Section |
Page |
Contents |
3 |
Preface |
13 |
Document conventions |
13 |
Text formatting conventions |
13 |
Command syntax conventions |
13 |
Notes, cautions, and warnings |
14 |
Brocade resources |
15 |
Contacting Brocade Technical Support |
15 |
Document feedback |
16 |
About This Document |
17 |
Supported hardware and software |
17 |
What’s new in this document |
18 |
Introducing Web Tools |
19 |
Web Tools overview |
19 |
Web Tools, the EGM license, and Brocade Network Advisor |
19 |
Web Tools features enabled by the EGM license |
20 |
Web Tools functionality moved to Brocade Network Advisor |
21 |
System requirements |
23 |
Setting refresh frequency for Internet Explorer |
24 |
Deleting temporary Internet files used by Java applications |
25 |
Java installation on the workstation |
26 |
Installing the JRE on your Solaris or Linux client workstation |
26 |
Installing patches on Solaris |
26 |
Installing the Java Plug-in on Windows |
27 |
Java Plug-in configuration |
27 |
Enabling Java content in the browser |
27 |
Configuring the Java Plug-in for Windows |
27 |
Configuring the Java Plug-in for Mozilla family browsers |
28 |
Value line licenses |
28 |
Opening Web Tools |
29 |
Logging in |
29 |
Logging in to a Virtual Fabric |
30 |
Switching between Virtual Fabrics |
31 |
Logging in to an Admin Domain |
31 |
Logging out |
32 |
Role-Based Access Control |
32 |
Session management |
33 |
Ending a Web Tools session |
33 |
Web Tools system logs |
33 |
SupportSave logs |
34 |
Requirements for IPv6 support |
35 |
Using the Web Tools Interface |
37 |
Viewing Switch Explorer |
37 |
Persisting GUI preferences |
39 |
Tabs |
40 |
Fabric Tree |
40 |
Changing the Admin Domain context |
41 |
Switch View buttons |
41 |
Switch View |
41 |
Port representations |
42 |
USB port representation |
42 |
Zoom in and zoom out |
43 |
Switch Events and Switch Information |
43 |
Free Professional Management tool |
45 |
Displaying tool tips |
45 |
Right-click options |
45 |
Refresh rates |
46 |
Displaying switches in the fabric |
47 |
Recommendations for working with Web Tools |
47 |
Opening a Telnet or SSH client window |
48 |
Collecting logs for troubleshooting |
48 |
Managing Fabrics and Switches |
51 |
Fabric and switch management overview |
51 |
Opening the Switch Administration window |
52 |
Configuring IP and subnet mask information |
53 |
Configuring Netstat Auto Refresh |
54 |
Configuring a syslog IP address |
54 |
Removing a syslog IP address |
55 |
Configuring IP filtering |
55 |
Blade management |
56 |
Enabling or disabling a blade |
56 |
Setting a slot-level IP address |
57 |
Viewing IP addresses |
58 |
Switch configuration |
58 |
Enabling and disabling a switch |
58 |
Enabling and disabling switch persistent |
58 |
Changing the switch name |
59 |
Changing the switch domain ID |
59 |
Viewing and printing a switch report |
60 |
Setting a principal switch |
60 |
Switch restart |
61 |
Performing a fast boot |
61 |
Performing a reboot |
61 |
System configuration parameters |
62 |
WWN-based persistent PID assignment |
62 |
Configuring fabric settings |
63 |
Fabric settings |
63 |
Enabling insistent domain ID mode |
64 |
Configuring virtual channel settings |
64 |
Configuring arbitrated loop parameters |
65 |
Arbitrated loop parameters |
65 |
Configuring system services |
66 |
Configuring CSCTL QoS mode |
66 |
Configuring signed firmware |
66 |
Licensed feature management |
67 |
Activating a license on a switch |
67 |
Assigning slots for a license key |
67 |
Removing a license from a switch |
68 |
Universal time-based licensing |
68 |
High Availability overview |
69 |
Admin Domain considerations |
69 |
Launching the High Availability window |
69 |
Admin Domain considerations |
70 |
Synchronizing services on the CP |
70 |
Initiating a CP failover |
71 |
Event monitoring |
71 |
Displaying switch events |
72 |
Filtering switch events |
72 |
Filtering events by event severity levels |
73 |
Filtering events by message ID |
73 |
Filtering events by service component |
73 |
Displaying the Name Server entries |
74 |
Printing the Name Server entries |
74 |
Displaying Name Server information for a particular device |
74 |
Displaying zone members for a particular device |
75 |
Physically locating a switch using beaconing |
75 |
Locating logical switches using chassis beaconing |
75 |
Virtual Fabrics overview |
76 |
Selecting a logical switch from the Switch View |
76 |
Viewing logical ports |
77 |
Maintaining Configurations and Firmware |
79 |
Creating a configuration backup file |
79 |
Restoring a configuration |
80 |
Admin Domain configuration maintenance |
81 |
Uploading and downloading from USB storage |
82 |
Performing a firmware download |
82 |
Managing Administrative Domains |
85 |
Administrative Domain overview |
85 |
Requirements for Admin Domains |
85 |
User-defined Admin Domains |
85 |
System-defined Admin Domains |
86 |
AD0 |
86 |
AD255 or physical fabric |
86 |
Admin Domain membership |
87 |
Enabling Admin Domains |
87 |
Admin Domain window |
87 |
Opening the Admin Domain window |
89 |
Refreshing fabric information |
89 |
Refreshing Admin Domain information |
89 |
Saving local Admin Domain changes |
90 |
Closing the Admin Domain window |
90 |
Creating and populating domains |
90 |
Creating an Admin Domain |
91 |
Adding ports or switches to the fabric |
91 |
Activating or deactivating an Admin Domain |
92 |
Modifying Admin Domain members |
92 |
Renaming Admin Domains |
93 |
Deleting Admin Domains |
93 |
Clearing the Admin Domain configuration |
93 |
Managing Ports |
95 |
Port management overview |
95 |
Opening the Port Admin tab |
95 |
Admin Domain considerations |
96 |
Port Admin tab components |
96 |
Ports Explorer tree |
97 |
Actions |
97 |
Subtabs |
97 |
Controllable ports |
99 |
Configuring FC ports |
99 |
Allowed port types |
100 |
Speed |
101 |
Long distance mode |
101 |
Ingress rate limit |
101 |
Available buffer credit calculation |
103 |
Assigning a name to a port |
103 |
Port beaconing |
103 |
Enabling and disabling a port |
104 |
Considerations for enabling or disabling a port |
104 |
Persistent enabling and disabling ports |
105 |
Configuring NPIV ports |
106 |
Port activation |
106 |
Enabling Ports on Demand |
108 |
Enabling Dynamic Ports on Demand |
108 |
Disabling Dynamic Ports on Demand |
108 |
Diagnostic ports |
109 |
Reserving and releasing licenses on a port basis |
109 |
Port swapping index |
110 |
Port swapping |
110 |
Determining if a port index was swapped with another switch port |
111 |
Configuring port binding |
112 |
Unbinding a port |
113 |
Configuring BB credits on an F_Port |
113 |
Configuring ALPA |
114 |
Configuring port octet speed combination |
115 |
Configuring CSCTL |
116 |
Enabling CSCTL mode |
117 |
Disabling CSCTL mode |
117 |
Configuring compression and encryption |
117 |
Enabling or disabling encryption |
118 |
Enabling or disabling compression |
118 |
Displaying compression ratio |
118 |
Forward Error Correction |
119 |
In-Band Management |
119 |
GigE port modes |
120 |
Enabling ISL Trunking |
121 |
ISL Trunking overview |
121 |
Disabling or enabling ISL Trunking |
121 |
Admin Domain considerations |
122 |
Viewing trunk group information |
122 |
F_Port trunk groups |
123 |
Creating and maintaining F_Port trunk groups |
123 |
Monitoring Performance |
125 |
Performance Monitor overview |
125 |
Basic monitoring |
125 |
Advanced monitoring |
125 |
Performance graphs |
126 |
Admin Domain considerations |
126 |
Predefined performance graphs |
126 |
User-defined graphs |
129 |
Canvas configurations |
129 |
Opening the Performance Monitor window |
130 |
Creating basic performance monitor graphs |
130 |
Customizing basic monitoring graphs |
131 |
Advanced performance monitoring graphs |
133 |
Creating SID/DID Performance graphs |
133 |
Creating the SCSI vs. IP Traffic graph |
134 |
Creating SCSI command graphs |
134 |
Tunnel and TCP performance monitoring graphs |
135 |
Tunnel and TCP graph chart properties |
136 |
Saving graphs to a canvas |
136 |
Adding graphs to an existing canvas |
137 |
Printing graphs |
137 |
Modifying graphs |
137 |
Administering Zoning |
139 |
Zoning overview |
139 |
Basic zones |
139 |
Traffic Isolation zones |
139 |
LSAN zone requirements |
139 |
QoS zone requirements |
140 |
Zoning configurations |
140 |
Opening the Zone Admin window |
140 |
Setting the default zoning mode |
140 |
Zoning management |
141 |
Refreshing fabric information |
144 |
Refreshing Zone Administration window information |
144 |
Saving local zoning changes |
145 |
Selecting a zoning view |
145 |
Creating and populating zone aliases |
146 |
Adding and removing members of a zone alias |
146 |
Renaming zone aliases |
147 |
Deleting zone aliases |
147 |
Creating and populating zones |
148 |
Adding and removing members of a zone |
148 |
Renaming zones |
149 |
Cloning zones |
149 |
Deleting zones |
149 |
Creating and populating enhanced Traffic Isolation zones |
150 |
Zone configuration and zoning database management |
151 |
Creating zone configurations |
151 |
Adding or removing zone configuration members |
152 |
Renaming zone configurations |
152 |
Cloning zone configurations |
153 |
Deleting zone configurations |
153 |
Enabling zone configurations |
153 |
Disabling zone configurations |
154 |
Displaying enabled zone configurations |
154 |
Viewing the enabled zone configuration name without opening the Zone Administration window |
155 |
Viewing detailed information about the enabled zone configuration |
155 |
Adding a WWN to multiple aliases and zones |
155 |
Removing a WWN from multiple aliases and zones |
156 |
Replacing a WWN in multiple aliases and zones |
156 |
Searching for zone members |
157 |
Clearing the zoning database |
157 |
Zone configuration analysis |
157 |
Best practices for zoning |
158 |
Working with Diagnostic Features |
159 |
Trace dumps |
159 |
How a trace dump is used |
159 |
Setting up automatic trace dump transfers |
160 |
Specifying a remote server |
160 |
Enabling automatic transfer of trace dumps |
160 |
Disabling automatic trace uploads |
160 |
Displaying switch information |
161 |
Viewing detailed fan hardware status |
162 |
Viewing the temperature status |
162 |
Viewing the power supply status |
163 |
Checking the physical health of a switch |
163 |
Defining switch policy |
165 |
Port LED interpretation |
166 |
Port icon colors |
166 |
Using the FC-FC Routing Service |
167 |
Fibre Channel Routing overview |
167 |
Supported switches for Fibre Channel Routing |
168 |
Setting up FC-FC routing |
168 |
FC-FC routing management |
169 |
Opening the FC Routing module |
169 |
Viewing and managing LSAN fabrics |
170 |
Viewing EX_Ports |
170 |
Configuring an EX_Port |
171 |
Editing the configuration of an EX_Port |
171 |
Configuring FCR router port cost |
172 |
Viewing LSAN zones |
172 |
Viewing LSAN devices |
172 |
Configuring the backbone fabric ID |
173 |
Using the Access Gateway |
175 |
Access Gateway overview |
175 |
Viewing Switch Explorer for Access Gateway mode |
175 |
Access Gateway mode |
176 |
Restricted access in the Port Admin tab |
176 |
Enabling Access Gateway mode |
177 |
Disabling Access Gateway mode |
177 |
Viewing the Access Gateway settings |
178 |
Port configuration |
178 |
Editing a Port |
178 |
Creating port groups |
179 |
Editing or viewing port groups |
180 |
Deleting port groups |
181 |
Defining custom primary F-N port mapping |
181 |
Defining custom static F-N port mapping |
181 |
Defining custom WWN-N port mappings |
182 |
Access Gateway policy modification |
182 |
Path Failover and Failback policies |
182 |
Modifying Path Failover and Failback policies |
182 |
Enabling the Automatic Port Configuration policy |
183 |
Administering Fabric Watch |
185 |
Fabric Watch overview |
185 |
Administering Extended Fabrics |
187 |
Extended link buffer allocation overview |
187 |
Configuring a port for long distance |
189 |
Routing Traffic |
191 |
Routing overview |
191 |
Viewing fabric shortest path first routing |
192 |
Configuring dynamic load sharing |
193 |
Lossless dynamic load sharing |
193 |
Specifying frame order delivery |
194 |
Configuring the link cost for a port |
194 |
Configuring Standard Security Features |
197 |
User-defined accounts |
197 |
Virtual Fabrics considerations |
198 |
Admin Domain considerations |
198 |
Viewing user account information |
199 |
Creating user-defined accounts |
199 |
Deleting user-defined accounts |
202 |
Changing user account parameters |
202 |
Maintaining passwords |
204 |
Changing the password of an account |
204 |
Setting the rules for passwords |
204 |
Setting a password as expired |
205 |
Unlocking a password |
205 |
Displaying roles and assigned logical fabrics |
206 |
User-defined roles |
206 |
Guidelines and restrictions |
206 |
Creating a user-defined role |
207 |
Editing a user-defined role |
208 |
Access control list policy configuration |
209 |
Virtual Fabrics considerations |
209 |
Admin Domain considerations |
209 |
Creating an SCC, DCC, or FCS policy |
209 |
Editing an SCC, DCC, or FCS policy |
210 |
Deleting all SCC, DCC, or FCS policies |
210 |
Activating all SCC, DCC, or FCS policies |
210 |
Distributing an SCC, DCC, or FCS policy |
211 |
Moving an FCS policy switch position |
211 |
Configuring Advanced Device Security policy |
211 |
Fabric-Wide Consistency Policy configuration |
212 |
Authentication policy configuration |
213 |
Configuring authentication policies for E_Ports |
213 |
Configuring authentication policies for F_Ports |
213 |
Distributing authentication policies |
214 |
Re-authenticating policies |
214 |
Setting a shared secret key pair |
214 |
Modifying a shared secret key pair |
215 |
Setting the Switch Policy Authentication mode |
215 |
SNMP configuration |
215 |
Setting SNMP trap levels |
215 |
Changing the systemGroup configuration parameters |
216 |
Setting SNMPv1 configuration parameters |
216 |
Setting SNMPv3 configuration parameters |
216 |
Changing the access control configuration |
217 |
RADIUS management |
217 |
Enabling and disabling RADIUS |
218 |
Configuring RADIUS |
218 |
Modifying the RADIUS server |
219 |
Modifying the RADIUS server order |
219 |
Removing a RADIUS server |
220 |
Active Directory service management |
220 |
Enabling Active Directory service |
220 |
Modifying Active Directory service |
221 |
Removing Active Directory service |
221 |
TACACS+ management |
221 |
Enabling and disabling TACACS+ |
221 |
Configuring TACACS+ |
222 |
Modifying TACACS+ |
222 |
Removing TACACS+ |
222 |
IPsec concepts |
223 |
Transport mode and tunnel mode |
224 |
IPsec header options |
224 |
Authentication Header |
224 |
Encapsulating Security Payload |
225 |
Basic IPsec configurations |
225 |
Endpoint to Endpoint |
225 |
Gateway to Gateway |
226 |
Endpoint to Gateway |
226 |
Internet Key Exchange concepts |
226 |
Encryption algorithms |
226 |
Hash algorithms |
227 |
Pseudo-Random Function algorithm |
227 |
Public key certificate-based authentication |
227 |
SA lifetime |
227 |
Diffie-Hellman groups |
227 |
Authentication methods |
228 |
IPsec over management ports |
228 |
Enabling the Ethernet IPsec policies |
228 |
Establishing an IKE policy |
229 |
Creating a security association |
229 |
Creating an SA proposal |
230 |
Adding an IPsec transform policy |
230 |
Adding an IPsec selector |
231 |
Manually creating an SA |
231 |
Editing an IKE or IPsec policy |
232 |
Deleting an IKE or IPsec policy |
232 |
Establishing authentication policies for HBAs |
233 |
Administering FICON CUP Fabrics |
235 |
FICON CUP fabrics overview |
235 |
Enabling port-based routing |
236 |
Enabling or disabling FICON Management Server mode |
237 |
FMS parameter configuration |
237 |
Configuring FMS mode parameters |
238 |
Displaying code page information |
239 |
Viewing the control device state |
239 |
Allow / Prohibit Matrix configuration |
240 |
Viewing Allow / Prohibit Matrix configurations |
241 |
Modifying Allow / Prohibit Matrix configurations |
241 |
Activating an Allow / Prohibit Matrix configuration |
242 |
Copying an Allow / Prohibit Matrix configuration |
243 |
Deleting an Allow / Prohibit Matrix configuration |
243 |
CUP logical path configuration |
243 |
Viewing CUP logical path configurations |
243 |
Configuring CUP logical paths |
244 |
Link Incident Registered Recipient configuration |
244 |
Viewing Link Incident Registered Recipient configurations |
244 |
Configuring LIRRs |
244 |
Displaying Request Node Identification Data |
245 |
Configuring FCoE with Web Tools |
247 |
Web Tools and FCoE overview |
247 |
Web Tools, the EGM license, and Brocade Network Advisor |
247 |
Port information that is unique to FCoE |
248 |
Switch administration and FCoE |
248 |
FCoE configuration tasks |
249 |
Quality of Service configuration |
249 |
Editing the DCB map |
249 |
Adding a traffic class map |
250 |
LLDP-DCBX configuration |
250 |
Configuring global LLDP characteristics |
251 |
Adding an LLDP profile |
252 |
Configuring DCB interfaces |
253 |
Configuring a link aggregation group |
254 |
Configuring VLANs |
254 |
Configuring FCoE login groups |
255 |
Displaying FCoE port information |
256 |
Displaying LAG information |
257 |
Displaying VLAN information |
257 |
Displaying FCoE login groups |
257 |
Displaying QoS information |
257 |
Displaying LLDP-DCBX information |
257 |
Displaying DCB interface statistics |
258 |
Configuring a DCB interface from the Switch View |
258 |
Configuring a DCB interface from the Port Admin panel |
258 |
Enabling and disabling a LAG |
259 |
Enabling and disabling LLDP |
259 |
Enabling and disabling QoS priority-based flow control |
259 |
Enabling and disabling FCoE ports |
260 |
Limitations |
261 |
General Web Tools limitations |
261 |