Brocade Product Training: Zoning

Brocade
Product Training
Zoning
Brocade Education Services

2003 Brocade Communications Systems, Incorporated.
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 1
Learning Objectives
Overview of Zoning Why use Brocade Zoning
What is a Zone
Components Zone Management Fabric OS Commands for Zoning
Zoning Considerations
Overview of Zoning
Creating virtual SANs from a
physical SAN Limiting the scope of initiators Heterogeneity Zone Type Application role Carving up hubs <domain,port> Security
Hardware Enforcement
LOOM ASIC Hardware Enforced Software Enforced Software Enforced
BLOOM ASIC Hardware Enforced Hardware Enforced Software Enforced
Frame Filter Software Enforcement Name Server Trap PLOGI
WWN
MIXED
Example
The server in the red zone sees one loop of disks The server in the blue zone sees two storage arrays The server in the green zone sees one loop and one array No server sees Loop 2
Forms of Zoning
No Fabric Zoning
Zoning by application
Zoning by operating system
Forms of Zoning (cont).

Zoning by port allocation
Zoning by single HBA
Storage Provisioning
Host Level

LUN Masking Persistent Binding Selective Presentation
Storage Based Zoning
LUN Security
Fabric Based Zoning

Host will query Name Server Name Server determines zones the host belongs to Name server replies with node information of active devices Host will connect to device
Design Considerations
Zone Enforcement Tradeoffs
Hardware Enforced Frame Level Easy to define Cannot be bypassed or defeated (more secure) Devices in a zone that are all specified by WWN can be moved anywhere in the Fabric without changing zone definition If a failed device is replaced, zone definition needs to change if WWN was specified If a switch is replaced, the new switch will need same domain # Software Enforced Session Level Devices specified by WWN and are part of a Mixed Zone specification (Port and WWN) can be moved anywhere in the Fabric without changing the zone definition If a failed device is replaced, zone definition needs to change if WWN was specified
Design Considerations (contd)

When hardware zone enforcement is desired, ensure the following:
Avoid defining a
device which is hardware enforced in one zone and software enforced in another zone spans mixed generation ASICs, specify devices by port
When a
When specifying devices by
WWN in a zone, ensure that all devices are attached to a 3rd generation ASIC
Preparing to Set up Zoning

Create a detailed diagram

10
ISLs to the switches Detailed diagram of every switch F_Port, FL_Port, Private HBAs
11
Hierarchy of Components
Members
Zones
Configs
Zone Management
Zoning can be managed using

12
WEB TOOLS Fabric Manager Command Line Interface (CLI) Fabric OS Management Commands
Create Alias Zone
aliCreate
Delete
aliDelete
Add
aliAdd
Remove
aliRemove
Show
aliShow
zoneCreate
zoneDelete
zoneAdd
zoneRemove
ZoneShow
Config cfgCreate
cfgDelete
cfgAdd
cfgRemove
cfgShow
Zoning has more commands: cfgEnable, cfgDisable, cfgSave, cfgClear,cfgTransAbort,cfgSize

Zoning Configuration
Only one active zone configuration for the entire fabric Zone configuration has 1 or more zones as its members Effective Zone Configuration Seen with cfgShow Seen with switchShow Saved across reboots Effective config of none Zone config not enabled All hosts may see all
Enabling Zone Config

RSL_SWT153:admin> switchshow switchName: switchType: switchState: switchMode: switchRole: switchDomain: switchId: RSL_SWT153 9.1 Online Native Subordinate 1 fffc01
13
switchWwn:
switchBeacon: Zoning:
10:00:00:60:69:50:0d:d6
OFF ON (Main_cfgA)
RSL_SWT153:admin> cfgshow Effective configuration: cfg: Main_cfgA
cfgEnable
zone:
domain129_zone
10:00:00:00:c9:2b:50:c7 10:00:00:00:c9:2a:b4:54 10:00:00:00:c9:2d:13:c3
Never disable one to enable another Enable one configuration over another
Zoning Enforcement
Hard Zoning: Hardware enforced
14
Available through ASIC hardware logic checking Provides security in addition to soft zoning Denies illegal access from bad citizen HBAs

Soft Zoning: Name Server enforced
Name Server restricts visibility Always available regardless if zoning is enabled or not Relies on good citizens for security
Zone Definitions:
<domain, port> or <domain, area> identifier WWN identifier Mixed Zone Overlapping Zone Broadcast Zone

Zoning Implementations on SilkWorm switches

SilkWorm 2000 series SilkWorm 3000 and 12000 series switches
15
SilkWorm 2000, 3000 and 12000 series switches
Zoning Schemes
Switch/Port Level Zoning: Hardware Enforced
16
zoneCreate z1, 1,3; 1,4 WWN Level Zoning : Hardware Enforced zoneCreate z2, WWN1; WWN2 Mixed Zoning : Software Enforced zoneCreate z3,1,5; WWN3
In this example, the Mixed Zoning would be software
enforced at the destination port.
Zone Objects
Zone Objects
17
<domain,port> Up to 64 characters Aliases Node World Wide Name Includes all PWWN that share NWWN Port World Wide Name Only single port is in the zone Zone Aliases Up to 64 characters Friendly names conventions for zone objects SRV for Server SRV_SUNHOST1 STO for Storage STO_ENTPRISE_STORAGE TPE for Tape TPE_TAPE_DRIVE1 VRA for Virtual Appliance VRA_VIT_APPLIANCE
Selecting Ports on a 12000

Ports on 12000 are often referred to as decimal area Zoning in v4.1 requires area numbers Area numbers distinguish ports on different logical slots
18
SWITCH 0
SWITCH 1
Port Slot 1 Slot 2 Slot 3 Slot 4 Slot 7 Slot 8 Slot 9 Slot 10 ==== ====== ====== ====== ====== ====== ====== ====== ======= 15 15 31 47 63 15 31 47 63 14 14 30 46 62 14 30 46 62 13 13 29 45 61 13 29 45 61 12 12 28 44 60 12 28 44 60 11 11 27 43 59 11 27 43 59 10 10 26 42 58 10 26 42 58 9 9 25 41 57 9 25 41 57 8 8 24 40 56 8 24 40 56 7 7 23 39 55 7 23 39 55 6 6 22 38 54 6 22 38 54 5 5 21 37 53 5 21 37 53 4 4 20 36 52 4 20 36 52 3 3 19 35 51 3 19 35 51 2 2 18 34 50 2 18 34 50 1 1 17 33 49 1 17 33 49 0 0 16 32 48 0 16 32 48
19
Zoning Steps for a One-Switch Fabric

1. Plan zoning to meet objectives
EngHost MktHost 3 s1 s2 s3 9 Switch 1
2. Create Members >aliCreate EngHost1,1,3 >aliCreate EngStor,s1wwn;s2wwn >aliCreate Mkt,1,9;s5wwn;s4wwn;s3wwn 3. Create Zones >zoneCreateZoneEng,EngHost1;EngStor >zoneCreate ZoneMkt,Mkt
s5 s4
4. Create Configuration
>cfgCreate cfgEngMkt,ZoneEng;ZoneMkt 5. Enable Configuration >cfgEnable cfgEngMkt 6. Save Configuration >cfgSave
cfgShow Output
EngHost MktHost 3 s1 s2 9 Switch 1
SW1:admin> cfgShow
20
Defined configuration:
cfg: zone: zone: cfgEngMkt ZoneEng; ZoneMkt ZoneEng EngHost; EngStor; ZoneMkt Mkt
alias: EngStor 21:00:00:20:37:87:48:e7; 21:00:00:20:37:87:23:e2 alias: EngHost 1,3 alias: Mkt 21:00:00:20:37:87:49:29; 21:00:00:20:37:87:e5:20; 1,9; 21:00:00:20:37:87:20:c5
s5 s4
Effective configuration: cfg: zone: cfgEngMkt ZoneEng 1,3; 21:00:00:20:37:87:23:e2; 21:00:00:20:37:87:48:e7; ZoneMkt 1,9; 21:00:00:20:37:87:e5:20; 21:00:00:20:37:87:49:29; 21:00:00:20:37:87:20:c5
s3
zone:
portZoneShow Command
Used to determine the type of zone enforcement being used
RSL_SWT122:admin> PORT: 0 PORT: 1 PORT: 2 PORT: 3 PORT: 4 PORT: 5 PORT: 6 PORT: 7 PORT: 8 [* Output PORT: 31 portzoneshow Enforcement: Enforcement: Enforcement: Not Zoned Enforcement: Enforcement: Enforcement: Enforcement: Enforcement: Truncated *] Not Zoned HARD PORT defaultHard: 1 F-port: 1 HARD PORT defaultHard: 1 F-port: 1 HARD WWN defaultHard: 0 F-port: 1 E-Port E-Port E-Port E-Port E-Port defaultHard: defaultHard: defaultHard: defaultHard: defaultHard: 0 0 0 0 0 F-port: F-port: F-port: F-port: F-port: 0 0 0 0 0
21
Hardware & Software Zoning

RED Zone Dom, Port
2,0
22
Software EnforcedDom, Port Zoning 2,6

WWN3
Dom, Port 2,7
0 1 2 3
4 5 6 7
Domain #2
Dom, Port 2,8
PURPLE Zone
WWN1
8 9 10 11 12 13 14 15
GREEN Dom, Port Zone 2,9
Hardware Enforced Zoning
WWN2
BLUE Zone
FCAL Zoning
Enabled Fabric Zoning Prod_Daily Purple_Zone ;Red_Zone Purple_Zone WWN1;WWN2 Red_Zone 4,1;WWN3 5 6 7
23
WWN1
4,1
Software Enforced
Hardware Enforced
2 Quad
Quad
Domain 4
Purple Zone Quad
Hardware Enforced
Red Zone
Quad
9 10 11
12 13 14 15
Software Enforced
FCAL
WWN2 WWN3
Overlapping Zones, Port Hardware/Software Enforced

Purple Zone
Hardware Enforced
24
Green Zone
4,4
WWN1 0 1 2 3
Software Enforced
5 6 7
Enabled Zoning
Prod_Daily Purple_Zone ;Green_Zone Purple_Zone WWN1; WWN2
Quad
Quad
Green_Zone 4,4; WWN2
Domain 4
Quad
8 9 10 11 12
Quad
13 14 15
Hardware Enforced
WWN2
Software Enforced
Zones and Mixed Generation ASICs

What happens when you zone across mixed generations of ASICs?
WWN zoning specification across ASICs
Port specification across ASICs Mix of WWN and port across ASICs
25
Zoning in a Mixed Generation ASIC Environment 2nd and 3rd generation ASICs
WWN1 Dom 4,7
26
0 1 2 3
Hardware Enforced
4 5 6 7
0 1 2 3
4 5 6 7
0 1 2 3
4 5 6 7
Hardware Enforced
Domain #2
8 9 10 11 12 13 14 15 0 1 2 3
BLOOM
Domain #3
8 9 10 11 12 13 14 15 4 5 6 7 0 1 2 3
BLOOM
Domain #4
8 9 10 11 12 13 14 15 4 5 6 7
BLOOM
BLOOM
Purple Zone
0 1 2 3
Software Enforced LOOM
Domain #5
8 9 10 11 12 13 14 15 4 5 6 7 0 1 2 3
BLOOM
Domain #6
8 9 10 11 12 13 14 15 4 5 6 7 0 1 2 3
Green Zone
Hardware Enforced
4 5 6 7
Domain #7
8 9 10 11 12 13 14 15
WWN2 Software Enforced
Domain #8
8 9 10 11 12 13 14 15
Software Enforced Software Enforced
BLOOM
LOOM
Domain #9
8 9 10 11 12 13 14 15
Hardware Enforced Dom 9,15
Blue Zone
Red Zone
WWN3
Dom 8,8
WWN5
Dom 8,4
Adding/Merging Zones
Adding a new switch to a existing Fabric No previous zoning on switch
27
ISL to existing fabric With zoning loaded on switch cfgClear and cfgSave commands to sanitize joining switch When added, the zoning configuration in effect will propagate to the new switch transparently Merging two switches/Fabric Case 1 - Identical zone configuration on both switches/Fabrics New Fabric with all switches and same zone configuration in effect Case 2 - Different zone configuration Attempt to merge zone configurations If merging attempt fails, then ISL will segment and split a Fabric If the zone merge fails, the Fabrics will remain two separate Fabrics with their original zone configuration, and the ISL will segment
Brocade Zoning
Adding a new switch with no zoning - cfgShow SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
28
SilkWorm
cfgEngMkt ZoneEng ZoneMkt
SDRAM Switch Domain 1
Flash Memory
Flash Memory
Brocade Zoning Current cfg Propagates to New Switch SilkWorm

29
SilkWorm
ISL
Propagate Definitions
SDRAM
Switch Domain 1
Flash Memory
Flash Memory
Brocade Zoning
Merging Configurations SilkWorm
30
SilkWorm
test_cfg testnt_zone testsun_zone
Flash Memory
Flash Memory
Brocade Zoning
Merging Configurations SilkWorm
31
>cfgenable test_cfg
SilkWorm
Flash Memory
Flash Memory
Brocade Zoning
Merging Zone Conflict ISL the Fabrics SilkWorm
32
SilkWorm
ISL
Flash Memory
Flash Memory
Fabric Segmented
Brocade Zoning
Merging Fix SilkWorm
CONFIGURATION DEFINITIONS
>portDisable <E_Port#> >cfgDisable >portEnable <E_Port#>
33
SilkWorm
ENABLED CONFIGURATION
SDRAM
ISL
SDRAM
Switch Domain 1
Flash Memory
Switch Domain 2
Flash Memory
Brocade Zoning
Merging Problem Now Resolved SilkWorm
34
SilkWorm
cfgEngMkt ZoneEng ZoneMkt test_cfg testnt_zone testsun_zone
ISL
Merge Definitions
cfgEngMkt ZoneEng ZoneMkt test_cfg testnt_zone testsun_zone
SDRAM
Switch Domain 1
Flash Memory
Flash Memory
Brocade Zoning
Merging Update definitions SilkWorm
35
SilkWorm
cfgAll ZoneEng ZoneMkt testnt_zone testsun_zone
ISL
SDRAM
Switch Domain 1
Flash Memory
Flash Memory
Brocade Zoning
Merging Enable new definition SilkWorm
36
>cfgenable cfgAll
SilkWorm
ISL
SDRAM
Switch Domain 1
Flash Memory
Flash Memory
Best Practices for Zoning

SilkWorm 2000 Series
37
Use <domain, port> for zone members
SilkWorm 3000 Series
Use WWN or <domain, port> zones Referred to as Advanced Zoning
SilkWorm v4.x Series switches
Use WWN or <domain, area> zones Referred to as Advanced Zoning
Mixed ASIC Fabrics
Preferable use <domain, port> identifiers

Summary

38
Zoning logically separates the Fabric into subsets Software enforced Uses NS, and HBAs need to be good citizens Mixture of WWNs and <domain,port> pairs Hardware enforced Only with all <domain,port> pairs or all WWNs When connected, a device automatically is in the zone If zoning is enabled, all devices must be in a zone Loom ASIC zones are treated independently and the entire cfg does not go software enforced when a mixed zone type has been introduced
Review Questions
39
1.
What are some reasons for implementing Zoning?
2. What happens when two zone configurations do not match when merging?
3. What is the purpose of a broadcast zone?
4. What is the difference between aliDelete and aliRemove?

Brocade Product Training: Zoning

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Brocade Product Training: Zoning

Caricato da

Copyright:

Formati disponibili

Brocade

Brocade Education Services

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 1

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 2

LOOM ASIC Hardware Enforced Software Enforced Software Enforced

BLOOM ASIC Hardware Enforced Hardware Enforced Software Enforced

Frame Filter Software Enforcement Name Server Trap PLOGI

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 3

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 5

Forms of Zoning (cont).

Zoning by single HBA

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 6

LUN Masking Persistent Binding Selective Presentation

Storage Based Zoning

Fabric Based Zoning

Design Considerations (contd)

When specifying devices by

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 9

Preparing to Set up Zoning

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 10

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 11

Zoning has more commands: cfgEnable, cfgDisable, cfgSave, cfgClear,cfgTransAbort,cfgSize

RSL_SWT153:admin> cfgshow Effective configuration: cfg: Main_cfgA

Soft Zoning: Name Server enforced

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 14

Zoning Implementations on SilkWorm switches

SilkWorm 2000, 3000 and 12000 series switches

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 15

In this example, the Mixed Zoning would be software

enforced at the destination port.

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 16

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 17

Selecting Ports on a 12000

Zoning Steps for a One-Switch Fabric

EngHost MktHost 3 s1 s2 s3 9 Switch 1

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 19

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 20

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 21

Hardware & Software Zoning

Software EnforcedDom, Port Zoning 2,6

Dom, Port 2,7

GREEN Dom, Port Zone 2,9

Hardware Enforced Zoning

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 22

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 23

Overlapping Zones, Port Hardware/Software Enforced

Green_Zone 4,4; WWN2

Zones and Mixed Generation ASICs

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 25

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 26

cfgEngMkt ZoneEng ZoneMkt

cfgEngMkt ZoneEng ZoneMkt

SDRAM Switch Domain 1

SDRAM Switch Domain 2

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 28

Brocade Zoning Current cfg Propagates to New Switch SilkWorm

cfgEngMkt ZoneEng ZoneMkt

cfgEngMkt ZoneEng ZoneMkt

cfgEngMkt ZoneEng ZoneMkt

cfgEngMkt ZoneEng ZoneMkt

SDRAM Switch Domain 2

2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 29

cfgEngMkt ZoneEng ZoneMkt