Index A
AAA
accounting 16-2
authentication 16-2
authorization 16-2
benefits 16-2
configuration process 16-6
configuring 16-6 to 16-12
default settings 16-13
description 16-1
DHCHAP authentication 44-8
enabling MSCHAP authentication 16-9
example configuration 16-12
field descriptions 16-1
guidelines 16-6
limitations 16-6
monitoring TACACS+ servers 18-3
prerequisites 16-5
TACACS+ server groups 17-14, 18-7, 18-13
user login process 16-4
verifying configurations 16-12
AAA accounting
adding rule methods 16-1
changing rule methods 16-1
configuring default methods 16-9
deleting rule methods 16-1
rearranging rule methods 16-1
AAA accounting logs
clearing 16-12
displaying 16-12
AAA authentication rules
adding methods 16-1
changing methods 16-1
deleting methods 16-1
rearranging methods 16-1
AAA login authentication
configuring console methods 16-6
configuring default methods 16-7
AAA logins
enabling authentication failure messages 16-8
AAA protocols
RADIUS 16-1
TACACS+ 16-1
AAA server groups
description 16-3
AAA servers
specifying SNMPv3 parameters 16-10, 16-11
specifying user roles 16-11
specifying user roles in VSAs 16-10
AAA services
configuration options 16-3
remote 16-2
security 16-1
accounting
description 16-2
active zone sets
considerations 38-4
enabling distribution 38-13
address allocation cache
description 33-19
administrative speeds
configuring 32-10
administrative states
description 32-5
setting 32-9
administrators
default passwords 3-10
aging time
accelerated
for MSTP 9-21
maximum
for MSTP 9-22
* (asterisk)
autolearned entries 45-14
first operational port 36-15
port security wildcards 45-10
authentication
description 16-2
fabric security 44-1
local 16-2
methods 16-3
remote 16-2
user login 16-4
authentication, authorization, and accounting, see AAA.
authorization
description 16-2
user login 16-4
auto mode
configuring 32-10
auto port mode
description 32-4
autosensing speed 32-10
B
BB_credits
configuring 32-12
description 32-6
displaying information 32-17
reason codes 32-6
bit errors
reasons 32-11
bit error thresholds
configuring 32-11
description 32-11
blocking state, STP 8-12
BPDU guard, see STP BPDU guard.
bridge ID, see STP bridge ID.
broadcast storms, see traffic-storm control.
Brocade
native interop mode 43-9
buffer-to-buffer credits, see BB_credits.
build fabric frames 33-3
description 33-3
C
Call Home
description 26-1, 27-1
message format options 26-2
call home
smart call home feature 26-5
Call Home destination profiles
attributes 26-8
Call Home messages
configuring levels 26-4
format options 26-2
call home notifications
full-txt format for syslog 26-18
XML format for syslog 26-19
CDP
configuring 5-7
CFS
configuring for NTP 3-17
Cisco
vendor ID 16-11, 17-3
cisco-av-pair
specifying AAA user parameters 16-10, 16-11
Cisco Nexus 2000 Series Fabric Extender 1-4
Cisco Nexus 2148T Fabric Extender 1-4
Cisco Nexus 5010 1-3
Cisco Nexus 5020 1-3
CIST regional root, see MSTP.
CIST root, see MSTP.
community ports 7-3
community VLANs 7-2, 7-3
company IDs
FC ID allocations 43-7
configuring LACP 11-10
configuring NPV 34-6
consoles
configuring AAA login authentication methods 16-6
Contiguous Domain ID Assignments
About 33-13
D
daylight saving time
adjusting for 3-14
dead time intervals
configuring for FSPF 40-7
description 40-6
debounce timer 5-4
configuring 5-8
default settings
AAA 16-13
RBAC 22-9
rollback 23-4
default users
description 3-9
default VSANs
description 37-8
default zones
configuring 38-10
configuring access permissions 38-10
configuring policies 38-8
description 38-9
interoperability 43-10
policies 38-10
destination IDs
exchange based 36-3
flow based 36-3
in-order delivery 40-10
path selection 37-10
device alias databases
committing changes 39-6
disabling distribution 39-7
discarding changes 39-6
distribution to fabric 39-5
enabling distribution 39-7
locking the fabric 39-5
merging 39-8
overriding fabric locks 39-6
device aliases
comparison with zones (table) 39-2
creating 39-3
creating (procedure) 39-6
default settings 39-10
description 39-1
displaying information 39-8
displaying zone set information 39-9
enhanced mode 39-4
features 39-1
import legacy zone aliases 39-8
modifying databases 39-2
requirements 39-2
using 39-8
zone alias conversion 39-8
device IDs
call home format 26-16
DHCHAP
AAA authentication 44-8
authentication modes 44-4
compatibility with other NX-OS features 44-3
configuring 44-3
configuring AAA authentication 44-8
default settings 44-11
description 44-2
displaying security information 44-9
enabling 44-4
group settings 44-6
hash algorithms 44-5
passwords for local switches 44-6
passwords for remote devices 44-7
sample configuration 44-9
timeout values 44-8
See also FC-SP.
diagnostics
configuring 24-3
default settings 24-4
expansion modules 24-3
health monitoring 24-2
runtime 24-2
Diffie-Hellman Challenge Handshake Authentication Protocol, see DHCHAP.
documentation
additional publications 1-iii
obtaining 1-iii
related documents 1-iii
domain IDs
allowed lists 33-9
assignment failures 32-7
configuring allowed lists 33-10
configuring CFS distribution 33-10, 33-13
configuring fcalias members 38-10
contiguous assignments 33-13
description 33-7
distributing 33-1
enabling contiguous assignments 33-13
interoperability 43-10
preferred 33-9
static 33-9
domain manager
fast restart feature 33-3
isolation 32-7
drop latency time
configuring 40-13
configuring for FSPF in-order delivery 40-13
displaying information 40-14
E
EFMD
displaying statistics 46-7
fabric binding 46-1
fabric binding initiation 46-3
EISLs
port channel links 36-1
e-mail notifications
Call Home 26-1
enhanced zones
advantages over basic zones 38-19
changing from basic zones 38-19
configuring default full database distribution 38-23
configuring default policies 38-23
configuring default switch-wide zone policies 38-23
default settings 38-24
description 38-18
displaying information 38-23
enabling 38-20
merging databases 38-22
modifying database 38-21
E port mode
classes of service 32-3
description 32-3
E ports
configuring 32-9
fabric binding checking 46-2
FCS support 47-1
FSPF topologies 40-1
isolation 32-7
recovering from link isolations 38-14
trunking configuration 35-3
ethanalyzer 50-3
EtherChannel
STP 11-1
examples
AAA configurations 16-12
Exchange Fabric Membership Data, see EFMD.
exchange IDs
in-order delivery 40-10
load balancing 50-5
path selection 37-10
exchange link parameter, see ELP.
executing a session 23-3
expansion port mode, see E port mode.
extended range VLANs. see VLANs.
F
fabric binding
activation 46-4
checking for E ports 46-2
checking for TE ports 46-2
clearing statistics 46-6
compatibility with DHCHAP 44-3
copying to config database 46-5
copying to configuration file (procedure) 46-6
creating config database (procedure) 46-6
default settings 46-7
deleting databases 46-6
deleting from config database (procedure) 46-6
description 46-1
disabling 46-3
EFMD 46-1
enabling 46-3
enforcement 46-2
forceful activation 46-5
forceful deactivation 46-5
initiation process 46-3
licensing requirements 46-1
port security comparison 46-1
saving to config database 46-5
sWWN lists 46-4
verifying status 46-3
viewing active databases (procedure) 46-6
viewing EFMD statistics (procedure) 46-6
viewing violations (procedure) 46-6
Fabric Configuration Servers, see FCSs.
Fabric-Device Management Interface, see FDMI.
fabric login, see FLOGI.
fabric port mode, see F port mode.
fabric pWWNs
zone membership 38-2
fabric reconfiguration
fcdomain phase 33-1
fabrics
See also build fabric frames.
fabrics, see RCFs.
fabric security
authentication 44-1
default settings 44-11
Fabric Shortest Path First, see FSPF.
fabric WWNs, see fWWNs.
fault tolerant fabrics
example (figure) 40-2
fcaliases
adding members 38-12
cloning 38-16
configuring for zones 38-10
creating 38-11
renaming 38-16
using 39-8
fcdomains
autoreconfigured merged fabrics 33-6
configuring CFS distribution 33-10, 33-13
default settings 33-19
description 33-1
disabling 33-5
displaying information 33-18, 33-19
domain IDs 33-7
domain manager fast restart 33-3
dsiplaying statistics 33-19
enabling 33-5
enabling autoreconfiguration 33-6
incoming RCFs 33-5
initiation 33-4
overlap isolation 32-7
restarts 33-3
switch priorities 33-4
FC IDs
allocating 33-1, 43-6
allocating default company ID lists 43-7
allocation for HBAs 43-6
configuring fcalias members 38-10
description 33-13
persistent 33-14
FCoE 1-1
fcping
default settings 50-16
invoking 50-7
verifying switch connectivity 50-7
FC-SP
authentication 44-1
enabling 44-4
enabling on ISLs 44-9
See also DHCHAP.
FCSs
characteristics 47-2
configuring names 47-2
creating platform using Device Manager 47-4
default settings 47-4
description 47-1
displaying fabric ports using Device Manager 47-4
displaying information 47-3
fctimers
displaying configured values 43-4
distribution 43-3
fctrace
default settings 50-16
invoking 50-5
FDMI
description 41-4
displaying database information 41-4
Fibre Channel
sWWNs for fabric binding 46-4
timeout values 43-1
TOVs 43-2
Fibre Channel domains. See fcdomains
Fibre Channel interfaces
administrative states 32-5
BB_credits 32-6
configuring 32-8
configuring auto port mode 32-10
configuring bit error thresholds 32-11
configuring descriptions 32-9
configuring frame encapsulation 32-11
configuring port modes 32-9
configuring speeds 32-10
default settings 32-17
deleting from port channels 36-10
disabling 32-9
displaying information 32-15
displaying VSAN membership 37-7
enabling 32-9
operational states 32-5
reason codes 32-5
states 32-4
See also interfaces.
Fibre Channel over Ethernet, see FCoE.
Fibre Channel Security Protocol, see FC-SP.
field descriptions
AAA 16-1
TACACS+ 18-13
FLOGI
description 41-1
displaying details 41-1
flow statistics
clearing 40-15
counting 40-15
description 40-14
displaying 40-15
forward-delay time
MSTP 9-21
F port mode
classes of service 32-4
description 32-3
F ports
configuring 32-9
description 32-3
See also Fx ports.
frame encapsulation
configuring 32-11
FSCN
displaying databases 42-3
FSPF
clearing counters 40-9
clearing VSAN counters 40-5
computing link cost 40-6
configuring globally 40-3
configuring Hello time intervals 40-6
configuring link cost 40-6
configuring on a VSAN 40-4
configuring on interfaces 40-5
dead time intervals 40-6
default settings 40-16
description 40-1
disabling 40-5
disabling on interfaces 40-8
disabling routing protocols 40-5
displaying database information 40-16
displaying global information 40-16
enabling 40-5
fault tolerant fabrics 40-2
in-order delivery 40-10
interoperability 43-10
link state record defaults 40-3
reconvergence times 40-2
redundant links 40-2
resetting configuration 40-4
resetting to defaults 40-4
retransmitting intervals 40-7
routing services 40-1
topology examples 40-2
FSPF routes
configuring 40-9
description 40-9
full zone sets
considerations 38-4
enabling distribution 38-13
fWWNs
configuring fcalias members 38-10
Fx ports
VSAN membership 37-4
G
GOLD diagnostics
configuring 24-3
expansion modules 24-3
health monitoring 24-2
runtime 24-2
graces period alerts
licenses 4-8
H
hard zoning
description 38-13
HBA ports
configuring area FCIDs 33-16
HBAs
FC ID allocations 43-6
health monitoring diagnostics
information 24-2
hello time
MSTP 9-21
Hello time intervals
configuring for FSPF 40-6
description 40-6
host ports
kinds of 7-3
I
IDs
Cisco vendor ID 16-11, 17-3
serial IDs 26-16
IEEE 802.1p 1-2
IEEE 802.1w, see RSTP.
IEEE 802.3x 1-2
indirect link failures
recovering 48-1
in-order delivery
configuring drop latency time 40-13
displaying status 40-13
enabling for VSANs 40-12
enabling globally 40-12
guidelines 40-12
reordering network frames 40-11
reordering port channel frames 40-11
interfaces
adding to port channels 36-8, 36-9
assigning to VSANs 37-7
CDP
configuring 5-7
chassis ID 5-2
configuring descriptions 32-9
configuring fcalias members 38-11
configuring receive data field size 32-11
debounce timer
configuring 5-8
deleting from port channels 36-10
displaying information 32-15
displaying SFP information 32-16
forced addition to port channels 36-10
isolated states 36-9
1-Gigabit speed
configuring 5-6
options 5-1
SFP types 32-15
suspended states 36-9
UDLD
configuring 5-5
defined 5-2
VSAN membership 37-6
interface speed 5-4
interface statistics
description 32-15
interoperability
configuring interop mode 1 43-10
description 43-9
verifying status 43-12
VSANs 37-11
interop modes
configuring mode 1 43-10
default settings 43-15
description 43-9
IOD. See in-order delivery
ISLs
port channel links 36-1
isolated port 7-3
isolated VLANs 7-2, 7-3
isolated VSANs
description 37-8
displaying membership 37-8
L
LACP 11-2, 11-10
system ID 11-5
license key files
description 4-2
installing key files 4-4
updating 4-4
licenses
backing up 4-5
claim certificates 4-1
displaying information 4-5
evaluation 4-2
grace period alerts 4-8
grace period expiration 4-8
grace periods 4-2
host IDs 4-1
identifying features in use 4-6
incremental 4-2
installation options 4-2
installing key files 4-4
installing manually 4-3
missing 4-2
node-locked 4-1
obtaining factory-installed 4-3
obtaining key files 4-4
PAK 4-2
permanent 4-2
terminology 4-1
transferring between switches 4-9
uninstalling 4-6
updating 4-7
Link Aggregation Control Protocol 11-2
link costs
configuring for FSPF 40-6
description 40-6
Link Failure
detecting unidirectional 8-14, 9-8
link failures
recovering 48-1
load balancing
attributes 37-10
attributes for VSANs 37-5
configuring 37-10
description 36-2, 37-10
guarantees 37-10
port channels 36-1
logical unit numbers. See LUNs
LUNs
displaying discovered SCSI targets 42-3
M
MAC addresses
configuring secondary 43-6
management access
description 3-12
management interfaces
displaying information 3-20
using force option during shutdown 3-21
management interfaces. See mgmt0 interfaces
maximum aging time
MSTP 9-22
maximum hop count, MSTP 9-22
McData
native interop mode 43-9
merged fabrics
autoreconfigured 33-6
mgmt0 interfaces
configuring 3-20
description 3-19
Microsoft Challenge Handshake Authentication Protocol. See MSCHAP
MSCHAP
enabling authentication 16-9
MST
CIST regional root 9-5
setting to default values 9-14
MSTP
boundary ports
described 9-7
CIST, described 9-4
CIST regional root 9-5
CIST root 9-6
configuring
forward-delay time 9-21
hello time 9-21
maximum aging time 9-22
maximum hop count 9-22
MST region 9-13
port priority 9-18, 9-19
root switch 9-16
secondary root switch 9-17
switch priority 9-20
CST
defined 9-4
operations between regions 9-5
enabling the mode 9-13
IEEE 802.1s
terminology 9-6
IST
defined 9-4
master 9-5
operations within a region 9-4
mapping VLANs to MST instance 9-14
MST region
CIST 9-4
configuring 9-13
described 9-2
hop-count mechanism 9-7
IST 9-4
supported spanning-tree instances 9-2
multicast storms, see traffic-storm control.
N
N5K-M1008 expansion module 1-3
N5K-M1404 expansion module 1-3
N5K-M1600 expansion module 1-3
name servers
displaying database entries 41-3
interoperability 43-11
LUN information 42-1
proxy feature 41-2
registering proxies 41-2
rejecting duplicate pWWNs 41-2
Network Time Protocol. See NTP
NPIV
description 32-13
enabling 32-14
NP links 34-2
N port identifier virtualization, see NPIV.
N ports
FCS support 47-1
fctrace 50-5
hard zoning 38-13
zone enforcement 38-13
zone membership 38-2
See also Nx ports
NP-ports 34-1
NPV, configuring 34-6
NTP
configuration guidelines 3-16
configuring 3-15
configuring CFS distribution 3-17
O
1-Gigabit Ethernet 1-4
1-Gigabit speed
configuring 5-6
operational states
configuring on Fibre Channel interfaces 32-9
description 32-5
P
passwords
administrator 3-8
default for administrators 3-10
DHCHAP 44-6, 44-7
setting administrator default 3-9
strong characteristics 22-2
persistent FC IDs
configuring 33-14
description 33-14
displaying 33-18
enabling 33-14
purging 33-17
PLOGI
name server 41-3
port channeling 11-2
port channel modes
description 36-6
PortChannel Protocol
converting autocreated groups to manually configured 36-14
port channel Protocol
autocreation 36-12
creating channel group 36-12
description 36-11
port channel protocol
configuring autocreation 36-14
enabling autocreation 36-14
PortChannels
default settings 36-16
show tech-support port-channel command 50-14
verifying configurations 36-15, 36-16
port channels
adding interfaces 36-8, 36-9
administratively down 32-7
comparison with trunking 36-2
compatibility checks 36-9
compatibility with DHCHAP 44-3
configuration guidelines 36-5
configuring 36-8
configuring Fibre Channel routes 40-9
creating 36-6
deleting 36-7
deleting interfaces 36-10
description 36-1
forcing interface additions 36-10
in-order guarantee 40-12
interface states 36-9
interoperability 43-10
link changes 40-11
link failures 40-2
load balancing 36-2
misconfiguration error detection 36-5
PortFast BPDU filtering, see STP PortFast BPDU filtering.
port modes
auto 32-4
port priority
MSTP 9-18, 9-19
ports
VSAN membership 37-6
port security
activating 45-5
activation 45-2
activation rejection 45-6
adding authorized pairs 45-11
auto-learning 45-2
compatibility with DHCHAP 44-3
configuration guidelines 45-3
configuring CFS distribution 45-12
configuring manually without auto-learning 45-9
deactivating 45-5
default settings 45-19
deleting entries from database (procedure) 45-12
disabling 45-5
displaying configuration 45-18
displaying settings (procedure) 45-7
displaying statistics (procedure) 45-7
displaying violations (procedure) 45-7
enabling 45-5
enforcement mechanisms 45-2
fabric binding comparison 46-1
forcing activation 45-6
license requirement 45-1
preventing unauthorized accesses 45-1
WWN identification 45-10
port security auto-learning
authorization examples 45-8
description 45-2
device authorization 45-8
disabling 45-8
distributing configuration 45-13
enabling 45-7
guidelines for configuring with CFS 45-3
guidelines for configuring without CFS 45-4
port security databases
cleaning up 45-18
copying 45-17
copying active to config (procedure) 45-7
deleting 45-18
displaying configuration 45-19
interactions 45-15
manual configuration guidelines 45-4
merge guidelines 45-14
reactivating 45-6
scenarios 45-15
port speeds
configuring 32-10
port tracking
default settings 48-7
description 48-1
displaying information 48-6
enabling 48-3
guidelines 48-2
monitoring ports in a VSAN 48-5
multiple ports 48-4
shutting down ports forcefully 48-5
port world wide names. See pWWNs
preshared keys
TACACS+ 18-3
primary VLANs 7-2
principal switches
assigning domain ID 33-8
configuring 33-9
private VLANs
community VLANs 7-2, 7-3
end station access to 7-5
isolated VLANs 7-2, 7-3
ports
community 7-3
isolated 7-3
promiscuous 7-3
primary VLANs 7-2
secondary VLANs 7-2
promiscuous ports 7-3
proxies
registering for name servers 41-2
pWWNs
configuring fcalias members 38-10
rejecting duplicates 41-2
zone membership 38-2
R
RADIUS
configuring global preshared keys 17-6
configuring servers 17-4 to 17-12
configuring timeout intervals 17-8
confiugring tranmission retry counts 17-8
default settings 17-14
description 17-1 to 17-4
example configurations 17-14
network environments 17-1
operation 17-2
prequisites 17-4
specifying server at login 17-8
verifying configuration 17-13
VSAs 17-3
RADIUS server groups
configuring 17-7
RADIUS servers
configuring accounting attributes 17-10
configuring authentication attributes 17-10
configuring dead-time intervals 17-12
configuring hosts 17-5
configuring periodic monitoring 17-11
configuring preshared keys 17-6
configuring timeout interval 17-9
confiugring tranmission retry count 17-9
deleting hosts 17-12
displaying statistics 17-13
example configurations 17-14
manually monitoring 17-12
monitoring 17-2
verifying configuration 17-13
Rapid Spanning Tree Protocol, see RSTP.
RBAC
default settings 22-9
RCFs
description 33-3
incoming 33-5
rejecting incoming 33-5
read-only zones
default settings 38-24
reason codes
description 32-5
reconfigure fabric frames. See RCFs
reduced MAC address 8-3
redundancy
VSANs 37-4
redundant physical links
example (figure) 40-2
Registered State Change Notifications, see RSCNs.
reserved-range VLANs, see VLANs.
retransmitting intervals
configuring for FSPF 40-7
description 40-7
roles
authentication 22-1
rollback
checkpoint copy 23-1
creating a checkpoint copy 23-1
default settings 23-4
deleting a checkpoint file 23-1
description 23-1
example configuration 23-1
guidelines 23-1
high availability 23-1
implementing a rollback 23-1
limitations 23-1
reverting to checkpoint file 23-1
verifying configuration 23-4
root guard, see STP root guard.
root switch
MSTP 9-16
route costs
computing 40-6
RSCNs
clearing statistics 41-6
default settings 41-10
description 41-4
displaying information 41-5
multiple port IDs 41-5
suppressing domain format SW-RSCNs 41-6
RSCN timers
configuration distribution using CFS 41-7
configuring 41-6
displaying configuration 41-7
RSTP
active topology 8-10
BPDU
processing 8-14
designated port, defined 8-10
designated switch, defined 8-10
proposal-agreement handshake process 8-7
rapid convergence 8-7
point-to-point links 8-7
root ports 8-7
root port, defined 8-10
See also MSTP.
runtime checks
static routes 40-9
runtime diagnostics
information 24-2
S
scalability
VSANs 37-4
SCSI
displaying LUN discovery results 42-3
SCSI LUNs
customized discovery 42-2
discovering targets 42-1
displaying information 42-2
starting discoveries 42-1
SD port mode
description 32-4
interface modes 32-4
SD ports
configuring 32-9
secondary MAC addresses
configuring 43-6
secondary VLANs 7-2
serial IDs
description 26-16
server groups. See AAA server groups
server IDs
description 26-16
service requests 1-iii
session manager 23-3
committing a session 23-3
configuring ACLs 23-2
configuring an ACL session (example) 23-3
creating a session 23-2
description 23-1
discarding a session 23-3
guidelines 23-1
limitations 23-1
saving a session 23-3
verifying configuration 23-4
verifying the session 23-3
SFPs
displaying transmitter types 32-16
transmitter types 32-15
small computer system interface. See SCSI
smart call home
description 26-5
registration requirements 26-5
Transport Gateway (TG) aggregation point 26-5
SMARTnet
smart call home registration 26-5
SNMP
access groups 27-4
assigning contact 27-11
assigning location 27-11
configuring LinkUp/LinkDown notifications 27-9, 27-10
group-based access 27-4
server contact name 26-5
user synchronization with CLI 27-4
Version 3 security features 27-2
SNMP (Simple Network Management Protocol)
versions
security models and levels 27-2
SNMPv3
assigning multiple roles 27-6
security features 27-2
specifying AAA parameters 16-10
specifying parameters for AAA servers 16-11
soft zoning
description 38-13
See also zoning
source IDs
call home event format 26-15
exchange based 36-3
flow based 36-3
in-order delivery 40-10
path selection 37-10
SPAN
egress sources 49-1
sources for monitoring 49-1
SPAN destination port mode, see SD port mode.
SPAN sources
egress 49-1
ingress 49-1
SPF
computational hold times 40-3
SSH
generating server key-pairs 19-1
static routes
runtime checks 40-9
statistics
TACACS+ 18-13
storage devices
access control 38-1
STP
edge ports 8-7, 10-2
EtherChannel 11-1
network ports 10-2
normal ports 10-2
PortFast 8-7, 10-2
port types 10-2
understanding
Blocking State 8-12
disabled state 8-13
forwarding state 8-12
learning state 8-12
root bridge election 8-5
STP bridge ID 8-3
STP root guard 10-5
summer time
adjusting for 3-14
switchable 1-Gigabit and 10-Gigabit ports 1-4
Switched Port Analyzer. See SPAN
switch ports
configuring attribute default values 32-13
switch priorities
configuring 33-4
default 33-4
description 33-4
switch priority
MSTP 9-20
sWWNs
configuring for fabric binding 46-4
T
TACACS+
advanages over RADIUS 18-2
configuring 18-4, 18-13
configuring global preshared keys 18-6
configuring global timeout interval 18-9
description 18-1
disabling 18-12
displaying statistics 18-13
enabling 18-5
example configurations 18-13
field descriptions 18-13
global preshared keys 18-3
limitations 18-4
prerequisites 18-3
preshared key 18-3
specifying TACACS+ servers at login 18-8
user login operation 18-2
verifying configuration 18-13
TACACS+ server
configuring dead-time interval 18-11
TACACS+ servers
configuration process 18-4
configuring hosts 18-5, 18-13
configuring periodic monitoring 18-10
configuring preshared keys 18-7
configuring server groups 17-14, 18-7, 18-13
configuring TCP ports 18-10
configuring timeout interval 18-9
displaying statistics 18-13
field descriptions 18-13
manually monitoring 18-12
monitoring 18-3
verifying configuration 18-13
TCP ports
TACACS+ servers 18-10
10-Gigabit Ethernet 1-4
TE port mode
classes of service 32-4
description 32-4
TE ports
fabric binding checking 46-2
FCS support 47-1, 47-2
fctrace 50-5
FSPF topologies 40-1
interoperability 43-10
recovering from link isolations 38-14
trunking restrictions 35-1
timeout values. See TOVs
TOVs
configuring across all VSANs 43-2
configuring for a VSAN 43-2
default settings 43-15
interoperability 43-10
ranges 43-1
tracked ports
binding operationally 48-3
traffic isolation
VSANs 37-3
trap notifications 27-2
troubleshooting
collecting output for technical support 50-8
fcping 50-6
fctrace 50-5
show tech-support command 50-8
verifying switch connectivity 50-7
trunk-allowed VSAN lists
description 35-4
trunking
comparison with port channels 36-2
configuration guidelines 35-1
configuring modes 35-3
default settings 35-7
description 35-1
displaying information 35-6
interoperability 43-10
link state 35-3
merging traffic 35-2
restrictions 35-1
trunking E port mode, see TE port mode.
trunking ports
associated with VSANs 37-7
trunking protocol
default settings 35-7
default state 35-2
description 35-2
detecting port isolation 35-2
trunk mode
administrative default 32-14
configuring 35-3, 35-4
default settings 35-7
trunk ports
displaying information 35-7
U
UDLD
aggressive mode 5-3
configuring 5-5
defined 5-2
nonaggressive mode 5-3
unicast storms, see traffic-storm control.
Unidirectional Link Detection. See UDLD.
unique area FC IDs
configuring 33-16
description 33-15
user accounts
password characteristics 22-2
user login
authentication process 16-4
authorization process 16-4
user logins
configuring AAA login authentication methods 16-7
user roles
specifying on AAA servers 16-10, 16-11
users
description 22-1
V
vendor-specific attributes. See VSAs
Virtual Fibre Channel interfaces
default settings 32-17
VLANs
extended range 6-2
reserved range 6-2
VTP domain 6-3
VSAN IDs
allowed list 35-7
description 37-5
multiplexing traffic 32-4
range 37-4
VSAN membership 37-4
VSANs
advantages 37-3
allowed-active 35-1
cache contents 33-19
comparison with zones (table) 37-4
compatibility with DHCHAP 44-3
configuring 37-6
configuring allowed-active lists 35-6
configuring FSPF 40-3
configuring trunk-allowed lists 35-4, 35-6
default settings 37-11
default VSANs 37-8
deleting 37-9
description 37-1
displaying configuration 37-11
displaying membership 37-7
displaying usage 37-11
domain ID automatic reconfiguration 33-6
FC IDs 37-1
FCS support 47-1
features 37-1
flow statistics 40-14
FSPF 40-4
FSPF connectivity 40-1
interop mode 43-10
isolated 37-8
load balancing 37-10
load balancing attributes 37-5
mismatches 32-7
multiple zones 38-4
names 37-5
name server 41-2
operational states 37-8
port membership 37-6
port tracking 48-5
states 37-5
TE port mode 32-4
timer configuration 43-2
TOVs 43-2
traffic isolation 37-3
trunk-allowed 35-1
trunking ports 37-7
VSAs
format 16-11
protocol options 16-11, 17-3
support description 16-11
VTP
domains
VLANs 6-3
W
world wide names. See WWNs
WWNs
configuring 43-5
displaying information 43-5
link initialization 43-6
port security 45-10
secondary MAC addresses 43-6
suspended connections 32-7
Z
zone aliases
conversion to device aliases 39-8
importing 39-8
zone attribute groups
cloning 38-16
zone databases
migrating a non-MDS database 38-17
release locks 38-21
zone members
adding to zones 38-8
converting to pWWN members 38-12
displaying information 38-9
zones
access control 38-9
adding to zone sets 38-12
adding zone members 38-8
analyzing 38-24
backing up (procedure) 38-16
changing from enhanced zones 38-20
cloning 38-16
compacting for downgrading 38-24
comparison with device aliases (table) 39-2
comparison with VSANs (table) 37-4
configuring 38-12
configuring aliases 38-10
configuring fcaliases 38-10
default policies 38-2
default settings 38-24
displaying information 38-18
editing full zone databases 38-8
enforcing restrictions 38-13
exporting databases 38-15
features 38-1, 38-4
importing databases 38-14
membership using pWWNs 37-4
merge failures 32-7
renaming 38-16
restoring (procedure) 38-16
show tech-support zone command 50-12
viewing information 38-18
See also default zones
See also enhanced zones
See also hard zoning;soft zoning 38-13
See also zoning;zone sets 38-2
zone server databases
clearing 38-17
zone sets
activating 38-9
adding member zones 38-12
analyzing 38-24
cloning 38-16
configuring 38-8
considerations 38-4
copying 38-15
creating 38-8, 38-12
default settings 38-24
displaying information 38-18
distributing configuration 38-13
enabling distribution 38-13
exporting 38-15
exporting databases 38-15
features 38-1
importing 38-15
importing databases 38-14
one-time distribution 38-14
recovering from link isolations 38-14
renaming 38-16
viewing information 38-18
See also active zone sets
See also active zone sets;full zone sets 38-5
See also zones;zoning 38-2
zoning
description 38-1
example 38-3
implementation 38-4
See also zones;zone sets 38-1
Index
A
AAA
accounting 16-2
authentication 16-2
authorization 16-2
benefits 16-2
configuration process 16-6
configuring 16-6 to 16-12
default settings 16-13
description 16-1
DHCHAP authentication 44-8
enabling MSCHAP authentication 16-9
example configuration 16-12
field descriptions 16-1
guidelines 16-6
limitations 16-6
monitoring TACACS+ servers 18-3
prerequisites 16-5
TACACS+ server groups 17-14, 18-7, 18-13
user login process 16-4
verifying configurations 16-12
AAA accounting
adding rule methods 16-1
changing rule methods 16-1
configuring default methods 16-9
deleting rule methods 16-1
rearranging rule methods 16-1
AAA accounting logs
clearing 16-12
displaying 16-12
AAA authentication rules
adding methods 16-1
changing methods 16-1
deleting methods 16-1
rearranging methods 16-1
AAA login authentication
configuring console methods 16-6
configuring default methods 16-7
AAA logins
enabling authentication failure messages 16-8
AAA protocols
RADIUS 16-1
TACACS+ 16-1
AAA server groups
description 16-3
AAA servers
specifying SNMPv3 parameters 16-10, 16-11
specifying user roles 16-11
specifying user roles in VSAs 16-10
AAA services
configuration options 16-3
remote 16-2
security 16-1
accounting
description 16-2
active zone sets
considerations 38-4
enabling distribution 38-13
address allocation cache
description 33-19
administrative speeds
configuring 32-10
administrative states
description 32-5
setting 32-9
administrators
default passwords 3-10
aging time
accelerated
for MSTP 9-21
maximum
for MSTP 9-22
* (asterisk)
autolearned entries 45-14
first operational port 36-15
port security wildcards 45-10
authentication
description 16-2
fabric security 44-1
local 16-2
methods 16-3
remote 16-2
user login 16-4
authentication, authorization, and accounting, see AAA.
authorization
description 16-2
user login 16-4
auto mode
configuring 32-10
auto port mode
description 32-4
autosensing speed 32-10
B
BB_credits
configuring 32-12
description 32-6
displaying information 32-17
reason codes 32-6
bit errors
reasons 32-11
bit error thresholds
configuring 32-11
description 32-11
blocking state, STP 8-12
BPDU guard, see STP BPDU guard.
bridge ID, see STP bridge ID.
broadcast storms, see traffic-storm control.
Brocade
native interop mode 43-9
buffer-to-buffer credits, see BB_credits.
build fabric frames 33-3
description 33-3
C
Call Home
description 26-1, 27-1
message format options 26-2
call home
smart call home feature 26-5
Call Home destination profiles
attributes 26-8
Call Home messages
configuring levels 26-4
format options 26-2
call home notifications
full-txt format for syslog 26-18
XML format for syslog 26-19
CDP
configuring 5-7
CFS
configuring for NTP 3-17
Cisco
vendor ID 16-11, 17-3
cisco-av-pair
specifying AAA user parameters 16-10, 16-11
Cisco Nexus 2000 Series Fabric Extender 1-4
Cisco Nexus 2148T Fabric Extender 1-4
Cisco Nexus 5010 1-3
Cisco Nexus 5020 1-3
CIST regional root, see MSTP.
CIST root, see MSTP.
community ports 7-3
community VLANs 7-2, 7-3
company IDs
FC ID allocations 43-7
configuring LACP 11-10
configuring NPV 34-6
consoles
configuring AAA login authentication methods 16-6
Contiguous Domain ID Assignments
About 33-13
D
daylight saving time
adjusting for 3-14
dead time intervals
configuring for FSPF 40-7
description 40-6
debounce timer 5-4
configuring 5-8
default settings
AAA 16-13
RBAC 22-9
rollback 23-4
default users
description 3-9
default VSANs
description 37-8
default zones
configuring 38-10
configuring access permissions 38-10
configuring policies 38-8
description 38-9
interoperability 43-10
policies 38-10
destination IDs
exchange based 36-3
flow based 36-3
in-order delivery 40-10
path selection 37-10
device alias databases
committing changes 39-6
disabling distribution 39-7
discarding changes 39-6
distribution to fabric 39-5
enabling distribution 39-7
locking the fabric 39-5
merging 39-8
overriding fabric locks 39-6
device aliases
comparison with zones (table) 39-2
creating 39-3
creating (procedure) 39-6
default settings 39-10
description 39-1
displaying information 39-8
displaying zone set information 39-9
enhanced mode 39-4
features 39-1
import legacy zone aliases 39-8
modifying databases 39-2
requirements 39-2
using 39-8
zone alias conversion 39-8
device IDs
call home format 26-16
DHCHAP
AAA authentication 44-8
authentication modes 44-4
compatibility with other NX-OS features 44-3
configuring 44-3
configuring AAA authentication 44-8
default settings 44-11
description 44-2
displaying security information 44-9
enabling 44-4
group settings 44-6
hash algorithms 44-5
passwords for local switches 44-6
passwords for remote devices 44-7
sample configuration 44-9
timeout values 44-8
See also FC-SP.
diagnostics
configuring 24-3
default settings 24-4
expansion modules 24-3
health monitoring 24-2
runtime 24-2
Diffie-Hellman Challenge Handshake Authentication Protocol, see DHCHAP.
documentation
additional publications 1-iii
obtaining 1-iii
related documents 1-iii
domain IDs
allowed lists 33-9
assignment failures 32-7
configuring allowed lists 33-10
configuring CFS distribution 33-10, 33-13
configuring fcalias members 38-10
contiguous assignments 33-13
description 33-7
distributing 33-1
enabling contiguous assignments 33-13
interoperability 43-10
preferred 33-9
static 33-9
domain manager
fast restart feature 33-3
isolation 32-7
drop latency time
configuring 40-13
configuring for FSPF in-order delivery 40-13
displaying information 40-14
E
EFMD
displaying statistics 46-7
fabric binding 46-1
fabric binding initiation 46-3
EISLs
port channel links 36-1
e-mail notifications
Call Home 26-1
enhanced zones
advantages over basic zones 38-19
changing from basic zones 38-19
configuring default full database distribution 38-23
configuring default policies 38-23
configuring default switch-wide zone policies 38-23
default settings 38-24
description 38-18
displaying information 38-23
enabling 38-20
merging databases 38-22
modifying database 38-21
E port mode
classes of service 32-3
description 32-3
E ports
configuring 32-9
fabric binding checking 46-2
FCS support 47-1
FSPF topologies 40-1
isolation 32-7
recovering from link isolations 38-14
trunking configuration 35-3
ethanalyzer 50-3
EtherChannel
STP 11-1
examples
AAA configurations 16-12
Exchange Fabric Membership Data, see EFMD.
exchange IDs
in-order delivery 40-10
load balancing 50-5
path selection 37-10
exchange link parameter, see ELP.
executing a session 23-3
expansion port mode, see E port mode.
extended range VLANs. see VLANs.
F
fabric binding
activation 46-4
checking for E ports 46-2
checking for TE ports 46-2
clearing statistics 46-6
compatibility with DHCHAP 44-3
copying to config database 46-5
copying to configuration file (procedure) 46-6
creating config database (procedure) 46-6
default settings 46-7
deleting databases 46-6
deleting from config database (procedure) 46-6
description 46-1
disabling 46-3
EFMD 46-1
enabling 46-3
enforcement 46-2
forceful activation 46-5
forceful deactivation 46-5
initiation process 46-3
licensing requirements 46-1
port security comparison 46-1
saving to config database 46-5
sWWN lists 46-4
verifying status 46-3
viewing active databases (procedure) 46-6
viewing EFMD statistics (procedure) 46-6
viewing violations (procedure) 46-6
Fabric Configuration Servers, see FCSs.
Fabric-Device Management Interface, see FDMI.
fabric login, see FLOGI.
fabric port mode, see F port mode.
fabric pWWNs
zone membership 38-2
fabric reconfiguration
fcdomain phase 33-1
fabrics
See also build fabric frames.
fabrics, see RCFs.
fabric security
authentication 44-1
default settings 44-11
Fabric Shortest Path First, see FSPF.
fabric WWNs, see fWWNs.
fault tolerant fabrics
example (figure) 40-2
fcaliases
adding members 38-12
cloning 38-16
configuring for zones 38-10
creating 38-11
renaming 38-16
using 39-8
fcdomains
autoreconfigured merged fabrics 33-6
configuring CFS distribution 33-10, 33-13
default settings 33-19
description 33-1
disabling 33-5
displaying information 33-18, 33-19
domain IDs 33-7
domain manager fast restart 33-3
dsiplaying statistics 33-19
enabling 33-5
enabling autoreconfiguration 33-6
incoming RCFs 33-5
initiation 33-4
overlap isolation 32-7
restarts 33-3
switch priorities 33-4
FC IDs
allocating 33-1, 43-6
allocating default company ID lists 43-7
allocation for HBAs 43-6
configuring fcalias members 38-10
description 33-13
persistent 33-14
FCoE 1-1
fcping
default settings 50-16
invoking 50-7
verifying switch connectivity 50-7
FC-SP
authentication 44-1
enabling 44-4
enabling on ISLs 44-9
See also DHCHAP.
FCSs
characteristics 47-2
configuring names 47-2
creating platform using Device Manager 47-4
default settings 47-4
description 47-1
displaying fabric ports using Device Manager 47-4
displaying information 47-3
fctimers
displaying configured values 43-4
distribution 43-3
fctrace
default settings 50-16
invoking 50-5
FDMI
description 41-4
displaying database information 41-4
Fibre Channel
sWWNs for fabric binding 46-4
timeout values 43-1
TOVs 43-2
Fibre Channel domains. See fcdomains
Fibre Channel interfaces
administrative states 32-5
BB_credits 32-6
configuring 32-8
configuring auto port mode 32-10
configuring bit error thresholds 32-11
configuring descriptions 32-9
configuring frame encapsulation 32-11
configuring port modes 32-9
configuring speeds 32-10
default settings 32-17
deleting from port channels 36-10
disabling 32-9
displaying information 32-15
displaying VSAN membership 37-7
enabling 32-9
operational states 32-5
reason codes 32-5
states 32-4
See also interfaces.
Fibre Channel over Ethernet, see FCoE.
Fibre Channel Security Protocol, see FC-SP.
field descriptions
AAA 16-1
TACACS+ 18-13
FLOGI
description 41-1
displaying details 41-1
flow statistics
clearing 40-15
counting 40-15
description 40-14
displaying 40-15
forward-delay time
MSTP 9-21
F port mode
classes of service 32-4
description 32-3
F ports
configuring 32-9
description 32-3
See also Fx ports.
frame encapsulation
configuring 32-11
FSCN
displaying databases 42-3
FSPF
clearing counters 40-9
clearing VSAN counters 40-5
computing link cost 40-6
configuring globally 40-3
configuring Hello time intervals 40-6
configuring link cost 40-6
configuring on a VSAN 40-4
configuring on interfaces 40-5
dead time intervals 40-6
default settings 40-16
description 40-1
disabling 40-5
disabling on interfaces 40-8
disabling routing protocols 40-5
displaying database information 40-16
displaying global information 40-16
enabling 40-5
fault tolerant fabrics 40-2
in-order delivery 40-10
interoperability 43-10
link state record defaults 40-3
reconvergence times 40-2
redundant links 40-2
resetting configuration 40-4
resetting to defaults 40-4
retransmitting intervals 40-7
routing services 40-1
topology examples 40-2
FSPF routes
configuring 40-9
description 40-9
full zone sets
considerations 38-4
enabling distribution 38-13
fWWNs
configuring fcalias members 38-10
Fx ports
VSAN membership 37-4
G
GOLD diagnostics
configuring 24-3
expansion modules 24-3
health monitoring 24-2
runtime 24-2
graces period alerts
licenses 4-8
H
hard zoning
description 38-13
HBA ports
configuring area FCIDs 33-16
HBAs
FC ID allocations 43-6
health monitoring diagnostics
information 24-2
hello time
MSTP 9-21
Hello time intervals
configuring for FSPF 40-6
description 40-6
host ports
kinds of 7-3
I
IDs
Cisco vendor ID 16-11, 17-3
serial IDs 26-16
IEEE 802.1p 1-2
IEEE 802.1w, see RSTP.
IEEE 802.3x 1-2
indirect link failures
recovering 48-1
in-order delivery
configuring drop latency time 40-13
displaying status 40-13
enabling for VSANs 40-12
enabling globally 40-12
guidelines 40-12
reordering network frames 40-11
reordering port channel frames 40-11
interfaces
adding to port channels 36-8, 36-9
assigning to VSANs 37-7
CDP
configuring 5-7
chassis ID 5-2
configuring descriptions 32-9
configuring fcalias members 38-11
configuring receive data field size 32-11
debounce timer
configuring 5-8
deleting from port channels 36-10
displaying information 32-15
displaying SFP information 32-16
forced addition to port channels 36-10
isolated states 36-9
1-Gigabit speed
configuring 5-6
options 5-1
SFP types 32-15
suspended states 36-9
UDLD
configuring 5-5
defined 5-2
VSAN membership 37-6
interface speed 5-4
interface statistics
description 32-15
interoperability
configuring interop mode 1 43-10
description 43-9
verifying status 43-12
VSANs 37-11
interop modes
configuring mode 1 43-10
default settings 43-15
description 43-9
IOD. See in-order delivery
ISLs
port channel links 36-1
isolated port 7-3
isolated VLANs 7-2, 7-3
isolated VSANs
description 37-8
displaying membership 37-8
L
LACP 11-2, 11-10
system ID 11-5
license key files
description 4-2
installing key files 4-4
updating 4-4
licenses
backing up 4-5
claim certificates 4-1
displaying information 4-5
evaluation 4-2
grace period alerts 4-8
grace period expiration 4-8
grace periods 4-2
host IDs 4-1
identifying features in use 4-6
incremental 4-2
installation options 4-2
installing key files 4-4
installing manually 4-3
missing 4-2
node-locked 4-1
obtaining factory-installed 4-3
obtaining key files 4-4
PAK 4-2
permanent 4-2
terminology 4-1
transferring between switches 4-9
uninstalling 4-6
updating 4-7
Link Aggregation Control Protocol 11-2
link costs
configuring for FSPF 40-6
description 40-6
Link Failure
detecting unidirectional 8-14, 9-8
link failures
recovering 48-1
load balancing
attributes 37-10
attributes for VSANs 37-5
configuring 37-10
description 36-2, 37-10
guarantees 37-10
port channels 36-1
logical unit numbers. See LUNs
LUNs
displaying discovered SCSI targets 42-3
M
MAC addresses
configuring secondary 43-6
management access
description 3-12
management interfaces
displaying information 3-20
using force option during shutdown 3-21
management interfaces. See mgmt0 interfaces
maximum aging time
MSTP 9-22
maximum hop count, MSTP 9-22
McData
native interop mode 43-9
merged fabrics
autoreconfigured 33-6
mgmt0 interfaces
configuring 3-20
description 3-19
Microsoft Challenge Handshake Authentication Protocol. See MSCHAP
MSCHAP
enabling authentication 16-9
MST
CIST regional root 9-5
setting to default values 9-14
MSTP
boundary ports
described 9-7
CIST, described 9-4
CIST regional root 9-5
CIST root 9-6
configuring
forward-delay time 9-21
hello time 9-21
maximum aging time 9-22
maximum hop count 9-22
MST region 9-13
port priority 9-18, 9-19
root switch 9-16
secondary root switch 9-17
switch priority 9-20
CST
defined 9-4
operations between regions 9-5
enabling the mode 9-13
IEEE 802.1s
terminology 9-6
IST
defined 9-4
master 9-5
operations within a region 9-4
mapping VLANs to MST instance 9-14
MST region
CIST 9-4
configuring 9-13
described 9-2
hop-count mechanism 9-7
IST 9-4
supported spanning-tree instances 9-2
multicast storms, see traffic-storm control.
N
N5K-M1008 expansion module 1-3
N5K-M1404 expansion module 1-3
N5K-M1600 expansion module 1-3
name servers
displaying database entries 41-3
interoperability 43-11
LUN information 42-1
proxy feature 41-2
registering proxies 41-2
rejecting duplicate pWWNs 41-2
Network Time Protocol. See NTP
NPIV
description 32-13
enabling 32-14
NP links 34-2
N port identifier virtualization, see NPIV.
N ports
FCS support 47-1
fctrace 50-5
hard zoning 38-13
zone enforcement 38-13
zone membership 38-2
See also Nx ports
NP-ports 34-1
NPV, configuring 34-6
NTP
configuration guidelines 3-16
configuring 3-15
configuring CFS distribution 3-17
O
1-Gigabit Ethernet 1-4
1-Gigabit speed
configuring 5-6
operational states
configuring on Fibre Channel interfaces 32-9
description 32-5
P
passwords
administrator 3-8
default for administrators 3-10
DHCHAP 44-6, 44-7
setting administrator default 3-9
strong characteristics 22-2
persistent FC IDs
configuring 33-14
description 33-14
displaying 33-18
enabling 33-14
purging 33-17
PLOGI
name server 41-3
port channeling 11-2
port channel modes
description 36-6
PortChannel Protocol
converting autocreated groups to manually configured 36-14
port channel Protocol
autocreation 36-12
creating channel group 36-12
description 36-11
port channel protocol
configuring autocreation 36-14
enabling autocreation 36-14
PortChannels
default settings 36-16
show tech-support port-channel command 50-14
verifying configurations 36-15, 36-16
port channels
adding interfaces 36-8, 36-9
administratively down 32-7
comparison with trunking 36-2
compatibility checks 36-9
compatibility with DHCHAP 44-3
configuration guidelines 36-5
configuring 36-8
configuring Fibre Channel routes 40-9
creating 36-6
deleting 36-7
deleting interfaces 36-10
description 36-1
forcing interface additions 36-10
in-order guarantee 40-12
interface states 36-9
interoperability 43-10
link changes 40-11
link failures 40-2
load balancing 36-2
misconfiguration error detection 36-5
PortFast BPDU filtering, see STP PortFast BPDU filtering.
port modes
auto 32-4
port priority
MSTP 9-18, 9-19
ports
VSAN membership 37-6
port security
activating 45-5
activation 45-2
activation rejection 45-6
adding authorized pairs 45-11
auto-learning 45-2
compatibility with DHCHAP 44-3
configuration guidelines 45-3
configuring CFS distribution 45-12
configuring manually without auto-learning 45-9
deactivating 45-5
default settings 45-19
deleting entries from database (procedure) 45-12
disabling 45-5
displaying configuration 45-18
displaying settings (procedure) 45-7
displaying statistics (procedure) 45-7
displaying violations (procedure) 45-7
enabling 45-5
enforcement mechanisms 45-2
fabric binding comparison 46-1
forcing activation 45-6
license requirement 45-1
preventing unauthorized accesses 45-1
WWN identification 45-10
port security auto-learning
authorization examples 45-8
description 45-2
device authorization 45-8
disabling 45-8
distributing configuration 45-13
enabling 45-7
guidelines for configuring with CFS 45-3
guidelines for configuring without CFS 45-4
port security databases
cleaning up 45-18
copying 45-17
copying active to config (procedure) 45-7
deleting 45-18
displaying configuration 45-19
interactions 45-15
manual configuration guidelines 45-4
merge guidelines 45-14
reactivating 45-6
scenarios 45-15
port speeds
configuring 32-10
port tracking
default settings 48-7
description 48-1
displaying information 48-6
enabling 48-3
guidelines 48-2
monitoring ports in a VSAN 48-5
multiple ports 48-4
shutting down ports forcefully 48-5
port world wide names. See pWWNs
preshared keys
TACACS+ 18-3
primary VLANs 7-2
principal switches
assigning domain ID 33-8
configuring 33-9
private VLANs
community VLANs 7-2, 7-3
end station access to 7-5
isolated VLANs 7-2, 7-3
ports
community 7-3
isolated 7-3
promiscuous 7-3
primary VLANs 7-2
secondary VLANs 7-2
promiscuous ports 7-3
proxies
registering for name servers 41-2
pWWNs
configuring fcalias members 38-10
rejecting duplicates 41-2
zone membership 38-2
R
RADIUS
configuring global preshared keys 17-6
configuring servers 17-4 to 17-12
configuring timeout intervals 17-8
confiugring tranmission retry counts 17-8
default settings 17-14
description 17-1 to 17-4
example configurations 17-14
network environments 17-1
operation 17-2
prequisites 17-4
specifying server at login 17-8
verifying configuration 17-13
VSAs 17-3
RADIUS server groups
configuring 17-7
RADIUS servers
configuring accounting attributes 17-10
configuring authentication attributes 17-10
configuring dead-time intervals 17-12
configuring hosts 17-5
configuring periodic monitoring 17-11
configuring preshared keys 17-6
configuring timeout interval 17-9
confiugring tranmission retry count 17-9
deleting hosts 17-12
displaying statistics 17-13
example configurations 17-14
manually monitoring 17-12
monitoring 17-2
verifying configuration 17-13
Rapid Spanning Tree Protocol, see RSTP.
RBAC
default settings 22-9
RCFs
description 33-3
incoming 33-5
rejecting incoming 33-5
read-only zones
default settings 38-24
reason codes
description 32-5
reconfigure fabric frames. See RCFs
reduced MAC address 8-3
redundancy
VSANs 37-4
redundant physical links
example (figure) 40-2
Registered State Change Notifications, see RSCNs.
reserved-range VLANs, see VLANs.
retransmitting intervals
configuring for FSPF 40-7
description 40-7
roles
authentication 22-1
rollback
checkpoint copy 23-1
creating a checkpoint copy 23-1
default settings 23-4
deleting a checkpoint file 23-1
description 23-1
example configuration 23-1
guidelines 23-1
high availability 23-1
implementing a rollback 23-1
limitations 23-1
reverting to checkpoint file 23-1
verifying configuration 23-4
root guard, see STP root guard.
root switch
MSTP 9-16
route costs
computing 40-6
RSCNs
clearing statistics 41-6
default settings 41-10
description 41-4
displaying information 41-5
multiple port IDs 41-5
suppressing domain format SW-RSCNs 41-6
RSCN timers
configuration distribution using CFS 41-7
configuring 41-6
displaying configuration 41-7
RSTP
active topology 8-10
BPDU
processing 8-14
designated port, defined 8-10
designated switch, defined 8-10
proposal-agreement handshake process 8-7
rapid convergence 8-7
point-to-point links 8-7
root ports 8-7
root port, defined 8-10
See also MSTP.
runtime checks
static routes 40-9
runtime diagnostics
information 24-2
S
scalability
VSANs 37-4
SCSI
displaying LUN discovery results 42-3
SCSI LUNs
customized discovery 42-2
discovering targets 42-1
displaying information 42-2
starting discoveries 42-1
SD port mode
description 32-4
interface modes 32-4
SD ports
configuring 32-9
secondary MAC addresses
configuring 43-6
secondary VLANs 7-2
serial IDs
description 26-16
server groups. See AAA server groups
server IDs
description 26-16
service requests 1-iii
session manager 23-3
committing a session 23-3
configuring ACLs 23-2
configuring an ACL session (example) 23-3
creating a session 23-2
description 23-1
discarding a session 23-3
guidelines 23-1
limitations 23-1
saving a session 23-3
verifying configuration 23-4
verifying the session 23-3
SFPs
displaying transmitter types 32-16
transmitter types 32-15
small computer system interface. See SCSI
smart call home
description 26-5
registration requirements 26-5
Transport Gateway (TG) aggregation point 26-5
SMARTnet
smart call home registration 26-5
SNMP
access groups 27-4
assigning contact 27-11
assigning location 27-11
configuring LinkUp/LinkDown notifications 27-9, 27-10
group-based access 27-4
server contact name 26-5
user synchronization with CLI 27-4
Version 3 security features 27-2
SNMP (Simple Network Management Protocol)
versions
security models and levels 27-2
SNMPv3
assigning multiple roles 27-6
security features 27-2
specifying AAA parameters 16-10
specifying parameters for AAA servers 16-11
soft zoning
description 38-13
See also zoning
source IDs
call home event format 26-15
exchange based 36-3
flow based 36-3
in-order delivery 40-10
path selection 37-10
SPAN
egress sources 49-1
sources for monitoring 49-1
SPAN destination port mode, see SD port mode.
SPAN sources
egress 49-1
ingress 49-1
SPF
computational hold times 40-3
SSH
generating server key-pairs 19-1
static routes
runtime checks 40-9
statistics
TACACS+ 18-13
storage devices
access control 38-1
STP
edge ports 8-7, 10-2
EtherChannel 11-1
network ports 10-2
normal ports 10-2
PortFast 8-7, 10-2
port types 10-2
understanding
Blocking State 8-12
disabled state 8-13
forwarding state 8-12
learning state 8-12
root bridge election 8-5
STP bridge ID 8-3
STP root guard 10-5
summer time
adjusting for 3-14
switchable 1-Gigabit and 10-Gigabit ports 1-4
Switched Port Analyzer. See SPAN
switch ports
configuring attribute default values 32-13
switch priorities
configuring 33-4
default 33-4
description 33-4
switch priority
MSTP 9-20
sWWNs
configuring for fabric binding 46-4
T
TACACS+
advanages over RADIUS 18-2
configuring 18-4, 18-13
configuring global preshared keys 18-6
configuring global timeout interval 18-9
description 18-1
disabling 18-12
displaying statistics 18-13
enabling 18-5
example configurations 18-13
field descriptions 18-13
global preshared keys 18-3
limitations 18-4
prerequisites 18-3
preshared key 18-3
specifying TACACS+ servers at login 18-8
user login operation 18-2
verifying configuration 18-13
TACACS+ server
configuring dead-time interval 18-11
TACACS+ servers
configuration process 18-4
configuring hosts 18-5, 18-13
configuring periodic monitoring 18-10
configuring preshared keys 18-7
configuring server groups 17-14, 18-7, 18-13
configuring TCP ports 18-10
configuring timeout interval 18-9
displaying statistics 18-13
field descriptions 18-13
manually monitoring 18-12
monitoring 18-3
verifying configuration 18-13
TCP ports
TACACS+ servers 18-10
10-Gigabit Ethernet 1-4
TE port mode
classes of service 32-4
description 32-4
TE ports
fabric binding checking 46-2
FCS support 47-1, 47-2
fctrace 50-5
FSPF topologies 40-1
interoperability 43-10
recovering from link isolations 38-14
trunking restrictions 35-1
timeout values. See TOVs
TOVs
configuring across all VSANs 43-2
configuring for a VSAN 43-2
default settings 43-15
interoperability 43-10
ranges 43-1
tracked ports
binding operationally 48-3
traffic isolation
VSANs 37-3
trap notifications 27-2
troubleshooting
collecting output for technical support 50-8
fcping 50-6
fctrace 50-5
show tech-support command 50-8
verifying switch connectivity 50-7
trunk-allowed VSAN lists
description 35-4
trunking
comparison with port channels 36-2
configuration guidelines 35-1
configuring modes 35-3
default settings 35-7
description 35-1
displaying information 35-6
interoperability 43-10
link state 35-3
merging traffic 35-2
restrictions 35-1
trunking E port mode, see TE port mode.
trunking ports
associated with VSANs 37-7
trunking protocol
default settings 35-7
default state 35-2
description 35-2
detecting port isolation 35-2
trunk mode
administrative default 32-14
configuring 35-3, 35-4
default settings 35-7
trunk ports
displaying information 35-7
U
UDLD
aggressive mode 5-3
configuring 5-5
defined 5-2
nonaggressive mode 5-3
unicast storms, see traffic-storm control.
Unidirectional Link Detection. See UDLD.
unique area FC IDs
configuring 33-16
description 33-15
user accounts
password characteristics 22-2
user login
authentication process 16-4
authorization process 16-4
user logins
configuring AAA login authentication methods 16-7
user roles
specifying on AAA servers 16-10, 16-11
users
description 22-1
V
vendor-specific attributes. See VSAs
Virtual Fibre Channel interfaces
default settings 32-17
VLANs
extended range 6-2
reserved range 6-2
VTP domain 6-3
VSAN IDs
allowed list 35-7
description 37-5
multiplexing traffic 32-4
range 37-4
VSAN membership 37-4
VSANs
advantages 37-3
allowed-active 35-1
cache contents 33-19
comparison with zones (table) 37-4
compatibility with DHCHAP 44-3
configuring 37-6
configuring allowed-active lists 35-6
configuring FSPF 40-3
configuring trunk-allowed lists 35-4, 35-6
default settings 37-11
default VSANs 37-8
deleting 37-9
description 37-1
displaying configuration 37-11
displaying membership 37-7
displaying usage 37-11
domain ID automatic reconfiguration 33-6
FC IDs 37-1
FCS support 47-1
features 37-1
flow statistics 40-14
FSPF 40-4
FSPF connectivity 40-1
interop mode 43-10
isolated 37-8
load balancing 37-10
load balancing attributes 37-5
mismatches 32-7
multiple zones 38-4
names 37-5
name server 41-2
operational states 37-8
port membership 37-6
port tracking 48-5
states 37-5
TE port mode 32-4
timer configuration 43-2
TOVs 43-2
traffic isolation 37-3
trunk-allowed 35-1
trunking ports 37-7
VSAs
format 16-11
protocol options 16-11, 17-3
support description 16-11
VTP
domains
VLANs 6-3
W
world wide names. See WWNs
WWNs
configuring 43-5
displaying information 43-5
link initialization 43-6
port security 45-10
secondary MAC addresses 43-6
suspended connections 32-7
Z
zone aliases
conversion to device aliases 39-8
importing 39-8
zone attribute groups
cloning 38-16
zone databases
migrating a non-MDS database 38-17
release locks 38-21
zone members
adding to zones 38-8
converting to pWWN members 38-12
displaying information 38-9
zones
access control 38-9
adding to zone sets 38-12
adding zone members 38-8
analyzing 38-24
backing up (procedure) 38-16
changing from enhanced zones 38-20
cloning 38-16
compacting for downgrading 38-24
comparison with device aliases (table) 39-2
comparison with VSANs (table) 37-4
configuring 38-12
configuring aliases 38-10
configuring fcaliases 38-10
default policies 38-2
default settings 38-24
displaying information 38-18
editing full zone databases 38-8
enforcing restrictions 38-13
exporting databases 38-15
features 38-1, 38-4
importing databases 38-14
membership using pWWNs 37-4
merge failures 32-7
renaming 38-16
restoring (procedure) 38-16
show tech-support zone command 50-12
viewing information 38-18
See also default zones
See also enhanced zones
See also hard zoning;soft zoning 38-13
See also zoning;zone sets 38-2
zone server databases
clearing 38-17
zone sets
activating 38-9
adding member zones 38-12
analyzing 38-24
cloning 38-16
configuring 38-8
considerations 38-4
copying 38-15
creating 38-8, 38-12
default settings 38-24
displaying information 38-18
distributing configuration 38-13
enabling distribution 38-13
exporting 38-15
exporting databases 38-15
features 38-1
importing 38-15
importing databases 38-14
one-time distribution 38-14
recovering from link isolations 38-14
renaming 38-16
viewing information 38-18
See also active zone sets
See also active zone sets;full zone sets 38-5
See also zones;zoning 38-2
zoning
description 38-1
example 38-3
implementation 38-4
See also zones;zone sets 38-1