Technical data

ManualsBrandsBrocade Communications Systems ManualsComputer equipmentConverged Enhanced Ethernet 8000

53-1002163-02

30 June 2011

DRAFT: BROCADE CONFIDENTIAL

Converged Enhanced

Ethernet

Administrator’s Guide

Supporting Fabric OS v7.0.0

Summary of content (168 pages)

PAGE 1
DRAFT: BROCADE CONFIDENTIAL 53-1002163-02 30 June 2011 Converged Enhanced Ethernet Administrator’s Guide Supporting Fabric OS v7.0.
PAGE 2
DRAFT: BROCADE CONFIDENTIAL Copyright © 2009-2011 Brocade Communications Systems, Inc. All Rights Reserved. Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron, SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries.
PAGE 3
DRAFT: BROCADE CONFIDENTIAL Title Publication number Summary of changes Date Converged Enhanced Ethernet Administrator’s Guide 53-1001761-01 Updated for Fabric OS v7.0.0. Added chapter for IGMP. March 2010 Converged Enhanced Ethernet Administrator’s Guide 53-1002061-01 Updated to support iSCSI TLV configuration. October 2010 Converged Enhanced Ethernet Administrator’s Guide 53-1002163-01 Updated for Fabric OS v7.0.
PAGE 4
DRAFT: BROCADE CONFIDENTIAL iv Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 5
DRAFT: BROCADE CONFIDENTIAL Contents About This Document In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvii How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvii Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . xviii What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 6
DRAFT: BROCADE CONFIDENTIAL FCoE Initialization Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 FIP discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 FIP login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 FIP logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 FCoE login. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 7
DRAFT: BROCADE CONFIDENTIAL Managing the FCoE configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 FCoE configuration guidelines and restrictions . . . . . . . . . . . . . 25 Clearing logins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 Displaying FCoE configuration-related information . . . . . . . . . . 26 Configuring the FCoE login information . . . . . . . . . . . . . . . . . . . . . . . 26 Enabling or disabling login configuration management . . . .
PAGE 8
DRAFT: BROCADE CONFIDENTIAL VLAN configuration and management. . . . . . . . . . . . . . . . . . . . . . . . 48 Enabling and disabling an interface port . . . . . . . . . . . . . . . . . . 48 Configuring the MTU on an interface port . . . . . . . . . . . . . . . . . 48 Creating a VLAN interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 Enabling STP on a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49 Disabling STP on a VLAN . . . . . . . . . . . . . . . . . . . .
PAGE 9
DRAFT: BROCADE CONFIDENTIAL STP, RSTP, and MSTP configuration and management . . . . . . . . . . 64 Enabling STP, RSTP, or MSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . 64 Disabling STP, RSTP, or MSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Shutting down STP, RSTP, or MSTP globally . . . . . . . . . . . . . . . . 65 Specifying the bridge priority. . . . . . . . . . . . . . . . . . . . . . . . . . . . 65 Specifying the bridge forward delay . . . . . . . . . . . . . . . . . . .
PAGE 10
DRAFT: BROCADE CONFIDENTIAL LACP configuration and management . . . . . . . . . . . . . . . . . . . . . . . . 83 Enabling LACP on an CEE interface . . . . . . . . . . . . . . . . . . . . . . 83 Enabling LACP on an interface in Layer 2 mode . . . . . . . . . . . . 84 Configuring the LACP system priority . . . . . . . . . . . . . . . . . . . . . 84 Configuring the LACP timeout period on a CEE interface . . . . . 84 Clearing LACP counter statistics on a LAG . . . . . . . . . . . . . . . . .
PAGE 11
DRAFT: BROCADE CONFIDENTIAL QoS overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 Rewriting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108 Queueing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108 User-priority mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108 Traffic class mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 12
DRAFT: BROCADE CONFIDENTIAL RMON overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131 RMON configuration and management. . . . . . . . . . . . . . . . . . . . . .131 Default RMON configuration . . . . . . . . . . . . . . . . . . . . . . . . . . .131 Configuring RMON group statistics collection . . . . . . . . . . . . .131 Configuring RMON settings . . . . . . . . . . . . . . . . . . . . . . . . . . . .132 Configuring RMON events . . . . . . . . . . . . . . . . . . .
PAGE 13
DRAFT: BROCADE CONFIDENTIAL Figures Figure 1 Multiple switch fabric configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Figure 2 CEE CLI command mode hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 Figure 3 Deploying FCoE across multiple hops of FC ISLs . . . . . . . . . . . . . . . . . . . . . . . . 32 Figure 4 Ingress VLAN filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 14
DRAFT: BROCADE CONFIDENTIAL xiv Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 15
DRAFT: BROCADE CONFIDENTIAL Tables Table 1 Command syntax conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix Table 2 FCoE terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Table 3 CEE RBAC permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14 Table 4 CEE CLI command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 16
DRAFT: BROCADE CONFIDENTIAL xvi Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 17
DRAFT: BROCADE CONFIDENTIAL About This Document In this chapter • How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii • Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii • What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii • Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 18
DRAFT: BROCADE CONFIDENTIAL • Chapter 12, “Configuring 802.1x Port Authentication,”describes how to configure the 802.1x Port Authentication protocol. • Chapter 13, “Configuring IGMP,” describes how to configure IGMP snooping on the Brocade FCoE hardware. • Chapter 14, “Configuring RMON,” describes how to configure remote monitoring (RMON). Supported hardware and software This document includes updated information specific to Fabric OS v7.0.0.
PAGE 19
DRAFT: BROCADE CONFIDENTIAL Document conventions This section describes text formatting conventions and important notice formats used in this document.
PAGE 20
DRAFT: BROCADE CONFIDENTIAL NOTE A note provides a tip, guidance, or advice, emphasizes important information, or provides a reference to related information. ATTENTION An Attention statement indicates potential damage to hardware or data. CAUTION A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data.
PAGE 21
DRAFT: BROCADE CONFIDENTIAL Brocade resources To get up-to-the-minute information, go to http://my.brocade.com and register at no cost for a user ID and password. White papers, online demonstrations, and data sheets are available through the Brocade website at: http://www.brocade.com/products-solutions/products/index.page For additional Brocade documentation, visit the Brocade website: http://www.brocade.
PAGE 22
DRAFT: BROCADE CONFIDENTIAL 2. Switch Serial Number The switch serial number and corresponding bar code are provided on the serial number label, as illustrated below: *FT00X0054E9* FT00X0054E9 The serial number label is located as follows: • Brocade 8000 —On the switch ID pull-out tab located inside the chassis on the port side on the left 3. World Wide Name (WWN) Use the licenseIdShow command to display the WWN of the chassis.
PAGE 23
DRAFT: BROCADE CONFIDENTIAL Chapter 1 Introducing FCoE In this chapter • FCoE terminology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 • FCoE overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 • Layer 2 Ethernet overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 • FCoE Initialization Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 24
DRAFT: BROCADE CONFIDENTIAL 1 FCoE overview FCoE provides a method of encapsulating the Fibre Channel (FC) traffic over a physical Ethernet link. FCoE frames use a unique EtherType that enables FCoE traffic and standard Ethernet traffic to be carried on the same link. FC frames are encapsulated in an Ethernet frame and sent from one FCoE-aware device across an Ethernet network to a second FCoE-aware device.
PAGE 25
DRAFT: BROCADE CONFIDENTIAL Layer 2 Ethernet overview 1 Layer 2 Ethernet overview The Brocade FCoE hardware contain CEE ports that support FCoE forwarding. The CEE ports are also backwards compatible and support classic Layer 2 Ethernet networks (see Figure 1). In Layer 2 Ethernet operation, a host with a Converged Network Adapter (CNA) can be directly attached to a CEE port on the Brocade FCoE hardware.
PAGE 26
DRAFT: BROCADE CONFIDENTIAL 1 Layer 2 Ethernet overview • If the Ethernet Frame Check Sequence (FCS) is incorrect, because the switch is in cut-through mode, a correctly formatted Ethernet frame is sent out with an incorrect FCS. • If the Ethernet frame is too short, the frame is discarded and the error counter is incremented. • If the Ethernet frame is too long, the frame is discarded and the error counter is incremented.
PAGE 27
DRAFT: BROCADE CONFIDENTIAL Layer 2 Ethernet overview 1 Using MSTP, you can create multiple loop-free active topologies on a single physical topology. These loop-free topologies are mapped to a set of configurable VLANs. This enables you to better utilize the physical resources present in the network and achieve better load balancing of VLAN traffic. For detailed information on configuring these protocols, see “Configuring STP, RSTP, and MSTP” on page 57.
PAGE 28
DRAFT: BROCADE CONFIDENTIAL 1 Layer 2 Ethernet overview Queuing features are described as follows: • RED—RED increases link utilization. When multiple inbound traffic streams are switched to the same outbound port, and some traffic streams send small frames while other traffic streams send large frames, link utilization will not be able to reach 100 percent. When RED is enabled, link utilization approaches 100 percent. • Classification—Setting user priority.
PAGE 29
DRAFT: BROCADE CONFIDENTIAL 1 Layer 2 Ethernet overview When setting the scheduling policy, each priority group that is using DWRR scheduling can be set to use a percentage of the total bandwidth by setting the PG_Percentage parameter. For detailed information on configuring QoS, see “Configuring QoS” on page 107. Access control Access Control Lists (ACLs) are used for Layer 2 switching security. Standard ACLs inspect the source address for the inbound ports.
PAGE 30
DRAFT: BROCADE CONFIDENTIAL 1 FCoE Initialization Protocol NOTE The Brocade software supports a maximum 24 LAG interfaces. Flow Control 802.3x Ethernet pause and Ethernet Priority-based Flow Control (PFC) are used to prevent dropped frames by slowing traffic at the source end of a link. When a port on a switch or host is not ready to receive more traffic from the source, perhaps due to congestion, it sends pause frames to the source to pause the traffic flow.
PAGE 31
DRAFT: BROCADE CONFIDENTIAL FCoE Initialization Protocol 1 NOTE In the fabric-provided MAC address format, VN_port MAC addresses are based on a 24-bit fabric-supplied value. The first three bytes of this value is referred to as the FCMAP. The next three bytes are the FC ID, which is assigned by the switch when the ENode logs in to the switch. FIP login FIP login operates as follows: • ENodes can log in to the Brocade FCoE hardware using FIP.
PAGE 32
DRAFT: BROCADE CONFIDENTIAL 1 FCoE Initialization Protocol FCoE login The Brocade FCoE hardware FCoE login operates as follows: • ENodes can log in to the Brocade FCoE hardware using FCoE encapsulated, FC Extended Link Service (ELS) frames. FLOGI and FDISC are accepted. Brocade FCoE hardware in the fabric maintains the MAC address to WWN/PID mappings per login. Class 2 FLOGI is not supported. • FCoE FLOGI—The Brocade FCoE hardware accepts FCoE FLOGI from the ENode.
PAGE 33
DRAFT: BROCADE CONFIDENTIAL 1 FCoE Initialization Protocol • Commit and abort—Defined logingroup changes can be aborted with no effect on existing sessions. The Brocade FCoE hardware does not apply the configurations to new sessions until the changes are committed. Once defined, logingroups are committed. The Brocade FCoE hardware immediately uses the new configuration. • No traffic disruption—Changing the logingroup without committing the changes does not affect existing sessions.
PAGE 34
DRAFT: BROCADE CONFIDENTIAL 1 FCoE queuing NOTE When transmitting an RSCN, zoning rules still apply for FCoE devices as the devices are treated as regular FC N_ports. • VF_port RSCN—An RSCN is generated to all registered members when a VF_port goes online or offline, causing ENode or FC devices to be added or removed. • Domain RSCN—An RSCN is generated to all registered and affected members when an FC switch port goes online or offline, causing ENode or FC devices to be added or removed.
PAGE 35
DRAFT: BROCADE CONFIDENTIAL Chapter Using the CEE CLI 2 In this chapter • Management Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 • CEE Command Line Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 Management Tools The Brocade FCoE hardware runs traditional Fabric OS software and can be managed using the same tools traditionally used for SAN management.
PAGE 36
DRAFT: BROCADE CONFIDENTIAL 2 CEE Command Line Interface NOTE The CEE configuration is not affected by configUpload and configDownload commands entered in the Fabric OS shell. Saving your configuration changes Any configuration changes made to the switch are written into the running-config file. This is a dynamic file that is lost when the switch reboots. During the boot sequence, the switch resets all configuration settings to the values in the startup-config file.
PAGE 37
DRAFT: BROCADE CONFIDENTIAL CEE Command Line Interface 2 NOTE While this example uses the admin role to log in to the switch, any role listed in the “CEE CLI RBAC permissions” section can be used. switch login: admin Password: switch:admin> cmsh switch# To return to the Fabric OS CLI, enter the following command. switch#exit switch:admin> NOTE Multiple users can use Telnet and issue commands using EXEC mode and privileged EXEC mode.
PAGE 38
DRAFT: BROCADE CONFIDENTIAL 2 CEE Command Line Interface NOTE At system startup, if you try to enter privileged EXEC mode before the system has fully booted, the following message is displayed: %Info: Please wait. System configuration is being loaded. After the system has fully booted, a RASlog message indicates that the CEE CLI is ready to accept configuration commands.
PAGE 39
DRAFT: BROCADE CONFIDENTIAL CEE Command Line Interface TABLE 4 2 CEE CLI command modes (Continued) Command mode Prompt How to access the command mode Description Feature configuration CEE map: switch(config-ceemap)# From the global configuration mode, specify a CEE feature by entering one of the following commands: • cee-map • mac access-list Access and configure CEE features.
PAGE 40
DRAFT: BROCADE CONFIDENTIAL 2 CEE Command Line Interface NOTE In EXEC and privileged EXEC modes, use the show history command to list the commands most recently entered. The switch retains the history of the last 1000 commands entered. Using the do command as a shortcut You can use the do command to save time when you are working in any configuration mode and you want to run a command in EXEC or privileged EXEC mode.
PAGE 41
DRAFT: BROCADE CONFIDENTIAL CEE Command Line Interface 2 If the question mark (?) is typed within an incomplete keyword but the keyword matches several keywords, the CLI displays help for all the matching keywords. switch#show i? interface Interface status and configuration ip Internet Protocol (IP) The CEE CLI accepts abbreviations for commands. The following example is the abbreviation for the show qos interface all command.
PAGE 42
DRAFT: BROCADE CONFIDENTIAL 2 CEE Command Line Interface TABLE 6 20 CEE CLI command output modifiers (Continued) Output modifier Description last Displays only the last few lines of the command output. tee Redirects the command output to the specified file. Note that this modifier also displays the command output. FLASH Redirects the output to flash memory.
PAGE 43
DRAFT: BROCADE CONFIDENTIAL Chapter Configuration management 3 In this chapter • Configuration management tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 • Flash file management commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 • Debugging and logging commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Configuration management tasks This chapter describes the typical configuration management tasks you may encounter.
PAGE 44
DRAFT: BROCADE CONFIDENTIAL 3 Configuration management tasks Display the running configuration file To display the running configuration, perform the following task from EXEC or privileged EXEC mode. Enter the show running-config command. switch#show running-config Saving the running configuration file This tasks causes the running configuration to become the default configuration. To save the running configuration, perform the following task from privileged EXEC mode.
PAGE 45
DRAFT: BROCADE CONFIDENTIAL 3 Flash file management commands Archiving the startup configuration file This tasks allows you to archive the startup configuration to an archive folder on an FTP site. To archive the startup configuration, perform the following task from privileged EXEC mode. Enter the copy command to archive the startup configuration file. switch#copy startup-config ftp://jsmith:password@10.24.48.
PAGE 46
DRAFT: BROCADE CONFIDENTIAL 3 Debugging and logging commands The tasks listed in Table 8 are performed from privileged EXEC mode. TABLE 8 Debugging and logging commands Task Command Display debugging information for CEE components. switch#show debug Display logging information for CEE components. switch#show logging Display the collection of information needed for technical support.
PAGE 47
DRAFT: BROCADE CONFIDENTIAL Chapter FCoE Configuration Management 4 In this chapter • Managing the FCoE configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 • Configuring the FCoE login information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26 • Creating an FCoE login group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 48
DRAFT: BROCADE CONFIDENTIAL 4 Configuring the FCoE login information Clearing logins Perform the following task to clear logins. Task Command Clear the logins that occurred through a front-end port or from a device specified by the ENode's VN_port WWN. Syntax is as follows: • -teport slot/port—Specifies the slot or port number. • -device wwn—Specifies the device WWN.
PAGE 49
DRAFT: BROCADE CONFIDENTIAL Configuring the FCoE login information 4 Managing the current configuration transaction NOTE The configuration changes created using the fcoelogingroup command are kept in a transaction buffer until you save the buffer using the fabric-wide fcoelogincfg--save command. The login configuration is saved as a transaction, and to apply it you need to specifically save it. Perform one of the following tasks to either display or abort the current configuration transaction.
PAGE 50
DRAFT: BROCADE CONFIDENTIAL 4 Creating an FCoE login group Saving the current FCoE configuration Perform the following task to save the current FCoE configuration. Task Command Save the current FCoE login configuration as the effective configuration fabric-wide. switch:admin> fcoelogincfg --save Creating an FCoE login group The FCoE login group enables you to configure login policies. Perform the following task to create an FCoE login group.
PAGE 51
DRAFT: BROCADE CONFIDENTIAL Creating an FCoE login group 4 Modifying the FCoE login group device list Perform the following tasks to add or remove VN_port devices from the FCoE login group. Task Command Add VN_port devices to the FCoE login group. Syntax is as follows: • lgname—Specify the name of the login group to which VN_port devices are to be added. switch:admin> fcoelogingroup --add lgname member; member; .... • member—Identify the WWN of the VN_port.
PAGE 52
DRAFT: BROCADE CONFIDENTIAL 4 30 Creating an FCoE login group Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 53
DRAFT: BROCADE CONFIDENTIAL Chapter 5 Initial FCoE and CEE Configuration In this chapter • Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • End to End FCoE using FC ISLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • High availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring the FCoE interfaces . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 54
DRAFT: BROCADE CONFIDENTIAL 5 End to End FCoE using FC ISLs The following diagram shows a deployment scenario where FCoE initiators are connected to FCoE and FC targets across multiple hops of FC ISLs.
PAGE 55
DRAFT: BROCADE CONFIDENTIAL 5 High availability On an FCOE10-24 this mapping is as follows, assuming that the FCOE10-24 blade is in slot 4: • FCoE port 4/0 maps to TE port 4/0 • FCoE port 4/1 maps to TE port 4/1 • FCoE port 4/23 maps to TE port 4/23 High availability Fabric OS v7.0.0 ensures high availability of FCoE storage traffic going through FCOE10-24 blades on the DCX and DCX-4S platforms.
PAGE 56
DRAFT: BROCADE CONFIDENTIAL 5 High availability Every configuration is either fully committed or not, but never “half-complete.” If you had started executing the copy startup running command, it will be resumed after failover before any new CLI is allowed to be executed. High availability reference This section contains reference tables for high availability.
PAGE 57
DRAFT: BROCADE CONFIDENTIAL Configuring the FCoE interfaces TABLE 10 5 State preservation during CP failover (Continued) Operation, data, or state Expected behavior RMON – Alarms and other configuration This item is preserved during failover. However, alarms timers are restarted upon HA failover. Login, FCMAP, FIP, or VLAN configuration This item is preserved during failover. MIB objects and tables This item is preserved during failover.
PAGE 58
DRAFT: BROCADE CONFIDENTIAL 5 Configuring the FCoE VLAN VLAN 1002 is reserved for FCoE VLAN. If VLAN 1002 is already assigned as a LAN VLAN, it is automatically recreated as the FCoE VLAN while creating the default fcoe-map. The FCoE VLAN can be created in the FCoE map configuration mode as well. The fcoe-vlan command creates the FCoE VLAN if the corresponding VLAN does not exist in the system. If a VLAN already exists with the same VLAN ID, then the command fails.
PAGE 59
DRAFT: BROCADE CONFIDENTIAL 5 Configuring DCBX 2. Apply the current FCoE profile map to the interface using the fcoeport command. switch(conf-if-te-0/0)# fcoeport 3. Return to the privileged EXEC mode using the end command. switch(conf-if-te-0/0)#end 4. Confirm the changes to the interface with the show running-config command. switch#show running-config interface tengigabitethernet 0/0 interface TenGigabitEthernet 0/0 fcoeport shutdown 5.
PAGE 60
DRAFT: BROCADE CONFIDENTIAL 5 Configuring Spanning Tree Protocol Configuring Spanning Tree Protocol Spanning Tree Protocol (STP) is a mechanism to detect and avoid loops in Ethernet networks by establishing a fixed path between all the switches in a LAN. The Brocade FCoE hardware supports three spanning tree variations: standard Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP).
PAGE 61
DRAFT: BROCADE CONFIDENTIAL CEE map configuration 5 To configure VLAN membership, perform the following steps in global configuration mode. 1. Create the VLAN interfaces on the Brocade FCoE hardware using the CEE CLI. For details, see “Creating a VLAN interface”. The following example creates two VLAN interfaces and assigns each one to a server group.
PAGE 62
DRAFT: BROCADE CONFIDENTIAL 5 CEE map configuration TABLE 11 Default CEE Priority Group Table configuration (Continued) PGID Bandwidth% PFC 0 0 N 1 0 N 2 0 N 3 0 N 4 0 N 5 0 N 6 0 N 7 0 N Strict Priority versus DWRR is derived directly from the PGID value. All PGIDs with prefix 15 receive the Strict Priority scheduling policy and all PGIDs in the range 0 through 7 receive the DWRR scheduling policy.
PAGE 63
DRAFT: BROCADE CONFIDENTIAL CEE map configuration 5 4. Define the CEE map for PGID 1. switch(config-ceemap)#priority-group-table 1 weight 50 5. Enter the copy command to save the running-config file to the startup-config file. switch(config)#do copy running-config startup-config Defining a Priority-Table map To define a Priority Table map, perform the following steps in privileged EXEC mode. 1. Enter global configuration mode. switch#configure terminal 2. Activate the CEE map mode.
PAGE 64
DRAFT: BROCADE CONFIDENTIAL 5 CEE audit logs CEE audit logs The CEE audit logs record all changes made by authorized users. This information is always present, irrespective of the configuring entity. Because redundant configuration is not recorded, only configuration changes that have resulted in some change in the running-config file on the system are logged. In addition to configuration commands, the copy and clear commands, which alter the system state, are logged.
PAGE 65
DRAFT: BROCADE CONFIDENTIAL CEE audit logs 5 4. Review the DCE audit logs using the show accounting logs command.
PAGE 66
DRAFT: BROCADE CONFIDENTIAL 5 44 CEE audit logs Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 67
DRAFT: BROCADE CONFIDENTIAL Chapter 6 Configuring VLANs In this chapter • VLAN overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Ingress VLAN filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • VLAN configuration guidelines and restrictions . . . . . . . . . . . . . . . . . . . . . . • Default VLAN configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 68
DRAFT: BROCADE CONFIDENTIAL 6 Ingress VLAN filtering • Admit VLAN tagged and untagged frames—All tagged and untagged frames would be processed as follows: - All untagged frames are classified into native VLANs. - For ingress and egress, non-native VLAN tagged frames are processed according to the allowed VLAN user specifications. This is called converged mode. All frames egressing are untagged for the native VLANs.
PAGE 69
DRAFT: BROCADE CONFIDENTIAL 6 VLAN configuration guidelines and restrictions Additionally, there are important facts you should know about the VLAN FDB: • The VLAN FDB contains information that helps determine the forwarding of an arriving frame based on MAC address and VLAN ID data. The FDB contains both statically configured data and dynamic data that is learned by the switch. • The dynamic updating of FDB entries using learning is supported (if the port state permits).
PAGE 70
DRAFT: BROCADE CONFIDENTIAL 6 VLAN configuration and management VLAN configuration and management NOTE You need to enter either the copy running-config startup-config command or the write memory command to save your configuration changes to Flash so that they are not lost if there is a system reload or power outage. Enabling and disabling an interface port CEE interfaces do not support auto-negotiation of Ethernet link speeds. The CEE interfaces only support 10-Gigabit Ethernet.
PAGE 71
DRAFT: BROCADE CONFIDENTIAL VLAN configuration and management 6 To create a VLAN interface, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the interface vlan command to assign the VLAN interface number.
PAGE 72
DRAFT: BROCADE CONFIDENTIAL 6 VLAN configuration and management Configuring an interface port as a Layer 2 switch port To configure the interface as a Layer 2 switch port, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the interface command to specify the CEE interface type and slot/port number. switch(config)#interface tengigabitethernet 0/1 3. Enter the no shutdown command to enable the CEE interface. 4.
PAGE 73
DRAFT: BROCADE CONFIDENTIAL VLAN configuration and management 6 switch(conf-if-te-0/19)#switchport mode trunk 5. Specify whether all, one, or none of the VLAN interfaces are allowed to transmit and receive through the CEE interface. Enter the following command that is appropriate for your needs.
PAGE 74
DRAFT: BROCADE CONFIDENTIAL 6 Configuring protocol-based VLAN classifier rules 6. Enter the switchport converged allowed vlan add vlan_id command to give access to individual VLANs.
PAGE 75
DRAFT: BROCADE CONFIDENTIAL 6 Configuring protocol-based VLAN classifier rules NOTE FCoE Initialization Protocol (FIP) and FCoE cannot be manually configured in VLAN classifier rules. They are part of the fcoeport interface configuration and are applied automatically when an interface is configured as fcoeport. For complete information on all available VLAN classifier rule options, see the Converged Enhanced Ethernet Command Reference.
PAGE 76
DRAFT: BROCADE CONFIDENTIAL 6 Configuring the MAC address table Activating a VLAN classifier group with an interface port To associate a VLAN classifier group with an interface port, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the interface command to specify the CEE interface type and slot/port number. switch(config)#interface tengigabitethernet 0/10 3.
PAGE 77
DRAFT: BROCADE CONFIDENTIAL Configuring the MAC address table 6 Specifying or disabling the aging time for MAC addresses You can set the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated. Static address entries are never aged or removed from the table. You can also disable the aging time. The default is 300 seconds. NOTE To disable the aging time for MAC addresses, enter an aging time value of 0.
PAGE 78
DRAFT: BROCADE CONFIDENTIAL 6 56 Configuring the MAC address table Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 79
DRAFT: BROCADE CONFIDENTIAL Chapter 7 Configuring STP, RSTP, and MSTP In this chapter • STP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • RSTP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • MSTP overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • STP, RSTP, and MSTP configuration guidelines and restrictions . . . . . . . .
PAGE 80
DRAFT: BROCADE CONFIDENTIAL 7 STP overview • Disabled—The interface is not participating in spanning tree because of a shutdown port, no link on the port, or no spanning tree instance running on the port. A port participating in spanning tree moves through these states: • • • • • From initialization to blocking state. From blocking to listening or disabled state. From listening to learning, blocking, or disabled state. From learning to forwarding, blocking, or disabled state.
PAGE 81
DRAFT: BROCADE CONFIDENTIAL 7 RSTP overview This does not apply to ports connected to workstations or PCs; these ports remain in the forwarding state. 5. Enter the copy command to save the running-config file to the startup-config file. When the spanning tree topology is completed, the network switches send and receive data only on the ports that are part of the spanning tree. Ports that receive superior BPDUs are automatically place in blocking mode.
PAGE 82
DRAFT: BROCADE CONFIDENTIAL 7 RSTP overview With RSTP, the port roles for the new interface states are also different. RSTP differentiates explicitly between the state of the port and the role it plays in the topology.
PAGE 83
DRAFT: BROCADE CONFIDENTIAL 7 MSTP overview switch(conf-rstp)#hello-time 5 10. Set the method for flushing mac-addresses in FDB, either according to the IEEE standard or the propriety standard. For details, see “Flushing MAC addresses (RSTP and MSTP)” on page 71. switch(config)#spanning-tree tc-flush-standard 11. Enable PortFast on switch ports using the spanning-tree edgeport command. For details, see “Enabling port fast (STP)” on page 75. Note that this step is optional.
PAGE 84
DRAFT: BROCADE CONFIDENTIAL 7 MSTP overview NOTE Brocade supports 15 MSTP instances and one MSTP region. MSTP introduces a hierarchical way of managing switch domains using regions. Switches that share common MSTP configuration attributes belong to a region. The MSTP configuration determines the MSTP region where each switch resides.
PAGE 85
DRAFT: BROCADE CONFIDENTIAL 7 STP, RSTP, and MSTP configuration guidelines and restrictions For more information on MSTP, see “STP, RSTP, and MSTP configuration and management” on page 64. STP, RSTP, and MSTP configuration guidelines and restrictions Follow these configuration guidelines and restrictions when configuring STP, RSTP, and MSTP: • You have to disable one form of xSTP before enabling another.
PAGE 86
DRAFT: BROCADE CONFIDENTIAL 7 STP, RSTP, and MSTP configuration and management Table 17 lists the switch defaults that apply only to MSTP configurations. TABLE 17 Default MSTP configuration Parameter Default setting Cisco interoperability Disabled Switch priority (when mapping a VLAN to an MSTP instance) 32768 Maximum hops 20 hops Revision number 0 Table 18 lists the switch defaults for the 10-Gigabit Ethernet CEE interface-specific configuration.
PAGE 87
DRAFT: BROCADE CONFIDENTIAL STP, RSTP, and MSTP configuration and management 7 switch(config)#protocol spanning-tree rstp Disabling STP, RSTP, or MSTP NOTE Using the no protocol spanning-tree command deletes the context and all the configurations defined within the context or protocol for the interface, unless the spanning treeis explicity shutdown on the interface by the spanning-tree shutdown command. To disable STP, RSTP, or MSTP, perform the following steps from privileged EXEC mode.
PAGE 88
DRAFT: BROCADE CONFIDENTIAL 7 STP, RSTP, and MSTP configuration and management 1. Enter the configure terminal command to access global configuration mode. 2. Enter the protocol command to enable STP, RSTP, or MSTP. switch(config)#protocol spanning-tree rstp 3. Specify the bridge priority. The range is 0 through 61440 and the priority values can be set only in increments of 4096. The default priority is 32678.
PAGE 89
DRAFT: BROCADE CONFIDENTIAL 7 STP, RSTP, and MSTP configuration and management To specify the bridge maximum aging time, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the protocol command to enable STP, RSTP, or MSTP. switch(config)#protocol spanning-tree stp 3. Specify the bridge maximum aging time.
PAGE 90
DRAFT: BROCADE CONFIDENTIAL 7 STP, RSTP, and MSTP configuration and management NOTE For the chosen path-cost method to be activated, it should either be configured prior to creation of all port-channels or the existing port-channels must be disabled or enabled. To specify the port-channel path cost, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the protocol command to enable STP, RSTP, or MSTP.
PAGE 91
DRAFT: BROCADE CONFIDENTIAL 7 STP, RSTP, and MSTP configuration and management Enabling Cisco interoperability (MSTP) In MSTP mode, use this command to enable or disable the ability of the Brocade FCoE hardware to interoperate with certain legacy Cisco switches. If Cisco interoperability is required on any switch in the network, then all switches in the network must be compatible, and therefore enabled using this command. The default is Cisco interoperability is disabled.
PAGE 92
DRAFT: BROCADE CONFIDENTIAL 7 STP, RSTP, and MSTP configuration and management Specifying the maximum number of hops for a BPDU (MSTP) In MSTP mode, use this command to configure the maximum number of hops for a BPDU in an MSTP region. Specifying the maximum hops for a BPDU prevents the messages from looping indefinitely on the interface. When you change the number of hops, it affects all spanning tree instances. The range is 1 through 40. The default is 20 hops.
PAGE 93
DRAFT: BROCADE CONFIDENTIAL STP, RSTP, and MSTP configuration and management 7 Flushing MAC addresses (RSTP and MSTP) For RSTP and MSTP, use this command to flush the MAC addresses from the VLAN filtering database (FDB). The VLAN FDB determines the forwarding of an incoming frame. The VLAN FDB contains information that helps determine the forwarding of an arriving frame based on MAC address and VLAN ID data (see “VLAN configuration guidelines and restrictions” on page 47).
PAGE 94
DRAFT: BROCADE CONFIDENTIAL 7 Configuring STP, RSTP, or MSTP on CEE interface ports To restart the protocol migration process, perform the following tasks from privileged EXEC mode. 1.
PAGE 95
DRAFT: BROCADE CONFIDENTIAL 7 Configuring STP, RSTP, or MSTP on CEE interface ports To configure the path cost for spanning tree calculations on the CEE interface, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the interface command to specify the CEE interface type and slot/port number. switch(config)#interface tengigabitethernet 0/1 3. Enter the no shutdown command to enable the CEE interface. 4.
PAGE 96
DRAFT: BROCADE CONFIDENTIAL 7 Configuring STP, RSTP, or MSTP on CEE interface ports Guard root protects the root bridge from malicious attacks and unintentional misconfigurations where a bridge device that is not intended to be the root bridge becomes the root bridge. This causes severe bottlenecks in the data path. Guard root ensures that the port on which it is enabled is a designated port. If the guard root-enabled port receives a superior BPDU, it goes to a discarding state.
PAGE 97
DRAFT: BROCADE CONFIDENTIAL 7 Configuring STP, RSTP, or MSTP on CEE interface ports 4. Enter the spanning-tree command to specify the restrictions for an MSTP instance on a CEE interface. switch(conf-if-te-0/1)#spanning-tree instance 1 restricted-role switch(conf-if-te-0/1)#spanning-tree instance 1 restricted-tcn Specifying a link type From the CEE interface, use this command to specify a link type. Specifying the point-to-point keyword enables rapid spanning tree transitions to the forwarding state.
PAGE 98
DRAFT: BROCADE CONFIDENTIAL 7 Configuring STP, RSTP, or MSTP on CEE interface ports To specify the port priority on the CEE interface, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the interface command to specify the CEE interface type and slot/port number. switch(config)#interface tengigabitethernet 0/1 3. Enter the no shutdown command to enable the CEE interface. 4.
PAGE 99
DRAFT: BROCADE CONFIDENTIAL Configuring STP, RSTP, or MSTP on CEE interface ports 7 To enable spanning tree on the CEE interface, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the interface command to specify the CEE interface type and slot/port number. switch(config)#interface tengigabitethernet 0/1 3. Enter the no shutdown command to enable the CEE interface. 4.
PAGE 100
DRAFT: BROCADE CONFIDENTIAL 7 78 Configuring STP, RSTP, or MSTP on CEE interface ports Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 101
DRAFT: BROCADE CONFIDENTIAL Chapter 8 Configuring Link Aggregation In this chapter • Link aggregation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • LACP configuration guidelines and restrictions. . . . . . . . . . . . . . . . . . . . . . . • Default LACP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • LACP configuration and management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 102
DRAFT: BROCADE CONFIDENTIAL 8 Link aggregation overview On each port, link aggregation control: • • • • Maintains configuration information to control port aggregation. Exchanges configuration information with other devices to form LAGs. Attaches ports to and detaches ports from the aggregator when they join or leave a LAG. Enables or disables an aggregator’s frame collection and distribution functions.
PAGE 103
DRAFT: BROCADE CONFIDENTIAL Link aggregation overview 8 The Brocade 8000 switch interoperates with all of the major Layer 2/Layer 3 aggregation routers including Foundry Networks, Cisco Systems, and Force10 Networks.
PAGE 104
DRAFT: BROCADE CONFIDENTIAL 8 Link aggregation overview Link Aggregation Control Protocol Link Aggregation Control Protocol (LACP) is an IEEE 802.3ad standards-based protocol that allows two partner systems to dynamically negotiate attributes of physical links between them to form logical trunks. LACP determines whether a link can be aggregated into a LAG. If a link can be aggregated into a LAG, LACP puts the link into the LAG. All links in a LAG inherit the same administrative characteristics.
PAGE 105
DRAFT: BROCADE CONFIDENTIAL 8 LACP configuration guidelines and restrictions LAG distribution process The LAG aggregator is associated with the collection and distribution of Ethernet frames. The collection and distribution process is required to guarantee the following: • • • • Inserting and capturing control PDUs. Restricting the traffic of a given conversation to a specific link. Load balancing between individual links. Handling dynamic changes in LAG membership.
PAGE 106
DRAFT: BROCADE CONFIDENTIAL 8 LACP configuration and management To enable LACP on a CEE interface, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the interface command to specify the CEE interface type and slot/port number. switch(config)#interface tengigabitethernet 0/1 3. Enter the no shutdown command to enable the CEE interface. switch(config-if)#no shutdown 4.
PAGE 107
DRAFT: BROCADE CONFIDENTIAL 8 LACP troubleshooting tips To configure the LACP timeout period on a CEE interface, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter the interface command to specify the CEE interface type and slot/port number. switch(config)#interface tengigabitethernet 0/1 3. Enter the no shutdown command to enable the CEE interface. 4. Specify the LACP timeout period for the CEE interface.
PAGE 108
DRAFT: BROCADE CONFIDENTIAL 8 LACP troubleshooting tips • Make sure that LACPDUs are being received and transmitted on both ends of the link and that there are no error PDUs. This can be verified by entering the show lacp counters port-channel-num command and looking at the receive mode (rx) and transmit mode (tx) statistics. The statistics should be incrementing and should not be at zero or a fixed value.
PAGE 109
DRAFT: BROCADE CONFIDENTIAL Chapter 9 Configuring LLDP In this chapter • LLDP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Layer 2 topology mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • DCBX overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • DCBX interaction with other vendor devices . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 110
DRAFT: BROCADE CONFIDENTIAL 9 Layer 2 topology mapping Layer 2 topology mapping The LLDP protocol lets network management systems accurately discover and model Layer 2 network topologies. As LLDP devices transmit and receive advertisements, the devices store information they discover about their neighbors. Advertisement data such as a neighbor's management address, device type, and port identification is useful in determining what neighboring devices are in the network.
PAGE 111
DRAFT: BROCADE CONFIDENTIAL DCBX overview 9 • IEEE 802.1 organizational TLV set. This set provides information to detect mismatched settings between local and remote devices. A trap or event can be reported once a mismatch is detected. This is an optional TLV. This set includes the following TLVs: - Port VLANID TLV—Indicates the port VLAN ID (PVID) that is associated with an untagged or priority tagged data frame received on the VLAN port.
PAGE 112
DRAFT: BROCADE CONFIDENTIAL 9 DCBX overview DCBX uses LLDP to exchange parameters between two link peers; DCBX is built on the LLDP infrastructure for the exchange of information. DCBX-exchanged parameters are packaged into organizationally specific TLVs. The DCBX protocol requires an acknowledgement from the other side of the link, therefore LLDP is turned on in both transmit and receive directions. DCBX requires version number checking for both control TLVs and feature TLVs.
PAGE 113
DRAFT: BROCADE CONFIDENTIAL DCBX interaction with other vendor devices 9 PFC is defined by a one-byte bitmap. Each bit position stands for a user priority. If a bit is set, the flow control is enabled in both directions (Rx and Tx). DCBX interaction with other vendor devices When the Brocade FCoE hardware interacts with other vendor devices, the other vendor devices might not have support for the same DCBX version as the Brocade FCoE hardware.
PAGE 114
DRAFT: BROCADE CONFIDENTIAL 9 LLDP configuration and management TABLE 21 Default LLDP configuration (Continued) Parameter Default setting LLDP transmit Enabled Transmission frequency of LLDP updates 30 seconds Hold time for receiving devices before discarding 120 seconds DCBX-related TLVs to be advertised dcbx-tlv LLDP configuration and management NOTE You need to enter either the copy running-config startup-config command or the write memory command to save your configuration changes to Flas
PAGE 115
DRAFT: BROCADE CONFIDENTIAL LLDP configuration and management 9 Specifying a system name for the Brocade FCoE hardware The global system name for LLDP is useful for differentiating between switches. By default, the “host-name” from the chassis/entity MIB is used. By specifying a descriptive system name, you will find it easier to configure the switch for LLDP. The name used in the system-name command must begin with a letter, and can consist of letters, digits, hyphens, and underscore characters.
PAGE 116
DRAFT: BROCADE CONFIDENTIAL 9 LLDP configuration and management Enabling and disabling the receiving and transmitting of LLDP frames By default both transmit and receive for LLDP frames is enabled. To enable or disable the receiving (rx) and transmitting (tx) of LLDP frames, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2.
PAGE 117
DRAFT: BROCADE CONFIDENTIAL 9 LLDP configuration and management To advertise the optional LLDP TLVs, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2. Enter LLDP configuration mode. switch(config)#protocol lldp 3. Advertise the optional LLDP TLVs.
PAGE 118
DRAFT: BROCADE CONFIDENTIAL 9 LLDP configuration and management 4. Advertise the TLV. switch(conf-lldp)#advertise dcbx-fcoe-app-tlv Configuring iSCSI priority bits The iSCSI priority bit setting is a bitmap setting where each bit position stands for a priority. When you set a bit for a particular priority, that priority setting is applied to the iSCSI traffic (that is, the incoming iSCSI traffic will have that priority). The default value is 4.
PAGE 119
DRAFT: BROCADE CONFIDENTIAL 9 LLDP configuration and management 9. Advertise the LLDP DCBX-related TLVs.
PAGE 120
DRAFT: BROCADE CONFIDENTIAL 9 LLDP configuration and management Configuring LLDP interface-level command options Only one LLDP profile can be assigned to an interface. If you do not use the lldp profile option at the interface level, the global configuration is used on the interface. If there are no global configuration values defined, the global default values are used. To configure LLDP interface-level command options, perform the following steps from privileged EXEC mode. 1.
PAGE 121
DRAFT: BROCADE CONFIDENTIAL LLDP configuration and management 9 switch#show lldp neighbors • Display LLDP neighbor-related detail information. switch#show lldp neighbors detail • Display LLDP interface-related information. switch#show lldp interface tengigabitethernet 0/1 • Display LLDP neighbor-related information for a particular interface. switch#show lldp neighbors interface tengigabitethernet 0/1 detail • Display all LLDP statistics.
PAGE 122
DRAFT: BROCADE CONFIDENTIAL 9 100 LLDP configuration and management Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 123
DRAFT: BROCADE CONFIDENTIAL Chapter 10 Configuring ACLs In this chapter • ACL overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Default ACL configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • ACL configuration guidelines and restrictions . . . . . . . . . . . . . . . . . . . . . . . • ACL configuration and management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 124
DRAFT: BROCADE CONFIDENTIAL 10 Default ACL configuration MAC ACLs are supported on the following interface types: • Physical interfaces • Logical interfaces (LAGs) • VLANs Default ACL configuration Table 22 lists the default ACL configuration. TABLE 22 Default MAC ACL configuration Parameter Default setting MAC ACLs By default, no MAC ACLs are configured.
PAGE 125
DRAFT: BROCADE CONFIDENTIAL ACL configuration and management 10 3. Enter the deny command to create a rule in the MAC ACL to drop traffic with the source MAC address. switch(conf-macl-std)#deny 0022.3333.4444 count 4. Enter the permit command to create a rule in the MAC ACL to permit traffic with the source MAC address. switch(conf-macl-std)#permit 0022.5555.3333 count 5. Use the seq command to create MAC ACL rules in a specific sequence. switch(conf-macl-std)#seq 100 deny 0011.2222.
PAGE 126
DRAFT: BROCADE CONFIDENTIAL 10 ACL configuration and management NOTE Using the permit and deny keywords, you can create many different rules. The examples in this section provide the basic knowledge needed to modify MAC ACLs. NOTE This example assumes that test_02 contains an existing rule number 100 with the “deny any any” options. To modify a MAC ACL, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. 2.
PAGE 127
DRAFT: BROCADE CONFIDENTIAL ACL configuration and management 10 Applying a MAC ACL to a CEE interface Ensure that the ACL that you want to apply exists and is configured to filter traffic in the manner that you need for this CEE interface. An ACL does not take effect until it is expressly applied to an interface using the access-group command. Frames can be filtered as they enter an interface (ingress direction). To apply a MAC ACL to a CEE interface, perform the following steps from privileged EXEC mode.
PAGE 128
DRAFT: BROCADE CONFIDENTIAL 10 106 ACL configuration and management Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 129
DRAFT: BROCADE CONFIDENTIAL Chapter 11 Configuring QoS In this chapter • QoS overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Rewriting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Queueing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Congestion control. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
PAGE 130
DRAFT: BROCADE CONFIDENTIAL 11 Rewriting • Scheduling—When multiple queues are active and contending for output on a common physical port the scheduling algorithm selects the order the queues are serviced. Scheduling algorithms include Strict Priority (SP) and Deficit Weighted Round Robin (DWRR) queueing. The scheduler supports a hybrid policy combining SP and DWRR servicing.
PAGE 131
DRAFT: BROCADE CONFIDENTIAL 11 Queueing Table 23 presents the Layer 2 QoS untrusted user priority generation table.
PAGE 132
DRAFT: BROCADE CONFIDENTIAL 11 Queueing To configure the QoS trust mode, perform the following steps from privileged EXEC mode. 1. Enter global configuration mode. switch#configure terminal 2. Specify the 10-gigabit Ethernet interface. switch(config)#interface tengigabitethernet 0/2 3. Set the interface mode to ‘trust’. switch(conf-if-te-0/2)#qos trust cos 4. Enter the copy command to save the running-config file to the startup-config file.
PAGE 133
DRAFT: BROCADE CONFIDENTIAL Queueing 11 3. Activate or apply changes made to the CoS-to-CoS mutation QoS map name. In this example ‘test’ is used. switch(conf-if-te-0/2)#qos map cos-mutation test 4. Specify the trust mode for incoming traffic. Use this command to specify the interface ingress QoS trust mode, which controls user priority mapping of incoming traffic. The untrusted mode overrides all incoming priority markings with the Interface Default CoS.
PAGE 134
DRAFT: BROCADE CONFIDENTIAL 11 Queueing Multicast traffic Fabric OS v7.0.0supports four multicast traffic classes for isolation and to control servicing for different priorities of application data. Traffic classes are numbered from 0 through 3, with higher values designating higher priority. The traffic class mapping stage provides some flexibility in queue selection. Table 26 presents the Layer 2 default traffic class mapping supported for a COS-based user priority to conform to 802.1Q default mapping.
PAGE 135
DRAFT: BROCADE CONFIDENTIAL Congestion control 11 4. Enter the copy command to save the running-config file to the startup-config file. switch(config)#do copy running-config startup-config Verifying a mapping CoS-to-Traffic-Class To verify a CoS-to-Traffic-Class mapping, perform the following steps from privileged EXEC mode. 1. Enter global configuration mode. switch#configure terminal 2. Verify the CoS-Traffic-Class mapping specifying a name and the mapping.
PAGE 136
DRAFT: BROCADE CONFIDENTIAL 11 Congestion control consume the full buffer memory. Thresholds can also be used to bound the maximum queueing delay for each traffic class. Additionally if the sum of the thresholds for a port is set below 100 percent of the buffer memory, then you can also ensure that a single port does not monopolize the entire shared memory pool. FIGURE 7 Queue depth The tail drop algorithm can be extended to support per priority drop thresholds.
PAGE 137
DRAFT: BROCADE CONFIDENTIAL 11 Congestion control time, once it completes transmission of any frame in progress. You can use this feature to reduce Ethernet frame losses by using a standardized mechanism. However the Pause mechanism does not have the ability to selectively back pressure data sources multiple hops away, or exert any control per VLAN or per priority, so it is disruptive to all traffic on the link.
PAGE 138
DRAFT: BROCADE CONFIDENTIAL 11 Multicast rate limiting • Both ends of a link must be configured identically for Ethernet Pause or Ethernet Priority Flow Control because they are incompatible. Enabling an Ethernet PFC To enable Ethernet PFC, perform the following steps from privileged EXEC mode. 1. Enter global configuration mode. switch#configure terminal 2. Specify the 10-gigabit Ethernet interface. switch(config)#interface tengigabitethernet 0/2 3. Enable trust mode on the interface.
PAGE 139
DRAFT: BROCADE CONFIDENTIAL Scheduling 11 3. Enter the copy command to save the running-config file to the startup-config file. switch(config)#do copy running-config startup-config Scheduling Scheduling arbitrates among multiple queues waiting to transmit a frame. Fabric OS v7.0.0 supports both Strict Priority (SP) and Deficit Weighted Round Robin (DWRR) scheduling algorithms. Also supported is the flexible selection of the number of traffic classes using SP-to-DWRR.
PAGE 140
DRAFT: BROCADE CONFIDENTIAL 11 Scheduling Deficit Weighted Round Robin (DWRR) is an improved version of WRR. DWRR remembers the excess used when a queue goes over its bandwidth allocation and reduces the queue's bandwidth allocation in the subsequent rounds. This way the actual bandwidth usage is closer to the defined level when compared to WRR. Traffic class scheduling policy The traffic classes are numbered from 0 to 7; higher numbered traffic classes are considered higher priority. Fabric OS v7.0.
PAGE 141
DRAFT: BROCADE CONFIDENTIAL CEE map configuration 11 2. Specify the schedule to use and the traffic class to bandwidth mapping. switch(config)#qos queue scheduler strict-priority 4 dwrr 10 20 30 40 3. Enter the copy command to save the running-config file to the startup-config file. switch(config)#do copy running-config startup-config Multicast queue scheduling The multicast traffic classes are numbered from 0 to 3; higher numbered traffic classes are considered higher priority.
PAGE 142
DRAFT: BROCADE CONFIDENTIAL 11 CEE map configuration CEE Priority Group Table defines each Priority Group ID (PGID) and its scheduling policy (Strict Priority versus DWRR, DWRR weight, relative priority), and partially defines the congestion control (PFC) configuration. There are 16 rows in the CEE Priority Group Table. Table 29 presents the default CEE Priority Group Table configuration. NOTE Only a single CoS can be mapped to a PFC-enabled priority queue.
PAGE 143
DRAFT: BROCADE CONFIDENTIAL 11 CEE map configuration CEE Priority Table defines each CoS mapping to Priority Group, and completes PFC configuration. There are eight rows in the CEE Priority Table. Table 30 details the default CEE Priority Table configuration. TABLE 30 Default CEE priority table CoS PGID 0 15.6 1 15.7 2 15.5 3 15.4 4 15.3 5 15.2 6 15.1 7 15.0 Defining a priority group table To define a priority group table map, perform the following steps from privileged EXEC mode. 1.
PAGE 144
DRAFT: BROCADE CONFIDENTIAL 11 CEE map configuration Applying a CEE provisioning map to an interface To apply a CEE provisioning map, perform the following steps from privileged EXEC mode. 1. Enter global configuration mode. switch#configure terminal 2. Specify the 10-gigabit Ethernet interface. In this example, 0/2 is used. switch(config)#interface tengigabitethernet 0/2 3. Apply the CEE map on the interface. switch(conf-if-te-0/2)#cee default 4.
PAGE 145
DRAFT: BROCADE CONFIDENTIAL Chapter 12 Configuring 802.1x Port Authentication In this chapter • 802.1x protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • 802.1x configuration guidelines and restrictions . . . . . . . . . . . . . . . . . . . . • 802.1x authentication configuration tasks . . . . . . . . . . . . . . . . . . . . . . . . . • Interface-specific administrative tasks for 802.1x . . . . . . . . . . . . . . . . . . . 123 123 124 124 802.
PAGE 146
DRAFT: BROCADE CONFIDENTIAL 12 802.1x authentication configuration tasks 802.1x authentication configuration tasks The tasks in this section describe the common 802.1x operations that you will need to perform. For a complete description of all the available 802.1x CLI commands for the Brocade FCoE hardware, see the Converged Enhanced Ethernet Command Reference.
PAGE 147
DRAFT: BROCADE CONFIDENTIAL Interface-specific administrative tasks for 802.1x 12 2. Use the interface command to select the interface port to modify. switch(config)#interface tengigabitethernet 1/12 3. Use the dot1x authentication command to enable 802.1x authentication. switch(conf-if-te-1/12)#dot1x authentication 4. Enter the copy command to save the running-config file to the startup-config file. switch(conf-if-te-1/12)#do copy running-config startup-config Configuring 802.
PAGE 148
DRAFT: BROCADE CONFIDENTIAL 12 Interface-specific administrative tasks for 802.1x switch(config)#interface tengigabitethernet 1/12 3. Use the no dot1x port-control command to disable 802.1x Authentication. switch(conf-if-te-1/12)#no dot1x authentication 4. Enter the copy command to save the running-config file to the startup-config file.
PAGE 149
DRAFT: BROCADE CONFIDENTIAL Chapter 13 Configuring IGMP In this chapter • About IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring IGMP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring IGMP snooping querier . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Configuring IGMP snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . • Monitoring IGMP .
PAGE 150
DRAFT: BROCADE CONFIDENTIAL 13 Configuring IGMP Multicast routing Multicast routers use IGMP to learn which groups have members on each of their attached physical networks. A multicast router keeps a list of multicast group memberships for each attached network, and a timer for each membership. NOTE “Multicast group memberships” means that at least one member of a multicast group on a given attached network is available.
PAGE 151
DRAFT: BROCADE CONFIDENTIAL 13 Configuring IGMP snooping querier 9. Optional: Activate the IGMP querier functionality with additional features. Configuring IGMP snooping querier If your multicast traffic is not routed because Protocol-Independent Multicast (PIM) and IGMP are not configured, use the IGMP snooping querier in a VLAN. IGMP snooping querier sends out IGMP queries to trigger IGMP responses from switches that wish to receive IP multicast traffic.
PAGE 152
DRAFT: BROCADE CONFIDENTIAL 13 Monitoring IGMP NOTE Use the no ip igmp snooping mrouter command to return to the default setting. 3. Return to global configuration mode. switch(conf-if-vl-25)#exit 4. Configure the mrouter timeout value. switch(config)#ip igmp snooping mrouter-timeout 500 Monitoring IGMP Monitoring the performance of your IGMP traffic allows you to diagnose any potential issues on your switch.
PAGE 153
DRAFT: BROCADE CONFIDENTIAL Chapter Configuring RMON 14 In this chapter • RMON overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 • RMON configuration and management . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131 RMON overview Remote monitoring (RMON) is an Internet Engineering Task Force (IETF) standard monitoring specification that allows various network agents and console systems to exchange network monitoring data.
PAGE 154
DRAFT: BROCADE CONFIDENTIAL 14 RMON configuration and management • Broadcast packets • Multicast packets • CRC errors To collect RMON group statistics on an interface and enable collection history, perform the following steps from privileged EXEC mode. 1. Enter the configure terminal command to access global configuration mode. switch#configure terminal 2. Enter the interface command to specify the CEE interface type and slot/port number. switch(config)#interface tengigabitethernet 0/1 3.
PAGE 155
DRAFT: BROCADE CONFIDENTIAL RMON configuration and management 14 2. Configure the RMON event. switch(config)#rmon event 27 description Rising_Threshold log owner john_smith trap syslog 3. Enter the copy command to save the running-config file to the startup-config file. switch(config)#do copy running-config startup-config Configuring RMON history collection The RMON collection history command collects the periodic statistical samples of RMON group statistics on an interface for later retrieval.
PAGE 156
DRAFT: BROCADE CONFIDENTIAL 14 134 RMON configuration and management Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 157
Appendix Brocade 8000 Replacement A It is important that the new Brocade 8000 has the identical setup to the original Brocade 8000. This process updates the firmware and configuration files on the new Brocade 8000 to match the original Brocade 8000, then you move the data cables from the original switch to the new switch. Refer to the CEE Command Reference and Fabric OS Command Reference for complete information on the commands referenced in this procedure.
PAGE 158
A Brocade 8000 Replacement IPv6 Gateways: new_switch:admin> ipaddrset Ethernet IP Address [10.77.77.77]: 10.24.51.25 Ethernet Subnetmask [255.255.255.0]:255.255.252.0 Gateway IP Address [10.77.77.1]:10.24.48.1 DHCP [Off]: 4. Use the chassisname command to learn the chassis name of the original switch. original_switch:admin> chassisname ESNSVT_8000 5. Use the chassisname command to set the chassis name on the new switch to match that of the original switch.
PAGE 159
A Brocade 8000 Replacement 9. Use the configupload command to save the SAN configuration settings of the original switch. original_switch:admin> configupload Protocol (scp, ftp, local) [ftp]: Server Name or IP Address [host]: 10.243.80.42 User Name [user]: anonymous Path/Filename [/config.txt]: /8000_configs_dir/MP_8000B_config.txt Section (all|chassis|switch [all]): configUpload complete: All selected config parameters are uploaded 10.
PAGE 160
A Brocade 8000 Replacement Effective Configuration: cfg: host1_fcoe zone: w2k3_cna1: 21:01:00:00:c8:98:ab:78 ……output truncated …. new_switch:admin> cfgactvshow Effective Configuration: cfg: host1_fcoe zone: w2k3_cna1: 21:01:00:00:c8:98:ab:78 ……output truncated …. 12. Bring the new switch back online. new_switch:admin> switchenable 13. Copy the ethernet settings of the original switch, using copy startup-config and copy running-config, to an FTP device.
PAGE 161
Brocade 8000 Replacement A ! Protocol spanning-tree rstp ! vlan classifier rule 1 proto fcoe encap ethv2 vlan classifier rule 2 proto fip encap ethv2 vlan classifier group 1 add rule 1 vlan classifier group 1 add rule 2 ! ………….output truncated …… new_switch#exit 17. Use the switchshow command to learn the switch name of the original switch. original_switch:admin> switchname original_switch 18. Use the switchname command to set the switch name on the new switch to match that of the original switch.
PAGE 162
A 140 Brocade 8000 Replacement Converged Enhanced Ethernet Administrator’s Guide 53-1002163-02
PAGE 163
DRAFT: BROCADE CONFIDENTIAL Index Symbols Numerics 802.
PAGE 164
DRAFT: BROCADE CONFIDENTIAL CEE switch congestion control and queuing, 5 flow control, 8 Layer 2 Ethernet, 3 Layer 2 forwarding, 3 loop-free, 4 tagging, 4 trunking, 7 Cisco interoperability, disabling for MSTP, 69 Cisco interoperability, enabling for MSTP, 69 classifier groups, VLAN, 53 classifier rules, VLAN, 52 CLI, CEE accessing, 14 command completion, 19 command modes, 15 console and VTY (line) configuration, 17 EXEC, 16 feature configuration, 17 global configuration, 16 interface configuration, 16 Pri
PAGE 165
DRAFT: BROCADE CONFIDENTIAL configuration, 26 Layer 2 Ethernet overview, 3 login, 10 logout, 10 overview, 1 queuing, 12 speed negotiation, 25 terminology CEE, 1 ENode, 1 FCoE Forwarder (FCF), 1 VF_port, 1 VN_port, 1 unsupported features, 25 VLAN forwarding, 4 FCoE initialization protocol See FIP feedback, xxii Fibre Channel Association, xxi filtering VLAN ingress, 45 FIP FC zoning, 11 FCoE login, 10 FCoE logout, 10 FIP discovery, 8 login, 9 logincfg, 10 logout, 9 name server, 11 registered state change not
PAGE 166
DRAFT: BROCADE CONFIDENTIAL Layer 2 ACL Ethernet overview, 3 Layer 2 forwarding, 3 link aggregation Brocade-proprietary, 82 dynamic, 82 LACP, 82 LAG distribution process, 83 LAGs, 79 overview, 79 static, 82 Link Aggregation Control Protocol See LACP link aggregation group See LAGs Link Layer Discovery Protocol See LLDP link type, specifying, 75 LLDP configuration guidelines and restrictions, 91 configuration procedures clearing LLDP-related information, 98 disabling LLDP globally, 92 displaying LLDP-relate
PAGE 167
DRAFT: BROCADE CONFIDENTIAL Q QoS CEE QoS overview, 39, 119 configuration procedures applying a CEE provisioning map, 41, 122 mapping a priority group table, 40, 121 mapping a priority-table, 41, 121 overview, 39, 119 verifying CEE maps, 41, 122 congestion control, 113 multicast rate limiting, 116 overview, 107 queuing traffic class mapping, 111 user-priority mapping, 108 queuing overview, 108 rewriting frame header field, 108 scheduling, 117 Quality of Service See QoS querier interval, 129 MRT, 129 VLAN,
PAGE 168
DRAFT: BROCADE CONFIDENTIAL transmit hold count, configuring for RSTP, MSTP, 68 troubleshooting tips, LACP, 85 trunk interface, configuring, 50 trunk mode, 45, 50 trunking, 7 Z zoning, FC, 11 U unsupported features, 25 user-priority mapping, QoS, 108 V Virtual LANs See VLAN VLAN applying a MAC ACL, 105 configuration guidelines and restrictions, 47 configuration procedures clearing VLAN counters, 54 configuring a CEE interface as a Layer 2 switch port, 50 configuring a CEE interface as an access or trunk