Activate.

    The Zoneset Differences window shows the changes made to the zoneset since it was activated previously. Click Activate.

Zones

UI Path: Zoning. Select a zone member, a slide-in panel appears. Click on Launch icon to view Zones window.

Based on the Zoneset that is selected, the zones that are configured under that zoneset are displayed in the Zones area. To view Zones tab, click on a radio button for a zoneset, choose Actions > Edit zones & members. A Zoneset window is displayed. It also displays true or false only when the VSAN has smart zone that is enabled.

You can create, copy, delete, or clone, and rename the zones. It also displays true or false only when the VSAN has smart zone that is enabled. Furthermore, the zones can be added to or removed from the selected Zoneset. You can also enable or disable the smart zone on the zone table.

The Zones area has the following fields and their descriptions.

Field Description

Filter by Attribute

You can search by specifying the required zone name or zoneset and members.

Add to zoneset

You can select zone name and click Add to zoneset.

Refresh

Click Refresh icon to refresh table.

Zone Name

Displays the name of the zone. You can search by specifying the zone name.

From Release 12.1.2e, you can click Topology icon next to the Zone name to view Zone Topology. The topology is displayed in Hierarchical Left-Right layout by default.In the topology view, hover on the nodes to see tool tip.

Click on switch to view the switch summary. Click Launch icon to view Switch Overview.

note.svg

You cannot save any changes made to topology layout from this screen.

Select the zone name to view the members of the zoneset. From Release 12.1.2e, the Status column displays if the zone member is online or offline.

In Zoneset

Specifies whether a zone is part of a zoneset.

Displays true if the zone is part of a zoneset. Otherwise, displays false.

You can search by choosing true or false from the In Zoneset drop-down list.

Members

Specifies the zone members of the zone.

You can search by specifying the member.

Procedure

  1. To create zones, choose Zoning.

  2. In the Zonesets area, choose required Zoneset Name.

    A slide-in panel is displayed.

    1. Click Edit Zoning or launch icon to view Zoneset window.

      By default, Zones tab is displayed.

  3. To create a zone, choose Actions > Create new zone.

    1. In the Create new zone, enter a valid name for the Zone, and click Create.

    2. Click Create new zone.

    3. Choose select box next to Smart Zoning, to enable smart zoning for new zone.

      A zone is created and is listed in the Zones area.

  4. To enable a smart zone, choose required check box next to Zone Name, choose Actions > Enable smart zoning.

    You can view smart zone column only if smart zoning is enabled for VSAN.

  5. To disable a smart zone, choose required check box next to Zone Name, choose Actions > Disable smart zoning.

  6. To Clone Zones, choose Configure > Manage > Zoning > Zones, select the Zone radio button and click Clone Zone icon.

    The Clone Zone window is displayed.

    1. In the Name field, enter a valid name for the new zoneset.

    2. Click Clone to clone the zone.

      The cloned zones appear in the Zones area.

  7. To rename a zone from a zoneset, choose required check box next to Zone Name, choose Actions > Rename zone.

    In the Name field, enter the new name for the zone, and click Rename.

  8. To remove a zone from a zoneset, choose required check box next to Zone Name, choose Actions > Remove from zoneset.

    The zone is removed from the selected Zoneset. A green tick mark disappears next to the Zone name to indicate that the zone is removed from the zoneset.

  9. To delete a zone from a zoneset, choose required check box next to Zone Name, choose Actions > Delete zone(s).

    You can select single or multiple zones to delete at an instant.

    note.svg

    You cannot delete a zone that is a member of the selected zoneset. Remove the zone from the zoneset to delete it.

FC Aliases

Navigation Path: Virtual Management > > Zoning > Zone Sets > Members

From SAN Controller Release 12.0.1a, FC Aliases feature is supported for regular zones. It is used to associate with one or more pWWNs to a required name. When you add a zone member, you can add FC Alias or delete existing FC Alias. FC Aliases tab displays below fields:

  • FC Alias - Specifies the name of FC Alias.

  • Member - Specifies members associated with FC Alias.

To do FCAliases operations, perform the following steps:

  1. Choose Virtual Management > Regular Zones, click required Zoneset Name.

    A slide-in panel window appears.

  2. Click Edit Zoning or Launch icon to view Zoneset page.

    The Zoneset window is displayed.

  3. Click FC Aliases tab to view the FC Aliases area.

  4. To create a new FC alias, choose Actions > Create new FC Alias.

    The Create new FC Alias window is displayed.

    1. Enter a valid name in a text field and click Create FC Alias.

      An FC alias is created and is listed in the FC Aliases area.

  5. To delete a new FC alias, select required check box next to the FC Alias column, choose Actions > Delete FC Alias.

Members

UI Path: Virtual Management > Zoning > Zone Sets > Members

Based on the selected zoneset and zone, the Members area displays the zone members and their status. Enter required field name in Filter by attributes text field to view member details.

The Members area has the following fields and their descriptions.

Field Description

Zone/FC Alias

Displays the name of the zone member. You can search by specifying the zone name.

Member

Displays the member name for the zone.

Switch

Specifies the switch that the zone member is linked. You can search by specifying the switch.

Interface

Specifies the interface that the zone member is attached to. You can search by specifying the interface.

Status

Specifies the status of zone.

Zoned By

Displays the type of zoning. You can search by type of zoning such as WWN, FCID, FC Alias, or iSCSI, FWWN, Device Alias, IP Subnet and many more.

FCID

Specifies the FCID associated with the zone member. You can search by specifying the FCID associated with the zone member.

pWWN

Specifies the pWWN of the switch. You can search by specifying the WWN of the switch.

You can add or remove members from the zoneset. Furthermore, you can also add existing members and add existing FC Alias to members.

From SAN Controller Web UI, choose Virtual Management > Zoning > Zoneset > Members to view Members area on Zoneset window.

Select a zoneset and zones to view the list of zone members.

  1. To create new member, In Members area, choose Actions > Create new member.

    In the Create and Add a new Member window, choose radio button of the appropriate zone.

    Enter a valid name in text field and click Create Member.

    Based on Zone by radio button section, the new name is only for the selected zone by and not for all the zone. For example, when you choose WWN zone by, the name in the text field is for WWN zone. Similarly, when you choose Domain & Port zone by, the Domain ID number and Switch Interface name.

    The Create new Member allows you to add a member to a zone that does not exist in the fabric, currently. This feature can be utilized when the device discovery did not discover all the devices. With the Available to add feature, you can add a discovered device to the zone.

  2. To remove a zone member, choose check box next to Parent column and then click Actions > Remove Member from zone(s)

    You can select multiple zones in an instance to remove.

  3. To add existing member, choose Actions > Add existing members.

    The Add existing members window is displayed.

    This window has the following fields and their descriptions.

    Field Description

    Zone By

    The Zone by feature determines if the device must be added to the zone using the device WWN or device alias. If you choose Zone By: End Ports, the devices are added to the zones by WWN.

    Similarly, for Device Alias and FC Alias the devices are added to the zones by Device Alias and FC Alias respectively. Based on the zone by you choose, the devices are displayed.

    Member Name

    Displays the name of the zone. You can search by specifying the zone name.

    Type

    Specifies the switch is storage or host.

    Switch

    Specifies the switch that the zone member is linked. You can search by specifying the switch.

    Interface

    Specifies the interface that the zone member is attached to. You can search by specifying the interface.

    pWWN

    Specifies the pWWN of the switch. You can search by specifying the pWWN of the switch.

    VSAN

    Specifies the VSAN the zone member is in.

  4. Select the appropriate Zone by option and select required Member Name.

  5. Click Add members.

    note.svg

    You can select more than one zone. A dialog appears that shows a list of all the zones that are currently selected on the zone table.

Active Zones

The following sections provide information on Active Zones.

Regular Zones

You can view all the Regular Zones that are configured on SAN Controller. Choose Analyze > Active Zones > Regular Zones tab. The following table describes the fields that appear on this screen.

Field Description

Group

Specifies the name of the fabric.

VSANS

Specifies the number of VSANS configured on this Zone.

Zone Sets

Specifies the name of zone set to which the zone belongs.

Zone

Displays the zone under which this member is present.

From Release 12.1.2e, you can click Topology icon next to the Zone name to view Zone Topology. The topology is displayed in Hierarchical Left-Right layout by default.

In the topology view, hover on the nodes to see tool tip. Click on switch to view the switch summary. Click Launch icon to view Switch Overview.

note.svg

You cannot save any changes made to topology layout from this screen.

Switch Interface/WWN

Specifies the switch interface or WWN of the switch that the zone member is attached to.

PWWN

Specifies the associated pWWN to the switch.

Member Name

Displays the name of the zone member.

Zoned By

Displays the type of zoning. You can search by type of zoning such as WWN, FCID, fcAlias, or iSCSI.

IVR Zones

IVR ZonesYou can view all the IVR Zones configured on SAN Controller. Choose Analyze > Active Zones > IVR Zones tab. The following table describes the fields that appear on this screen.

.

Field Description

Group

Specifies the fabric name.

VSANS

Specifies the number of VSANS configured on this Zone.

Zone Sets

Specifies the name of Zone set to which the zone belongs.

Zone

Displays the zone under which this member is present.

Switch Interface/WWN

Specifies the switch interface or WWN of the switch that the zone member is attached to.

PWWN

Specifies the associated pWWN to the switch.

Member Name

Displays the name of the zone member.

Zoned By

Displays the type of zoning. You can search by type of zoning such as WWN, FCID, fcAlias, or iSCSI.

Copyright

THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS" WITH ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING, WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product.

Cisco and the Cisco logo are trademarks or registered trademarks of Cisco and/or its affiliates in the U.S. and other countries. To view a list of Cisco trademarks, go to this URL: http://www.cisco.com/go/trademarks. Third-party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1110R)

© 2017-2024 Cisco Systems, Inc. All rights reserved.

Need help?