Implementing Smart Zoning On IBM Cisco SANs

Similar documents
Configuring a Dual Fabric SAN Environment

Configuring Microsoft Windows XP iscsi Host to MDS/IPS 8

Troubleshooting N-Port Virtualization

Managing FLOGI, Name Server, FDMI, and RSCN Databases, page 1

Troubleshooting Distributed Device Alias Services

Configuring and Managing Zones

Configuring and Managing Zones

Configuring and Managing Zones

MDS 9000 Switch and McData Dual Core Topology (Interop Mode 1)

DCNX5K: Configuring Cisco Nexus 5000 Switches

CCIE Data Center Storage Networking. Fibre Channel Switching

Inter-VSAN Routing Configuration

IVR Zones and Zonesets

Cisco MDS NX-OS Release 6.2Configuration Limits 2

Troubleshooting Zones and Zone Sets

Interoperability Limitations

MDS 9000 Core with Brocade 3900/12000 Edge Topology

CCIE Data Center Storage Networking. Fibre Channel Switching Configuration. Nexus 5500UP FC Initialization Allocate interfaces as type FC

Configuring Fabric Configuration Server

Using native UCSM and CLI tools for Troubleshooting and Configuration

MDS to MDS Basic Configuration with FCIP

MDS 9020 Switch Interoperability

Managing FLOGI, Name Server, FDMI, and RSCN Databases

Cisco MDS 9000 Series Fabric Configuration Guide, Release 8.x

Interoperability Guidelines for Non-Cisco Switches

Deploying IP Storage Solutions with the Cisco MDS 9000

VersaStack for Data Center Design & Implementation (VDCDI) 1.0

Cisco MDS 9000 Series Switches

UCS Engineering Details for the SAN Administrator

Configuring the Fibre Channel Gateway

Getting Started. Enabling SSH

Cisco MDS 9000 Series Switches

Contents. FCoE commands 0

UCS Direct Attached Storage and FC Zoning Configuration Example

Fibre Channel Specialist Lab

Question: 1 You have a Cisco UCS cluster and you must recover a lost admin password. In which order must you power cycle the fabric interconnects?

Configuring Zones and Zone Sets

MDS 9000 Core with Brocade and McData Edge Topology (Interop Mode 1)

Cisco UCS Local Zoning

Windows 2012 NPIV on UCS Configuration Example

Send documentation comments to

Intermixing Best Practices

P Commands. Send documentation comments to CHAPTER

zseries FICON and FCP Fabrics -

CONNECTRIX MDS-9250I SWITCH

Cisco SME Tape Configuration

Quick Reference Guide

Managing Zones and Zone Sets

Cisco SME Tape Configuration

MDS 9000 Core with Brocade and McData Edge Topology (Interop Mode 1)

IBM IBM Storage Networking Solutions Version 1.

Fabric Manager Client

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Advanced Storage Area Network Design

ITBraindumps. Latest IT Braindumps study guide

Cisco Traffic Analyzer

Nexus 5000 NPIV FCoE with FCoE NPV Attached UCS Configuration Example

Cisco MDS 9000 Family Blade Switch Solutions Guide

Direct Attached Storage

Fibre Channel Gateway Overview

F Commands CHAPTER. Send documentation comments to

Cisco Nexus 9000 Series NX-OS FC NPV Configuration Guide, Release 9.x

Large SAN Design Best Practices Using Cisco MDS 9700 and MDS 9500 Multilayer Directors

Fibre Channel Networking for the IP Network Engineer and SAN Core Edge Design Best Practices Chad Hintz Technical Solutions Architect BRKVIR-1121

UCS SAN Troubleshooting

Configuring FCoE NPV. Information About FCoE NPV. This chapter contains the following sections:

SAN Implementation (SANIW)

Cisco MDS 9000 Family SAN Volume Controller Configuration Guide. Cisco MDS SAN-OS Release 1.3 September, 2004

HPE Knowledge Article

Storage Networking Cisco MDS 9148 Beta Testing

Q&As. Troubleshooting Cisco Data Center Unified Computing. Pass Cisco Exam with 100% Guarantee

Advanced Fibre Channel Features

Secure SAN Zoning Best Practices

Contents. FCoE commands 1

Advanced Storage Area Network Design

Advanced Storage Area Network Design Blaise Pangalos Solutions Architect

HP FlexFabric 5700 Switch Series

UCS-ABC. Cisco Unified Computing System Accelerated Boot Camp. Length: 5 Days. Format: Lecture/Lab. Course Version: 5.0. Product Version: 2.

... Technical report: IBM System Storage N series N7950T and Intel Xeon Servers. Benefits of converged networking. Document NS

NS Number: NS0-507 Passing Score: 800 Time Limit: 120 min File Version: NS0-507

Symbols. Numerics INDEX

Fibre Channel Specialist Lab

SVC VOLUME MIGRATION

A. Both Node A and Node B will remain on line and all disk shelves will remain online.

Power Systems SAN Multipath Configuration Using NPIV v1.2

Fibre Channel Zoning

Verify that your username has network-admin privileges. Assign a new network administrator password if your username has network-admin privileges.

IBM Europe Announcement ZG , dated February 13, 2007

Service Profiles and Templates

Technical Brief: How to Configure NPIV on VMware vsphere 4.0

Cisco Nexus B22 Blade Fabric Extender for IBM

UCS Supported Storage Architectures and Best Practices with Storage

Configuring SME Tapes

Cisco Cisco Data Center Associate Level Accelerated - v1.0 (DCAA)

Send documentation comments to

Storage Media Encryption Overview

Fibre Channel Storage Area Network Design BRKSAN-2701

Dell Networking MXL and PowerEdge I/O Aggregator with Cisco Nexus 5000 series fabric mode Config Sheets

Cisco MDS 9000 Family NX-OS Inter-VSAN Routing Configuration Guide

S S SNIA Storage Networking Foundations

Transcription:

Implementing Smart Zoning On IBM Cisco SANs What Is Smart Zoning Zoning on any SAN is used to limit what SAN devices can see other devices. This makes SANS easier to administer and limits the impact on other devices if one device has issues. Traditional zoning best practice for most SANs is to have 1 initiator (or host) per zone. Depending on the type of target, there can be many targets in a zone with that host. For example a zone consisting of a backup server with many tape devices is generally acceptable. A zone consisting of a host (initiator) and more than one IBM SAN Volume Controller (SVC) cluster is not. There will eventually be problems if the different SVC clusters are allowed to talk to each other. Traditional zoning in this way has the potential to have so many zones that it becomes burdensome on the administrators. In addition, using the backup server to tape device example, if there is a zone with 30 tape devices in it, traditional zoning means that there will now be all the additional entries in the ACL list on the SAN that don t need to be there. The tape devices generally don t need to talk to all the others. This takes up resources and can sometimes be harder to troubleshoot. We could prevent these ACL entries by rezoning so that the host is zoned separately to each tape device, but now there are 30 zones for our backup server. The number of zones will add up quickly if there are multiple backup servers. Smart Zoning on a Cisco fabric fixes this by only allowing initiator to target connections within a zone. So, for our backup server zone, the only entries in the ACL would be for the initiator (host) to each target (tape) device. We can also add all the other backup servers to this zone and they won t be able to talk to any other initiator, since Smart Zoning only allows initiator to target communication. Assuming we have 12 backup servers, we can collapse all 12 into a single zone with the tape drives. Smart Zoning will prevent the 12 servers from talking to each other. Figure 1.0 shows a zone with 3 hosts and 3 targets, before Smart Zoning. The connections in black are the host to target connections. The connections in red are the initiator to initiator and target to target connections. Figure 2.0 shows the same zone with Smart Zoning configured. The initiator-initiator and target-target connections have been removed by the switch. Implementing Cisco Smart Zoning Page 1 of 13

Figure 1.0 Zoning Without Smart Zoning Figure 2.0 Zoning With Smart Zoning Smart Zoning System Requirements Smart Zoning requires each switch in the fabric be upgraded to NX-OS version 5.2.6 or greater. If any switch in the fabric can t be upgraded to v5.2.6 then Smart Zoning can t be used. The VSANs with Smart Zoning enabled must be in default (Cisco) mode. Smart Zoning is not supported in VSANs where non- Cisco switches are connected to the fabric, or where VSANs are configured for IVR into VSANs these with 3 rd party switches are connected. Implementing Cisco Smart Zoning Page 2 of 13

Supported Smart Zoning Options The following table lists the options that are supported with Smart Zoning. It is possible, though not recommended to do traditional zoning via WWNN. Smart Zoning does not support this. Enabling Smart Zoning: Smart Zoning is enabled on a per-vsan basis. The switch can be set so that any new VSANs created have Smart Zoning enabled automatically, however existing VSANs need to have Smart Zoning enabled manually. To enable Smart Zoning on a VSAN, where <vsan no> is a VSAN number conf t zone smart-zoning enable vsan <vsan no> The following example shows the current zone status, then enables smart zoning on VSAN 1, then shows current status to verify smart zoning is enabled Example: sc9134b(config)# show zone status vsan 1 VSAN: 1 default-zone: deny distribute: full Interop: default mode: basic merge-control: allow session: none hard-zoning: enabled broadcast: unsupported smart-zoning: disabled Default zone: qos: none broadcast: unsupported ronly: disabled Full Zoning Database : DB size: 10044 bytes Zonesets:2 Zones:84 Aliases: 0 Active Zoning Database : DB size: 1060 bytes Name: Zoneset_V2 Zonesets:1 Zones:13 Implementing Cisco Smart Zoning Page 3 of 13

Enable Smart Zoning sc9134b(config)# zone smart-zoning enable vsan sc9134b(config)# show zone status vsan 1 VSAN: 1 default-zone: deny distribute: full Interop: default mode: basic merge-control: allow session: none hard-zoning: enabled broadcast: unsupported smart-zoning: enabled Default zone: qos: none broadcast: unsupported ronly: disabled Full Zoning Database : DB size: 10044 bytes Zonesets:2 Zones:84 Aliases: Active Zoning Database : DB size: 1060 bytes Name: Zoneset_V2 Zonesets:1 Zones:13 To disable Smart Zoning use the `no zone smart-zoning enable vsan <vsan no> command Converting Zones To Smart Zoning After Smart Zoning is enabled, existing zones must be converted to Smart Zoning. This section of the document details converting zones and the steps to take to prepare. Automatic conversion can happen at the zone, zoneset and VSAN level. Converting an entire VSAN applies smart zoning to the active and inactive zonesets. Converting a zoneset applies Smart Zoning to all the zones within that zoneset and converting a zone applies smart zoning to the members in that zone. Converting a zone is zone-specific and will only be applied to that zone when the changes are activated. Once the command is run to convert the VSAN, zoneset or zone to Smart-Zoning, the switch will examine the device type for each zone member registered in the name server and will rewrite the ACL table accordingly. So initiators will no longer be allowed to talk to other initiators in the same zone. Targets will no longer be able to talk to other targets. If a device does not register its type properly with the name server, there will be unexpected results when activating the zoneset subsequent to the conversion. It is strongly recommended you follow the steps in the next section prior to converting a VSAN, Zoneset or Zone to Smart Zoning. Before You Convert To Smart Zoning Before converting a VSAN, zoneset or zone, you should examine the name server datatabase to determine which devices may not be registering device type properly. The command to do this is `show fcns database` and an example command and output are provided. Implementing Cisco Smart Zoning Page 4 of 13

Example show fcns database command sc9134b(config)# show fcns database VSAN 1: -------------------------------------------------------------------------- FCID TYPE PWWN (VENDOR) FC4-TYPE:FEATURE -------------------------------------------------------------------------- 0x7e0000 N 50:05:07:68:01:10:40:03 (IBM) scsi-fcp:both 0x7e0100 N 50:05:07:68:01:40:40:03 (IBM) scsi-fcp:both 0x7e0200 N 50:05:07:68:01:10:40:2d (IBM) scsi-fcp:both 0x7e0300 N 50:05:07:68:01:40:40:2d (IBM) scsi-fcp:both 0x7e0400 N 50:05:07:68:01:10:40:df (IBM) scsi-fcp:both 0x7e0500 N 50:05:07:68:01:40:40:df (IBM) scsi-fcp:both 0x7e0600 N 50:05:07:68:01:10:40:24 (IBM) scsi-fcp:both 0x7e0700 N 50:05:07:68:01:40:40:24 (IBM) scsi-fcp:both 0x7e0900 N 21:00:00:e0:8b:08:37:3d (Qlogic) scsi-fcp:init 0x7e0c00 N 21:00:00:e0:8b:0f:64:47 (Qlogic) scsi-fcp:init 0x7e2300 N 20:05:00:a0:b8:29:9f:7b (SymBios) scsi-fcp:both 0x7e2500 N 20:25:00:a0:b8:32:54:d2 (SymBios) scsi-fcp:both 0x7e2600 N 20:14:00:a0:b8:32:54:d2 (SymBios) scsi-fcp:both 0x7e2700 N 20:04:00:a0:b8:29:9f:7b (SymBios) scsi-fcp:both 0x7e2f00 N 50:05:07:63:03:10:40:6b (IBM) scsi-fcp fcsb2-ch-cu 0x7e3000 N 50:05:07:63:03:03:c0:6b (IBM) scsi-fcp fcsb2-ch-cu In the above listing, the two devices in blue are registered as init. For this fabric, converting to Smart Zoning means that after the changes are activated, if those two devices are in the same zone they would no longer be able to login to each other. The next listing shows some IBM SAN Volume Controller ports ithat are incorrectly listed as target. If this fabric were converted, these SVC ports would not be able to see each other or any target ports that might be their back-end storage. This could cause issues for the SVC cluster both talking to other nodes in the cluster and talking to back-end storage. If the storage ports are also listed as targets in the name server, the Smart Zoning conversion would prevent these SVC nodes from talking to the storage. Partial Name Server listing with SVC ports incorrectly listed FCID TYPE PWWN (VENDOR) FC4-TYPE:FEATURE -------------------------------------------------------------------------- 0x1fb686 N 50:05:07:68:01:10:65:a3 (IBM) scsi-fcp:target 0x1fb693 N 50:05:07:68:01:40:64:88 (IBM) scsi-fcp:target 0x1fb6b6 N 50:05:07:68:01:40:65:a3 (IBM) scsi-fcp:target 0x1ffa84 N 50:05:07:68:01:10:a8:b9 (IBM) scsi-fcp:target Implementing Cisco Smart Zoning Page 5 of 13

Automatically Convert to Smart Zoning The following table lists the commands to convert to Smart Zoning. The conversion can be done at the VSAN, Zoneset or Zone level. After the command is run, the zoneset the change is made in must be reactivated to apply the changes and generate the new ACL entries. Commands To Convert To Smart Zoning Convert a VSAN to Smart Zoning this will convert all zones and zonesets in this VSAN, then activate a zoneset called Zoneset2 to apply the changes sc9134b(config)# conf t sc9134b(config)# zone convert smart-zoning vsan 1 sc9134b(config)# zoneset activate name Zoneset2 Convert a Zoneset called Zoneset2 to Smart Zoning then activate that zoneset. This will only convert this Zoneset to Smart Zoning. Other zonesets in this VSAN will be unchanged sc9134b(config)# conf t sc9134b(config)# zone convert smart-zoning zoneset name Zoneset2 vsan 1 sc9134b(config)# zoneset activate name Zoneset2 Convert a Zone to Smart Zoning, then activate the zoneset. This will only convert this zone to Smart Zoning. Other zones in this zoneset will be unchanged sc9134b(config)# conf t sc9134b(config)# zone convert smart-zoning zone name Host1_SVC vsan 1 sc9134b(config)# zoneset activate name Zoneset2 Manually Configuring Smart Zoning Smart Zoning can be configured manually on individual zone members. This may not be practical as changing devices manually only affects the zone the devices are changed in. Changes would have to be made in each zone that device is a member of. The following table lists how to configure a device manually. In this example we will be specifying the device by WWPN and configuring it for device type of init. Other valid types are target or both. The device can also be specified by FCID (NPort ID), devicealias or fc-alias Implementing Cisco Smart Zoning Page 6 of 13

sc9134b(config)# conf t sc9134b(config)# zone name Port1_SVC vsan 1 sc9134b(config)# member 21:00:00:e0:8b:08:37:3d init Verifying Changes After converting to Smart Zoning and activating the changes, you can verify Smart Zoning has taken effect by examining the ACL listing. Unfortunately the show zoneset active listing only shows device type for manually configured devices. The following table shows the same zone listing after automatic conversion and then after a member was specified manually. After zoning is converted automatically but before manually specifying a device type no device types are listed sc9134b# show zoneset active VSAN1 zone name Port1_SVC vsan 1 * fcid 0x7e0c00 [pwwn 21:00:00:e0:8b:0f:64:47] * fcid 0x7e0000 [pwwn 50:05:07:68:01:10:40:03] * fcid 0x7e0600 [pwwn 50:05:07:68:01:10:40:24] * fcid 0x7e0200 [pwwn 50:05:07:68:01:10:40:2d] * fcid 0x7e0400 [pwwn 50:05:07:68:01:10:40:df] * fcid 0x7e0100 [pwwn 50:05:07:68:01:40:40:03] * fcid 0x7e0700 [pwwn 50:05:07:68:01:40:40:24] * fcid 0x7e0300 [pwwn 50:05:07:68:01:40:40:2d] * fcid 0x7e0500 [pwwn 50:05:07:68:01:40:40:df] * fcid 0x7e0900 [pwwn 21:00:00:e0:8b:08:37:3d] Manually specifying a device type you can see the WWPN we configured above now is listed as initiator sc9134b# show zoneset active VSAN1 zone name Port1_SVC vsan 1 * fcid 0x7e0c00 [pwwn 21:00:00:e0:8b:0f:64:47] * fcid 0x7e0000 [pwwn 50:05:07:68:01:10:40:03] * fcid 0x7e0600 [pwwn 50:05:07:68:01:10:40:24] * fcid 0x7e0200 [pwwn 50:05:07:68:01:10:40:2d] * fcid 0x7e0400 [pwwn 50:05:07:68:01:10:40:df] * fcid 0x7e0100 [pwwn 50:05:07:68:01:40:40:03] * fcid 0x7e0700 [pwwn 50:05:07:68:01:40:40:24] * fcid 0x7e0300 [pwwn 50:05:07:68:01:40:40:2d] * fcid 0x7e0500 [pwwn 50:05:07:68:01:40:40:df] * fcid 0x7e0900 [pwwn 21:00:00:e0:8b:08:37:3d] init Implementing Cisco Smart Zoning Page 7 of 13

We can verify the changes made by the automatic conversion by examining the ACL table. As an example we will use the device with WWPN 21:00:00:e0:8b:08:37:3d to verify that the ACL listing is correct. The ACL is listed by FCID, so we can either examine the active zoneset or the fcns database to get the FCID for the WWPN we are interested in. In this case, the FCID is 0x7e0900. The command `sc9134b# show zone internal rscn acl-table current vsan 1` will give us the full ACL listing for VSAN 1. Since we know what device we are interested in, we can modify the command slightly to search for a specific FCID. The pipe symbol and in keyword tells the switch to search for FCID 7e0900 in the ACL listing. The example is in the following table: sc9134b# show zone internal rscn acl-table current vsan 1 in 7e0900 fc1/1 0x7e0700 0x7e0900 rw no fc1/3 0x7e0600 0x7e0900 rw no fc1/7 0x7e0c00 0x7e0900 rw no fc1/8 0x7e0300 0x7e0900 rw no fc1/9 0x7e0100 0x7e0900 rw no fc1/11 0x7e0000 0x7e0900 rw no fc1/14 0x7e0200 0x7e0900 rw no fc1/15 0x7e0900 0x7e0000 rw no fc1/15 0x7e0900 0x7e0100 rw no fc1/15 0x7e0900 0x7e0200 rw no fc1/15 0x7e0900 0x7e0300 rw no fc1/15 0x7e0900 0x7e0400 rw no fc1/15 0x7e0900 0x7e0500 rw no fc1/15 0x7e0900 0x7e0600 rw no fc1/15 0x7e0900 0x7e0700 rw no fc1/15 0x7e0900 0x7e0c00 rw no fc1/17 0x7e0500 0x7e0900 rw no fc1/19 0x7e0400 0x7e0900 rw no Our initiator has been highlighted in blue. If you examine the table, you will see that FCID 0x7e0C00 is not listed. Cross-checking that FCID against the show zoneset active output shows this is the other initiator in the same zone. Since that FCID is not listed in this ACL listing, we can see that Smart Zoning is working as it should. The two initiators can be in the same zone but will not be able to talk to each other. Configure individual zone members (takes effect on per-zone basis this would need to be set in each zone): first set context then configure zone member, this example uses pwwn, refer to table above for other options: 1. conf t 2. zoneset name <zoneset name> zone name <zone name> 3. member pwwn <pwwn> [target][initiator][both] Implementing Cisco Smart Zoning Page 8 of 13

Lab Testing Environment: 2 MDS 9134 switches with 8 SVC ports, 2 DS8000 ports, 4 DS4000?? Ports and 2 host ports connected to each switch. Zoning before Smart Zoning we had to fix the zoning. Previous zoning was done with individual storage ports zoned to individual SVC ports and individual SVC ports zoned to each other. There were many 2-member zones. They were also switch port-based so that made it harder to figure out the zoning. There are now 4 zones. One for DS8000 to SVC, 1 each for DS4000 Controller A and Controller B ports to SVC and 1 for host to SVC. zoneset name Zoneset_V2 vsan 1 zone name DS8000_SVC vsan 1 * fcid 0xef0200 [pwwn 50:05:07:68:01:20:40:24] * fcid 0xef0400 [pwwn 50:05:07:68:01:20:40:03] * fcid 0xef0600 [pwwn 50:05:07:68:01:20:40:2d] * fcid 0xef0000 [pwwn 50:05:07:68:01:20:40:df] * fcid 0xef0500 [pwwn 50:05:07:68:01:30:40:03] * fcid 0xef0300 [pwwn 50:05:07:68:01:30:40:24] * fcid 0xef0700 [pwwn 50:05:07:68:01:30:40:2d] * fcid 0xef0100 [pwwn 50:05:07:68:01:30:40:df] * fcid 0xef2c00 [pwwn 50:05:07:63:03:03:00:6b] * fcid 0xef2d00 [pwwn 50:05:07:63:03:08:00:6b] zone name DS4000_CtlrA_SVC vsan 1 * fcid 0xef0200 [pwwn 50:05:07:68:01:20:40:24] * fcid 0xef0400 [pwwn 50:05:07:68:01:20:40:03] * fcid 0xef0600 [pwwn 50:05:07:68:01:20:40:2d] * fcid 0xef0000 [pwwn 50:05:07:68:01:20:40:df] * fcid 0xef0500 [pwwn 50:05:07:68:01:30:40:03] Implementing Cisco Smart Zoning Page 9 of 13

* fcid 0xef0300 [pwwn 50:05:07:68:01:30:40:24] * fcid 0xef0700 [pwwn 50:05:07:68:01:30:40:2d] * fcid 0xef0100 [pwwn 50:05:07:68:01:30:40:df] * fcid 0xef2700 [pwwn 20:05:00:a0:b8:29:9f:7c] * fcid 0xef2500 [pwwn 20:24:00:a0:b8:32:54:d2] zone name DS4000_CtlrB_SVC vsan 1 * fcid 0xef0200 [pwwn 50:05:07:68:01:20:40:24] * fcid 0xef0400 [pwwn 50:05:07:68:01:20:40:03] * fcid 0xef0600 [pwwn 50:05:07:68:01:20:40:2d] * fcid 0xef0000 [pwwn 50:05:07:68:01:20:40:df] * fcid 0xef0500 [pwwn 50:05:07:68:01:30:40:03] * fcid 0xef0300 [pwwn 50:05:07:68:01:30:40:24] * fcid 0xef0700 [pwwn 50:05:07:68:01:30:40:2d] * fcid 0xef0100 [pwwn 50:05:07:68:01:30:40:df] * fcid 0xef2700 [pwwn 20:05:00:a0:b8:29:9f:7c] * fcid 0xef2600 [pwwn 20:15:00:a0:b8:32:54:d2] zone name Post1_SVC vsan 1 * fcid 0xef0200 [pwwn 50:05:07:68:01:20:40:24] * fcid 0xef0400 [pwwn 50:05:07:68:01:20:40:03] * fcid 0xef0600 [pwwn 50:05:07:68:01:20:40:2d] * fcid 0xef0000 [pwwn 50:05:07:68:01:20:40:df] * fcid 0xef0500 [pwwn 50:05:07:68:01:30:40:03] * fcid 0xef0300 [pwwn 50:05:07:68:01:30:40:24] * fcid 0xef0700 [pwwn 50:05:07:68:01:30:40:2d] * fcid 0xef0100 [pwwn 50:05:07:68:01:30:40:df] Implementing Cisco Smart Zoning Page 10 of 13

* fcid 0xef0c00 [pwwn 21:00:00:e0:8b:13:3b:41] We first attempted to run the auto command on the zoneset to get Smart Zoning configured automatically. However, this did not produce any effective changes in the ACL. Here is the name server where you can see the SVC ports are registered as both, as are the DS4K ports. The ports in blue are the ones that were changed as part of this exercise sc9134a# show fcns database VSAN 1: -------------------------------------------------------------------------- FCID TYPE PWWN (VENDOR) FC4-TYPE:FEATURE -------------------------------------------------------------------------- 0xef0000 N 50:05:07:68:01:20:40:df (IBM) scsi-fcp:both 0xef0100 N 50:05:07:68:01:30:40:df (IBM) scsi-fcp:both 0xef0200 N 50:05:07:68:01:20:40:24 (IBM) scsi-fcp:both 0xef0300 N 50:05:07:68:01:30:40:24 (IBM) scsi-fcp:both 0xef0400 N 50:05:07:68:01:20:40:03 (IBM) scsi-fcp:both 0xef0500 N 50:05:07:68:01:30:40:03 (IBM) scsi-fcp:both 0xef0600 N 50:05:07:68:01:20:40:2d (IBM) scsi-fcp:both 0xef0700 N 50:05:07:68:01:30:40:2d (IBM) scsi-fcp:both 0xef0800 N 21:01:00:e0:8b:28:37:3d (Qlogic) scsi-fcp:init 0xef0c00 N 21:00:00:e0:8b:13:3b:41 (Qlogic) scsi-fcp:init 0xef2100 N 20:04:00:a0:b8:29:9f:7c (SymBios) scsi-fcp:both 0xef2500 N 20:24:00:a0:b8:32:54:d2 (SymBios) scsi-fcp:both 0xef2600 N 20:15:00:a0:b8:32:54:d2 (SymBios) scsi-fcp:both 0xef2700 N 20:05:00:a0:b8:29:9f:7c (SymBios) scsi-fcp:both 0xef2c00 N 50:05:07:63:03:03:00:6b (IBM) scsi-fcp fcsb2-ch-cu 0xef2d00 N 50:05:07:63:03:08:00:6b (IBM) scsi-fcp fcsb2-ch-cu Implementing Cisco Smart Zoning Page 11 of 13

Next we configured 2 of the SVC ports as target only in the host Zone: member pwwn 50:05:07:68:01:30:40:2d target member pwwn 50:05:07:68:01:30:40:df target This had no effect on the ACL because the 2 SVC ports were listed as both in the zones for the DS8K and DS4K ports. The new host zone looks like this. The host is listed as init because it was changed when we rant the auto configure earlier. zone name Post1_SVC vsan 1 * fcid 0xef0200 [pwwn 50:05:07:68:01:20:40:24] * fcid 0xef0400 [pwwn 50:05:07:68:01:20:40:03] * fcid 0xef0600 [pwwn 50:05:07:68:01:20:40:2d] * fcid 0xef0000 [pwwn 50:05:07:68:01:20:40:df] * fcid 0xef0500 [pwwn 50:05:07:68:01:30:40:03] * fcid 0xef0300 [pwwn 50:05:07:68:01:30:40:24] * fcid 0xef0700 [pwwn 50:05:07:68:01:30:40:2d] target * fcid 0xef0100 [pwwn 50:05:07:68:01:30:40:df] target * fcid 0xef0c00 [pwwn 21:00:00:e0:8b:13:3b:41] init Next we configured the same 2 SVC ports as target only in the DS8000 to SVC zone and after activation this did cause the SVC to generate a login excluded error on that controller. Now those two SVC node ports are targets in this zone, they have been removed from the ACL for the DS8000 ports where 0xef2C00 is FCID for one of the DS8K ports, 0xef0700 and 0xef0100 are the SVC Ports: show zone internal rscn acl-table current vsan 1 in 2c00 fc1/1 0xef0300 0xef2c00 rw no fc1/2 0xef2c00 0xef0000 rw no fc1/2 0xef2c00 0xef0200 rw no fc1/2 0xef2c00 0xef0300 rw no fc1/2 0xef2c00 0xef0400 rw no fc1/2 0xef2c00 0xef0500 rw no fc1/2 0xef2c00 0xef0600 rw no fc1/3 0xef0200 0xef2c00 rw no fc1/9 0xef0500 0xef2c00 rw no fc1/11 0xef0400 0xef2c00 rw no fc1/16 0xef0600 0xef2c00 rw no fc1/21 0xef0000 0xef2c00 rw no Implementing Cisco Smart Zoning Page 12 of 13

And the updated zone after Smart Zoning: zone name DS8000_SVC vsan 1 * fcid 0xef0200 [pwwn 50:05:07:68:01:20:40:24] * fcid 0xef0400 [pwwn 50:05:07:68:01:20:40:03] * fcid 0xef0600 [pwwn 50:05:07:68:01:20:40:2d] * fcid 0xef0000 [pwwn 50:05:07:68:01:20:40:df] * fcid 0xef0500 [pwwn 50:05:07:68:01:30:40:03] * fcid 0xef0300 [pwwn 50:05:07:68:01:30:40:24] * fcid 0xef0700 [pwwn 50:05:07:68:01:30:40:2d] target * fcid 0xef0100 [pwwn 50:05:07:68:01:30:40:df] target * fcid 0xef2c00 [pwwn 50:05:07:63:03:03:00:6b] target * fcid 0xef2d00 [pwwn 50:05:07:63:03:08:00:6b] target Implementing Cisco Smart Zoning Page 13 of 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback