-
Cisco MDS 9000 Family Fabric Manager Configuration Guide, Release 2.x
-
New and Changed Information
-
Index
-
Preface
- Part 1 - Fabric Manager Applications
- Part 2 - Cisco MDS SAN-OS Installation and Configuration Files
-
Part 3 - Switch Configuration
-
Cisco Fabric Services
-
VSAN Configuration
-
Dynamic VSAN Configuration
-
Zone Configuration
-
Inter-VSAN Routing Configuration
-
PortChannel Configuration
-
Interface Configuration
-
FCIP Configuration
-
Configuring the SAN Extension Tuner
-
iSCSI configuration
-
FICON Configuration
-
Configuring Intelligent Storage Services
-
Additional Configuration
-
- Part 4 - Security Configuration
- Part 5 - Network and Performance Monitoring
- Part 6 - Troubleshooting
-
GUI/CLI Usage Chart
-
Interface Nonoperational Reason Codes
-
Managing Cisco FabricWare
-
Feedback
Table Of Contents
Managing Cisco FabricWare with Fabric Manager
Managing Cisco FabricWare
The Cisco FabricWare software running on the MDS 9020 switch offers Fibre Channel switching services that realize maximum performance. Cisco FabricWare provides networking features such as zoning, advanced security, non-disruptive software upgrades, diagnostics, a CLI with Cisco IOS like syntax, and standard interfaces for management applications.
This appendix contains the following sections:
Fibre Channel Support
Cisco FabricWare supports autoconfigured Fibre Channel ports capable of up to 4-Gbps bandwidth. Cisco FabricWare supports the following port types:
•
E
•
•
•
•
See the "About Interface Modes" section on page 18-1.
Cisco FabricWare supports Fabric Shortest Path First (FSPF) as the standard path selection protocol used by Fibre Channel fabrics. The FSPF feature is enabled by default on all Fibre Channel switches. Except in configurations that require special consideration, you do not need to configure any FSPF services. FSPF automatically calculates the best path between any two switches in a fabric.
Zone Configuration
Zoning enables you to set up access control between storage devices or user groups. If you have administrator privileges in your fabric, you can create zones to increase network security and to prevent data loss or corruption. Zoning is enforced by examining the source-destination ID field. Cisco FabricWare does not support QoS, broadcast, LUN, or read-only zones.
You can use the Fabric Manager zone configuration tool to manage zone sets, zones, and zone membership for switches running Cisco FabricWare. Cisco FabricWare supports zone membership by pWWN. See the "Configuring a Zone" section on page 15-5.
Security
Cisco FabricWare supports the following security features:
•
•
•
•
Cisco FabricWare can use the RADIUS protocol to communicate with remote AAA servers. RADIUS is a distributed client/server protocol that secures networks against unauthorized access. In the Cisco implementation, RADIUS clients run on Cisco MDS 9000 Family switches and send authentication requests to a central RADIUS server that contains all user authentication and network service access information.
You can access the CLI using the console (serial connection), Telnet, or Secure Shell (SSH). For each management path (console or Telnet and SSH), you can configure one or more of the following security control options: local, remote (RADIUS), or none.
If you are using SSH, you need to remove "-h $host -u $user" from the SSH path.
To modify the SSH preferences, follow these steps:
Step 1
Step 2
Step 3
-h $host -u $userStep 4
Using local or RADIUS authentication, you can configure the roles that each authenticated user receives when they access the switch. Cisco FabricWare supports two fixed roles: network administrator and network operator.
IP access lists (IP-ACLs) control management traffic over IP by regulating the traffic types that are allowed or denied to the switch. IP-ACLs can only be configured for the mgmt0 port.
Fabric Manager server uses SNMPv1 and SNMPv2 to communicate with Cisco FabricWare.
Events
You can monitor fabric and switch status for Cisco FabricWare switches through either a syslog server or an SNMP trap receiver.
The syslog, or system message logging software, saves messages in a log file or directs the messages to other devices. This feature provides you with the following capabilities:
•
•
•
By default, the switch logs normal but significant system messages to a log file and sends these messages to the system console. You can specify which system messages should be saved based on the type of facility and the severity level. You can access logged system messages using the CLI or by saving them to a properly configured system message logging server.
You can configure the Cisco MDS 9020 switch using the CLI to send notifications to SNMP managers when particular events occur. You can send these notifications as traps.
Managing Cisco FabricWare with Fabric Manager
Fabric Manager Release 2.1(2) or later supports switches running Cisco FabricWare.
Note
Table C-1 shows the supported features and where to access more information on that feature.
Table C-1
Zones
Zone configuration
Zone membership by pWWN
No Cisco FabricWare support for QoS, broadcast, LUN, or read-only zones
Using the Zone Configuration Tool
Interfaces
1/2/4 Fibre Channel autonegotiating ports
SNMP
SNMPv1 and SNMPv2c
Adding A Community String to the communities.properties File, page 26-4
Software images
Automated upgrades
Manual upgrades
Using the Software Install Wizard
FLOGI, name server, FDMI, and RSCN
Displaying FLOGI details
Registering name server proxies
Displaying FDMI
RSCN statistics
Refer to the Cisco MDS 9020 Switch Configuration Guide and Command Reference.
Security
Configuring RADIUS
Configuring server groups
Configuring Role-Based authorization
Configuring user accounts
Configuring SSH services
Fibre Channel routing
FSPF Global Configuration
FSPF Interface Configuration
Refer to the Cisco MDS 9020 Switch Configuration Guide and Command Reference.
IP services
IP Access Control Lists on mgmt0
System messages
System message logging configuration
Advanced configuration
fcTimer
FabricWare Features in Fabric Manager
