Manualshelf

Cisco Nexus 5000 Series Switch CLI Software Configuration Guide (OL-16597-01, July 2009)

ManualsBrandsHP ManualsStorageCisco Nexus 5010 with FCoE Storage Services License Converged Network Switch
691692693694695696697698699700
Procedure
PurposeCommand or Action
Enters configuration mode.switch# configuration terminal
Step 1
Enters the port security database mode for the
specified VSAN.
switch(config)# port-security database vsan
vsan-id
Step 2
Deletes the port security configuration database
from the specified VSAN.
switch(config)# no port-security database
vsan vsan-id
Step 3
Configures the specified sWWN to only log in
through SAN port channel 5.
switch(config-port-security)# swwn swwn-id
interface san-port-channel 5
Step 4
Configures any WWN to log in through the
specified interfaces.
switch(config-port-security)# any-wwn
interface fc slot/port - fc slot/port
Step 5
This example enters the port security database mode for VSAN 2:
switch(config)# port-security database vsan 2
This example configures the specified sWWN to only log in through SAN port channel 5:
switch(config-port-security)# swwn 20:01:33:11:00:2a:4a:66 interface san-port-channel 5
This example configures the specified pWWN to log in through the specified interface in the specified switch:
switch(config-port-security)# pwwn 20:11:33:11:00:2a:4a:66 swwn 20:00:00:0c:85:90:3e:80
interface fc 3/2
This example configures any WWN to log in through the specified interface in any switch:
switch(config-port-security)# any-wwn interface fc 3/2
Port Security Configuration Distribution
The port security feature uses the Cisco Fabric Services (CFS) infrastructure to enable efficient database
management, provide a single point of configuration for the entire fabric in the VSAN, and enforce the port
security policies throughout the fabric.
Related Topics
Using Cisco Fabric Services, page 299
Enabling Port Security Distribution
All the configurations performed in distributed mode are stored in a pending (temporary) database. If you
modify the configuration, you need to commit or discard the pending database changes to the configurations.
The fabric remains locked during this period. Changes to the pending database are not reflected in the
configurations until you commit the changes.
Port activation or deactivation and auto-learning enable or disable do not take effect until after a CFS
commit if CFS distribution is enabled. Always follow any one of these operations with a CFS commit to
ensure proper configuration.
Note
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01 645
Configuring Port Security
Port Security Configuration Distribution