Manualshelf

Brocade FICON Administrator's Guide v7.1.0 (53-1002753-01, March 2013)

ManualsBrandsHP ManualsStorageHP SN6000B 16Gb 48-port/24-port Active Fibre Channel Switch
31323334353637383940
FICON Administrator’s Guide 17
53-1002753-01
Chapter
2
Administering FICON Fabrics
User security considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Preparing a switch for FICON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
Configuring switched point-to-point FICON . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Configuring cascaded FICON . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
FICON and FICON CUP in Virtual Fabrics . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26
Addressing modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
Clearing the FICON management database . . . . . . . . . . . . . . . . . . . . . . . . . 29
Automating CS_CTL Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
FICON best practices. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
User security considerations
To administer FICON, you must have one of the following roles associated with your login name on
the switch:
Admin
Operator
SwitchAdmin
FabricAdmin
The User and BasicSwitchAdmin roles are view-only. The ZoneAdmin and SecurityAdmin roles have
no access.
In an Admin Domain-aware fabric, if you use the FICON commands (ficonShow, ficonClear,
ficonCupShow, and ficonCupSet) for any Admin Domain other than AD0 and AD255, the current
switch must be a member of that Admin Domain. The output is not filtered based on the Admin
Domain. In virtual fabrics, these commands apply to the current logical or specified switch only.
Meeting Query Security Attribute requirements
In a cascaded switch configuration, FICON channels use an Extended Link Services Query Security
Attributes (ELS QSA) function to determine whether they are connected to a high integrity fabric.
When a FICON channel is connected to a fabric that is not high integrity, the channel will go into an
invalid attachment and isolated state (drop light), which then requires you to recover with the CPU
Hardware Management Console (HMC).
To ensure the FICON Channel QSA requirements have been met, be sure to configure the following
features:
Insistent domain ID
Fabric Wide Consistency Policy => SCC:S (Strict mode)