HP Virtual Connect Manager Command Line Interface for c-Class BladeSystem Version 4.30/4.31 User Guide Abstract This document contains user information for the HP Virtual Connect Manager CLI. This document is for the person who installs, administers, and troubleshoots servers and storage systems. HP assumes you are qualified in the servicing of computer equipment and trained in recognizing hazards in products with hazardous energy levels.
© Copyright 2014 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein. Confidential computer software.
Contents Introduction .................................................................................................................................. 6 What's new .............................................................................................................................................. 6 Changes from VC 4.20 to VC 4.30/4.31 .......................................................................................... 7 Unassigning multiple profiles .........................................
ldap ............................................................................................................................................ 62 link-dist-interval .............................................................................................................................. 63 lldp.............................................................................................................................................. 64 local-users ....................................................
uplinkset ..................................................................................................................................... 143 user-security ................................................................................................................................ 145 user-security ................................................................................................................................ 146 user .................................................................
Introduction What's new The following changes have been implemented for VC 4.30/4.31: • Features: o Support for FIPS 140-2 For information on a current certification status, see the HP website (http://government.hp.com/Certifications.aspx). • • o SNMPv3 o Configure partially stacked domains o Monitor uplink and stacking link ports for pause flood conditions o Increased VLAN capacity o UEFI support Added a new snmp-user (on page 122) managed element.
• Enhanced the following commands to display the configured boot mode or boot order: o show profile ("profile" on page 88) o show server ("server" on page 106) o show enet-connection ("enet-connection" on page 33) Changes from VC 4.20 to VC 4.30/4.31 Command Changes Virtual Connect 4.20 Virtual Connect 4.30/4.31 add snmp-user set snmp-user show snmp-user remove snmp-user help snmp-user set stackinglink The new managed elements configure SNMP users.
Command Changes Virtual Connect 4.20 Virtual Connect 4.30/4.31 show uplinkport The command is enhanced to display port status as disabled when the port is controlled by the domain stacking link. The commands are enhanced to configure the boot mode of the server profile. Not available Port status is displayed as disabled if controlled by the domain stacking link.
#-----------------------------------------------------------------------# This is my sample Virtual Connect Domain Configuration Script # Revision 1.0.1.
# Set the domain default LACP timer to the short setting (one second) set lacp-timer default=Short # Add a Multicast Filter "filter1" to Filterset "mfs1" add mfs-filter FilterSet=mfs1 McastFilter =filter1 # Set the global option to enable the loop protection and pause flood protection set port-protect networkLoop=Enabled PauseFlood=Enabled # Set idle user sessions to expire after 20 minutes of inactivity set session Timeout=20 # Create a new Multicast Filter and adds it to the domain add mcast-filter MyMcas
o HP VC 4Gb Fibre Channel Module for BladeSystem c-Class (enhanced NPIV) o HP VC 8Gb 24-Port Fibre Channel Module for BladeSystem c-Class o HP VC 8Gb 20-Port Fibre Channel Module for BladeSystem c-Class NOTE: Beginning with VC 4.10, the HP 4GB Virtual Connect Fibre Channel Module is no longer supported. VC modules support HP BladeSystem Enclosures and all server blades and networks contained within the enclosure: • VC-Enet modules enable connectivity to data center Ethernet switches.
• If double-dense mode is enabled in the Domain Setup Wizard, each enclosure can support a total of 128 servers. • Stacking cables are used to connect multiple enclosures. This allows all VC-Enet modules to be interconnected and redundantly stacked. • When the domain stacking mode is configured, stacking cables connect the primary slice of each enclosure. The primary slice is the primary and standby interconnect modules for the enclosure.
Press the Tab key to auto complete subcommands and managed-elements. You can also type characters and then press the Tab key to see a narrowed-down list of command options. You can quit the shell by using the exit command. See the example of logging in to the interactive management shell below. In the example, the primary VCM is located at IP address 192.168.0.120. >ssh 192.168.0.
Command output filtering The CLI provides output filtering capabilities that enable you to display only properties of interest. This feature is useful for filtering large amounts of output data for specific information. One or more properties can be specified in the output filtering rules.
The VCM CLI prompt indicates if the domain is in FIPS mode by displaying the following prompt: FIPS-> The following features are disabled or restricted when the domain is in FIPS mode: • FTP and TFTP • TACACS+ authentication • RADIUS authentication • Automated deployment • Configurable user roles • Administrator password recovery • USB firmware updates • SNMPv1 and SNMPv2 • MD5 authentication and DES encryption for SNMPv3 • Remote logging, except when using stunnel for encryption • Sho
Item Description options Attributes used to customize or control command execution behavior such as output format, quiet-mode, and others properties One or more name and value pairs that are accessories to the command operation, mainly for set and add operations Example: ->add user mark password=asdf89g fullname="Mark Smith" enabled=true In the example, add is the subcommand, user is the managed element, mark is a required parameter for the operation, password is a required property, and fullname and
When using a Linux SSH client, simply redirect the script into SSH. If the SSH keys are not configured on the client and in the firmware, a password prompt appears. To enable script automation and better security, SSH public/private key-pairs can be generated and uploaded to the public key to the VC firmware. For example: >ssh Admin@192.168.0.120 < myscript.txt When using a Windows-based SSH client, pass the file to the client using the -m option.
Command line Subcommands Command Description add Add a new object to the domain or to another object assign Assign a server profile to a device bay delete Delete the domain configuration exit Exit the Virtual Connect Manager command-line shell copy help Copy a configuration from one server profile to another server profile Display context-sensitive help for a command or object import Import an enclosure into the domain poweroff Power off one or more servers reboot Reboot one or more serve
Managed element domain (on page 28) Description Manage general VC domain settings and information enclosure (on page 31) Manage general enclosure settings and information enet-vlan (on page 37) Manage Ethernet VLAN settings configuration external-manager (on page 38) Manage external manager settings and information fabric (on page 40) Manage Fibre Channel SAN fabrics enet-connection (on page 33) Manage Ethernet network connections fc-connection (on page 43) Manage Fibre Channel SAN fabric conne
Managed element Description radius (on page 100) Manage RADIUS authentication settings role (on page 101) Manage user authentication order by access role (privilege) radius-group (on page 99) server (on page 106) Manage RADIUS group configuration settings Manage physical HP BladeSystem server blades serverid (on page 108) Manage virtual server ID configuration settings server-port (on page 105) Display all physical server ports server-port-map-range (on page 103) Manage ranges of shared server
activity Display activity events being performed by VCM and the step-wise progress of those events. Supported actions: help, show Item Description show activity Display activity events being performed by VCM and the step-wise progress of those events. The activity event display includes the following columns: • • • • • • Time User Reason Activity Progress Detail To close the activity display, press q.
Item Description set auto-deployment This command enables customization of options related to auto-deployment, such as choosing to use DHCP to discover a TFTP server location or to manually specify TFTP settings to use for the configuration script location used for deployment. set auto-deployment TftpMode= [TftpServer= TftpFile= Syntax Examples ->set auto-deployment TftpMode=Manual TftpServer=192.168.1.1 TftpFile=myconfig.
Item Examples Description ->stop auto-deployment Stops an in-progress deployment operation banner Manage the login screen banner configuration. Supported actions: add, help, remove, show Item Description add banner Add banner text to the login screen. You can access VCM through ssh or the OA. After banner text is added, the banner is displayed before the user credential prompt when VCM is accessed.
cli This command modifies command execution behavior in script mode and auto-deployment. Script mode is the same as non-interactive mode. IMPORTANT: The show config output contains the set cli command with the default property and value, which is commented out. To modify command execution behavior while passing a script to CLI over SSH, uncomment and change the value of the ExitOnFailure property. If this command is specified in an auto-deployment command script, the expected value should be 'true'.
Item Description ->show config Displays the configuration script for the running domain ->show config -includePoolInfo Displays the configuration script for the running domain, including the pool ID or user-defined range configbackup Manage the domain configuration file. Supported actions: help, restore, save CAUTION: Do not restore a configuration backup file by using a file from another domain and including the property to ignore the enclosure serial number.
Item Description address=tftp://[2001::50]/new-vc-config-backup Restores a configuration backup file from a remote TFTP server ->restore configbackup address=ftp://user:password@192.168.10.12/new-vc-config-b ackup ->restore configbackup address=ftp://user:password@[2001::50]/new-vc-config-back up Restores a configuration backup file from a remote FTP server ->restore configbackup address=ftp://user:password@192.168.10.
Item Description Syntax save configbackup [-maskEncryptKey] address= [encryptionkey=] Option maskEncryptKey (optional) Properties Address (required) EncryptionKey (optional) Examples Enables you to interactively specify the encryption key as a masked string at the command prompt A valid IP address of a TFTP, FTP, SFTP server with user name and password (where needed) and the name of the configuration backup file.
Supported actions: help, show Item Description show connection-map Display server-to-target connectivity information for servers with assigned profiles containing DirectAttach fabrics. show connection-map Syntax Parameter ModuleID (required) Example The ID of the module for which to display the connection map information. The module must be a FlexFabric module. The ID is in the format of :.
Item Description delete domain Delete the existing VC domain configuration. Deleting the domain removes the entire VC domain configuration and resets it to the original defaults. After the domain is deleted, you are logged out and the VCM resets. delete domain [-quiet] Syntax Option quiet zeroize Examples Suppresses user confirmation prompts. This option is useful when scripting delete domain operations. This option is only valid when the domain is in FIPS mode.
Item Description Enabling a domain IPv6 address configuration or changing the domain IPv6 address can cause a temporary loss of connectivity to the VCM. Use caution when changing these settings. Values include "Enabled" and "Disabled." Ipv6 Address (optional) A valid IPv6 address to use for the domain IPv6 address configuration. The IPv6 address must be specified with a prefix, for example, 2001::3/64.
Item Description ->set domain DomainIpv6=Disabled Disables the domain IPv6 address and uses DHCP instead ->set domain MacType=VC-Defined MacPool=10 Sets the MAC address source to VC-Defined with a pre-defined range ->set domain MacType=Factory-Default Sets the MAC address source to use factory default MAC addresses ->set domain MacType=User-Defined MacStart=00-17-A4-77-00-00 MacEnd=00-17-A4-77-00-FF Sets the MAC address source to a custom, user-defined address range ->set domain WwnType=VC-Defined WwnPool=
Item Option quiet Description This option suppresses user confirmation prompt while importing a remote enclosure, and is typically used in automated scripting scenarios. Properties UserName (Required for A valid user name with access to the Onboard Administrator for the enclosure to enclosures that are import. The user must have full administrative rights to all enclosure elements, not imported) such as device bays, I/O bays, and OAs).
Item Description (optional) appear. Examples ->show Displays ->show Displays ->show Displays enclosure a summary of all enclosures enclosure * detailed information for all enclosures enclosure enc0 detailed information for a specific enclosure enet-connection Manage Ethernet network connections. Supported actions: add, help, remove, set, show Item Description add enet-connection Add a new Ethernet network connection to an existing server profile.
Item Description connection if the Multicast Filterset name has not been specified. If the name is not specified, or is set to "None", then the Multicast Filter Set is left unassigned and can be assigned later. AddressType (optional) The source of MAC address assignments to be used during the creation of the new connection. If not specified, the default is the domain default. If "User-Defined" or "Pool-Specified" is specified, both an Ethernet MAC Address and iSCSI MAC Address must also be specified.
Item Description iScsiMAC=00-17-A4-77-00-01 Adds a new Ethernet network connection and specifies an address from the VC-defined or user-defined pool ->add enet-connection MyProfile Network=MyNetwork SpeedType=Preferred Adds a new Ethernet network connection and sets the speed to "Preferred" ->add enet-connection MyProfile Network=MyNetwork SpeedType=Custom Speed=2000 Adds a new Ethernet network connection and sets the speed to 2Gb ->add enet-connection MyProfile Network=MyNetwork McastFilter=MyFilter Adds
Item Description PXE (optional) Enables or disables PXE on a connection. Valid values are "enabled", "disabled", and "UseBios". This applies to Ethernet network connections only. PXE can be enabled on one connection per profile. pxeBootOrder (optional) Modifies the PXE IP boot order. The default setting is 'Auto'. Valid values are: • • • • • Auto IPv4Only IPv6Only IPv4ThenIPv6 IPv6ThenIPv4 SpeedType (optional) The requested operational speed for the server port.
Item Description ->show Displays ->show Displays ->show Displays enet-connection * all Ethernet connections in the domain enet-connection Profile1:* all Ethernet connections of a profile named Profile1 enet-connection Profile1:1 a specific Ethernet connection of a profile named Profile1 enet-vlan Manage Ethernet VLAN configuration settings. Supported actions: help, set, show Item Description set enet-vlan Modify general Ethernet VLAN configuration settings.
Item Examples Description ->set enet-vlan SharedServerVLanId=true Enables SharedServerVLanId ->set enet-vlan PrefSpeedType=Custom PrefSpeed=500 MaxSpeedType=Custom MaxSpeed=2500 Sets the preferred connection speed for all connections using multiple networks to 500Mb, and the maximum connection speed to 2.
Item Description MacEnd (required if the MacType is User-Defined) WwnType (optional) The ending MAC address in a custom user-defined range. This property is valid only if the MacType is set to "User-Defined". WwnStart (required if the WwnType is User-Defined) WwnEnd (required if the WwnType is User-Defined) ServerIdType (optional) The starting WWN address in a custom user-defined range The type of WWN address source to use for assignment. Valid values include "Factory-Default" and "User-Defined".
Item Description ->set external-manager UserName=A17005068 Enabled=false Disables the external manager ->set external-manager UserName=A17005068 Enabled=true Enables the external manager Item Description show external-manager Display the information of an existing external manager. show external-manager Syntax Example ->show external-manager Displays the information of an existing external manager fabric Manage Fibre Channel SAN fabrics.
Item Description Speed (optional) The port speed for the uplink ports in the fabric. Values include "Auto", "2Gb", "4Gb", and "8Gb". The default port speed is "Auto". Speed restrictions: • • For the HP VC 4Gb FC Module, if the value is 8Gb, VCM translates the value to "Auto", allowing the module to connect to the SAN switch at optimal speed.
Item Description Examples ->remove fabric VFabric_1 Removes VC FC SAN fabric VFabric_1 ->remove fabric * Removes all VC FC SAN fabrics from the domain Item Description set fabric Modify properties of an existing fabric or force load balancing of a fabric if login re-distribution is configured.
Item Description PrefSpeed (required if PrefSpeedType is "Custom") MaxSpeedType (optional) The preferred connection speed for any FCoE connection attached to this fabric. Values range from 100Mb to 8Gb in 100Mb increments. This property is configured only if the fabric has uplink ports from the FlexFabric interconnect module. MaxSpeed (required if MaxSpeedType is "Custom") Examples The maximum connection speed for any FCoE connection attached to this fabric. Values are 'Unrestricted' and 'Custom'.
Item Description [AddressType=] [PortWWN=] [NodeWWN=] Parameter ProfileName (required) The name of an existing profile to which the new connection is added Properties Fabric (optional) Speed (optional) The name of an existing fabric to associate with the connection. If the fabric name is not specified, the connection is marked as “Unassigned” and associated with a specific bay. The port speed of the connection port.
Item Description remove fc-connection Remove the last FC connection from an existing server profile. Syntax remove fc-connection Parameter ProfileName (required) Name of the profile from which to remove the FC connection Example ->remove fc-connection MyProfile Removes an FC connection from a profile Item Description set fc-connection Modify an existing FC SAN connection.
Item Description ->set fc-connection BlueProfile 1 Speed=4Gb Changes the port speed of an FC SAN connection ->set fc-connection BlueProfile 1 BootPriority=Primary BootPort=50:06:0B:00:00:C2:62:00 BootLun=5 Changes the SAN boot priority and sets additional boot parameters Item Description show fc-connection Display the FC SAN connections associated with the server profiles. Syntax show fc-connection [] Parameter ConnectionID (optional) Examples The ID of an existing FC SAN connection.
Item Description is specified, then the connection is marked as "Unassigned" and is associated with a specific bay. SpeedType (optional) The requested operation speed for the server port. Valid values are "1Gb", "2Gb", "4Gb", "8Gb", "Auto", "Custom", "Preferred", and "Disabled". The default value is "Preferred". "Auto" does not apply to fabrics, and "1Gb" to "8Gb" does not apply to FCoE networks.
Item Description ->add fcoe-connection MyNewProfile WWNAddressType=Factory-Default Adds a new FCoE connection and uses factory-default WWN addresses ->add fcoe-connection MyNewProfile WWNAddressType=User-Defined PortWWN=50:06:0B:00:00:C2:62:00 NodeWWN=50:06:0B:00:00:C2:62:01 Adds a new FCoE connection and provides user-defined WWN addresses ->add fcoe-connection MyNewProfile WWNAddressType=Pool-Specified PortWWN=50:06:0B:00:00:C2:62:00 NodeWWN=50:06:0B:00:00:C2:62:01 Adds a new FCoE connection and provides
Item Description (required) . Properties Fabric (optional) The name of the fabric to associate with the connection. The fabric being specified should be associated with the same bay as the FCoE connection. FcoeNetwork (optional) The name of the FCoE network to associate with the connection. You cannot specify both Fabric and FcoeNetwork properties. SpeedType (optional) The requested operational speed for the server.
Item Description ->set fcoe-connection MyProfile:1 SpeedType=Preferred Modifies the FCoE connection and set the speed type "Preferred" Item Description show fcoe-connection Display the FCoE connections associated with the server profiles. Syntax show fcoe-connection [] Parameter ConnectionID (optional) Examples The ID of an existing FCoE connection. The ID format is . Use to display all FCoE connections of a profile.
Item Description Example ->show igmp-group enc0:1 Displays the IGMP Group information for the module in bay 1 of enclosure enc0 igmp IMPORTANT: Users with server role permissions cannot modify IGMP settings when the VC domain is under VCEM control. Manage Ethernet IGMP Snooping settings. Supported actions: help, set, show Item Description set igmp Modify Ethernet IGMP Snooping settings.
Item Parameter ModuleID (required) Option FilterBy (optional) Examples Description The ID of the module for which to display the MAC table. The ID is in the format of :. The MAC table output can be filtered by property. The output filter syntax used is Property=Value.
Item Description ModuleID (optional) The ID of the interconnect module. Use “*” to display a detailed view of all modules in the VC domain. If not specified, a summary output of all modules appears. FilterBy Filter the output of the show command by the specified attribute. The option is specified in the format =. For example, to display FIP snooping info associated with UplinkSet up1, the option would be specified as UplinkSet=up1.
Item Description set iscsi-boot-param Configure the basic iSCSI boot parameters on the specified iSCSI connection.
Item Description "Disabled") TargetPort (optional) The TCP port associated with the primary target IP address. The default value is 3260. TargetIP2 (optional) The alternate target IP address to use if the primary target IP is unavailable. TargetPort2 (required if TargetIP2 is specified) The TCP port associated with the alternate target IP address. The default value is 3260.
Item Description ->set iscsi-boot-param MyProfile1:1 BootOrder=Primary Lun=100 InitiatorName="iqn.2009-09.com.someorg.iSCSI-Initiator" InitiatorIp=192.128.3.1 Mask=255.255.0.0 TargetName="iqn.2009-09.com.someorg.iSCSI-Target" TargetIp=192.128.3.
Item Description ProfileName (required) The name of an existing profile to which the new connection is being added Properties Network (optional) The name of an existing network to associate with the connection. If the network name is not specified or is unassigned, it can be assigned later. AddressType (optional) The source of MAC address assignments to be used during the creation of the new connection. If not specified, the default is the domain default.
Item Description ->add iscsi-connection MyProfile Network=MyNetwork SpeedType=Preferred Adds a new iSCSI network connection and sets the speed to Preferred ->add iscsi-connection MyProfile Network=MyNetwork SpeedType=Custom Speed=2000 Adds a new iSCSI network connection and sets the speed to 2Gb Item Description remove iscsi-connection Remove the last iSCSI connection from the server VC profile. If no connections exist, an error message appears.
Item Description ->set iscsi-connection MyProfile:1 Network=MyNetwork SpeedType=Preferred Modifies the speed to Preferred ->set iscsi-connection MyProfile:1 SpeedType=Custom Speed=2000 Modifies the iSCSI connection and sets the speed to 2Gb Item Description show iscsi-connection Display the iSCSI connections associated with the server profiles. Syntax show iscsi-connection [] Parameter ConnectionID (optional) Examples The ID of an existing iSCSI connection.
ldap-certificate View and upload LDAP certificates from a remote FTP server. Supported actions: help, load, remove, show Item Description load ldap-certificate Download an LDAP certificate from a remote server using FTP or SFTP and apply it to the VC domain.
Item Description show ldap-certificate Display LDAP certificate information. show ldap-certificate [ | *] Syntax Parameter SerialNumber (optional) Examples The serial number of an existing LDAP certificate in a colon format. Use "*" to display detailed output of all the LDAP certificates in the VC domain. If an LDAP certificate is not specified, a summary output of all the LDAP certificates appears.
Item Description ->remove ldap-group MyGroup Removes a specified directory group ->remove ldap-group * Removes all directory groups Item Description set ldap-group Syntax Modify the properties of an existing directory group.
Item Description [SearchContext1=] [SearchContext2=] [SearchContext2=] Option Test (optional) Tests the LDAP configuration without applying changes. Properties Enabled (optional) Enables or disables LDAP authentication. Values include "true" and "false". NtAccountMapping (optional) Enables or disables Microsoft Windows NT account mapping. This capability enables you to enter "domain\username". Values include "Enabled" and "Disabled".
Supported actions: help, set, show Item Description set link-dist-interval Set the FC login re-distribution interval for uplinks that are part of a fabric configured for Automatic login re-distribution. set link-dist-interval Interval=<1-1800> Syntax Property Interval (required) FC login re-distribution interval for uplinks (in seconds). Valid values include positive integers in the range 1 to 1800. The default is 30 seconds.
Item Description ports. Item Description show lldp Display LLDP information received on the specified port. show lldp Syntax Parameter PortID (required) Example The port ID of the port for which to display LLDP information. PortID is composed of ::. A listing of the possible uplink PortIDs can be obtained by entering the show uplinkport command. Module downlink PortLabels range from d1 through d16, depending on the enclosure configuration.
Item Description show local-users Display local user authentication settings for the VC domain. show local-users Syntax Example ->show local-users Displays local user authentication settings log-target Manage remote log destination settings. Supported actions: add, help, remove, set, show, test Item Description add log-target Add a new remote log destination.
Item Description Syntax remove log-target Parameter ID (required) The index of the remote log destination to delete Example ->remove log-target 3 Removes log-target index number 3 Item Description set log-target Modify the properties of an existing remote log destination.
Item Description information for all remote log destinations. Example ->show log-target Displays all log destination settings Item Description test log-target Send a test message to all enabled remote log destinations. Syntax test log-target Example ->test log-target Sends a test message all log-targets loop-protect The loop-protect command is deprecated in 4.00. HP recommends using the port-protect command. For information about port-protect settings, see "port-protect (on page 87).
Item Description ->show loop-protect Displays the current loop protection configuration and all Ethernet ports currently disabled due to protection enforcement mac-cache Manage Ethernet MAC cache failover settings. Supported actions: help, set, show Item Description set mac-cache Modify Ethernet MAC cache failover settings. set mac-cache [Enabled=] [Refresh=] Syntax Properties Enabled (optional) Refresh (optional) Examples Enables or disables MAC cache failover.
Item Description 224.11.11.3/32 Creates a new Multicast Filter rule for a Multicast Filter Item Description remove mcast-filter-rule Remove a Multicast Filter rule from a Multicast filter. Syntax remove mcast-filter-rule McastFilter= [Network=|*] Properties McastFilter (required) Network (required) Examples The name of an existing Multicast Filter to which the Multicast Filter rule belongs Network IP Addresses in the form of IP Address/Netmask Bits.
Item Description Creates a new Multicast Filterset with color red Item Description remove mcast-filter-set Remove a Multicast Filterset. Syntax remove mcast-filter-set McastFilterSetName> | * Parameter McastFilterSetName (required) The name of an existing Multicast Filterset in the domain. A Multicast Filterset name of "*" removes all the Filtersets.
Item Description McastFilterSetName (required) The name of an existing Multicast Filterset in the domain. A Multicast Filterset named "*" removes all the filters.
Item Description ->remove mcast-filter Filter1 Removes a Multicast Filter ->remove mcast-filter * Removes all Multicast Filters Item Description set mcast-filter Modify the Multicast Filter. set mcast-filter [Name=] [Labels=[,...] [Color=] Syntax Parameter McastFilterName (required) The name of an existing Multicast Filter to modify Properties Labels (optional) Labels assigned to this multicast filter.
mfs-filter Manage Multicast Filters in Multicast Filtersets. Supported actions: help, add, remove Item Description add mfs-filter Add a Multicast Filter to a Multicast Filterset. add mfs-filter FilterSet= McastFilter=[,,...] Syntax Properties FilterSet (required) McastFilter (required) Examples The name of an existing Multicast Filterset in the domain The Multicast Filters to be added to the specified Multicast Filterset.
Item Description is not specified) separated by commas. Do not use spaces unless they are enclosed in quotation marks. NagNetworkID Examples The Nag name and Network of interest. The format is . If this is specified then the Nag= and Network= parameters are not provided.
name-server Display a snapshot of all hosts and direct attached storage devices for the specified FlexFabric module. Supported actions: help, show Item Description show name-server Syntax Display a snapshot of all hosts and direct attached storage devices for the specified FlexFabric module. show name-server Parameter ModuleID (required) The ID of the module for which to display the name server information. The module must be a FlexFabric module.
Item Description set networkaccess-group Modify an existing network access group.
Item Description networks VLANIds (required) A comma separated list of VLAN ranges. The VLAN IDs must not overlap or already be used in the uplink port set. The VLAN IDS are combined with the NamePrefix and NameSuffix properties (if any) to create the name for the networks. NamePrefix (optional) The string to prefix before the VLAN ID when naming the new networks. If omitted, no string is used to prefix the VLAN ID.
Item Options quiet Properties UplinkSet (required) VLANIds (required) Example Description Suppresses user confirmation prompts during network range removal. This option is used mainly in automated scripting scenarios. The name of the shared uplink set from which the networks are being removed The list of VLAN IDs (comma separated list of VLAN ID ranges) to be deleted from the shared uplink set.
Item Description Nags (optional) The network access groups to which the networks belong, separated by commas. Do not use spaces unless they are enclosed in quotation marks. If nags is not specified, the network access groups are not changed. SmartLink (optional) Enables or disables the SmartLink capability for the networks. Valid values include "Enabled" and "Disabled". Labels (optional) Labels assigned to these networks.
Item Properties Nags (optional) UplinkSet (optional) Description The names of the existing network access groups of which this network is a member, separated by commas. Do not use spaces unless they are enclosed in quotation marks. If no network access groups are specified, the domain default network access group (Default) is used. This property is not allowed for an FCoE network. The name of an existing shared uplink set to use with this network.
Item Description network access group ->add network Network1 nags=DatabaseNetGroup,AccessNetGroup Creates a network named Network1 and assigns it to network access groups DatabaseNetGroup and AccessNetGroup ->add network MyNewNetwork2 UplinkSet=MyUplinkSet VLanID=145 Creates a new network and uses a shared uplink port set ->add network FcoeNetwork -fcoe UplinkSet=MyUplinkSet VLanID=100 Creates a new FCoE network ->add network Network1 Private=Enabled Configures a private network when adding a new network -
Item Description 100Mb increments>] [LacpTimer=] [Labels=[,…] [Color=] Parameter NetworkName (required) Option Quiet (optional) Properties Name (optional) The name of an existing network to modify Suppresses user confirmation prompts during network creation and modification. This option is used mainly in automated scripting scenarios. The new name of the network State (optional) Enables or disables the network.
Item Description value is "Short". Nags (optional) The Network Access Group(s) the network belongs to. The default is Default Network Access Group, a list of Network Access Group names separated by comma. The Network Access Groups should be in quotation marks if there are spaces in the list. This property is not allowed for an FCoE network. Labels (optional) Labels assigned to the network. Labels are used in the GUI to help manage large numbers of networks.
Item Description Syntax networks only. show network [|*] Parameter NetworkName (optional) Examples The name of an existing network (Ethernet or FCoE) in the VC domain. Use "*" to display a detailed view of all the networks. If not specified, a summary view of the networks appears.
Item Description Example ->add port-monitor AnalyzerPort=enc0:1:4 Speed=1Gb Duplex=full MonitorPort=enc0:5:4 Direction=FromServer Adds a new network analyzer port and a server port to be monitored ->add port-monitor AnalyzerPort=enc0:1:Q1.1 Speed=Auto Duplex=full Adds a new QSFP+ network analyzer port ->add port-monitor AnalyzerPort=enc0:1:Q1.
Item Description If there is no connector present on the analyzer port, only "Auto" and "Disabled" can be configured as the port speed. Speed restrictions apply. Duplex (optional) The port duplex mode of the network analyzer port. Valid values include "Auto", "Half", and "Full". The default value is "Auto". MonitorPort (required if the Direction property is being modified) Direction (optional) The server port to be monitored. The format of the monitored port is ::.
Item Description Resets the port-protection state on all ports currently disabled due to the port protection action Item Description set port-protect Modify the domain wide configuration for port protection against the following denial of service conditions: • • Network loop protection for server downlink ports Pause flood protection for downlink physical ports set port-protect [-quiet] [networkLoop=] [pauseFlood=] Syntax Option quiet (optional) Suppresses user c
Item Description [HideUnusedFlexNICs=] [SNType=] [SerialNumber=] [UUID=] [bootMode=] Parameter ProfileName The unique name of the new server profile to create Options NoDefaultEnetConn Do not add default Ethernet network connections when creating the server profile. NoDefaultFcoeConn Do not add default FCoE SAN connections when creating the server profile.
Item Description Creates a new profile without adding default Ethernet, FC, and FCoE connections ->add profile MyNewProfile2 Nag=DatabaseNetGroup Creates a new profile and associates it with the DatabaseNetGroup network access group ->add profile MyNewProfile2 HideUnusedFlexNICs=true Does not enumerate FlexNICs not assigned to a profile as network interfaces in the operating system ->add profile MyNewProfile SNType=User-Defined SerialNumber=VCX0113121 Creates a new profile and specifies a custom virtual se
Item Description load profile Syntax Load a saved EFI data object from a remote ftp server on the network. The EFI data object is loaded into an existing server profile. The server profile must not be assigned to a server bay and it must not have an EFI data object present.
Item Syntax Parameter ProfileName (required) Properties address (required) filename (required) Examples Description be assigned to a server bay. save profile address= -orsave profile address= filename= An existing and unassigned profile in the domain A valid IP address, with username, password, and the name of the EFI data file that will be stored on the FTP or SFTP server.
Item Description to restore network connectivity. Changing this option requires you to power off the server. Nag (optional) The new network access group for the server profile. If not specified, the profile’s network access group is not changed. bootMode (optional) Configures the boot mode. Valid values are: • • • Auto—Default boot option Legacy—Legacy BIOS UEFI—Unified Extensible Firmware Interface Verify the server supports UEFI before configuring the boot mode.
qos-class Manage the class of the active QoS configuration. Supported actions: help, set, show Item Description set qos-class Modify a class of the active QoS configuration set qos-class [Name=NewClassName][Enabled=] [RealTime=] [Share=<1-99>] [MaxShare=<1-100>] [EgressDOT1P=<1,2,3,4,5,6,7>] Syntax Parameter ClassName (required) The name of an existing traffic class Properties Name (optional) The new name of the class.
Item Description show qos-class Display the QoS traffic classes of the active QoS configuration show qos-class [ | *] [FilterBy] Syntax Parameters Name (optional) FilterBy (optional) Examples The existing QoS class name. Detailed information of the specified traffic class is displayed. If "*" is specified, then detailed information of all QoS classes is displayed. If the name is not specified, a summary of all classes is displayed.
Item Description show qos-classifier Display the QoS classifier configuration of the active QoS configuration show qos-classifier [ |*] Syntax Parameter PortType (optional) Examples The type of port to which the classifiers are assigned. Valid values are "Uplinks" and "Downlinks". If the port type is not specified, then classifiers for all port types are displayed.
Item Description ->set qos-map DSCP Class=Backup Values=CS0,AF11-AF22,AF33 Modifies the DSCP mapping for CS0, AF11, AF12, AF13, AF21, AF22, AF33 Item Description show qos-map Display the traffic classification maps of the active QoS configuration show qos-map [ | *] Syntax Parameter Type (optional) Examples Type of map. Valid values are "DOT1P" and "DSCP". If the type is not specified, all maps are displayed.
Item Description configuration types to the factory default settings Item Description set qos Sets the specified QoS configuration as the active configuration. After the active QoS configuration is set, use the following commands to configure the configuration: qos-class, qos-map, and qos-classifier. set qos Syntax Parameter Type (required) Examples The QoS configuration type. Valid values are "Passthrough", "CustomWithFCoE", and "CustomNoFCoE". The default value is "Passthrough".
Item Description ->show Displays ->show Displays ->show Displays qos CustomWithFCoE detailed information for the specified QoS configuration qos -active detailed information for the active QoS configuration qos * detailed information for all QoS configurations radius-group Manage Virtual Connect RADIUS groups. Supported actions: add, help, remove, set, show Item Description add radius-group Add a RADIUS group.
Item Description set radius-group Syntax Modify the properties of an existing RADIUS group. set radius-group [Description=] [Roles=] Parameter GroupName (required) The name of an existing group to modify Properties Description (optional) Roles (optional) Example A user-friendly description for the group A set of one or more privileges for the group. Valid values are any combination of "domain", "server", "network", and "storage". Separate multiple values with commas.
Item Description Enabled (optional) Enables or disables RADIUS authentication. Valid values include "true" and "false". ServerAddress (optional) The IP address or the DNS name of the primary RADIUS server used for authentication Port (optional) The server UDP port number. Valid values include a valid port number between 1 and 65535. The default port is 1812. ServerKey (optional) The plain-text string used to encrypt user details exchanged with the primary RADIUS server.
Item Description set role Configure the authentication order or permitted operations for a VC role. Syntax set role Order= Operations= Parameter RoleName (required) Property Order (optional) The VC privilege/role for which the existing authentication order is to be set. Valid values are "domain", "network", "server", and "storage". The order of authentication to be set for a given role, specified as one or more authentication methods separated by a comma.
server-port-map-range Manage ranges of shared server downlink port mapping configurations. Supported actions: add, help, remove Item Description add server-portmap-range Add a new server port network mapping range, and allow server ports to be shared among multiple VC Ethernet networks.
server-port-map Manage shared server downlink port mapping configuration. Supported actions: add, help, remove, set, show Item Description add server-port-map Add a new server port network mapping, and allow server ports to be shared among multiple VC Ethernet networks.
Item Description ->remove server-port-map MyProfile:1 RedNetwork Removes a server port network mapping ->remove server-port-map MyProfile:1 * Removes all server port network mappings from a profile ->remove server-port-map * Removes all server port mappings in the domain Item Description set server-port-map Modify an existing server port network mapping. This command cannot be used if the network is associated with a shared uplink set.
Supported actions: help, show Item Description show server-port Display physical server port information. If the port is unlinked and no connectivity exists, the cause is displayed. For more information about possible causes, see "Port status conditions (on page 201)." show server-port [] Syntax Parameter PortID (Optional) Examples The reference of a port mapping ID. The PortID format is . The PortID can be referenced from the ID column in the summary.
Item Description ->poweroff server * Powers off all servers in the domain ->poweroff server enc0:* Powers off all servers in the local enclosure ->poweroff server enc0:2 -ForceOnTimeout Attempts a graceful shutdown, but forces a shutdown at the end of the timeout period ->poweroff server * -Timeout=180 Powers off all servers and specifies a custom timeout of 3 minutes ->poweroff server enc0:1 Powers off the multi-blade server in bays 1-4 of the local enclosure Item Description poweron server Power on o
Item Description ForceOnTimeout Attempts a graceful shutdown, but if the server does not shut down within the timeout period (60 seconds by default), then the server is forced to reboot. Timeout Specifies the timeout period (in seconds) to wait for the operation to complete (per server). The default timeout is 120 seconds.
Item Description profiles are using server IDs from this source. The virtual server ID source type is "User-Defined", and the range is being extended by lowering the start value or increasing the end value. set serverid Type=Factory-Default • Syntax set serverid Type=VC-Defined [PoolID=<1-64>] set serverid Type=User-Defined Start=VCX01nnnnn End=VCX01nnnnn Properties Type (required) The type of the virtual serial number source.
Item Examples Description ->set session Timeout=20 Sets idle user sessions to expire after 20 minutes of inactivity ->set session Timeout=0 Disables session timeout (user sessions never expire) Item Description show session Syntax Display the session properties show session timeout Option Timeout (required) Displays the session timeout value Example ->show session timeout Displays the current session timeout value sflow Configures an existing VC Ethernet network with sFlow.
Item Description reset sflow-module Reset the sflow module. reset sflow-module Syntax Parameter ModuleID (required) Examples Specifies the interconnect module whose network interface is being reset. The format is :. The module network configuration cannot be reset if the module ports are being sampled or polled by any of the receivers.
Item Description ->show Displays ->show Displays sflow-module all sflow modules sflow-module enc0:1 the specified sflow module sflow-ports Configure the ports to be sampled or polled for a receiver. Supported actions: add, help, remove, set, show Item Description add sflow-ports Add a port to be sampled or polled for a receiver.
Item Description remove sflow-ports Removes ports from an sflow receiver Syntax remove sflow-ports [[SamplePorts=][PollPorts=]] Parameter ReceiverName (required) The name of an existing sflow receiver in the domain Properties SamplePorts (optional) PollPorts (optional) Examples Specifies a list of sample ports to be removed from a receiver. "*" removes all sample ports from the receiver.
Item Description PollPorts (optional) Specifies a list of VC enet module ports whose polling intervals are to be modified. The ports are specified as a comma separated list where each port is in the format: :[:]. The ID for the poll port can be referenced from the output of the show sflow-ports command.
Item Description IpAddress (required) Specifies the IP Address of the receiver where the sflow datagrams are sent Port (optional) Specifies the UDP port number of the receiver where the sflow datagrams are sent. The valid range is from 1 to 65535. The default value is "6343". MaxHeaderSize (optional) Specifies the maximum number of bytes that are copied from a sampled packet to create a flow sample. Valid values are "128","256","512", and "1024". The default value is "128".
Item Description ->set sflow-receiver Alpha enabled=true Enables the Alpha sflow receiver Item Description show sflow-receiver Display the receiver name. Syntax show sflow-receiver [] Parameter ReceiverName (optional) The name of an existing sflow receiver in the domain. A receiver name of "*" displays all the receivers. Examples ->show sflow-receiver Displays the sflow receiver snmp Configure and display the SNMP settings for the VC domain.
Item Description SmisEnabled (optional) Enables or disables SMI-S. This property is valid only for VC-FC modules. The default value is "false". Valid values include "true" or "false". Examples ->set snmp enet ReadCommunity=mydatacenter1 SystemContact=admin@datacenter1.com Enabled=true Enables the SNMP agent for VC-Enet modules and supplies a community string.
Item Description remove snmp-access Syntax Remove already configured range(s) of IP addresses that were permitted to access VC Ethernet modules through the SNMP interface. remove snmp-access Network= | * Parameter Network (required) The network IP address of a configured SNMP access Examples ->remove snmp-access Network=192.168.0.
Item Description Community (optional) The SNMP community name string for the specified trap. If not specified, the default value is "public". For VC-Enet modules, the maximum string length is 39. For VC-FC modules, the maximum string length is 24. Community strings are not added when the Format property is set to SNMPv3. Format Format of the new trap. Values are SNMPv1, SNMPv2, or SNMPv3. If not specified, the default is "SNMPv1". Severity Trap severities to send to the destination.
Item Description ->add snmp-trap MyTrap Address=192.112.42.5 Severity=All FcCategories=All DomainCategories=All Adds a trap with all severity and category properties set. Severities are allowed even though FC categories are set, but the severities are applied to the domain categories. ->add snmp-trap trap1 address=10.10.2.86 Format=SNMPv3 Severity=All EnetCategories=All UserName=theta SecurityLevel=AUTHNOPRIV Adds an SNMPv3 trap ->add snmp-trap trap2 address=10.10.2.
Item Description Format Format of the new trap. Values are SNMPv1, SNMPv2, or SNMPv3. Severity Trap severities to send to the destination. Values are "Normal", "Unknown", "Info", "Warning", "Minor", "Major", "Critical", "All", and "None". Multiple severities can be specified, separated by commas. The default severity is "None". DomainCategories The VC domain trap categories to send to the destination.
Item Parameter Name (optional) Examples Description The name of the trap configuration to be displayed. If no trap name is specified, or "*" is entered, all configured traps are displayed. ->show Displays ->show Displays snmp-trap MyTrap1 the SNMP trap configuration for a single trap snmp-trap * all configured SNMP traps Item Description ->test snmp-trap Generate an SNMP test trap and sends it to all configured destinations.
Item Description '0x' and is followed by an even number of digits, up to 64 hexadecimal. The property is only used for adding remote SNMP users. MinSecurityLevel (optional) Minimal level of security required for operation. • • • NOAUTHNOPRIV allows for unauthenticated and unencrypted operations. AUTHNOPRIV requires only authentication. AUTHPRIV requires authentication and encryption. The default is NOAUTHNOPRIV. This property is applicable only to local SNMP user accounts.
Item Examples Description ->set snmp-user theta AuthAlgo=MD5 AuthPassPhrase=bellerophone PrivAlgo=DES PrivPassPhrase=armageddon MinSecurityLevel=AUTHPRIV Modifies the MinSecurityLevel, AuthAlgo, and PrivAlgo properties for a local SNMP user account. ->set snmp-user beta AuthAlgo=MD5 AuthPassPhrase=bellerophone PrivAlgo=DES PrivPassPhrase=armageddon EngineId=0x44fecd55438f Modifies the AuthAlgo and PrivAlgo for the remote SNMP user account.
Item Description ->remove snmp-user alpha Removes a local SNMP user with a specified name ->remove snmp-user * Removes all local SNMP users ->remove snmp-user beta EngineId=0x44fecd55438f Removes a remote SNMP user with the specified name ->remove snmp-user delta EngineId=* Removes all remote SNMP users with specified name ->remove snmp-user EngineId=0x44fecd55438f ->remove snmp-user * EngineId=0x44fecd55438f Removes all remote SNMP users with specified engine ID ->remove snmp-user EngineId=* Removes all r
Item Description ->load ssh address=ftp://user:password@[2001:1::1] filename=/ssh_key.pub Transfers the SSH key from the remote FTP server using an IPv6 address Item Description remove ssh Remove any custom SSH keys that have been applied. Syntax remove ssh Example ->remove ssh Removes SSH keys Item Description show ssh Display the SSH key configuration.
Item Description Address=ftp://user:password@192.168.10.12/my-new-ssl. crt Transfers a new custom SSL certificate from the remote FTP server ->load ssl-certificate Address=ftp://user:password@192.168.10.12 Filename=my-new-ssl.crt Transfers a new custom SSL Certificate from the remote FTP server ->load ssl-certificate Address=ftp://user:password@[2001:1::1]/my-new-ssl.
Item Description [ChallengePW= ConfirmPW=] [UnstructuredName=] Options quiet Properties Address (required) This option suppresses user confirmation prompts. This option is useful when scripting operations. A valid IP address of the FTP or SFTP server, with user name, password, and name of the file to which the generated SSL certificate signing request will be stored on the server. If not specified, the default filename is "vc-ssl.csr".
Item Description DNQualifier (optional) The distinguished name qualifier for the VCM. The value can be 0 to 60 characters in length. Acceptable characters are alphanumeric, space, and the following punctuation marks: ‘ ( ) + , - . / : = ? ChallengePW (optional) The password for the certificate-signing request. The value can be 0 to 30 characters in length. If an empty password is specified, the user is prompted for the value. ConfirmPW (optional) Confirm the challenge password.
Item Description Option quiet (optional) Property Strength (required) TLS (optional) This option suppresses user confirmation prompts. This option is useful for scripting ssl operations. The strength of the encryption cipher. Valid values include "All" and "Strong". The default value is "Strong". The SSL strength cannot be changed when the domain is in FIPS mode. Select TLS version: • • All—Allows TLSv1, TLSv1.1, and TLSv1.2. Strict—Allows TLSv1.2 only. The default value is 'Strict'.
Item Options quiet Property DomainStackingMode (required) Description This option suppresses user confirmation prompts. This option is useful when scripting operations. Specifies one of three stacking modes for the domain: • • • Example Full—Default stacking mode. All FlexFabric and Ethernet modules are interconnected. Horizontal—Disables all vertical stacking links. Primary-Slice—Disables all stacking links outside of the primary slice.
Item Description show statistics Display statistics for the specified physical port, FlexNIC, or the aggregated statistics for the specified LAG. show statistics | <[-summary] | PortID=>> Syntax Parameter PortID (optional) The port ID on which to display statistics information.
Item Description cosq_ucast_OutBytes The accumulated transmitted byte count of unicast packets of the queue for the specified port. For VC FlexFabric 10Gb/24-port module and VC Flex-10 Enet module, the counter is not supported and the value is 0. cosq_ucast_OutPkts The accumulated transmitted packet count of unicast packets of the queue for the specified port. For VC FlexFabric 10Gb/24-port module and VC Flex-10 Enet module, the counter includes both unicast and multicast data.
Item Description show statisticsthroughput Display throughput information for the specified physical port, FlexNIC, and the aggregated throughput information for the specified LAG. show statistics-throughput [LAGID=] Syntax Parameters PortID (optional) The port ID of the port/subport for which to display throughput information. PortID is composed of ::[:]. For QSFP+ ports, the format is Q..
Item Description • • • Use SampleRate=4m for 4 minute samples, collecting up to 20 hours of samples. Use SampleRate=5m for 5 minute samples, collecting up to 25 hours of samples. Use SampleRate=1h for 60 minute samples, collecting up to 12.5 days of samples. Port throughput statistics are accessible using the show statistics-throughput command.
Item Description Adds iSCSI storage management records with password entered as clear text ->add storage-management SMName ip=16.89.125.12 username=user2 Add iSCSI storage management credential with password prompted and entered as a masked string Item Description remove storage-management Delete iSCSI storage management credential records. Syntax Parameter name (required) Examples remove storage-management [|*] The name of the storage management information being removed.
Item Description ->show Displays ->show Displays ->show Displays storage-management summary information for all storage management records storage-management SMName details on the specified storage management records storage-management * details on all storage management records in the domain supportinfo Generate a support information file and send to a remote server using FTP, TFTP, or SFTP.
systemlog View the Virtual Connect Manager system event log. Supported actions: help, show Item Description show systemlog Display the Virtual Connect Manager system log. show systemlog [-Last=] [-First=] [-Pause=] Syntax Options Last Displays the last n records. If this option is specified and no value is provided, the last 10 records are displayed. First Displays the first n records. If this option is specified and no value is provided, the first 10 records are displayed.
Item Description Port (optional) The server TCP port number. Valid values include a valid port number between 1 and 65535. The default port number is 49. ServerKey (optional) The plain-text string used to encrypt user details exchanged with the primary TACACS server. It must match the server key configured for this VC on the primary server. TACACS authentication will not work if the server key is blank or null.
Item Description Syntax add uplinkport [Network= | UplinkSet=] [Speed=] [Role=] Parameter PortID (required) The ID of the uplink port to add. The ID is a combination of the enclosure name, interconnect bay, and port number in a single descriptor.
Item Description ->add uplinkport enc0:1:Q1.1 Uplinkset=MyUplinkSet Speed=40Gb Adds a new QSFP+ uplink port (Bay 1, Port Q1.1) to a shared uplink set with a port speed set to 40Gb Item Description remove uplinkport Remove an uplink port element from a network or a shared uplink port set. remove uplinkport [Network= | Syntax UplinkSet=] Parameter PortID (required) The ID of the port to remove from a network.
Item Description Network (required) The name of the network to which the port belongs if the shared uplink set name is not specified UplinkSet (required) The name of the shared uplink set to which the port belongs if the network name is not specified Speed (optional) Specifies the port speed for the port. Depending on the VC module, valid values are "Auto", "10Mb", "100Mb", "1Gb", "10Gb", "40Gb", and "Disabled".
Item Description ->show uplinkport enc0:5:X6 Displays details of uplink port 6 in bay 5 of the local enclosure ->show uplinkport * Displays all uplink ports in the enclosure (detailed view) ->show uplinkport ID=enc0:1 Displays all the uplink ports for bay 1 of the local enclosure ->show uplinkport status=Linked Displays all the uplink ports that are linked ->show uplinkport ID=enc0:1 type=RJ45 Displays all the uplink ports for bay 1 of the local enclosure with connector type RJ-45 ->show uplinkport enc0:3:
Item Description fromSUS (required) The unique name of the shared uplink set to copy from toSUS (required) The unique name of the shared uplink set to copy to Properties fromVlanStr (required) The partial network name string to be replaced. The fromVlanStr property cannot be empty and must be present in all associated network names. toVlanStr (required) The network name string to be replaced to. The new network name cannot exceed 64 characters.
Item Description Changes the connection mode of a shared uplink set named Blue to Failover ->set uplinkset UplinkSet-1 ConnectionMode=Auto LacpTimer=Long Modifies the shared uplink set LACP timer configuration Item Description show uplinkset Display shared uplink configurations. show uplinkset [ | *] Syntax Parameter UplinkSetName (optional) Examples Name of an existing shared uplink set. Use "*" to display a detailed view of all shared uplink sets.
Item Description ->show user-security Displays user security settings user-security Manage local user security settings. Supported actions: help, set, show Item Description set user-security Modify domain user security settings and enforce additional security requirements for user passwords.
Item Description Name>] [ContactInfo=] [Enabled=] [Roles=] Parameter UserName (required) Properties Password (required) FullName (optional) The name of the new user to add. The user name must be unique within the domain. The maximum length is 31 characters. The password for the new user. The new user password can be entered as clear text in the command or as a masked string at the prompt.
Item Description Password (optional) The new password of the user can be entered as clear text in the command. If the Password value is blank, you are prompted to enter the password, and the characters entered are masked. When a domain is first created, the default minimum length of a password is 8 characters. Virtual Connect allows a password length between 3 and 40 characters. The password length can be adjusted using the set user-security command.
Item Description Syntax exists, users are logged off and must reconnect using the backup VCM IP address. reset vcm [-failover] Option Failover Forces a failover from the current primary VCM to the backup VCM. Examples ->reset vcm Resets the Virtual Connect Manager ->reset vcm -failover Resets the Virtual Connect Manager and forces a failover to the backup VCM (if available) version Display CLI version information.
Command Element Domain Network Server Storage All access nag-network — X — — — network — X — — — network-access-group — X — — — port-monitor — X X — — profile — — X — — server-port-map — — X — — sflow-ports X X X — — sflow-receiver X X X — — snmp-access X X — — — snmp-trap X X — — — uplinkport — X — — — uplinkset — X — — — user X — — — — assign profile — — X — — — — X — — delete domain X — — — — X X X X
Command reset save set Element Domain Network Server Storage All access storage-management — — — X — ldap-certificate X — — — — ldap-group X — — — — radius-group X — — — — log-target X — — — — mfs-filter — — X — — mcast-filter — — X — — mcast-filter-set — — X — — nag-network — X — — — network — X — — — network-access-group — X — — — port-monitor — X X — — profile — — X — — server-port-map — — X — — snmp-access X X
Command Element Domain Network Server Storage All access external-manager X — — — — fabric — — — X — fc-connection — — X — — fcoe-connection — — X — — igmp — X — — — interconnect X — — — — iscsi-boot-param — — X — — iscsi-connection — — X — — storage-management — — — X — lacp-timer — X — — — ldap X — — — — ldap-group X — — — — local-users X* — — — — radius X — — — — radius-group X — — — — tacacs X — — — — ro
Command show Element Domain Network Server Storage All access sflow X X X — — sflow-module X X X — — sflow-ports X X X — — sflow-receiver X X X — — snmp X X — — — snmp-trap X X — — — ssl X — — — — statistics-throughput — X — — — uplinkport — X — — — uplinkset — X — — — user X — — — — user-security X — — — — all X X X X X activity X X X X X banner X X X X X configuration X — — — — connection-map X X X X
Command Element Domain Network Server Storage All access lacp-timer — X — — — ldap X X X X X ldap-certificate X X X X X ldap-group X X X X X local-users X X X X X mcast-filter — — X — — mcast-filter-rule — — X — — mcast-filter-set — — X — — name-server X X X X X qos X X X X X qos-class X X X X X qos-classifier X X X X X qos-map X X X X X radius X X X X X radius-group X X X X X sflow X X X X X sflow-receiver
Command Element Domain Network Server Storage All access server-port X X X X X server-port-map X X X X X session X — — — — snmp X X X X X snmp-access X X X X X snmp-trap X X X X X ssh X X X X X ssl X X X X X ssl-certificate X X X X X stackinglink X X X X X statistics X X X X X statistics-throughput X X X X X status X X X X X systemlog X — — — — uplinkport X X X X X uplinkset X X X X X user X — — — — us
assign a server profile to a device bay Managed Elements: profile • Examples: assign profile MyProfile enc0:1 Management element help—provides a listing of objects that are supported with a specific subcommand and a brief description of the management element and what it represents in the management model: ->help devicebay General Enclosure Device Bay settings and information Supported Subcommands: help show ----------------------------------------------------------------------->show devicebay -help Descr
->show devicebay enc0:2 Output format The CLI provides two different output formats: • Interactive user output format • Scriptable output format The interactive user output format is the default. However, by using a command-line option, you can also specify a "parse-friendly" output format, which provides data in a format that can be easily interpreted by automated scripts invoking the CLI.
UserName : steve Roles : domain,server,network,storage Role Operations : FirmwareUpdate,PortMonitoring,RestoreConfig,SaveConfig,SupportFiles FullName : Steve Johnson ContactInfo : steve.johnson@hp.
"table view" of the data, where the first line is represented by a list of column labels, while the remaining lines provide the actual data being displayed. Each line represents a single instance of data. For example, in the case of showing users, each line provides all data corresponding to a single user instance. The following examples provide some common scenarios for using the script output format options.
steve;domain,server,network,storage;FirmwareUpdate,PortMonitoring,Restor eConfig,SaveConfig,SupportFiles;Steve Johnson;steve.johnson@hp.com;true Statistics descriptions Ethernet modules Ethernet uplink and downlink ports Name RFC Description rfc1213_IfInDiscards 1213 The number of inbound packets discarded to prevent delivery to a higher-layer protocol even though no errors were detected. These packets can be discarded to make buffer space available.
Name RFC Description rfc1213_IpInHdrErrors 1213 The number of input datagrams discarded due to errors in the IP header. Possible errors include bad checksums, version number mismatches, format errors, time-to-live exceeded, errors discovered while processing IP options, and so on.
Name RFC Description rfc1757_StatsFragments 1757 The total number of packets received that were less than 64 octets in length (excluding framing bits, but including FCS octets) and had either a bad FCS with an integral number of octets (FCS Error) or a bad FCS with a non-integral number of octets (Alignment Error). It is entirely normal for etherStatsFragments to increment, because it counts both runts (which are normal occurrences due to collisions) and noise hits.
Name RFC Description rfc1757_StatsPkts65to 127Octets 1757 The total number of packets (including bad packets) received that were between 65 and 127 octets in length inclusive (excluding framing bits, but including FCS octets) rfc1757_StatsTXNoErrors 1757 All packets transmitted without error, not including oversized packets rfc1757_StatsUndersize Pkts 1757 The number of packets received during the sampling interval that were less than 64 octets long (excluding framing bits, but including FCS octe
Name RFC Description rfc2233_IfHCOutUcastPkts 2233 The total number of packets that higher-level protocols requested to be transmitted but were not addressed to a multicast or broadcast address at this sublayer, including those packets that were discarded or not sent. This object is a 64-bit version of ifOutUcastPkts. Discontinuities in the value of this counter can occur at reinitialization of the management system and at other times as indicated by the value of ifCounterDiscontinuityTime.
Name RFC Description rfc2665_Dot3Stats ExcessiveCollisions 2665 The number of frames for which transmission on a particular interface fails due to excessive collisions. This counter does not increment when the interface is operating in full-duplex mode. Discontinuities in the value of this counter can occur at reinitialization of the management system and at other times as indicated by the value of ifCounterDiscontinuityTime.
Name RFC Description rfc2665_Dot3StatsLate Collisions 2665 The number of times that a collision is detected on a particular interface later than one slotTime into the transmission of a packet. A late collision included in a count represented by an instance of this object is also considered a generic collision for purposes of other collision-related statistics. This counter does not increment when the interface is operating in full-duplex mode.
Name RFC Description fcBBCreditFrameFailures N/A The number of times that more frames were lost during a credit recovery period than the recovery process could resolve. This causes a Link Reset to recover the credits. fcBBCreditRRDYFailures N/A The number of Buffer-to-Buffer Credit Recovery (BBCR) Receiver Ready (R_RDY) failures. This is the number of times more R_RDYs were lost during a credit recovery period than the recovery process could resolve. This causes a Link Reset to recover the credits.
Name RFC Description fcNumberOffline Sequences FCMGMT The number of Offline Primitive sequence received at this port. This -MIB statistic is for Fibre Channel only. The object type is connUnitPortStatCountNumberOfflineSequences. fcPrimitiveSeqProtocol Errors 4044 The number of primitive sequence protocol errors detected at this port. This count is part of FC-PH's LESB. The object type is fcmPortPrimSeqProtocolErrors.
Name RFC Description numEncodingDisparity Errors FCMGMT The number of disparity errors received at this port. The object type is -MIB connUnitPortStatCountEncodingDisparityErrors. numFBSYFrames FCMGMT The number of times that FBSY was returned to this port as a result of a -MIB frame that could not be delivered to the other end of the link. This occurs on SOFc1 frames (the frames that establish a connection) if either the fabric or the destination port is temporarily busy.
Name RFC Description numRxClass1Frames FCMGMT The number Class 1 frames received at this port. This statistic is for Fibre -MIB Channel only. The object type is connUnitPortStatCountClass1RxFrames. numRxClass2Frames FCMGMT The number of Class 2 frames received at this port. The object type is -MIB connUnitPortStatCountClass2RxFrames. numRxClass3Frames FCMGMT The number of Class 3 frames received at this port. The object type is -MIB connUnitPortStatCountClass3RxFrames.
::= { connUnitPortStatEntry 7 } BYTESTRANSMITTED Object type connUnitPortStatCountTxElements Description The number of octets or bytes transmitted by this port in 1-second periodic polling of the port. This value is saved and compared with the next polled value to compute the net throughput. For Fibre Channel, ordered sets are not included in the count.
FRAMESTOOLONG Object type connUnitPortStatCountFramesTooLong Description The number of frames received at this port where the frame length was greater than what was agreed to in FLOGI/PLOGI. This could be caused by losing the end of frame delimiter. ::= { connUnitPortStatEntry 46 } FRAMESTRANSMITTED Object type connUnitPortStatCountTxObjects Description The number of frames, packets, IOs, and so on that have been transmitted by this port. A Fibre Channel frame starts with SOF and ends with EOF.
Description The number of LRs received ::= { connUnitPortStatEntry 33 } LINKRESETTRANSMITTED Object type connUnitPortStatCountTxLinkResets Description The number of LRs transmitted ::= { connUnitPortStatEntry 34 } LOSSOFSIGNALCOUNTER Object type connUnitPortStatCountLossofSignal Description The number of instances of signal loss detected at this port. This count is part of FC-PH's LESB.
Object type connUnitPortStatCountPRJTFrames Description The number of times that FRJT was returned to this port as a result of a frame being rejected at the destination N_Port. This is the total for all classes.
Configuring the Virtual Connect domain using the CLI Basic configuration A Virtual Connect domain consists of an enclosure and a set of associated modules and server blades that are managed together by a single instance of the VCM. The Virtual Connect domain contains specified networks, server profiles, and user accounts that simplify the setup and administration of server connections.
login as: • password: TACACS+ Authentication >ssh 192.168.0.120 login as: • password: Mechanism-based Authentication >ssh 192.168.0.120 login as: : password: Valid values for auth-mechanism are local, ldap, radius, and tacacs. • For example: >ssh 192.168.0.120 login as: tacacs: password: Role-based Authentication >ssh 192.168.0.
Importing an enclosure To import an enclosure, use the import enclosure command.
IMPORTANT: The RADIUS or TACACS+ server must be set up on a host machine on the management network and configured with users and VC attributes. For more information, see the HP Virtual Connect for c-Class BladeSystem User Guide on the HP website (http://www.hp.com/go/vc/manuals). Configuring TACACS+ authentication support for users To set TACACS+ properties: >set tacacs serveraddress=192.168.0.
To remove all local users except for the Administrator account: >remove user * To display local user information: • • • Summary of all users >show user Details for all users >show user * Details for a single user >show user steve Up to 32 local user accounts can be created. Each user account can be set up to have a combination of up to four access roles. For a list of commands that each role can execute, see "User roles (on page 149).
o Set up the connections to the external FC Fabrics o Configure FC SNMP settings Additional operation permissions can be assigned to network, server, or storage roles such as configuring port monitoring or upgrading VC firmware. It is possible to create a user with no roles. This user can only view status and settings. Configuring the LACP Timer To set the LACP Timer: >set lacp-timer default=Long To display the LACP Timer settings: ->show lacp-timer Obtaining and using a new signed certificate 1.
Network setup To establish external Ethernet network connectivity for the HP BladeSystem c-Class enclosure: 1. Identify the MAC addresses to be used on the server blades deployed within this Virtual Connect domain. 2. Set up connections from the HP BladeSystem c-Class enclosure to the external Ethernet networks. These connections can be uplinks dedicated to a specific Ethernet network or shared uplinks that carry multiple Ethernet networks with the use of VLAN tags.
• When iSCSI connections are used, Virtual Connect assigns a MAC address to each iSCSI connection in the profile. Assigned MAC addresses The MAC address range used by the Virtual Connect domain must be unique within the environment. HP provides a set of pre-defined ranges that are for use by VCM and do not conflict with server factory default MAC addresses. When using the HP-defined MAC address ranges, be sure that each range is used only once within the environment.
Default network access group behaves similarly to earlier versions of VC firmware, because all profiles can reach all networks. If you create a new network access group, NetGroup1, and move existing networks from the Default network access group to NetGroup1, then a profile that uses NetGroup1 cannot use networks included in the Default network access group.
Displaying Ethernet networks To display Ethernet network properties, use the show network command: • • • Summary of all networks >show network Details for all networks >show network * Details for a single network >show network MyNetwork Adding Ethernet networks to a network access group To add existing network access groups to an existing network, use the add nag-network command: >add nag-network Nag=DatabaseNetGroup Network=Net1,Net2 The networks become members of the specified network access group in a
Virtual Connect places no special restrictions on which VLAN identifiers can be used, so the VLAN IDs already used for the networks in the data center can be used on these shared uplinks. To configure a shared uplink set for VLAN tagging, obtain a list of the network names and their VLAN IDs. A shared uplink set enables multiple ports to be included to support port aggregation and link failover with a consistent set of VLAN tags.
forced to use the same VLAN mappings as the shared uplink sets.
• >set domain WwnType=VC-Defined WwnPool=5 Factory default >set domain WwnType=Factory-Default Creating FC fabrics To create a FabricAttach FC SAN fabric and add it to the domain, use the add fabric command: >add fabric MyFabric2 Bay=3 Ports=1 Speed=2Gb To create a DirectAttach fabric for a FlexFabric module and add it to the domain, use the add fabric command: >add fabric MyFabric5 Bay=3 Ports=1,2 Type=DirectAttach For more information about Virtual Connect fabrics, see the HP Virtual Connect for c-Class
• • VC-defined >set serverid Type=VC-Defined PoolId=5 Factory default >set serverid Type=Factory-Default When using the HP-defined serial number ranges, be sure that each range is used only once within the environment. Server profile setup The I/O connection profile, or server profile, provides a link between the server and the networks and fabrics defined in VC. The server profile can include MAC and WWN addresses, as well as boot parameters for the various connection protocols supported by VC.
• The server blade firmware and option card firmware must be at a revision that supports Virtual Connect profile assignment. See the HP website (http://www.hp.com/go/bladesystemupdates). • Before creating the first server profile, do the following: o Select whether to use assigned serial numbers or factory default serial numbers. o Select whether to use movable, VC-administered MAC addresses and WWNs, or the local server blade factory default MAC addresses and WWNs.
Server profiles are associated with a specific enclosure device bay. After a profile is assigned, the Virtual Connect Manager configures the server blade in that device bay with the appropriate MAC, PXE, WWN, and SAN boot settings and connects the appropriate networks and fabrics. Server blades that have been assigned a profile and remain in the same device bay do not require further Virtual Connect Manager configuration during a server or enclosure power cycle.
>set iscsi-boot-param MyProfile1:1 BootOrder=Primary Lun=100 InitiatorName="iqn.2009-09.com.someorg.iSCSI-Initiator" InitiatorIp=192.128.3.1 Mask=255.255.0.0 TargetName="iqn.2009-09.com.someorg.iSCSI-Target" TargetIp=192.128.3.
The IGMP Snooping feature enables VC-Enet modules to monitor (snoop) the IGMP IP multicast membership activities and configure hardware Layer 2 switching behavior of multicast traffic to optimize network resource usage. IGMP v1, v2, and v3 snooping are supported. The IGMP Snooping idle timeout interval is set to 260 seconds by default. This value is the "Group Membership Interval" value as specified by IGMP v2 specification (RFC2236).
For more information about the port-protect command, see "port-protect (on page 87)." For more information about configuring the port-protect setting, see "Configuring pause flood protection settings.
• Unassign all networks from the port in "loop detected" state. The SNMP agent supports trap generation when a loop condition is detected or cleared. Virtual Connect provides the ability to enable or disable network loop protection. The feature is enabled by default and applies to all VC-Enet modules in the domain. Network loops are detected and server ports can be disabled even prior to any enclosure being imported.
d. Confirm that you want to reset the server blade. 2. Re-enable the disabled ports on the VC interconnect modules using one of the following methods: o Click Re-enable Ports in the GUI. o Use the "reset port-protect" CLI command. Virtual Connect provides the ability to enable or disable port pause flood protection. The feature is enabled by default and applies to all VC-Enet modules in the domain.
• Deleting a profile, moving a profile to a different device bay, or unassigning a profile from the existing bay • Making modifications to a profile that affect settings on the server blade; for example, PXE enable/disable, changing the number of connections, or changing Fibre Channel boot parameters • Resetting the server blade to factory defaults from the RBSU If the server blade is reset to factory defaults from the RBSU, perform the following: a.
• Changing the requested bandwidth FCoE connection changes that require power down • Adding an FCoE connection to an assigned server profile • Removing an FCoE connection from an assigned server profile • Assigning a profile containing FCoE connections to a server • Changing FCoE boot parameters Restart after OA credential recovery The state "profile recovered," is applied to servers that are powered up when VC Manager restarts after an OA credential recovery.
2 Start with modules in Bays 3–6, create a profile, then edit the profile and add connections. Port 1 2 3 4 Connected to — Bay 3 Bay 3 Bay 4 Bay 5 Bay 5 — Bay 6 — Bay 4 Bay 6 — Port Connected to 1 Bay 3 2 Bay 4 3 Bay 5 4 Bay 6 5 Bay 3 6 Bay 4 7 Bay 5 8 Bay 6 Add connection, 4 times 3 Start with modules in Bays 3 Port 1 and 4, create a profile, install modules into Bays 5 2 and 6, then edit the profile and add connections.
8 Start with modules in Bays 5–8, create a profile, install modules into Bays 3 and 4, then edit the profile. Port 1 2 4 5 Connected to — Bay 5 Bay 3 Bay 6 Bay 5 Bay 7 Bay 7 Bay 8 — Bay 4 Bay 6 Bay 8 Add connection is disallowed because the current FC module configurations do not match the existing connections in the profile. To make this profile useful, remove the two connections, save the profile, and then begin adding connections.
Logging out of the CLI To log out of the CLI, use the exit command: >exit Common management operations The following table provides the syntax for the most commonly used management operations. For more information on a particular command, see "Managed elements (on page 18).
Port status conditions If a port status is unlinked and no connectivity exists, one of the following appears: • Not Linked/E-Key—The port is not linked because of an electronic keying error. For example, a mismatch in the type of technology exists between the server and module ports. • Not Logged In—The port is not logged in to the remote device.
If VC Ethernet modules are configured for redundancy using a primary and backup Ethernet module, you can use this feature to manually change which Virtual Connect Ethernet module hosts the Virtual Connect Manager. You can also force the Virtual Connect Manager to restart without switching to the alternate Virtual Connect Ethernet module. This feature can be useful when troubleshooting the Virtual Connect Manager.
Support and other resources Before you contact HP Be sure to have the following information available before you call HP: • Active Health System log (HP ProLiant Gen8 or later products) Download and have available an Active Health System log for 7 days before the failure was detected. For more information, see the HP iLO 4 User Guide or HP Intelligent Provisioning User Guide on the HP website (http://www.hp.com/go/ilo/docs).
Acronyms and abbreviations BPDU Bridge Protocol Data Unit CHAP Challenge Handshake Authentication Protocol CHAPM Mutual Challenge Handshake Authentication Protocol CRC cyclic redundant checks DCBX Datacenter Bridging Capability Exchange protocol DCC device control channel DHCP Dynamic Host Configuration Protocol DNS domain name system EFI extensible firmware interface FC Fibre Channel FCoE Fibre Channel over Ethernet FCS Frame Check Sequence Acronyms and abbreviations 204
FIPS Federal Information Processing Standard GMII Gigabit media independent interface HBA host bus adapter IGMP Internet Group Management Protocol iSCSI Internet Small Computer System Interface LDAP Lightweight Directory Access Protocol LESB Link Error Status Block LLC Logical Link Control LLDP Link Layer Discovery Protocol LUN logical unit number MAC Media Access Control NPIV N_Port ID Virtualization OA Onboard Administrator PVST+ Per VLAN Spanning Tree (over standard 802.
PXE preboot execution environment RADIUS Remote Authentication Dial-In User Service RD receive data RMON remote monitoring SMI-S Storage Management Initiative Specification SOAP Simple Object Access Protocol SSH Secure Shell SSL Secure Sockets Layer TACACS+ Terminal Access Controller Access Control System Plus TFTP Trivial File Transfer Protocol TLV Type-Length Value UDP User Datagram Protocol UUID universally unique identifier VC Virtual Connect Acronyms and abbreviations 206
VCEM Virtual Connect Enterprise Manager VCM Virtual Connect Manager VCSU Virtual Connect Support Utility VLAN virtual local-area network WWN World Wide Name WWPN worldwide port name Acronyms and abbreviations 207
Documentation feedback HP is committed to providing documentation that meets your needs. To help us improve the documentation, send any errors, suggestions, or comments to Documentation Feedback (mailto:docsfeedback@hp.com). Include the document title and part number, version number, or the URL when submitting your feedback.
Index A activity command 21 adding FC connections 191, 197 adding FCoE connections 191, 197 all 21 assigned MAC addresses 182 authenticating users 178 authorized reseller 203 auto-deployment 21 B banner command 23 basic configuration 175 C certificate administration 180 cli command 24 CLI command execution modes 12 command batching 16 Command line 18 command line overview 14 command line syntax 8, 16 Command output filtering 14 commands, updated 7 common management operations 200 config command 24 configb
interactive user output format 157 interconnect command 52 interconnect-mac-table command 51 iSCSI connections 190 iscsi-boot-param command 53 iscsi-connection command 56 L ldap command 62 ldap-certificate 60 ldap-group 61 link-dist-interval command 63 lldp command 64 local-users command 65 logging in 175 logging out 200 log-target 66 loop-protect command 68 M MAC address settings 181 MAC cache failover settings, configuring 192 mac-cache command 69 managed elements 18 mcast-filter command 72 mcast-filter
SNMP traps 118 SNMP traps, enabling 118 SNMP user 122 SNMP user, manage 122 SSH administration 125 SSH key authorization 125 SSH key authorization, tool definition files 125 SSH key, adding 125 SSH key, administration 125 SSH keys, authorized 125 SSH keys, importing 125 SSL certificate administration 126, 180 SSL certificate signing request 127, 180 ssl command 129 ssl-csr command 127 stackinglink command 130 statistics 131 statistics descriptions 160 statistics-throughput command 133 status command 135 sta
