Hp Sn6000 Stackable 12 Port Single Power Fc Switch Command Reference Guide Fabric OS Reference, 7.2.1

2015-01-05

: Hp Hp-Sn6000-Stackable-12-Port-Single-Power-Fc-Switch-Command-Reference-Guide-157004 hp-sn6000-stackable-12-port-single-power-fc-switch-command-reference-guide-157004 hp pdf

Open the PDF directly: View PDF PDF.
Page Count: 1228 [warning: Documents this large are best viewed by clicking the View PDF Link!]

53-1003108-01
12 December 2013
®
Fabric OS
Command Reference
Supporting Fabric OS v7.2.1
Copyright © 2013 Brocade Communications Systems, Inc. All Rights Reserved.
ADX, AnyIO, Brocade, Brocade Assurance, the B-wing symbol, DCX, Fabric OS, ICX, MLX, MyBrocade, OpenScript, VCS, VDX, and
Vyatta are registered trademarks, and HyperEdge, The Effortless Network, and The On-Demand Data Center are trademarks of
Brocade Communications Systems, Inc., in the United States and/or in other countries. Other brands, products, or service names
mentioned may be trademarks of their respective owners.
Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning
any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to
this document at any time, without notice, and assumes no responsibility for its use. This informational document describes
features that may not be currently available. Contact a Brocade sales office for information on feature and product availability.
Export of technical data contained in this document may require an export license from the United States government.
The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with
respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that
accompany it.
The product described by this document may contain “open source” software covered by the GNU General Public License or other
open source license agreements. To find out which open source software is included in Brocade products, view the licensing
terms applicable to the open source software, and obtain a copy of the programming source code, please visit
http://www.brocade.com/support/oscd.
Brocade Communications Systems, Incorporated
Document History
Corporate and Latin American Headquarters
Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
Tel: 1-408-333-8000
Fax: 1-408-333-8101
E-mail: info@brocade.com
Asia-Pacific Headquarters
Brocade Communications Systems China HK, Ltd.
No. 1 Guanghua Road
Chao Yang District
Units 2718 and 2818
Beijing 100020, China
Tel: +8610 6588 8888
Fax: +8610 6588 9999
E-mail: china-info@brocade.com
European Headquarters
Brocade Communications Switzerland Sàrl
Centre Swissair
Tour B - 4ème étage
29, Route de l'Aéroport
Case Postale 105
CH-1215 Genève 15
Switzerland
Tel: +41 22 799 5640
Fax: +41 22 799 5641
E-mail: emea-info@brocade.com
Asia-Pacific Headquarters
Brocade Communications Systems Co., Ltd. (Shenzhen WFOE)
Citic Plaza
No. 233 Tian He Road North
Unit 1308 – 13th Floor
Guangzhou, China
Tel: +8620 3891 2000
Fax: +8620 3891 2111
E-mail: china-info@brocade.com
Document title Publication number Summary of changes Publication date
Fabric OS Reference v2.0 53-0001487-03 September 1999
Fabric OS Reference v2.2 53-0001558-02 May 2000
Fabric OS Reference v2.3 53-0000067-02 December 2000
Fabric OS Reference v3.0 53-0000127-03 July 2001
Fabric OS Reference v2.6 53-0000194-02 December 2001
Fabric OS Reference v3.0 / v4.0 53-0000182-02 March 2002
Fabric OS Reference v4.0.2 53-0000182-03 September 2002
Fabric OS Reference v3.1.0 53-0000500-02 April 2003
Fabric OS Reference v4.1.0 53-0000519-02 April 2003
Fabric OS Reference v4.1.2 53-0000519-03 May 2003
Fabric OS Reference v4.1.2 53-0000519-04 July 2003
Fabric OS Reference v4.1.2 53-0000519-05 August 2003
Fabric OS Reference v4.1.2 53-0000519-06 October 2003
Fabric OS Reference v4.2.0 53-0000519-07 December 2003
Fabric OS Command Reference 53-0000519-08 March 2004
Fabric OS Command Reference 53-0000519-08 Rev. A April 2004
Fabric OS Command Reference 53-0000519-09 September 2004
Fabric OS Command Reference 53-0000519-10 April 2005
Fabric OS Command Reference 53-0000519-12 July 2005
Fabric OS Command Reference 53-1000240-01 September 2006
Fabric OS Command Reference 53-1000436-01 June 2007
Fabric OS Command Reference 53-1000599-01 Added 13 new commands.
Updated 23 commands with
new options in support of v6.0.
Removed 46 obsolete
commands. Edited and revised
~ 150 commands. Added
command syntax conventions
to Preface. Updated FCS,
standby CP, and RBAC tables.
Added AD Type to RBAC table
(Appendix A). Removed
licensed command tables and
SupportShow reference.
Cosmetic edits throughout.
October 2007
Fabric OS Command Reference 53-1000599-02 Added 9 new commands.
Updated 28 commands to
support new v6.1 functionality.
Removed 6 operands from 6
commands. Corrected errors in
~150 commands. Updated
Preface and RBAC/AD table
(Appendix A). Cosmetic edits
throughout.
March 2008
Fabric OS Command Reference 53-1000599-03 Corrections and updates to 31
commands. Removed
“Brocade Optional Features”
from Preface. Added
trademark note to Preface.
Cosmetic edits throughout.
July 2008
Fabric OS Command Reference 53-1001115-01 Added 3 new commands to
support Encryption. Modified 1
command. Updated Preface
and RBAC/AD table.
August 2008
Document title Publication number Summary of changes Publication date
Fabric OS Command Reference 53-1001186-01 Added 14 new commands to
support Logical Fabrics.
Modified 63 commands with
new command operands to
support new Fabric OS v6.2.0
features. Removed 8
deprecated commands.
Miscellaneous edits to ~40
commands to correct edits,
update examples. Removed
standby CP command table.
Updated Preface, surrounding
chapters, and command
availability tables.
November 2008
Fabric OS Command Reference 53-1001337-01 Added 18 new commands.
Modified 27 commands with
new command operands to
support new Fabric OS v6.3.0
features. Removed 6
deprecated command options.
Removed 6 diagnostic
commands that now require
root access. Miscellaneous
edits to ~100 commands to
correct edits, update
examples. Updated Preface,
surrounding chapters, and
permission tables.
July 2009
Fabric OS Command Reference 53-1001754-01 Updated 4 help pages with
new command options.
Modified 16 help pages for
minor updates and
corrections.
January 2010
Fabric OS Command Reference 53-1001764-01 Added 8 new commands.
Modified 41 commands with
new operands to support
Fabric OS v6.4.0 features.
Removed 5 commands and 3
deprecated command options.
Miscellaneous edits to ~100
commands to correct edits,
update examples, etc. Updated
Preface, surrounding chapters,
and permission tables.
March 2010
Fabric OS Command Reference 53-1002147-01 Added 20 new commands.
Modified 102 commands to
support Fabric OS v7.0.0
features. Removed 40
commands. 16 commands
have deprecated command
options. Miscellaneous edits to
~250 additional commands.
Updated Preface, surrounding
chapters, and permission
tables.
April 2011
Document title Publication number Summary of changes Publication date
Fabric OS Command Reference 53-1002447-01 Added 2 new commands.
Modified 19 commands to
support Fabric OS v7.0.1
features. Removed 1
command. Updated Preface,
surrounding chapters, and
permission tables.
December 2011
Fabric OS Command Reference 53-1002746-01 Added 7 new commands.
Modified 100 commands to
support Fabric OS v7.1.0
features. Removed 6
commands. Updated Preface,
surrounding chapters, and
permission tables.
December 2012
Fabric OS Command Reference 53-1002746-02 Corrections and updates to 25
commands.
March 2013
Fabric OS Command Reference 53-1002921-01 Added 13 new commands.
Modified 75 commands to
support Fabric OS v7.2.0
features. Removed 3
commands. Updated Preface,
surrounding chapters, and
permission tables.
July 2013
Fabric OS Command Reference 53-1002921-02 Updated 13 commands and
changed the name of one
command. Updated Preface
and permission tables.
September 2013
Fabric OS Command Reference 53-1003108-01 Updated 18 commands.
Updated Preface and
permission tables.
December 2013
Document title Publication number Summary of changes Publication date
Fabric OS Command Reference vii
53-1003108-01
Contents
About This Document
How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi
Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi
What is new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxii
New commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii
Modified commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii
Deprecated commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii
CLI usage conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiii
Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv
Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv
Command syntax conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv
Notes, cautions, and warnings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxiv
Key terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxv
Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxv
Additional information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi
Brocade resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi
Other industry resources . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi
Getting technical help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxvi
Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxvii
Chapter 1 Using Fabric OS Commands
Using the command line interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Understanding Role-Based Access Control. . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Encryption commands and permissions . . . . . . . . . . . . . . . . . . . . . . . . . 2
Understanding Virtual Fabric restrictions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Understanding Admin Domain restrictions. . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Determining RBAC permissions for a specific command. . . . . . . . . . . . . . . . . 4
Chapter 2 Fabric OS Commands
aaaConfig. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
ad . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
ag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
agAutoMapBalance. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
viii Fabric OS Command Reference
53-1003108-01
agShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
aliAdd. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
aliCreate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
aliDelete. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
aliRemove . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
aliShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
appLoginHistory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
aptPolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
auditCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
auditDump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
authUtil . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
bannerSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
bannerShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
bcastShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
bladeCfgGeMode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
bladeDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
bladeEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74
bladeSwap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
bootLunCfg. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
bottleneckMon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
bpPortLoopbackTest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
bpTurboRamTest. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
bufOpMode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
ceePortLedTest. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
ceePortLoopbackTest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
ceeTurboRamTest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102
cfgActvShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
cfgAdd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
cfgClear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
cfgCreate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
cfgDelete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
cfgDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
cfgEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109
cfgRemove . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
cfgSave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
cfgShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114
cfgSize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117
Fabric OS Command Reference ix
53-1003108-01
cfgTransAbort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
cfgTransShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
chassisBeacon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
chassisCfgPerrThreshold. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
chassisDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
chassisDistribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
chassisEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129
chassisName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
chassisShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
classConfig. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
cliHistory . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
cmsh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
configDefault . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
configDownload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
configList . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149
configRemove. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
configShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
configUpload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
configure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
configureChassis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 169
creditRecovMode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
cryptoCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
dataTypeShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
date . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
dbgShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
defZone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
diagClearError . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
diagDisablePost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
diagEnablePost. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
diagHelp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
diagPost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
diagRetry . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
diagShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
distribute . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
dlsReset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
dlsSet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
dlsShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
xFabric OS Command Reference
53-1003108-01
dnsConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255
enclosureShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
errClear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
errDelimiterSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
errDump. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
errFilterSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
errModuleShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266
errShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
exit. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269
fabRetryShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 270
fabRetryStats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
fabricLog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
fabricName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
fabricPrincipal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
fabricShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
fabStatsShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
fanDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
fanEnable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
fanShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
faPwwn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
fastBoot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
fcipHelp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
fcipLedTest. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300
fcipPathTest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
fcoe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
fcoeLoginCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307
fcoeLoginGroup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
fcPing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312
fcpLogClear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320
fcpLogDisable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321
fcpLogEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
fcpLogShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323
fcpProbeShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324
fcpRlsProbe . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
fcpRlsShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
fcrBcastConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
fcrConfigure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331
Fabric OS Command Reference xi
53-1003108-01
fcrEdgeShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
fcrFabricShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
fcrIclPathBWMonitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
fcrLsan. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339
fcrLsanCount . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
fcrLsanMatrix . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
fcrPhyDevShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
fcrProxyConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 349
fcrProxyDevShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
fcrResourceShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
fcrRouterPortCost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
fcrRouteShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
fcrXlateConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
fddCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 361
fdmiCacheShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
fdmiShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 364
ficonCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
ficonClear. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
ficonCupSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
ficonCupShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
ficonHelp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
ficonShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375
fipsCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383
firmwareCommit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
firmwareDownload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
firmwareDownloadStatus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
firmwareKeyShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
firmwareRestore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
firmwareShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
flow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400
fmMonitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
fosConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423
fosExec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 426
frameLog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429
fspfShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433
fwAlarmsFilterSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 436
fwAlarmsFilterShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 437
xii Fabric OS Command Reference
53-1003108-01
fwClassInit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438
fwConfigReload . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 439
fwFruCfg. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440
fwHelp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 442
fwMailCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
fwPortDetailShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446
fwSamShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449
fwSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450
fwSetToCustom. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451
fwSetToDefault . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453
gePortErrShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 455
h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456
haDisable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 457
haDump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 458
haEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
haFailover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 461
haShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462
haSyncStart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
haSyncStop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 465
help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 466
historyLastShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
historyMode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
historyShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
i. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472
iclCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
ifModeSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476
ifModeShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
iflShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
interfaceShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
iodReset. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 488
iodSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 489
iodShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 490
ipAddrSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
ipAddrShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 497
ipFilter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 500
ipSecConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506
islShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522
Fabric OS Command Reference xiii
53-1003108-01
itemList . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525
killTelnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 527
ldapCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 528
lfCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530
licenseAdd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
licenseIdShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535
licensePort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 536
licenseRemove . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 539
licenseShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540
licenseSlotCfg. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 543
linkCost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 547
logicalGroup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 549
login. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552
logout. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 553
lsanZoneShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 554
lsCfg. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 556
lsDbShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562
mapsConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 566
mapsDb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571
mapsHelp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 575
mapsPolicy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 576
mapsRule. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 579
mapsSam. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 587
memShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 589
motd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 590
msCapabilityShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 591
msConfigure. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 592
msPlatShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 594
msPlatShowDBCB. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 595
msPlClearDB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 596
msPlMgmtActivate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 597
msPlMgmtDeactivate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 598
msTdDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 599
msTdEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 600
msTdReadConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 601
myId . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 602
nbrStateShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 603
xiv Fabric OS Command Reference
53-1003108-01
nbrStatsClear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 605
nodeFind . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 607
nsAliasShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 609
nsAllShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 613
nsCamShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 614
nsDevLog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 617
nsShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 619
nsZoneMember . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 623
nsZoneShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 627
passwd. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 629
passwdCfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632
pathInfo . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 638
pdShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 645
perfAddEEMonitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 646
perfCfgClear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 650
perfCfgRestore . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 651
perfCfgSave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 652
perfClearAlpaCrc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 653
perfDelEEMonitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 654
perfHelp. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 655
perfMonitorClear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 656
perfMonitorShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 658
perfResourceShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 660
perfSetPortEEMask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 663
perfShowAlpaCrc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 665
perfShowPortEEMask . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 666
perfTTmon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 668
portAddress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 672
portAlpaShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 675
portBeacon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 676
portBufferCalc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 678
portBufferShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 679
portCamShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 682
portCfg. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 684
portCfgAlpa . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 708
portCfgAutoDisable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 709
portCfgCompress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 713
Fabric OS Command Reference xv
53-1003108-01
portCfgCreditRecovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 715
portCfgDefault . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 716
portCfgDPort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 717
portCfgEncrypt . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 719
portCfgEport. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 721
portCfgEportCredits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 723
portCfgEXPort. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 725
portCfgFaultDelay . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 729
portCfgFec . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 732
portCfgFillword . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 735
portCfgFportBuffers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 737
portCfgGeMediaType . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 738
portCfgGport . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 740
portCfgISLMode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 741
portCfgLongDistance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 743
portCfgLossTov . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 747
portCfgLport. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 748
portCfgNPIVPort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 750
portCfgNPort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 754
portCfgOctetSpeedCombo. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 755
portCfgPersistentDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 757
portCfgPersistentEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 760
portCfgQoS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 762
portCfgShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 765
portCfgSpeed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 777
portCfgTrunkPort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 780
portCfgVEXPort. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 781
portCmd. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 784
portDebug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 791
portDecom . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 792
portDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 793
portDPortTest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 795
portEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 800
portEncCompShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 802
portErrShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 804
portFencing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 806
portFlagsShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 809
xvi Fabric OS Command Reference
53-1003108-01
portLedTest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 811
portLogClear. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 813
portLogConfigShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 814
portLogDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 815
portLogDump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 816
portLogDumpPort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 817
portLogEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 818
portLogEventShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 819
portLoginShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 820
portLogPdisc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 822
portLogReset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 823
portLogResize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 824
portLogShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 825
portLogShowPort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 832
portLogTypeDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 833
portLogTypeEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 834
portLoopbackTest. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 835
portMirror. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 839
portName. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 843
portPerfShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 845
portRouteShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 849
portShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 851
portStats64Show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 899
portStatsClear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 904
portStatsShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 906
portSwap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 913
portSwapDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 915
portSwapEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 916
portSwapShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 917
portTest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 918
portTestShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 921
portThConfig. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 923
portTrunkArea. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 932
portZoneShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 937
powerOffListSet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 938
powerOffListShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 940
psShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 942
Fabric OS Command Reference xvii
53-1003108-01
rasAdmin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 943
rasMan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 946
reboot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 948
relayConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 950
roleConfig. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 951
routeHelp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 954
rtLogTrace . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 955
secActiveSize . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 956
secAuthSecret . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 957
secCertUtil . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 959
secDefineSize. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 969
secGlobalShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 970
secHelp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 972
secPolicyAbort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 973
secPolicyActivate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 974
secPolicyAdd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 975
secPolicyCreate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 978
secPolicyDelete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 982
secPolicyDump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 984
secPolicyFCSMove . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 987
secPolicyRemove . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 989
secPolicySave. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 991
secPolicyShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 992
secStatsReset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 994
secStatsShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 996
sensorShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 998
serDesTuneMode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 999
setContext . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1002
setDbg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1003
setVerbose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1004
sfpShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1005
shellFlowControlDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1012
shellFlowControlEnable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1013
slotPowerOff. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1014
slotPowerOn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1015
slotShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1016
snmpConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1021
xviii Fabric OS Command Reference
53-1003108-01
snmpTraps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1035
spinFab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1038
sshUtil . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1042
statsClear. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1047
stopPortTest . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1048
supportFfdc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1049
supportFtp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1050
supportSave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1052
supportShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1056
supportShowCfgDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1059
supportShowCfgEnable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1061
supportShowCfgShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1063
switchBeacon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1065
switchCfgPersistentDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1067
switchCfgPersistentEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1068
switchCfgSpeed . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1069
switchCfgTrunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1070
switchDisable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1071
switchEnable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1072
switchName . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1073
switchShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1074
switchStatusPolicySet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1089
switchStatusPolicyShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1092
switchStatusShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1093
switchUptime . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1095
switchViolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1096
syslogdFacility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1097
syslogdIpAdd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1098
syslogdIpRemove . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1099
syslogdIpShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1100
sysMonitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1101
sysShutDown . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1108
tempShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1110
thConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1111
thMonitor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1120
timeOut . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1121
topologyShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1122
Fabric OS Command Reference xix
53-1003108-01
traceDump . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1125
trunkDebug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1127
trunkShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1128
tsClockServer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1131
tsTimeZone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1133
turboRamTest. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1137
upTime. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1139
uRouteShow . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1140
usbStorage. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1142
userConfig . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1144
version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1152
wwn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1153
wwnAddress . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1155
zone. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1157
zoneAdd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1169
zoneCreate. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1171
zoneDelete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1173
zoneHelp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1174
zoneObjectCopy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1175
zoneObjectExpunge . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1176
zoneObjectRename . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1178
zoneObjectReplace. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1179
zoneRemove. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1180
zoneShow. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1182
Chapter 3 Primary FCS Commands
Primary FCS commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1185
Appendix A Command Availability
Command validation checks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1187
Command Admin Domain and Virtual Fabrics restrictions . . . . . . . . . . . . 1188
xx Fabric OS Command Reference
53-1003108-01
Fabric OS Command Reference xxi
53-1003108-01
About This Document
How this document is organized
This document is organized to help you find the information that you want as quickly and easily as
possible.
The document contains the following components:
Chapter 1, “Using Fabric OS Commands,” explains how to use the command line interface to
manage a Brocade SAN and Brocade switches.
Chapter 2, “Fabric OS Commands,” provides command information.
Chapter 3, “Primary FCS Commands,” summarizes the subset of commands available when an
FCS policy is enabled.
Appendix A, “Command Availability,” explains the Role-Based Access Control, as well as Virtual
Fabric and Admin Domain restriction checks used to validate commands.
Supported hardware and software
This document includes updated information specific to new functionality introduced in Fabric OS
v7.2.1. Table 1 lists the hardware platforms supported in the Fabric OS v7.2.1 release. ASIC names
may be used in this document to distinguish between types of switches that share certain
characteristics.
TABLE 1 Supported hardware for Fabric OS v7.2.1
Hardware platform Description ASIC
Brocade 300 8 Gbit 16-port switch Goldeneye 2
Brocade 5100 8 Gbit 32-port switch Condor 2
Brocade 5300 8 Gbit 64-port switch Goldeneye 2
Brocade 5410 8 Gbit 12-port embedded switch Goldeneye 2
Brocade 5424 8 Gbit 24-port embedded switch Goldeneye 2
Brocade 5431 8 Gbit 16-port stackable switch module GoldenEye 2
Brocade 5450 8 Gbit 24-port embedded switch Goldeneye 2
Brocade 5460 8 Gbit 24-port embedded switch Goldeneye 2
Brocade 5470 8 Gbit 16-port embedded switch Goldeneye 2
Brocade 5480 8 Gbit 24-port embedded switch Goldeneye 2
Brocade 6505 16 Gbit 24-port switch Condor 3
Brocade M6505 16 Gbit 24-port embedded switch Condor 3
xxii Fabric OS Command Reference
53-1003108-01
Although Brocade supports and tests many different software and hardware configurations for
Fabric OS v7.2.1, documenting all possible configurations and scenarios is beyond the scope of this
document.
This document is specific to Fabric OS v7.2.1. To obtain information about an OS version other than
v7.2.1, refer to the documentation for that OS version.
What is new in this document
The Fabric OS Command Reference v7.2.1 supports the current Fabric OS release and the new
hardware platforms.
The Admin Domain and Virtual Fabric restrictions for Fabric OS commands table in the appendix
has been updated. The table lists the Admin domain, Context and Switch type for the commands.
New commands
There are no new commands introduced in release v7.2.1.
Brocade 6510 16 Gbit 48-port switch Condor 3
Brocade 6520 16 Gbit 96-port switch Condor 3
Brocade 6547 16 Gbit 48-port embedded switch Condor 3
Brocade VA-40FC 8 Gbit 40-port switch Condor 2
Brocade 7800 Extension switch 8 Gbit 16-FC ports, 6 GbE ports Goldeneye 2
Brocade Encryption Switch 8 Gbit 16-port encryption switch Condor 2
DCX Backbone
DCX-4S Backbone
FC8-16 port blade
FC8-32 port blade
FC8-48 port blade
FC8-64 port blade
FCOE10-24 DCX blade
FS8-18 Encryption blade
FX8-24 Extension blade*
8 Gbit 512-port core fabric backbone
8 Gbit 192-port core fabric backbone
8 Gbit 16-port blade
8 Gbit 32-port blade
8 Gbit 48-port blade
8 Gbit 64-port blade
8 Gbit 24-port blade
8 Gbit 16-port encryption blade
8 Gbit 12-FC ports, 10 GbE ports, 2 10GbE ports
Condor 2
Condor 2
Condor 2
Condor 2
Condor 2
Condor 2
Anvil/Condor 2
Condor 2
Condor 2
Brocade DCX 8510-8 backbone
Brocade DCX 8510-4 backbone
FC8-32E port blade
FC8-48E port blade
FC8-64 port blade
FC16-32 port blade
FC16-48 port blade
FS8-18 Encryption blade
FX8-24 Extension blade
16 Gbit 192-port core fabric backbone
16 Gbit 384-port core fabric backbone
8 Gbit 32-port blade
8 Gbit 48-port blade
8 Gbit 64-port blade
16 Gbit 32-port blade
16 Gbit 48-port blade
8 Gbit 16-port encryption blade
8 Gbit 12-FC ports, 10 GbE ports, 2 10GbE ports
Condor 3
Condor 3
Condor 3
Condor 3
Condor 2
Condor 3
Condor 3
Condor 2
Condor 2
TABLE 1 Supported hardware for Fabric OS v7.2.1 (Continued)
Hardware platform Description ASIC
Fabric OS Command Reference xxiii
53-1003108-01
Modified commands
The following commands and associated man pages have been corrected or updated with
additional information:
authUtil - Included the support for SHA 256 hash type.
cryptoCfg - Included new sub-option --delete –stale_dek.
fipsCfg - Included the support for DH and SHA 256 hash type.
flow - Updated the mirror operand to specify that 256 frames per second are mirrored.
mapsRule - The maximum size of a MAPS rule is increased from 32 to 40.
mapsSam - Included the TF (F_Trunk ports) to suppported port types.
motd - Added a note to specify the Fabric OS does not control when the MOTD displays.
portCfgDPort - Included support for 8Gb LWL/ELWL FC SFPs of portcfgdport.
portCfgFaultDelay - Included DWDM mode examples.
portDPortTest - Included D_Port cable distance for different port types
portStats64Show - New counters to detect the number of FEC corrected and uncorrected
errors.
portStatsShow- New counters to detect the number of FEC corrected and uncorrected errors.
snmpConfig- Included the mibcapability parameters with a note that it is for restricted usage
only.
snmpTraps - Included the mibcapability traps with a note that it is for restricted usage only.
spinFab - This command supports a maximum of 16 paths to a single remote domain.
thConfig - The EE class parameters are represented in kiloBytes.
Deprecated commands
There are no commands deprecated in v7.2.1.
CLI usage conventions
Some Fabric OS show commands display certain switch or fabric components in three-digit
decimal numbers, for example, 003. When you use these numeric identifiers as inputs to other
commands, you must remove the leading zeros; otherwise the commands will either fail or
generate incorrect results. Adding zeros to any decimal number in a command input will cause
that number to be treated as an Octal number.
Automatic page breaks in CLI command output displays are being phased out. Use the more
option to display command output with page breaks: command | more. Do not use the more
option in conjunction with help pages. Executing help command | more will display a
command “no manual entry for command” message.
xxiv Fabric OS Command Reference
53-1003108-01
Document conventions
This section describes text formatting conventions and important notices formats.
Text formatting
The narrative-text formatting conventions that are used in this document are as follows:
bold text Identifies command names
Identifies GUI elements
Identifies keywords and operands
Identifies text to enter at the GUI or CLI
italic text Provides emphasis
Identifies variables
Identifies paths and Internet addresses
Identifies document titles
code text Identifies CLI output
Identifies syntax examples
For readability, command names in the command titles and in the narrative portions of this guide
are presented in mixed letter case, for example, switchShow. In examples, command letter case is
all lowercase.
Command syntax conventions
Command syntax in this document follows these conventions:
command Commands are printed in bold.
--option, option Command options are printed in bold.
-argument, arg Arguments are printed in bold.
[ ] Optional element.
variable Variables are printed in italics. In the help pages, values are underlined or
enclosed in angle brackets < >.
... Repeat the previous element, for example “member[;member...]”
value Fixed (literal) values following arguments are printed in plain font. For example,
--show WWN
| Boolean. Elements are exclusive. Example: --show -mode egress | ingress
\ Backslash indicates a “soft” line break. If a backslash separates two lines of a
command input, enter the entire command at the prompt without the backslash.
Notes, cautions, and warnings
The following notices and statements are used in this manual. They are listed below in order of
increasing severity of potential hazards.
Fabric OS Command Reference xxv
53-1003108-01
NOTE
A note provides a tip, guidance, or advice, emphasizes important information, or provides a
reference to related information.
ATTENTION
An Attention statement indicates potential damage to hardware or data.
CAUTION
A Caution statement alerts you to situations that can be potentially hazardous to you or cause
damage to hardware, firmware, software, or data.
DANGER
A Danger statement indicates conditions or situations that can be potentially lethal or extremely
hazardous to you. Safety labels are also attached directly to products to warn of these conditions
or situations.
Key terms
For definitions specific to Brocade and Fibre Channel, see the technical glossaries on the Brocade
website. See “Brocade resources” on page xxvi for instructions on accessing the information.
For definitions of SAN-specific terms, visit the Storage Networking Industry Association online
dictionary at:
http://www.snia.org/education/dictionary
Notice to the reader
This document may contain references to the trademarks of the following corporations. These
trademarks are the properties of their respective companies and corporations.
These references are made for informational purposes only.
Corporation Referenced Trademarks and Products
Commvault Commvault Galaxy Data Protection
EMC RSA Data Protection Manager (DPM)
HP Secure Key Manager (SKM) and Enterprise Secure Key Manager
(ESKM)
IBM Tivoli Key Lifecycle Manager
Legato Legato Networker
Microsoft Corporation Windows, Windows NT, Internet Explorer
NetApp NetApp Lifetime Key Manager (LKM)
xxvi Fabric OS Command Reference
53-1003108-01
Additional information
This section lists additional Brocade and industry-specific documentation that you may find helpful.
Brocade resources
To get up-to-the-minute information, join MyBrocade at no cost to obtain a user ID and password:
http://my.brocade.com
White papers, online demonstrations, and data sheets are available through the Brocade website
at:
http://www.brocade.com/products-solutions/products/index.page
For additional Brocade documentation, visit the Brocade SAN Info Center and click the Resource
Library location:
http://www.brocade.com
Release notes are available on the Brocade website.
Other industry resources
For additional resource information, visit the Technical Committee T11 website. This website
provides interface standards for high-performance and mass storage applications for Fibre
Channel, storage management, and other applications:
http://www.t11.org
For information about the Fibre Channel industry, visit the Fibre Channel Industry Association
website:
http://www.fibrechannel.org
Getting technical help
Contact your switch support supplier for hardware, firmware, and software support, including
product repairs and part ordering. To expedite your call, have the following information available:
General Information
Switch model
Oracle Corporation Oracle, Java
Symantec Veritas NetBackup 6.5 Enterprise Server
Red Hat, Inc. Linux
Thales Thales e-Security keyAuthority (TEKA)
Corporation Referenced Trademarks and Products
Fabric OS Command Reference xxvii
53-1003108-01
Switch operating system version
Error numbers and messages received
supportSave command output
Detailed description of the problem, including the switch or fabric behavior immediately
following the problem, and specific questions
Description of any troubleshooting steps already performed and the results
Serial console and Telnet session logs
syslog message logs
Switch Serial Number
The switch serial number and corresponding bar code are provided on the serial number label,
as shown here:
The serial number label is located as follows:
Brocade 300, 5100, 5300, 6505, M6505, 6520, 6547, 7800, VA-40FC, and Brocade
Encryption Switch—On the switch ID pull-out tab located inside the chassis on the port side
on the left.
Brocade 5410, 5424, 5430, 5450, 5460, 5470, 5480Serial number label attached to
the module.
Brocade 6510—On the pull-out tab on the front of the switch.
DCX and DCX 8510-8—On the port side of the chassis, on the lower right side and directly
above the cable management comb.
DCX-4S and DCX 8510-4—On the non-port side of the chassis on the lower left side.
Use the licenseIdShow command to display the switch WWN.
If you cannot use the licenseIdShow command because the switch is inoperable, you can get the
WWN from the same place as the serial number, except for the Brocade DCX, DCX-4S, DCX 8510-8,
and DCX 8510-4. On these models, access the numbers on the WWN cards by removing the
Brocade logo plate at the top of the non-port side of the chassis.
Document feedback
Quality is our first concern at Brocade, and we have made every effort to ensure the accuracy and
completeness of this document. However, if you find an error or an omission, or you think that a
topic needs further development, we want to hear from you. Forward your feedback to:
documentation@brocade.com
Provide the title and version number and as much detail as possible about your issue, including the
topic heading and page number and your suggestions for improvement.
*FT00X0054E9
FT00X0054E9
xxviii Fabric OS Command Reference
53-1003108-01
Fabric OS Command Reference 1
53-1003108-01
Chapter
1
Using Fabric OS Commands
Using the command line interface
The Fabric OS command line interface (CLI), accessed via Telnet, SSH, or serial console, provides
full management capability on a Brocade switch. The Fabric OS CLI enables an administrator to
monitor and manage individual switches, ports, and entire fabrics from a standard workstation.
Selected commands must be issued from a secure Telnet or SSH session.
Access is controlled by a switch-level password for each access level. The commands available
through the CLI are based on the user’s login role and the license keys used to unlock certain
features.
The Fabric OS CLI provides the following capabilities:
Access to the full range of Fabric OS features, given the license keys installed.
Assistance with configuration, monitoring, dynamic provisioning, and daily management of
every aspect of storage area networks (SANs).
A deeper view of the tasks involved in managing a Brocade SAN.
Identification, isolation, and management of SAN events across every switch in the fabric.
Management of Brocade licenses.
The documentation for each command includes a synopsis of its syntax, a description of command
use, and a set of examples. The same information can be accessed by issuing the help command
followed by the command name on a Brocade switch or director. This command displays the help
page for the specified command. For example, to display the help page for portCfg, enter:
switch:admin> help portCfg
Understanding Role-Based Access Control
Fabric OS implements Role-Based Access Control (RBAC) to control access to all Fabric OS
operations.
Eight predefined roles are supported, as described in Table 2. These predefined role definitions are
guided by perceived common operational situations and the operations and effects a role is
permitted to have on a fabric and individual fabric elements.
TABLE 2 Role definitions
Role name Definition
User Non-administrative use, such as monitoring system activity. In Fabric
OS v6.2.0 and later, the user account gains access to Fabric ID 128.
This is the default logical fabric after a firmware upgrade.
Operator A subset of administrative tasks typically required for routine
maintenance operations.
SwitchAdmin Administrative use excluding security, user management, and zoning.
2Fabric OS Command Reference
53-1003108-01
Understanding Role-Based Access Control
1
In addition to these predefined roles, Fabric OS v7.0.0 and later provides support for creating
user-defined roles. Refer to the roleConfig command for more information.
Additional command restrictions apply depending on whether Virtual Fabrics or Admin Domains are
enabled in a fabric. Refer to Appendix A, “Command Availability”.
NOTE
Virtual Fabrics and Admin Domains are mutually exclusive and are not supported at the same time
on a switch. To use Admin Domains, you must first disable Virtual Fabrics; to use Virtual Fabrics, you
must first delete all Admin Domains. Use ad --clear -f to remove all Admin Domains. Refer to the
Fabric OS Administrator’s Guide for more information.
Encryption commands and permissions
There are two system RBAC roles that are permitted to perform encryption operations.
Admin and SecurityAdmin
Users authenticated with the Admin and SecurityAdmin RBAC roles may perform cryptographic
functions assigned to the FIPS Crypto Officer, including the following:
Perform encryption node initialization.
Enable cryptographic operations.
Manage critical security parameters (CSPs) input and output functions.
Zeroize encryption CSPs.
Register and configure a key vault.
Configure a recovery share policy.
Create and register recovery share.
Encryption group and clustering-related operations.
Manage keys, including creation, recovery, and archiving functions.
Admin and FabricAdmin
Users authenticated with the Admin and FabricAdmin RBAC roles may perform routine
encryption switch management functions including the following:
Configure virtual devices and crypto LUN.
Configure LUN/tape associations.
Perform re-keying operations.
ZoneAdmin Zone management only.
FabricAdmin Administrative use excluding user management and Admin Domain
management.
BasicSwitchAdmin A subset of administrative tasks, typically of a more limited scope and
effect.
Admin All administrative tasks, including encryption and chassis commands.
SecurityAdmin Administrative use including admin, encryption, security, user
management, and zoning.
TABLE 2 Role definitions (Continued)
Role name Definition
Fabric OS Command Reference 3
53-1003108-01
Understanding Virtual Fabric restrictions 1
Perform firmware download.
Perform regular Fabric OS management functions.
For a listing of RBAC permissions for cryptoCfg subcommands, refer to the Fabric OS Encryption
Adminsitrator’s Guide.
Understanding Virtual Fabric restrictions
All Fabric OS commands are subject to additional RBAC enforcement with regard to Virtual Fabric
contexts and switch types. Commands can be executed in one or more of the contexts described in
Table 3. Execution of chassis commands requires chassis permissions.
Switch commands are further defined by the switch type restrictions as described in Table 4.
Switch type restrictions are not applicable to commands that require chassis permissions.
In a Virtual Fabric environment where contexts are enforced, the following Virtual Fabric restrictions
apply to the RBAC permissions specified in Table 2. Refer to the userConfig command for more
information on configuring user account access permissions in a Virtual Fabric environment.
Any given role is allowed to execute all switch commands to which the role is authorized in the
account’s home context. The default home context is the default logical fabric FID 128.
You can change an account’s home context to a specified FID and configure the account
permissions to access additional logical switches specified in the user’s Fabric ID list.
Accounts with user or admin permissions can be granted chassis permissions. A user account
with the chassis role can execute chassis-level commands at the user RBAC access level. An
admin account with the chassis role can execute chassis-level commands at the admin RBAC
access level.
Use the classConfig --showcli command to look up the Virtual Fabrics context for a specified
command. Refer to Appendix A, “Command Availability,” for a complete listing of Virtual Fabric
restrictions that apply to the commands included in this manual.
TABLE 3 Virtual Fabric contexts
Context type Definition
Switch context Command applies to the current logical switch only, or to a specified
logical switch.
Chassis context Command applies to the chassis on which it is executed.
Switch and chassis
context
Command can be executed in a logical switch context or in a chassis
context.
Disallowed Command is not supported in Virtual Fabric mode.
TABLE 4 Switch types
Switch type Definition
All Switches Command can be executed in any switch context.
Base Switch Only Command can be executed only on the base switch.
Default Switch Only Command can be executed only on the default switch.
N/A Command is a chassis command or not supported in Virtual Fabric
mode.
4Fabric OS Command Reference
53-1003108-01
Understanding Admin Domain restrictions
1
Understanding Admin Domain restrictions
A subset of Fabric OS commands is subject to Admin Domain (AD) restrictions that may be in place.
In order to execute an AD-restricted command on a switch or device, the switch or device must be
part of a given Admin Domain, and the user must be logged in to that Admin Domain.
Six Admin Domain types are supported, as defined in Table 5.
Refer to Appendix A, “Command Availability,” for a listing of Admin Domain restrictions that apply to
the commands included in this manual.
Determining RBAC permissions for a specific command
To determine RBAC permission for a specific command, use the classconfig --showcli command.
1. Enter the classconfig --showcli command for a specified command.
The command displays the RBAC class and access permissions for each of the command
options. Note that options for a single command option can belong to different classes.
2. Enter the classconfig --showroles command and specify the RBAC class of the command
option you want to look up.
The command displays the default roles and the permissions they have to access commands
in the specified RBAC class.
The following example shows how you can obtain permission information for the zone command.
Suppose you want to know if a user with the SwitchAdmin role can create a zone. You issue the
classconfig --showcli command for the zone command, which shows that the zone --add command
belongs to the RBAC class “zoning”. You then issue the classconfig --showroles command for the
zoning RBAC class. The output shows that the SwitchAdmin role has ‘Observe” (O) permissions only
for any command in the zoning class. This means that the user with the SwitchAdmin role is not
allowed to create zones. To allow this user to create a zone, you must change the user’s access to
any of the roles that have “observe and modify” (OM) access. Use the userConfig command to
change the user’s role or use the roleConfig command to create a custom role.
TABLE 5 AD types
AD Type Definition
Allowed Allowed to execute in all ADs.
PhysFabricOnly Allowed to execute only in AD255 context (and the user should own
access to AD0-AD255 and have admin RBAC privilege).
Disallowed Allowed to execute only in AD0 or AD255 context; not allowed in
AD1-AD254 context.
PortMember All control operations allowed only if the port or the local switch is part
of the current AD. View access allowed if the device attached to the
port is part of current AD.
AD0Disallowed Allowed to execute only in AD255 and AD0 (if no ADs are configured).
AD0Only Allowed to execute only in AD0 when ADs are not configured.
Fabric OS Command Reference 5
53-1003108-01
Determining RBAC permissions for a specific command 1
switch:admin> classconfig --showcli zone
CLI Option Permission RBAC Class Context
----------------------------------------------------------
zone Killall OM Debug vf
zone evlogclear OM Debug vf
zone evlogshow O Debug vf
zone evlogtoggle OM Debug vf
zone mergeshow O Debug vf
zone stateshow O Debug vf
zone activate OM Zoning vf
zone add OM Zoning vf
zone copy OM Zoning vf
zone create OM Zoning vf
zone deactivate OM Zoning vf
(output truncated)
switch:admin> classconfig --showroles zoning
Roles that have access to the RBAC Class 'zoning' are:
Role Name Permission
--------- ----------
User O
Admin OM
Factory OM
Root OM
Operator O
SwitchAdmin O
ZoneAdmin OM
FabricAdmin OM
BasicSwitchAdmin O
SecurityAdmin O
NOTE
If a Role Name does not appear in the list, it indicates that the role is not available to the
specified class and associated commands in that class are restricted and cannot be executed
in that role.
6Fabric OS Command Reference
53-1003108-01
Determining RBAC permissions for a specific command
1
Fabric OS Command Reference 7
53-1003108-01
Chapter
2
Fabric OS Commands
aaaConfig
Manages RADIUS, LDAP, and TACACS+ configuration information.
SYNOPSIS aaaconfig
aaaconfig --show
aaaconfig --add | --change server -conf radius | ldap | tacacs+
[-p port] [-d domain] [-t timeout] [-s secret]
[-a chap | pap | peap-mschapv2]
aaaconfig --remove server -conf radius | ldap | tacacs+
aaaconfig --move server -conf radius | ldap | tacacs+ to_position
aaaconfig --authspec aaa1[;aaa2 [-backup] [-nologout]
aaaconfig --help
DESCRIPTION Use this command to manage the RADIUS, LDAP, and TACACS+ server configuration for the
authentication, authorization and accounting (AAA) services. Use this command to display, add, remove,
change, enable or disable the RADIUS, LDAP, or TACACS+ configuration.
Brocade switches use a local as well as a remote authentication mechanism for validating a login.
Supported authentication protocols include Password Authentication Protocol (PAP),
Challenge-Handshake Authentication Protocol (CHAP) and Protected Extensible Authentication Protocol
(PEAP). In addition, Fabric OS v6.0.0 and later provides support for Light-weight Directory Access
Protocol (LDAP) authentication against Active Directory for user authentication and authorization.
RADIUS, LDAP or TACACS+ servers are contacted in the order they appear in the configuration list. The
first server returning authentication success or failure causes the authentication request to succeed or
fail. If no response is received within the specified timeout, the next RADIUS, LDAP, or TACACS+ server
in the list is contacted. An event entry logs if all RADIUS, LDAP, or TACACS+ servers fail to respond.
When the command succeeds, it triggers an event log (the Fabric OS error log) to indicate a server is
added, removed, or modified. Refer to the Fabric OS Message Reference manual for specific details.
There are two modes of operation in LDAP authentication, FIPS mode and non-FIPS mode. However,
there is no option to configure LDAP while the switch is in FIPS mode. The LDAP client checks if FIPS
mode is set on the switch and uses FIPS-compliant TLS ciphers for LDAP. If FIPS mode is not set and
the ADir server is configured for FIPS ciphers, it uses FIPS-compliant ciphers.
Configuration changes are persistently saved and take effect with the next AAA request. The
configuration applies to all switch instances in a platform supporting multiple switch domains.
NOTES Customers can use centralized RADIUS servers to manage AAA services for a switch, as defined in the
RFC 2865 RADIUS specification.
This command can be executed when logged in through the console, Telnet or SSH connection.
8Fabric OS Command Reference
53-1003108-01
aaaConfig
2
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following operands:
server Specifies an IP address or a server name in dot-decimal notation. IPv6 addresses
are supported. If a name is used, a DNS entry must be correctly configured for the
server. If the specified server IP address or name already exists in the current
configuration, the command fails and generates an error. However, the command
does not validate the server name against the IP address in the configuration.
Make sure to avoid duplicate configuration of the same server, one specified by
the name, the other specified by the IP address.
--show Displays the current AAA service configuration.
--add | --change server [options]
Adds or modifies a RADIUS, LDAP, or TACACS+ server. The --add option
appends the specified server to the end of the current configuration list. A
maximum of 5 servers are supported for each authentication type. The --change
option modifies the specified server configuration to use the new arguments. The
server must be one of the IP addresses or names shown in the current
configuration.
The following options are supported:
-conf radius | ldap | tacacs+
Specifies the server configuration as either RADIUS, LDAP, or TACACS+. This
operand is required.
The following operands are optional:
-p port Specifies the RADIUS, LDAP, or TACACS+ server port number. Supported
range is 1 to 65535. The default port is 1812 for RADIUS authentication. The
default port is 1813 for RADIUS accounting. The default port is 389 for LDAP
authentication. The default port is 49 for TACACS+ authentication. This
operand is optional. If no port is specified, the default is used.
-t timeout Specifies the response timeout for the RADIUS, the LDAP or the TACACS+
server. The supported range is 1 to 30 seconds. The default is 3 seconds.
This operand is optional. If no timeout is specified, the default is used.
-d domain Specifies the Windows domain name for the LDAP server, for example,
brocade.com. This option is valid only with the -conf ldap option. This
operand is required.
-s secret Specifies a common secret between the switch and the RADIUS or
TACACS+ server. The secret must be 8 to 40 characters for RADIUS server,
and 1 to 40 characters for TACACS+ server. This option is valid only with
-conf radius or -conf tacacs+options, and it is optional. The default value is
sharedsecret.
-a Specifies the remote authentication protocol for the RADIUS or TACACS+
server. This operand is valid with -conf radius or -conf tacacs+ options,
and it is optional. The default value for this operand is CHAP.
Fabric OS Command Reference 9
53-1003108-01
aaaConfig 2
Note that the distinction between protocols is only applicable to the packets
between a system and the RADIUS or TACACS+ server. To authenticate a
user to the system, a password is always used.
Valid protocols are one of the following:
pap Password Authentication Protocol
chap Challenge-Handshake Authentication Protocol
peap-mschapv2
Protected Extensible Authentication Protocol (requires Fabric OS v5.3.0 or
later). This is applicable only to RADIUS configuration.
--remove server Removes the specified server from the configuration. The server must match one
of the IP addresses or the names shown in the current configuration. The
following operand is required:
-conf radius | ldap | tacacs+
Specifies the server configuration as either RADIUS, LDAP, or TACACS+. If the
server is enabled, the command does not allow the last server to be removed from
the configuration list. RADIUS, LDAP, or TACACS+ must first be disabled before
the last server of the specified type may be removed.
--move server option Moves the specified server from the current position in a RADIUS, LDAP, or
TACACS+ configuration list to the specified position. If the specified position is the
same as the current position, no change takes place. Valid options include the
following:
-conf radius | ldap | tacacs+
Specifies the server configuration as RADIUS, LDAP, or TACACS+. This operand
is required.
to_position Specifies the new position for the server. The value for to_position is an integer,
and must be within the range of server positions in the current configuration. Use
the --show option to determine current server positions. This operand is required.
--authspec "aaa1[;aaa2" [-backup] [-nologout]
Replaces the configuration with the specified AAA service. Each service can be
specified only once in the list, for example, "radius; local; radius" is invalid. No edit
option is provided. The --authspec option takes as an argument a
semicolon-separated list of AAA services. Services must be enclosed in double
quotation marks.
The following AAA services and service pairs are valid:
"local" Default setting. Authenticates the user against the local database only. If the
password does not match or the user is not defined, the login fails.
"radius" When "radius" is specified, the first RADIUS server is contacted. If the RADIUS
server is not reachable, the next RADIUS server is contacted. If the authentication
fails, the authentication process does not check for the next server in the
sequence.
10 Fabric OS Command Reference
53-1003108-01
aaaConfig
2
"ldap" When "ldap" is specified, the first Active directory (AD) server is contacted. If the
AD server is not reachable, the next AD server is contacted. If the authentication
fails, the authentication process does not check for the next server in the
sequence.
"tacacs+" When "tacacs+" is specified, the first Active directory (AD) server is contacted. If
the AD server is not reachable, the next AD server is contacted. If the
authentication fails, the authentication process does not check for the next server
in the sequence.
"radius;local" Enables the current RADIUS configuration as the primary AAA service and the
switch-local database as the secondary AAA service. If "radius" and "local" are
specified, and if the RADIUS servers are reachable and the user credentials are
correct, the user authentication succeeds. If the user provides credentials from the
switch database, the RADIUS authentication fails but login succeeds through the
switch database.
"ldap;local" Enables the current LDAP configuration as the primary AAA service and the
switch-local database as the secondary AAA service. If "ldap" and "local" are
specified, and if the AD servers are reachable and the user credentials are
correct, the user authentication succeeds. If the user provides credentials from the
switch database, AD authentication fails but login would still succeed through the
switch database.
"tacacs+;local" Enables the current TACACS+ configuration as the primary AAA service and the
switch-local database as the secondary AAA service. If "tacacs+" and "local" are
specified, and if the AD servers are reachable and the user credentials are
correct, the user authentication succeeds. If the user provides credentials from the
switch database, AD authentication fails but login would still succeed through the
switch database.
-backup For use with the "radius;local", "ldap;local", and "tacacs+;local" options only. The
backup option states to try the secondary AAA service only if none of the primary
AAA services are available.
-nologout If -nologout is not specified, a change in the authentication mechanism may
result in the termination of existing sessions. All existing sessions are terminated if
the new authentication mechanism is one of the following: RADIUS only, LDAP
only, TACACS+ only, or Local. If -nologout is specified, there will be no effect on
the existing sessions regardless of the chosen authentication mechanism.
--help Displays the command usage.
EXAMPLES To display the current RADIUS, LDAP, and TACACS+ configurations:
switch:admin> aaaconfig --show
RADIUS CONFIGURATIONS
=====================
Position Server Port Timeout(s) Auth-Protocol
1 192.168.233.48 1812 3 CHAP
2 192.168.233.44 1812 3 CHAP
3 radserver 1812 5 CHAP
Fabric OS Command Reference 11
53-1003108-01
aaaConfig 2
LDAP CONFIGURATIONS
===================
LDAP configuration does not exist.
TACACS+ CONFIGURATIONS
=====================
TACACS+ configuration does not exist.
Primary AAA Service: Switch database
Secondary AAA Service: None
To move the RADIUS server "radserver" from position 3 to position 1:
switch:admin> aaaconfig --move radserver -conf radius 1
To configure the RADIUS server 192.168.233.48 as an LDAP server:
switch:admin> aaaconfig --change 192.168.233.48 \
-conf ldap -p 3002 -s newsecret -t 1
To add an AD/LDAP server to the configuration:
switch:admin> aaaconfig --add 194.72.68.335 \
-conf ldap -p 3002 -d brocade.com -t 1
To replace the AAA service with backup option:
switch:admin> aaaconfig --authspec "ldap;local" -backup
To change the authentication mechanism with the no logout provision:
switch:admin> aaaconfig --authspec radius -nologout
switch:admin> aaaconfig --show
RADIUS CONFIGURATIONS
=====================
Position : 1
Server : 172.20.1.68
Port : 1812
Timeout(s) : 3
Auth-Protocol: PEAP-MSCHAPv2
LDAP CONFIGURATIONS
===================
LDAP configuration does not exist.
TACACS+ CONFIGURATIONS
=====================
TACACS+ configuration does not exist.
Primary AAA Service: RADIUS
Secondary AAA Service: None
12 Fabric OS Command Reference
53-1003108-01
aaaConfig
2
To add a TACACS+ server to the configuration:
switch:admin> aaaconfig --add 10.17.56.56 -conf tacacs+ \
-protocol pap -s "sharedkey" -t 5 -r 5 -port 49
switch:admin> aaaconfig --authspec tacacs+
switch:admin> aaaconfig --show
RADIUS CONFIGURATIONS
=====================
RADIUS configuration does not exist.
LDAP CONFIGURATIONS
===================
LDAP configuration does not exist.
TACACS+ CONFIGURATIONS
=====================
Position : 1
Server : 10.17.56.56
Port : 49
Retries : 5
Timeout(s) : 5
Auth-Protocol: PAP
Primary AAA Service: TACACS+
Secondary AAA Service: None
SEE ALSO None
Fabric OS Command Reference 13
53-1003108-01
ad 2
ad
Manages Admin Domain operations.
SYNOPSIS ad --activate ad_id
ad --add ad_id [-d "dev_list"] [-s "switch_list"]
ad --apply
ad --clear [-f]
ad --create ad_id [-d "dev_list"] [-s "switch_list"]
ad --deactivate ad_id
ad --delete ad_id
ad --exec ad_id "command_list"
ad --remove ad_id [-d "dev_list"] [-s "switch_list"]
ad --rename ad_id new_ad_id
ad --save
ad --select ad_id
ad --show [-i | [ad_id [-m mode]]] (in AD255 context)
ad --show [-i ] (in AD0 context)
ad --show (in AD1-254 context)
ad --validate [-i | [ad_id | [-m mode]]]
ad --transabort
ad --transshow
DESCRIPTION Use this command to manage Admin Domain operations.
This command follows a batched-transaction model. When executed with the --activate, --add, --clear,
--create, --deactivate, --delete, --remove, --rename options, this command changes only the Defined
Configuration in the transaction buffer. The --save option sends the changes made in the transaction
buffer to all other switches and permanently saves the changes to the Defined configuration in persistent
storage. The --apply option performs a save operation, sends a request to apply the Admin Domain
configuration (as defined in the persistent storage), and then enforces the configuration locally.
The Admin Domain transaction buffer is linked to the current login shell and is lost on logout. Use the
--transshow option to display the current Admin Domain transaction information.
14 Fabric OS Command Reference
53-1003108-01
ad
2
Before creating Admin Domains, the default zone mode should be set to "No Access". To set the default
zone mode to "No Access" execute the following command sequence:
switch:admin> ad --select AD0
switch:admin> defzone --noaccess
switch:admin> cfgsave
Refer to defZone help for more information.
All switches, switch ports and devices in the fabric that are not specified in any other Admin Domain are
treated as implicit members of AD0. Members added to AD0 are called explicit members.
When a new Admin Domain is created, the members included in the new Admin Domain are
automatically removed from the implicit member list of AD0. If the devices included in the new Admin
Domain are already zoned in AD0, and if you want to move these devices from AD0 without any traffic
disruption, do the following:
1. Add the devices to AD0's explicit member list using ad --add and ad --apply.
2. Create new ADs with the devices and execute ad --apply.
3. Select (or login to) the new Admin Domain and create a relevant zone configuration and zones
(Refer to zone --copy help for details). Enable the new zone configuration under the Admin Domain.
4. (Optionally) remove explicit members from AD0 (using ad --remove and ad --apply). Remove the
member references from the AD0 zone database.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS The generalized syntax for this command is "ad action arguments". Command actions are described
first. Argument details follow the description of actions.
The following actions are supported:
--activate arg Activates an Admin Domain. An Admin Domain is enforced only if it is in an
activated state. AD0 is always in an activated state. By default, after the Admin
Domain is enabled, the devices specified in the Admin Domain are not able to see
each other until they are zoned together. The command prompts for confirmation.
The activate operation remains in the transaction buffer until you issue ad --apply
or ad --save.
--add arguments Adds new members to an existing Admin Domain. The add operation remains in
the transaction buffer until you issue ad --apply or ad --save.
--apply Saves the current transaction buffer contents to the defined configuration and
enforces the defined configuration on all switches in the fabric. ad --apply
prompts for confirmation.
--clear [-f]Deletes all ADs and clears AD0's explicit members. This command fails if AD1
through AD254's zone databases are not empty. The command prompts for
confirmation before deleting all Admin Domains. The clear operation remains in
the transaction buffer until you issue ad --apply or ad --save.
When used with the -f option, this command deletes all ADs and clears all explicit
members from AD0, even if the zone databases or AD1 through AD254 are not
empty. Use the force option to remove Admin Domains before enabling Virtual
Fabrics.
Fabric OS Command Reference 15
53-1003108-01
ad 2
--create arguments Creates a new Admin Domain with optionally specified device or switch members.
A newly created Admin Domain is in an activated state. It initially contains no zone
database. The newly created Admin Domain remains in the transaction buffer until
you issue ad --apply or ad --save. AD0 always exists. Use ad --add to add
explicit members to AD0.
--deactivate arg Deactivates an Admin Domain. This operation fails if an effective zone
configuration exists under the Admin Domain. This operation is not allowed on
AD0. ad --deactivate does not disable any ports. Existing logins to a deactivated
Admin Domain are not terminated; however, subsequent CLI execution is
disallowed. A message is displayed to indicate that the current Admin Domain is
not active. The command prompts for confirmation. The deactivate operation
remains in the transaction buffer until you issue ad --apply or ad --save.
--delete arg Deletes an Admin Domain. This command succeeds regardless of whether the
Admin Domain is in a deactivated or an activated state. AD0 always exists; using
this operation on AD0 does not delete AD0, it only removes all explicit members
from AD0. The AD0 zone database does not need to be empty for the delete
operation to succeed. Not all existing user sessions to a deleted Admin Domain
are terminated; however, subsequent CLI execution is disallowed. A message
displays indicating that the current Admin Domain is not active. The command
prompts for confirmation before executing the delete action. The delete operation
remains in the transaction buffer until you issue ad --apply or ad --save.
--exec arguments This command performs the following tasks:
Creates a new shell.
Executes ad --select to the specified Admin Domain.
Executes the specified commands.
Exits the shell.
--remove arguments Removes one or more members from an Admin Domain. Removing the last
member from an Admin Domain deletes the Admin Domain. The remove
operation remains in the transaction buffer until you issue ad --apply or ad --save.
--rename arguments Renames the specified Admin Domain. If a reserved name is used for new_ad_id
(AD number format), the operation fails if the reserved name does not correspond
to the ad_id AD number. The rename operation remains in the transaction buffer
until you issue ad --apply or ad --save.
--save Saves the outstanding Admin Domain transaction to the defined configuration on
all switches in the fabric. The saved Admin Domain definition is enforced only
when ad --apply is issued. Attempts to modify and save an Admin Domain that is
currently enforced will fail. The command prompts for confirmation.
--select arg Selects an Admin Domain context. This command fails if the corresponding Admin
Domain is not activated. This operation succeeds only if you have the specified
Admin Domain. This command internally spawns off a new shell within the
requested Admin Domain context. Type logout or exit to exit from the selected
Admin Domain. The zone transaction is linked to the current shell; therefore, the
zone transaction buffer is lost on logout. Use cfgTransShow to display the
current zoning transaction information.
16 Fabric OS Command Reference
53-1003108-01
ad
2
--show arguments Displays the membership information of the specified Admin Domain or all Admin
Domains.
When executed in an AD255 context and an Admin Domain name is not specified,
all information about all existing Admin Domains is displayed. When executed in
an AD0-AD254 context, the command, by default, displays the members of the
current Admin Domain's effective configuration, and therefore you cannot specify
an ad_id or mode.
When executed in an AD255 context, all Admin Domain information from the
transaction buffer, defined configuration and effective configuration is displayed.
--validate arguments Checks whether Admin Domain members are from a non-Admin Domain aware
switch or the members do not exist in the fabric. The output is similar to ad
--show; however, all members that are from non-Admin Domain aware switches
are marked with a plus sign (+). Members that are not online are marked with an
asterisk (*).
FC Router Front Phantom Domain and FC Router Translate Phantom Domain are
virtual entities without any exposed management interfaces; therefore, any FC
Router phantom switch WWN specified in an AD switch member list is marked as
a non-Admin Domain aware member. All D,PI members in the device list
corresponding to an FC Router Phantom Domain are marked as non-Admin
Domain aware members. All FC Router imported devices in the AD device list are
marked as AD-aware members.
--transabort Aborts the transaction buffer. The command prompts for confirmation before
aborting the transaction.
--transshow Displays the ID of the current Admin Domain transaction and indicates whether or
not the transaction can be aborted. The transaction cannot be aborted if it is an
internal Admin Domain transaction.
The following arguments are supported with selected AD actions:
ad_id Uniquely identifies an Admin Domain. An ad_id can be a name or a number:
name An Admin Domain name can be up to 63 bytes, must begin with a letter, and can
consist of letters, numbers, and underscore characters. The Admin Domain
names with the format AD[0-255] are reserved for autoassigning Admin Domain
names to Admin Domains created with an Admin Domain number. and can be
assigned only to the corresponding Admin Domain. Using ad --rename, for
example, in an attempt to assign a name of AD5 to an Admin Domain with ID not
equal to 5 fails. Admin Domain names are case-sensitive.
number An Admin Domain can be specified by a number. Valid values include 0 through
255. AD0 and AD255 are always active. AD0 cannot be specified with --activate,
--deactivate or --delete actions. AD255 can be specified only with --exec, --show
and --validate actions.
For all command iterations, with the exception of ad --create, the Admin Domain
is specified either by a name or a number. For ad --create, both name and
number can be specified: for example, ad --create test_ad/10 -d "100,5; 100,1".
Fabric OS Command Reference 17
53-1003108-01
ad 2
-d "dev_list"Specifies the list of devices in an Admin Domain, in quotation marks. Separate
each entry in the device list with a semicolon (;). Valid formats include the
following:
D,PI Uses existing zone D,PI member types. Benefits include the following:
Grants port control and zoning on the switch port and the devices attached to
that port.
PI can be specified as a range; for example, D,[0 to 34]. The port index range
is expanded and stored internally.
The same D,PI members can be specified in more than one Admin Domain.
Device WWN Uses traditional zone WWN member types. Benefits include the following:
Supports node or port WWNs.
End-device members, whose WWNs are used in an Admin Domain definition,
need not be online when the Admin Domain is created (similar to a
zoneCreate operation).
Provides rights to zone the devices.
Provides administrative view rights to the switch port the device is connected
to.
-s "switch_list"Specifies the list of switches in an Admin Domain. The list must be enclosed in
quotation marks. Separate each entry in the switch list with a semicolon (;).
Specify the switch in one of the following formats:
Switch WWN World wide name of the switch.
Domain ID Any switch member specified in Domain ID format is converted into a switch
WWN-based on the current fabric information. Operations with switch list fail
if the domain ID to switch WWN lookup fails.
Membership in an AD switch_list grants switch administrative operations
such as switchDisable, switchEnable, reboot, ad, etc. on the switch.
Ownership of a switch implicitly provides port control capability on all its ports,
but no zoning control.
"command_list"Specifies one or more commands to execute in an Admin Domain context. This
operand is valid only with the --exec option.
new_ad_id Specifies a new Admin Domain name or number. This operand is valid only with
the --rename option. Format is the same as ad_id.
-i Displays the implicit members of AD0. This operand is valid only with the --show
option.
-m mode Specifies the mode in which Admin Domain configuration information is displayed.
This operand is valid only with --show and --validate. Valid values for mode
include the following:
0Displays the Admin Domain configuration in the current transaction buffer.
18 Fabric OS Command Reference
53-1003108-01
ad
2
1Displays the Admin Domain configuration stored in persistent memory
(defined configuration).
2Displays the currently enforced Admin Domain configuration currently
enforced (effective configuration).
EXAMPLES To enable AD5:
switch:admin> ad --activate 5
You are about to activate a new admin domain.
Do you want to activate '5' admin domain \
(yes, y, no, n): [no] y
To enable AD_13:
switch:admin> ad --activate AD_13
To add new device members to AD1:
switch:admin> ad --add AD1, -d "100,5; 4,1"
To apply all changes made to the Admin Domain configurations since --apply was last executed:
switch:admin> ad --apply
You are about to enforce the saved AD configuration.
This action will trigger ad --apply to all switches \
in the fabric.
Do you want to apply all admin domains \
(yes, y, no, n): [no] y
To clear all Admin Domain definitions:
switch:admin> ad --clear
You are about to delete all ADs definitions.
This operation will fail if zone configurations \
exists in AD1-AD254
Do you want to clear all admin domains \
(yes, y, no, n): [no] y
To create an Admin Domain with a mix of D,PI, WWNs, and zone alias device members (two different
methods shown):
switch admin> ad --create "AD1", \
-d "100,5; 1,3; 20:00:00:e0:8b:05:4d:05"
switch admin> ad --create 1, \
-d "100,5; 1,3; 21:00:00:e0:8b:05:4d:05"
To create an Admin Domain with two switches identified by domain ID and switch WWN:
switch:admin> ad --create "AD1", \
-s "100; 10:00:00:60:69:80:59:13"
To create an Admin Domain with a device list and a switch list:
switch:admin> ad --create "AD1", \
-d "100,5; 1,3; 21:20:00:00:e0:8b:05:4d:05" \
-s "100; 10:00:00:60:69:80:59:13"
Fabric OS Command Reference 19
53-1003108-01
ad 2
To deactivate Admin Domain 5:
switch:admin> ad --deactivate 5
You are about to deactivate an AD.
This operation will fail if an effective zone \
configuration exists in the AD
Do you want to deactivate '5' admin domain \
(yes, y, no, n): [no] y
To delete AD13:
switch:admin> ad --delete 13
You are about to delete an AD.
This operation will fail if an effective zone \
configuration exists in the AD
Do you want to delete '13' admin domain \
(yes, y, no, n): [no] y
To execute switchShow in an AD7 context (using the current user_id):
switch:admin> ad --exec 7 "switchshow"
To rename Eng_AD to Eng_AD2:
switch:admin> ad --rename Eng_AD Eng_AD2
To rename AD 200 to Eng_AD200:
switch:admin> ad --rename 200 Eng_AD200
To rename a user-assigned Admin Domain name to a reserved Admin Domain name (this operation fails
if AD_test's AD number is not 200):
switch:admin> ad--rename AD_test AD200
To remove the devices 100,5 and 1,3 from AD1:
switch:admin> ad --remove "AD1", \
-d "100,5; 1,3; 21:00:00:e0:8b:05:4d:05"
To remove the switch 100 from AD1:
switch:admin> ad --remove "AD1", -s "100"
To save any outstanding Admin Domain definition-related transaction buffer
switch:admin> ad --save
You are about to save the outstanding AD membership.
This action will only save the changes to Defined \
configuration.
Any changes made will be enforced only on ad --apply.
Do you want to save admin domains \
(yes, y, no, n): [no] y
To select a new Admin Domain context by specifying the AD number:
switch:admin> ad --select 12
20 Fabric OS Command Reference
53-1003108-01
ad
2
To display all ADs:
switch:admin> ad --show
Current AD: 255 : AD255
Transaction buffer configuration:
---------------------------------
no configuration
Defined configuration:
----------------------
AD: 1 : AD1 Active
Device WWN members: 21:00:00:80:e5:12:8b:37;
21:00:00:80:e5:12:8b:55;
Switch port members: 1,0; 1,1; 1,2; 1,3; 1,4; 1,5;
1,6; 1,7; 1,8; 1,9; 1,10; 1,11;
1,12; 1,13; 1,14; 1,15;
Switch WWN members: 10:00:00:60:69:00:02:53;
Effective configuration:
------------------------
AD: 1 : AD1 Active
Device WWN members: 21:00:00:80:e5:12:8b:37;
21:00:00:80:e5:12:8b:55;
Switch port members: 1,0; 1,1; 1,2; 1,3; 1,4; 1,5;
1,6; 1,7; 1,8; 1,9; 1,10; 1,11;
1,12; 1,13; 1,14; 1,15;
Switch WWN members: 10:00:00:60:69:00:02:53;
To display the AD1 configuration information in the transaction buffer:
switch:admin> ad --show 1 -m 0
Current AD: 255 : AD255
Transaction buffer configuration:
---------------------------------
no configuration
To display the AD10 configuration information in persistent storage:
switch:admin> ad --show 10 -m 1
Current AD: 255 : AD255
Defined configuration:
----------------------
AD: 1 : AD1 Active
Device WWN members: 21:00:00:80:e5:12:8b:37;
21:00:00:80:e5:12:8b:55;
Switch port members: 1,0; 1,1; 1,2; 1,3; 1,4; 1,5;
1,6; 1,7; 1,8; 1,9; 1,10; 1,11;
1,12; 1,13; 1,14; 1,15;
Switch WWN members: 10:00:00:60:69:00:02:53;
Fabric OS Command Reference 21
53-1003108-01
ad 2
To display the Admin Domain effective configuration information:
switch:admin> ad --show -m 2
Current AD: 255 : AD255
Effective configuration:
------------------------
AD: 1 : AD1 Active
Device WWN members: 21:00:00:80:e5:12:8b:37;
21:00:00:80:e5:12:8b:55;
Switch port members: 1,0; 1,1; 1,2; 1,3; 1,4; 1,5;
1,6; 1,7; 1,8; 1,9; 1,10; 1,11;
1,12; 1,13; 1,14; 1,15;
Switch WWN members: 10:00:00:60:69:00:02:53;
To display the configuration information in the transaction buffer:
switch:admin> ad --validate
Current AD Number: 255 AD Name: AD255
Transaction buffer configuration:
---------------------------------
no configuration
Defined configuration:
----------------------
AD Number: 1 AD Name: AD1 State: Inactive
Device WWN members: 10:00:00:00:00:01:00:00;
10:00:00:00:00:04:00:00;
10:00:00:00:00:05:00:00;
10:00:00:00:00:06:00:00;
10:00:00:00:00:08:00:00;
10:00:00:00:00:03:00:00;
10:00:00:00:00:02:00:00;
10:00:00:00:00:07:00:00;
10:00:00:00:00:15:00:00;
10:00:00:00:00:16:00:00;
10:00:00:00:00:17:00:00;
10:00:00:00:00:18:00:00;
10:00:00:00:00:11:00:00;
10:00:00:00:00:12:00:00;
10:00:00:00:00:13:00:00;
10:00:00:00:00:14:00:00;
Effective configuration:
------------------------
AD Number: 50 AD Name: AD50 State: Active
Device WWN members: 10:00:00:00:00:17:00:00;
10:00:00:00:00:15:00:00;
Switch port members: 2,52; 2,53; 2,54; 2,55; 21,5;
3,28; 3,29; 98,72; 98,75;
69,16; 69,18; 69,21; 1,336;
22 Fabric OS Command Reference
53-1003108-01
ad
2
1,337;
----------------------------
* - Member does not exist
+ - Member is AD Unaware
To abort the Admin Domain management transaction buffer:
switch:admin> ad --transabort
You are about to abort the outstanding AD transaction.
Do you want to abort the AD transaction \
(yes, y, no, n): [no] y
To display the current Admin Domain transaction:
switch:admin> ad --transshow
Current transaction token is 26816
It is abortable
switch:admin> ad --transshow
There is no outstanding zoning transaction
SEE ALSO cfgSave, cfgTransShow, defZone, logout
Fabric OS Command Reference 23
53-1003108-01
ag 2
ag
Enables Access Gateway (AG) and manages AG-specific operations.
SYNOPSIS ag --help
ag --show
ag --modeshow | --modeenable | --modedisable
ag [--policyenable | --policydisable] policy
ag --policyshow
ag --mapshow [N_Port]
ag [--mapset | --mapadd | --mapdel] N_Port [F_Port1; F_Port2;...]
ag [--staticadd | --staticdel ] N_Port [F_Port1; F_Port2;...]
ag --pgshow [pgid]
ag --pgcreate pgid "N_Port1 [;N_Port2;...]" [-n pgname]
[-m "lb; mfnm"]
ag [--pgadd | --pgdel] pgid "N_Port1 [; N_Port2;...]"
ag --pgrename pgid newname
ag --pgremove pgid
ag [--pgmapadd | --pgmapdel] pgid "F_Port1 [; F_Port2;...]"
ag [--pgsetmodes | --pgdelmodes] pgid "mfnm;lb"
ag --pgfnmtov [new_tov]
ag [--failoverenable | --failoverdisable] [N_Port | -pg pgid]
ag --failovershow [N_Port]
ag [--failbackenable | --failbackdisable] [N_Port | -pg pgid]
ag --failbackshow [N_Port]
ag [--prefset | --prefdel] "F_Port [;F_Port2;...]" N_Port
ag --prefshow
ag [--adsset | --adsadd | --adsdel] "F_Port [;F_Port2;...]"
"WWN [;WWN2;...]"
ag --adsshow
ag --persistentalpaenable 1 | 0 mode
24 Fabric OS Command Reference
53-1003108-01
ag
2
ag --printalpamap F_Port
ag --deletepwwnfromdb PWWN
ag --clearalpamap F_Port
ag --addwwnmapping N_Port "WWN [;WWN2;...]" | --all
ag --delwwnmapping N_Port "WWN [;WWN2;...]" | --all
ag --addwwnpgmapping Port_Group "WWN [;WWN2;...]" | --all
ag --delwwnpgmapping Port_Group "WWN [;WWN2;...]" | --all
ag --addwwnfailovermapping N_Port "WWN [;WWN2;...]" | --all
ag --delwwnfailovermapping N_Port "WWN [;WWN2;...]" | --all
ag --wwnmappingenable "WWN [;WWN2;...]" | --all
ag --wwnmappingdisable "WWN [;WWN2;...]" | --all
ag --wwnmapshow
ag --reliabilitycounterset
ag --reliabilitycountershow
ag --backupmappingsave N_Port
ag --backupmappingdel N_Port
ag --backupmappingshow N_Port
DESCRIPTION Use this command to perform the following Access Gateway management functions:
Enable or disable Access Gateway mode.
Display current configuration and state of AG.
Configure and display F_Port to N_Port mapping.
Configure and display N_Port failover and failback policies.
Configure and display Port Group policy.
Create or remove a Port group.
Enable or disable auto port configuration (APC) modes for a Port group.
Get or set timeout value for fabric name monitoring.
Display Port Groups and member N_Ports.
Add or delete N_Ports in a Port group.
Display all policies and their status.
Enable or disable auto port configuration (APC) policy.
Enable or disable preferred secondary N_Port policy.
Enable, disable, and manage advanced device security (ADS) policy.
Manage persistent ALPA mode.
Manage device WWN to N_Port mappings.
Fabric OS Command Reference 25
53-1003108-01
ag 2
Manage device WWN to N_Port group mappings.
Manage device WWN failover to N_Ports configured as preferred failover ports.
Enable or disable device WWN mappings.
Configure the reliability limit for the preferred N_Port.
Save the configured F_Ports, static F_Ports for the given N_Port, and F_Ports for which the given
N_Port is a preferred one.
Delete the backup mappings for the given N_Port, if any.
Display the saved mappings for the given N_Port, if any.
AG configuration changes are saved persistently as configuration keys. Use the portCfgNPort
command to set a port as N_Port.
This command supports multiple configurations for mapping device logins to N_Ports for the purposes of
load balancing and redistribution in the event of a fabric change. If multiple mappings are configured, the
system considers the available mappings in a fixed order of priority to determine which of the available
N_Ports should be assigned to the login request. The first eligible mapping is chosen in the order
specified below.
1. Device WWN to N_Port
2. Device WWN to N_Port Group
3. Automatic device WWN load balancing.
4. F_Port to N_Port
5. F_Port to N_Port Group
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
AG is supported only on selected Brocade hardware platforms. Refer to the Access Gateway
Administrator's Guide for hardware support and AG configuration procedures.
In non-AG mode, only two actions are available: --modeenable and --modeshow.
The --backupmappingsave, --backupmappingdel and --backupmappingshow commands can be
executed if the auto policy is disabled.
OPERANDS This command has the following operands:
--help Displays the command usage.
--show Displays the current configuration of the Access Gateway. This includes all
N_Ports and F_Ports that are currently online, failover and failback settings as
well as any online F_Ports that are currently mapped to N_Ports. Failover and
failback policies are displayed as enabled (1) or disabled (0).
--modeshow Displays the current Access Gateway operating mode of the switch as either
enabled or disabled.
--modeenable Enables Access Gateway mode on a switch. Long distance mode settings should
be cleared for all ports on the NPIV edge switch to which the AG is connected.
Otherwise, the NPIV switch port displays the long distance port type along with
the F_Port.
26 Fabric OS Command Reference
53-1003108-01
ag
2
--modedisable Disables Access Gateway mode on a switch. After AG mode is disabled, the
switch reboots automatically and comes online with default zone access set to
"No Access". In order to merge the switch to a fabric, set the default zone to "All
Access" and disable/enable the E_Port.
--policyshow Displays the supported AG port policies and their status as either enabled or
disabled. AG supports four types of policies:
Port Grouping (pg) policy: This policy manages failover of an F_Port to a set
of related N_Ports in a port group.
Auto Port Configuration (auto): When this policy is enabled, the AG enabled
switch automatically detects available ports and maps F_Ports to N_Ports.
Auto port configuration is disabled by default.
Advanced Device Security (ADS) policy. This policy restricts access to the
fabric at the AG level to a set of authorized devices. Unauthorized access is
rejected and the system logs a RASLOG message. You can configure the list
of allowed devices for each F_Port by specifying their Port WWN. Refer to the
ag --ads* commands for information on managing advanced device security.
ADS policy is disabled by default, which means that all devices can connect
to the switch.
WWN Based Load Balancing policy: This policy routes device logins to the
least loaded port in the port group to which they are mapped.
--policyenable policy Enables the specified port policy for the Access Gateway. When a new policy is
enabled, all port related configuration settings are lost. Use the configUpload
command to save the current port configuration. Valid policies include the
following:
pg Enables the port grouping policy. A default port group "pg0" is created, which
includes all configured N_Ports assigned to the policy. Enabling port grouping
policy disables the Get Fabric Name policy.
auto Enables the automatic port configuration policy. When enabled, this policy applies
to all ports on the switch. All F_Port to N_Port mapping and port group
configurations are ignored.
ads Enables the advanced device security (ADS) policy. When enabled, this policy
applies to all the ports on the switch. By default all devices have access to the
fabric on all ports.
wwnloadbalanceEnables the device WWN load balancing policy. When this policy is enabled,
device logins are sent to the least loaded port in the port group to which they are
mapped. These devices are displayed with ag --wwnmapshow as dynamic
device mappings. Port Group policy must be enabled before you can enable the
WWN load balancing policy.
--policydisable policy Disables the specified policy for the Access Gateway. When a policy is disabled,
all port-related configuration settings are lost. Use the configUpload command to
save the current port configuration. Valid policies include the following:
pg Disables the port grouping policy. All port group configurations are deleted.
Disabling port grouping policy enables the Get Fabric Name policy.
Fabric OS Command Reference 27
53-1003108-01
ag 2
auto Disables the automatic port configuration policy and deletes all associated
configuration settings.
ads Disables the advanced device security (ADS) policy and deletes all lists of allowed
device WWNs.
wwnloadbalanceDisables the device WWN load balancing policy.
--mapshow [N_Port | device_WWN]
Displays the F_Ports that are configured and currently mapped to a given
"primary" N_Port. Optionally specify an N_Port to display the F_Ports that are
mapped to the specified N_Port only, or specify a device WWN to display the
N_Port to which the device WWN is mapped. Failover and failback policies are
displayed as enabled (1) or disabled (0).
--mapset N_Port [F_Port1;F_Port2;...]
Maps a set of F_Ports to a specified "primary" N_Port forcing all traffic from the
F_Ports to be routed through this N_Port to the attached fabric. An F_Port cannot
be mapped to more than one primary N_Port at any given time. F_Ports are
enabled only if the N_Port is online. This command overwrites existing port
mappings. Use a blank list ("") to clear current mappings.
--mapadd N_Port F_Port1 [; F_Port2;...]
Adds one or more specified F_Ports to the mapping of an existing "primary"
N_Port. The traffic for the configured F_Ports is routed to the fabric through the
specified N_Port when the F_Ports come online. An F_Port cannot be mapped to
more than one primary N_Port at the same time.
--mapdel N_Port F_Port1 [; F_Port2;...]
Deletes one or more specified F_Ports from the "primary" N_Port mapping.
--staticadd N_Port F_Port1 [; F_Port2;...]
Creates a static mapping between an existing "primary" N_Port and one or more
specified F_Ports. This command removes exiting mappings. Once the static
mapping is enabled, the F_Ports and all logged-in devices will logout of the
previous N_Port and login using the new N_Port.
--staticdel N_Port F_Port1 [; F_Port2;...]
Deletes a static mapping between an existing "primary" N_Port and one or more
specified F_Ports. This command removes exiting mappings. Alternately, you can
remove an existing mapping by mapping the F_Port to another N_Port.
--pgshow [pgid]Displays the Port Group configuration. The port grouping feature supports
specifying a set of N_Ports to be included in the Port Group (PG) Policy. The
factory default PG is "pg0", which includes all N_Ports. The default PG cannot be
removed or renamed.
--pgcreate pgid "N_Port1 [;N_Port2;...]" [-n pgname][-m "lb; mfnm"]
Creates a port group with the ID pgid and a specified list of N_Ports to be included
in the policy. The list must be enclosed in quotation marks. Ports must be
separated by semicolons. The Port Group ID must not exceed 64 characters.
Optionally specify a name for the port group and a mode. Modes are by default
disabled. For an explanation of mode values, refer to --pgsetmodes.
--pgadd pgid "N_Port1 [; N_Port2;...]"
Adds one or more N_Ports to the specified port group. The port list must be
enclosed in quotation marks. Ports must be separated by semicolons.
28 Fabric OS Command Reference
53-1003108-01
ag
2
--pgdel pgid "N_Port1 [; N_Port2;...]"
Deletes one or more N_Ports from the specified port group. Deleted ports are
added to the default port group "pg0". The port list must be enclosed in quotation
marks. Ports must be separated by semicolons.
--pgrename pgid newname
Replaces the name of an existing port group with the specified new name. The
port group ID must not exceed 64 characters.
--pgremove pgid Deletes the specified port group. The N_Ports in the port group that was deleted
are moved to the default port group, which is pgid 0.
--pgmapadd pgid "F_Port1[;F_Port2;...]"
Maps the specified F_Ports to the PG identified by the pgid. Upon execution, the
system identifies the least loaded N_Port in the port group and maps the F_Ports
to that N_Port. The port list must be enclosed in double quotation marks. Ports
must be separated by semicolons. Login balancing (LB) mode must be enabled
on the port group for this command to succeed. Use ag --pgsetmodes to enable
LB mode.
--pgmapdel pgid "F_Port1[;F_Port2;...]"
Removes one or more F_Ports that are part of the port group identified by the pgid
from their mapping to a corresponding N_Port. The port list must be enclosed in
double quotation marks. Ports must be separated by semicolons. Login balancing
(LB) mode must be enabled on the port group for this command to succeed. Use
ag --pgsetmodes to enable LB mode.
--pgsetmodes pgid "lb;mfnm"
Sets the APC modes for the specified port group. The mode list must be enclosed
in double quotation marks and the modes must be separated by a semicolon.
Alternately you can set the modes at the time when you create the port group with
the pgcreate command. The following modes are supported:
lb Specifies the login balancing mode for the specified port group. If login balancing
mode is enabled and an F_Port goes offline, logins in the port group are
redistributed among the remaining F_Ports. Similarly, if an N_Port comes online,
port logins in the PG are redistributed to maintain a balanced N_Port to F_Port
ratio. This operation is disruptive. Login balancing mode is disabled by default in
all port groups.
mfnm Enables the managed fabric name monitoring mode (MFNM) in the specified port
group. This command changes the fabric name monitoring mode from "default" to
"managed". In both default and managed mode, the system queries the fabric
name once every 120 seconds, and if it detects an inconsistency, for example, if
the port group is connected to multiple fabrics, it triggers a RASLOG message.
The difference between default and managed fabric name monitoring is that in
managed mode, failover is disabled for all ports in the port group if the system
detects an inconsistency in fabric names.
You can add or remove MFNM from a port group, however, doing so will enable or
disable MFNM on the entire switch. RASLOG messages are generated only if
MFNM is enabled on the entire switch and multiple fabrics are connected to the
switch.
--pgdelmodes pgid "lb;mfnm"
Disables the specified modes on a given port group. The mode list must be
enclosed in double quotation marks and the modes must be separated by a
semicolon. For a description of supported modes, refer to --pgsetmodes.
Fabric OS Command Reference 29
53-1003108-01
ag 2
--pgfnmtov new_tov Displays the fabric name monitoring timeout value in seconds when used without
specifying a new value. To change the current value, specify a new timeout value
in seconds. The valid range is 30 to 120 seconds. The default value is 120
seconds.
--failoverenable [N_Port] | -pg pgid
Enables the failover policy for a given N_Port or for all N_Ports in the given port
group. When failover policy is enabled for a given N_Port, F_Ports behave as
follows:
If only primary F_Port to N_Port mapping is in place, all currently mapped
F_Ports fail over to another available N_Port in the event the original N_Port
becomes disabled. If multiple N_Ports are available for failover, F_Ports are
evenly balanced across all available N_Ports. If no other N_Port is available,
failover does not occur.
If preferred secondary F_Port to N_Port Mapping is in place, the F_Ports are
routed through the preferred Secondary N_Port. If the preferred secondary
N_Port is offline, the F_Ports are disabled.
--failoverdisable [N_Port] -pg pgid
Disables the failover policy for a given N_Port or for all N_Ports in the given port
group.
--failovershow [N_Port]
If an N_Port is specified (optional), the command displays the failover policy for
this N_Port. Otherwise, the failover policy for all N_Ports is displayed. Failover is
displayed as enabled (1) or disabled (0).
--failbackenable [N_Port] | -pg pgid
Enables the failback policy for a specified N_Port or for all N_Ports in the given
port group. When failback policy is enabled, ports behave as follows:
If only primary F_Port to N_Port mapping is in place, all F_Ports are
automatically rerouted back to the N_Ports to which they were originally
mapped as those N_Ports come back online. Only the originally mapped
F_Ports fail back. In the case of multiple N_Port failures, only F_Ports that
were mapped to the recovered N_Port experience failback. The remaining
F_Ports are not redistributed among the online N_Ports during the failback.
If preferred secondary F_Port to N_Port mapping is in place, and the primary
N_Port comes back online, then the F_Ports are rerouted through the primary
N_Port. If the secondary N_Port comes online, while the primary N_Port is
still offline, F_Ports are rerouted through the secondary N_Port.
--failbackdisable [N_Port] | -pg pgid
Disables the failback policy for the specified N_Port or for all N_Ports in the given
port group.
--failbackshow [N_Port]
If an N_Port is specified (optional), the command displays the failback policy for
this N_Port. Otherwise, the failover policy for all the N_Ports is displayed. The
failback policy is displayed as disabled (0) or enabled (1).
--prefset "F_Port [;F_Port2;...]" N_Port
Sets the preferred secondary N_Port for one or more F_Ports. Preferred mapping
is optional. Preferred F_Port to N_Port Mapping provides an alternate N_Port for
F_Ports to come online for predictable failover and failback. An F_Port must have
primary N_Port mapping before a secondary N_Port can be configured. The list of
F_Ports to be mapped must be enclosed in double quotation marks. Port numbers
must be separated by semicolons.
30 Fabric OS Command Reference
53-1003108-01
ag
2
--prefdel "F_Port [;F_Port2;...]" N_Port
Deletes the preferred Secondary N_Port for the specified F_Ports. The list of
F_Ports to be deleted from the secondary mapping must be enclosed in double
quotation marks. Port numbers must be separated by semicolons.
--prefshow Displays the preferred Secondary N_Port for all F_Ports.
--adsset "F_Port [;F_Port2;...]" "WWN [;WWN2;...]"
Sets the list of devices that are allowed to login to a specified set of F_Ports.
Devices are specified by their world wide names. Lists must be enclosed in double
quotation marks. List members must be separated by semicolons. The maximum
number of entries in the allowed device list is twice the per port maximum login
count. Replace the WWN list with an asterisk (*) to indicate all access on the
specified F_Port list. Replace the F_Port list with an asterisk (*) to add the
specified WWNs to all the F_Ports' allow lists. A blank WWN list ("") indicates no
access. ADS policy must be enabled for this command to succeed.
--adsadd "F_Port [;F_Port2;...]" "WWN [;WWN2;...]"
Adds the specified WWNs to the list of devices allowed to login to the specified
F_Ports. Lists must be enclosed in double quotation marks. List members must be
separated by semicolons. Replace the F_Port list with an asterisk (*) to add the
specified WWNs to all the F_Ports' allow lists. ADS policy must be enabled for this
command to succeed.
--adsdel "F_Port [;F_Port2;...]" "WWN [;WWN2;...]
Deletes the specified WWNs from the list of devices allowed to login to the
specified F_Ports. Lists must be enclosed in double quotation marks. List
members must be separated by semicolons. Replace the F_Port list with an
asterisk (*) to remove the specified WWNs from all the F_Ports' allow lists. ADS
policy must be enabled for this command to succeed.
--adsshow Displays the list of allowed device WWNs for all F_Ports.
--persistentalpaenable 1 | 0 mode
Configures the persistent ALPA feature. Once enabled, the ALPA parts of all
device PIDs become persistent regardless of whether they were logged in before
or after the persistent ALPA feature was enabled. ALPA persistence ensures that
there is no inconsistency between logged in devices. The persistent ALPA feature
is disabled by default.
1 | 0 Specify 1 to enable persistent ALPA. Specify 0 to disable the feature.
mode Specifies the manner in which the ALPA is obtained in the event that the ALPA
value is already taken by another host. Valid modes include the following:
-s Specifies a stringent ALPA request mode. In stringent mode, the login is
rejected if the ALPA is not available.
-f Specifies a flexible ALPA request mode. In flexible mode, the host login is
accepted either with the requested ALPA value or with a different ALPA value
if the requested ALPA is not available.
--printalpamap F_PortDisplays the database entry for the specified port. An F_Port must be specified.
The output displays the PWWN-to-host-ALPA mapping.
Fabric OS Command Reference 31
53-1003108-01
ag 2
--deletepwwnfromdb PWWN
Removes the specified port WWN entry from the database after the host has
logged out.
--clearalpamap F_Port
Clears the ALPA values for the specific F_Port. This command removes the
PWWN-to-ALPA-value mapping from the database.
--addwwnmapping N_Port "WWN [;WWN2;...]" | --all
Maps one or more device WWNs to a preferred N_Port. All traffic form the
specified devices is forced through the specified N_Port, regardless of which
F_Port the device logs into. In the event the designated N_Port should become
unavailable, an alternate port can serve as a preferred failover port. This
command only affects devices that are connecting to the fabric after successful
execution of this command; it will not affect devices already logged in. If a device
is already connected to the switch when its mapping is created, that mapping
goes into effect the next time the device connects. The WWN list must be
enclosed in double quotation marks. WWNs must be separated by semicolons.
The --all option indicates all device WWNs already mapped, for example, if you
wish to change an existing WWN mapping. It does not affect device WWNs that
are not part of an existing mapping.
--delwwnmapping N_Port "WWN [;WWN2;...]" | --all
Removes the mapping of one or more device WWNs to a preferred N_Port. The
--all option removes the mapping for all device WWNs currently mapped to the
specified N_Port. The WWN list must be enclosed in double quotation marks.
WWNs must be separated by semicolons. The mappings are removed upon
execution of this command.
--addwwnpgmapping PG "WWN [;WWN2;...]" | --all
Maps one or more device WWNs to any of the N_Ports included in the specified
port group . The port group is identified by its port group ID. The --all option maps
all currently mapped device WWNs to the specified port group. The WWN list
must be enclosed in double quotation marks. WWNs must be separated by
semicolons. The device WWN to port group mapping takes effect the next time
the device logs in.
--delwwnpgmapping PG "WWN [;WWN2;...]" | --all
Removes the mapping between the specified device WWNs and the specified port
group. The port group is identified by its port group ID. The --all option removes
the mapping of all device WWNs currently mapped to the specified port group.
The WWN list must be enclosed in double quotation marks. WWNs must be
separated by semicolons. The mappings are removed upon execution of this
command.
--addwwnfailovermapping N_Port "WWN [;WWN2;...]"| --all
Maps one or more device WWNs to a preferred failover N_Port. If the N_Port to
which the WWNS are mapped is not available or goes down, the device logins fail
over to the preferred failover N_Port. The --all option maps all currently mapped
device WWNs to the specified failover N_Port. The WWN list must be enclosed in
double quotation marks. WWNs must be separated by semicolons.
--delwwnfailovermapping N_Port "WWN [;WWN2;...]" | --all
Deletes the mapping of one or more device WWNs to a preferred failover N_Port.
The --all option deletes the failover mappings of all device WWNs currently
mapped to the specified N_Port. The WWN list must be enclosed in double
quotation marks. WWNs must be separated by semicolons.
32 Fabric OS Command Reference
53-1003108-01
ag
2
--wwnmappingdisable "WWN [;WWN2;...]" | --all
Disables one or more device WWN mappings. Use this command if you want to
disable the mapping action temporarily without making permanent changes to the
mappings. The mappings remain disabled until they are re-enabled or deleted.
The --all option disables all currently existing device WWN mappings.
--wwnmappingenable "WWN [;WWN2;...]" | --all
e-enables one or more previously disabled device WWN mappings. The --all
option re-enables all previously disabled device WWN mappings.
--wwnmapshow Displays all device WWN mappings. For each device WWN, the command
displays the N_Port number to which it is mapped, the secondary (failover)
N_Port, and the port group if applicable. The "Current" field shows the port the
device is currently using. If the device is not logged in, the field displays "none." If
the device is logged in to a port other than the one it is mapped to, the field
displays that port. If the device is mapped to a port group, the field displays the
number of the port within that port group that the device is currently using. If the
device is using a trunk, the field displays which port in that trunk the device is
logged in. The "Enabled" field indicates, whether a mapping has been temporarily
disabled ("no"), or whether it is in enabled state ("yes").
--reliabilitycounterset count
Sets the reliability limit for the preferred N_Port. This parameter controls the
number of ONLINE or OFFLINE State Change Notification (SCN) messages a
port can receive before becoming unreliable. The range is 10 through 100. The
default value is 25.
The port becomes reliable again if it does not receive any SCN messages for a
period of five minutes. Preferred N_Port settings are not enforced on unreliable
N_Ports. When the port becomes reliable again, the behavior is as follows:
If a FAILBACK flag is set, the port will fail back the configured F_Ports.
Configured F_Ports that are offline will come back online.
If LB mode or auto policy is configured, load rebalancing resumes.
--reliabilitycountershow
Displays the configured reliability limit for N_Ports.
--backupmappingsave N_Port
Saves the configured F_Ports, static F_Ports for the given N_Port, and F_Ports
for which the given N_Port is a preferred one.
--backupmappingdel N_Port
Deletes the backup mappings for the given N_Port, if any.
--backupmappingshow N_Port
Displays the saved mappings for the given N_Port, if any.
EXAMPLES
To display the current state of the Access Gateway with Failover (FO) and Failback (FB) enabled on
N_Ports 9 and 12:
switch:admin> ag --show
Name : core_ag
NodeName : 10:00:00:05:1e:85:ae:f8
Number of Ports : 40
IP Address(es) : 10.17.31.2
Firmware Version : v7.1.0ING
N_Ports : 8
F_Ports : 5
Policies enabled : pg
Fabric OS Command Reference 33
53-1003108-01
ag 2
Persistent ALPA : Disabled
Static WWN Map : None
Port Group information :
PG_ID PG_Members PG_Name PG_Mode
----------------------------------------------
0 0;1;2;3;8; pg0 -
9;10;11;32;33;
34;35;36;37;38;
39
----------------------------------------------
Fabric Information :
Attached Fabric Name N_Ports
---------------------------------------------
10:00:00:05:1e:d6:f8:c9 0;1;2;3;8;
9;10;11
---------------------------------------------
N_Port information :
Port PortID Attached PWWN Attached_Switch
F-port\
-------------------------------------------------\
0 0x010100 50:00:51:ed:6f:8e:60:28 Spirit\
1 0x010100 50:00:51:ed:6f:8e:60:28 Spirit\
2 0x010100 50:00:51:ed:6f:8e:60:28 Spirit\
3 0x010100 50:00:51:ed:6f:8e:60:28 Spirit\
8 0x010d00 20:0d:00:05:1e:d6:f8:c9 Spirit\
9 0x010c00 20:0c:00:05:1e:d6:f8:c9 Spirit\
10 0x010e00 20:0e:00:05:1e:d6:f8:c9 Spirit\
11 0x010f00 20:0f:00:05:1e:d6:f8:c9 Spirit\
Switch FO FB IP_Addr F_Ports
-----------------------------------------
0 1 1 10.17.31.170 4;5;23;
0 1 1 10.17.31.170 None
0 1 1 10.17.31.170 None
0 1 1 10.17.31.170 None
13 1 1 10.17.31.170 6;
12 1 1 10.17.31.170 7;
14 1 1 10.17.31.170 None
15 1 1 10.17.31.170 None
------------------------------------------
F_Port information :
Port PortID Attached PWWN N_Port\
----------------------------------------------- \
4 0x010103 20:00:00:05:1e:85:92:88 0 \
5 0x010102 20:01:00:05:1e:85:92:88 0 \
6 0x010d01 20:02:00:05:1e:85:92:88 8 \
7 0x010c01 20:03:00:05:1e:85:92:88 9 \
23 0x010101 10:00:00:05:1e:65:95:81 0 \
Preferred N_port Login Exceeded?
---------------------------------------
None No
None No
None No
None No
None No
-----------------------------------------------
Static N-Port to F-Port Mapping :
34 Fabric OS Command Reference
53-1003108-01
ag
2
N-Port F-Port
----------------------------------------------
0 None
1 None
2 None
3 None
8 None
9 None
10 None
11 None
---------------------------------------------
To display the current Access Gateway mode:
switch:admin> ag --modeshow
Access Gateway mode is enabled.
switch:admin> ag --modeshow
Access Gateway mode is NOT enabled.
AG group policy commands
To show current policies:
switch:admin> ag --policyshow
AG Policy Policy Name State
-----------------------------------------------------
Port Grouping pg Enabled
Auto Port Configuration auto Disabled
Advanced Device Security ads Disabled
WWN Based Load Balancing wwnloadbalance Disabled
-----------------------------------------------------
To enable a port grouping policy:
switch:admin> ag --policyenable pg
To disable a port grouping policy
switch:admin> ag --policydisable pg
To enable auto port configuration policy when both policies are disabled and the switch is already
disabled:
switch:admin> ag --policyenable auto
All Port related Access Gateway configurations will be lost.
Please save the current configuration using configupload.
Do you want to continue? (yes, y, no, n): [no] y
To disable auto port configuration policy when the switch is disabled:
switch:admin> ag --policydisable auto
Default factory settings will be restored.
Default mappings will come into effect.
Please save the current configuration using configupload.
Do you want to continue? (yes, y, no, n): [no] y
Access Gateway configuration has been restored \
to factory default
To enable the ADS policy:
switch:admin> ag --policyenable ads
Fabric OS Command Reference 35
53-1003108-01
ag 2
To disable the ADS policy:
switch:admin> ag --policydisable ads
To enable the WWN load balancing policy:
switch:admin> ag --policyenable wwnloadbalance
To disable the WWN load balancing policy:
switch:admin> ag --policydisable wwnloadbalance
AG port mapping commands
To display current port mappings and port grouping policies:
switch:admin> ag --mapshow
N_Port Configured Static Current Failover Failback PG_ID PG_Name
_F_Ports _F_Ports _F_Ports
-----------------------------------------------------------------
0 4;5;6 None 4;5;6 1 0 2 SecondFabric
1 7;8;9 None 7;8;9 0 1 0 pg0
2 10;11 None 10;11 1 0 2 SecondFabric
3 12;13 None 12;13 0 1 0 pg0
------------------------------------------------------------------
Explanation of fields in --mapshow output:
Static F_Ports are part of static F_Port to N_Port mapping.
Current F_Ports are the F_Ports that are currently online and mapped to a given N_Port either
because they are mapped to that N_Port or as a result of N_Port failover.
Configured F_Ports are the F_Ports that are explicitly mapped to this N_Port (saved in config).
Failover and Failback indicate whether or not N_Port policy is enabled (1) or disabled (0).
PG_ID is the Port Group ID and PG_Name is the Port Group Name.
To clear all F_Ports mapped to the configured primary N_Port 0:
switch:admin> ag --mapset 0 ""
F_Port to N_Port mapping has been updated successfully
To add F_Ports 4 and 6 to N_Port 0 (observe that Port 0 has no configured F_Ports):
switch:admin> ag --mapset 0 "4;6"
F_Port to N_Port mapping has been updated successfully
To add F_Port 5 to N_Port 2 (observe that N_Port 2 already has mapped F_Ports):
switch:admin> ag --mapadd 2 "5"
To display the new mappings:
switch:admin> ag --mapshow
N_Port Configured Static Current Failover Failback PG_ID PG_Name
_F_Ports _F_Ports F_Ports
-----------------------------------------------------------------
36 Fabric OS Command Reference
53-1003108-01
ag
2
0 4;6 None 4;6 1 0 2 SecondFabric
1 7;8;9 None 7;8;9 0 1 0 pg0
2 5;10;11 None 5;10;11 1 0 2 SecondFabric
3 12;13 None 12;13 0 1 0 pg0
------------------------------------------------------------------
To delete F_Port 5 that was mapped to N_Port 2:
switch:admin> ag --mapdel 2 "5"
Preferred N_port is set for F_Port[s]
Please delete it before removing primary N_Port
ERROR:Unable to remove F_Port[s] from mapping,
retry the command
switch:admin> ag --prefshow
F_Ports Preferred N_Port
-----------------------------------------------
10;11 0
4;5;6 2
7;8;9 3
----------------------------------------------
switch:admin> ag --prefdel 5 2
Preferred N_Port is deleted successfully \
for the F_Port[s]
switch:admin> ag --mapdel 2 "5"
F_Port to N_Port mapping has been updated successfully
To create and display a static mapping:
switch:admin> ag --staticadd 17 1
switch:admin> ag --show
N_Port information :
Port PortID Attached PWWN Attached_Switch
F-port\
-----------------------------------------------------\
0 0x010100 50:00:51:ed:6f:8e:60:28 Spirit \
17 0x010100 50:00:51:ed:6f:8e:60:28 Spirit \
Switch FO FB IP_Addr F_Ports
--------------------------------------------
0 1 1 10.17.31.170 4;5;23;
0 1 1 10.17.31.170 None
-------------------------------------------
F_Port information :
Port PortID Attached PWWN N_Port Preferred \
------------------------------------------------
4 0x010103 20:00:00:05:1e:85:92:88 0 \
5 0x010102 20:01:00:05:1e:85:92:88 0 \
N_port Login Exceeded?
-------------------------
None No
None No
---------------------------------------------------
N_Port Configured Current Failover Failback PG_ID PG_Name
Fabric OS Command Reference 37
53-1003108-01
ag 2
_F_Ports _F_Ports
---------------------------------------------------
0 None None 1 1 N/A N/A
17 2 2 0 0 N/A N/A
---------------------------------------------------
Static N-Port to F-Port Mapping
N-Port F-Port
------------------------------------------
17 1
------------------------------------------
AG failover policy commands
To display failover policy settings for all N_Ports:
switch:admin> ag --failovershow
N_Port failover_bit
---------------------------
0 1
1 0
2 1
3 0
To set and display failover and failback policies on a single port:
switch:admin> ag --failoverenable 1
Failover policy is enabled for port 1
switch:admin> ag --failoverdisable 0
Failover policy is disabled for port 0
switch:admin> ag --failovershow 0
Failover on N_Port 0 is not supported
switch:admin> ag --failbackdisable 2
Failback policy is disabled for port 2
switch:admin> ag --failbackshow 2
Failback on N_Port 2 is not supported
switch:admin> ag --failbackenable 2
Failback policy is enabled for port 2
To display failback policy settings for all the N_Ports:
switch:admin> ag --failbackshow
N_Port failback_bit
---------------------------
0 0
1 1
2 0
3 1
38 Fabric OS Command Reference
53-1003108-01
ag
2
To set and display failback policy settings on a single port:
switch:admin> ag --failbackenable 0
Failback policy cannot be enabled since failover
policy is disabled for port 0
switch:admin> ag --failbackenable 2
Failback policy is enabled for port 2
switch:admin> ag --failbackenable 3
Failback on N_Port 3 is not supported
switch:admin> ag --failbackenable 2
Failback on N_Port 2 is supported
Port Group commands
To display Port Group information:
switch:admin> ag --pgshow
PG_ID PG_Name PG_Mode N_Ports F_Ports
-----------------------------------------------
0 pg0 lb,mfnm 1;3 10;11
2 SecondFabric - 0;2 4;5;6
-----------------------------------------------
To create a port group "FirstFabric" that includes N_Ports 1 and 3 and has login balancing enabled:
switch:admin> ag --pgcreate 3 "1;3" -n FirstFabric1 -m "lb"
Port Group 3 created successfully
switch:admin> ag --pgshow
PG_ID PG_Name PG_Mode N_Ports F_Ports
-----------------------------------------------
0 pg0 lb,mfnm none none
2 SecondFabric - 0;2 4;5;6
3 FirstFabric lb 1;3 10;11
-----------------------------------------------
To rename the port group with pgid 2 to "MyEvenFabric":
switch:admin> ag --pgrename 2 MyEvenFabric
Port Group 2 has been renamed as MyEvenFabric successfully
switch:admin> ag --pgshow
PG_ID PG_Name PG_Mode N_Ports F_Ports
-----------------------------------------------
0 pg0 lb,mfnm none none
2 MyEvenFabric - 0;2 4;5;6
3 FirstFabric lb 1;3 10;11
-----------------------------------------------
Fabric OS Command Reference 39
53-1003108-01
ag 2
To remove the port group with pgid 2:
switch:admin> ag --pgremove 2
Port Group 2 has been removed successfully
switch:admin> ag --pgshow
PG_ID PG_Name PG_Mode N_Ports F_Ports
-----------------------------------------------
0 pg0 lb,mfnm 0;2 4;5;6
3 FirstFabric lb 1;3 10;11
-----------------------------------------------
To enable managed fabric name monitoring in port group 3:
switch:admin> ag --pgsetmodes 3 "mfnm"
Managed Fabric Name Monitoring mode has been \
enabled for Port Group 3
switch:admin> ag --pgshow
PG_ID PG_Name PG_Mode N_Ports F_Ports
-----------------------------------------------
0 pg0 lb,mfnm 0;2 4;5;6
3 FirstFabric lb,mfnm 1;3 10;11
-----------------------------------------------
To disable managed fabric name monitoring in port group 3:
switch:admin> ag --pgdelmodes 3 "mfnm"
Managed Fabric Name Monitoring mode has been disabled for Port Group 3
switch:admin> ag --pgshow
-----------------------------------------------
0 pg0 lb,mfnm 0;2 4;5;6
3 FirstFabric lb 1;3 10;11
-----------------------------------------------
To get the current fabric name monitoring timeout value:
switch:admin> ag --pgfnmtov
Fabric Name Monitoring TOV: 120 seconds
To set the fabric name monitoring timeout value to 30 seconds:
switch:admin> ag --pgfnmtov 30
AG Preferred port information commands
To display preferred port settings for F_Ports:
switch:admin> ag --prefshow
F_Ports Preferred N_Port
------------------------------------------
10;11 0
12;13 1
4;6 2
7;8;9 3
------------------------------------------
40 Fabric OS Command Reference
53-1003108-01
ag
2
To delete secondary port mapping for F_Ports 7, 8 and 9:
switch:admin> ag --prefdel "7;8;9" 3
Preferred N_Port is deleted successfully \
for the F_Port[s]
To set secondary port mapping for F_Ports 7, 8 and 9:
switch:admin> ag --prefset "7;8;9" 3
Preferred N_Port is set successfully \
for the F_Port[s
ADS Policy commands
To set the list of allowed devices for Ports 11 and 12 to 'no access':
switch:admin> ag --adsset "11;12" ""
WWN list set successfully as the Allow Lists of \
the F_Port[s]
To set the list of allowed devices for Ports 1, 10 and 13 to 'all access':
switch:admin> ag --adsset "1;10;13" "*"
WWN list set successfully as the Allow Lists of \
the F_Port[s]
To remove two devices from the lists of allowed devices for ports 1 and 9:
switch:admin> ag --adsdel "3;9" \
"22:03:08:00:88:35:a0:12;22:00:00:e0:8b:88:01:8b"
WWNs removed successfully from Allow Lists of the\
F_Port[s]
To add a two new device to the lists of allowed devices for ports 1 and 9:
switch:admin> ag --adsadd "3;9" \
"20:03:08:00:88:35:a0:12;21:00:00:e0:8b:88:01:8b"
WWNs added successfully to Allow Lists of the \
F_Port[s]
To display the lists of allowed devices on the switch:
switch:admin> ag --adsshow
F_Port WWNs Allowed
-------------------------------------------
1 ALL ACCESS
3 20:03:08:00:88:35:a0:12
21:00:00:e0:8b:88:01:8b
9 20:03:08:00:88:35:a0:12
21:00:00:e0:8b:88:01:8b
10 ALL ACCESS
11 NO ACCESS
12 NO ACCESS
13 ALL ACCESS
--------------------------------------------
Persistent ALPA configuration commands
To enable persistent ALPA in flexible mode:
switch:admin> ag --persistentalpaenable 1 -f
Persistent ALPA mode is enabled
Fabric OS Command Reference 41
53-1003108-01
ag 2
To enable persistent ALPA in stringent mode:
switch:admin> ag --persistentalpaenable 1 -s
Persistent ALPA mode is enabled
To disable persistent ALPA mode:
switch:admin> ag --persistentalpaenable 0
Persistent ALPA mode is enabled
To display the ALPA database entries for F_Port 5:
switch:admin> ag --printalpamap 5
Hash table for Port 5 data
PWWN ALPA
============================================
20:12:00:05:1e:85:92:88 1
20:07:00:05:1e:01:0b:4a 3
To attempt to remove a device entry from the database while the device is online and cannot be
removed:
switch:admin> ag --deletepwwnfromdb \
0:12:00:05:1e:85:92:88 20:08:00:05:1e:01:0b:4a Online. \
Cannot delete an online device
To remove a device entry from the database when the device is offline:
switch:admin> ag --deletepwwnfromdb \
0:12:00:05:1e:85:92:88
Device 20:13:00:05:1e:85:92:88 successfully deleted
To remove a device entry from the database when the device is not present in the table
switch:admin> ag --deletepwwnfromdb \
0:12:00:05:1e:85:92:00 20:12:00:05:1e:85:92:00 not found.
Please check the device name
To remove the PWWN to ALPA value for port 5 from the database and to verify the removal:
switch:admin> ag --clearalpamap 5
ALPA Table for port 5 is cleared
switch:admin> ag --clearalpamap 5
Hash table for Port 5 data
PWWN ALPA
============================================
Hash Table is empty
Device WWN mapping commands
To create a WWN to N_Port mapping for two devices.
switch:admin> ag --addwwnmapping 8 \
"0:12:00:05:1e:85:92:88; 0:12:00:05:1e:85:92:88"
To delete one of the device WWN to N_Port mappings.
switch:admin> ag --delwwnmapping 8 \
"0:12:00:05:1e:85:92:88"
42 Fabric OS Command Reference
53-1003108-01
ag
2
To create a WWN to port group mapping for all currently mapped devices (this command does not affect
devices not already mapped or connecting later).
switch:admin> ag --addwwnpgmapping 4 --all
To add port 13 as a preferred failover N_Port for a device:
switch:admin> ag --addwwnfailovermapping 13 "0:12:00:05:1e:85:92:88"
To disable all WWN mappings:
switch:admin> ag --wwnmappingdisable --all
To display the WWN mappings when WWN load balancing policy is not enabled:
switch:admin> ag --wwnmapshow
Static Device Mapping Information:
WWN, 1st N_Port 2nd N_Port PG_ID Current Enabled
----------------------------------------------------------
25:f7:00:0c:29:00:02:8b 9 None None None yes
25:f7:00:0c:29:00:03:8b 9 None None None yes
25:f7:00:0c:29:00:04:8b 9 None None None yes
25:f7:00:0c:29:00:05:8b 9 None None None yes
25:f7:00:0c:29:00:07:8b 9 None None None yes
25:f7:00:0c:29:00:08:8b 9 None None None yes
25:f7:00:0c:29:00:09:8b 9 None None None yes
25:f7:00:0c:29:00:0a:8b 9 None None None yes
----------------------------------------------------------
Dynamic Device Mapping Information:
----------------------------------------------------------
No dynamic mappings in use
----------------------------------------------------------
To display the WWN mappings when WWN load balancing policy is enabled:
switch:admin> ag --wwnmapshow
Static Device Mapping Information:
WWN, 1st N_Port 2nd N_Port PG_ID Current Enabled
----------------------------------------------------------
No static mappings are defined
----------------------------------------------------------
Dynamic Device Mapping Information:
WWN, 1st N_Port 2nd N_Port PG_ID Current Enabled
-----------------------------------------------------------
10:00:00:06:2b:11:52:df 23 None 0 23 yes
-----------------------------------------------------------
To configure and display the reliability counter for the preferred N_Port:
switch:admin> ag --reliabilitycounterset 50
switch:admin> ag --reliabilitycountershow
================================
Reliability Counter = 50
================================
Fabric OS Command Reference 43
53-1003108-01
ag 2
Backup mapping commands
To save the configured, static, and preferred mapping of an N_Port:
switch:admin> ag --backupmappingsave 43
Configured,static and preferred mappings have been saved \
for the N_port successfully.
To display the saved mappings for the given N_Port:
switch:admin> ag --backupmappingshow 43
N_Port : 43
Backed-up Configured F_Ports : 15;16;17
Backed-up Static F_ports : 18;19
Backed-up Preferred F_ports : 27;28
To delete the backup mappings for the given N_Port:
switch:admin> ag --backupmappingdel 43
Backed up mappings have been deleted for the N_port.
SEE ALSO agAutoMapBalance, portCfgNPort, portCfgNPIVPort
44 Fabric OS Command Reference
53-1003108-01
agAutoMapBalance
2
agAutoMapBalance
Controls automatic remapping of F_Ports in AG mode.
SYNOPSIS agautomapbalance --enable [-fport | -nport]
[-pg Port_Group_Number | -all]
agautomapbalance --disable [-fport | -nport]
[-pg Port_Group_Number | -all]
agautomapbalance --force
agautomapbalance --show
agautomapbalance --help
DESCRIPTION Use this command to control the automatic rebalancing of F_Ports for login distribution in the event that
an F_Port goes offline or an N_Port comes online.
If automatic rebalancing is enabled, and an F_Port goes offline, the remaining F_Port logins are
redistributed across the existing N_Ports. Similarly if a new N_Port comes online, some of the F_Port
logins being routed through existing N_Ports would be failed over to the new N_Ports. Both operations
are potentially disruptive. Disabling automatic rebalancing of login distribution provides a way of avoiding
disruptions associated with routine F_Port/N_Port offline/online events.
The default values for agautomapbalance are as follows:
Disable automatic login redistribution when F_Ports go offline.
Enable automatic login redistribution when N_Ports come online.
Use the --show option to display the current configuration of the automatic rebalancing feature. The
command output varies depending on current AG policy settings:
If Port Group Policy is enabled on the switch, the command displays the following information for
each configured port group:
-PG_ID - Port Group number
-LB mode - Login Balancing mode: enabled or disabled
-nport - Enabled or disabled
-fport- Enabled or disabled
If Auto Policy is enabled on the switch, the command displays the status of the automatic
rebalancing feature per port type as either disabled or enabled.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following operands:
--enable Enables automatic login redistribution upon removal or addition of a specified port
type.
-fport Enables automatic login redistribution in the event that one or more F_Ports go
offline. When automatic login redistribution is enabled, the remaining F_Ports are
remapped such that logins are balanced among the existing Imports.
Fabric OS Command Reference 45
53-1003108-01
agAutoMapBalance 2
-nport Enables automatic login redistribution in the event that one or more N_Ports come
online. When automatic login redistribution is enabled, the F_Ports mapped to the
current N_Ports are rebalanced among the N_Ports.
--disable Disables automatic login redistribution upon removal or addition of a specified port
type.
-fport Disables automatic login redistribution in the event that one or more F_Ports go
offline. When automatic login redistribution is disabled, the remaining F_Ports
maintain their existing N_Port mappings.
-nport Disables automatic login redistribution in the event that one or more N_Ports
come online. When auto map balancing is enabled, the F_Ports mapped to the
current N_Ports are rebalanced among the N_Ports.
-pg Port_Group_Number | -all
Specifies the port group number or all port groups. These operands are
mutually exclusive and optional with the --enable and --disable options.
When a port group is specified, command execution is targeted to the
members of that specific port group. When all port groups are specified,
command execution is targeted to all port groups defined in the Access
Gateway. The port group options are allowed only when login balancing is
enabled on the specified port groups.
--force Enforces automatic login redistribution on a one-time basis in the event that
automatic login redistribution is disabled for N_Port addition, F_Port removal or
both. This command forces rebalancing of the F_Port to N_Port mapping once. It
does not affect the configuration settings.
--show Displays the auto login distribution configuration.
--help Displays the command usage.
EXAMPLES To display the automatic login redistribution settings for port groups 0 and 1:
switch:admin> agautomapbalance --show
AG Policy: pg
--------------------------------------------
PG_ID LB mode nport fport
--------------------------------------------
0 Enabled Enabled Disabled
1 Disabled - -
---------------------------------------------
To display the automatic login redistribution settings for N_Ports and F_Ports.
switch:admin> agautomapbalance --show
-------------------------------------------------
AG Policy: Auto
-------------------------------------------------
automapbalance on N_Port Online Event: Disabled
automapbalance on F_Port Offline Event: Enabled
--------------------------------------------------
46 Fabric OS Command Reference
53-1003108-01
agAutoMapBalance
2
To disable automatic login redistribution on F_Port offline events:
switch:admin> agautomapbalance --disable -fport
To enable automatic login redistribution on F_Ports and N_Ports on port group 1 in the Access Gateway:
switch:admin> agautomapbalance --enable -fport pg 1
To disable automatic login redistribution on F_Ports and N_Ports on all port groups in the Access
Gateway:
switch:admin> agautomapbalance --disable -all
SEE ALSO ag, agShow
Fabric OS Command Reference 47
53-1003108-01
agShow 2
agShow
Displays the Access Gateway information registered with the fabric.
SYNOPSIS agshow
agshow --name ag_name
agshow --local
DESCRIPTION This command displays the details of the F_Ports and the configured N_Ports in the Access Gateway
attached to the fabric. The command output displays the following information.
Name The name of the Access Gateway.
NodeName The World Wide Name of the Access Gateway node.
Ports The number of ports in the Access Gateway.
Enet IP Addr The IP address of the Access Gateway.
Firmware Current firmware running on the Access Gateway.
Local/Remote Indicates whether the Access Gateway is locally or remotely registered to this
switch.
World Wide Name The world wide name (WWN) of the given Access Gateway.
N-Port ID(s) The port ids of the N_Ports configured in the given Access Gateway.
N-Ports The number of configured N_Ports that are online.
F-Ports The number of F_Ports that are online.
Attached F-Port information
Displays the Port ID, the switch F-port number, and the Port WWN of each F_Port
that is online on the Access Gateway.
Access Gateway F-Port information
Displays the port number, the port ID, and the Port WWN of the Access Gateway
to which the F_Port is connected. This information is displayed only if both the
Access Gateway and the switch to which the Access Gateway is attached are
running Fabric OS v.7.0.0. The data in this section is not always synchronized with
the data in the Attached F-Port information section.
NOTES NPIV capability should be enabled on the ports connected to the Access Gateway. NPIV capability is
enabled by default. Use portCfgNPIVPort to enable NPIV capability a port if it was previously disabled.
Note that enabling or disabling NPIV capability is no longer supported in Access Gateway mode.
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
48 Fabric OS Command Reference
53-1003108-01
agShow
2
OPERANDS This command has the following optional operands:
--name ag_name Displays information regarding a specific Access Gateway that is registered with
this fabric.
--local Display information regarding all Access Gateways that are locally registered to
this switch.
EXAMPLES To display the Access Gateway information registered with the fabric:
switch:admin> agshow --name core_ag
Name : core_ag
NodeName : 10:00:00:05:1e:85:ae:f8
N-Port ID(s) : 0x010100,0x010d00,0x010c00,0x010e00,0x010f00
Number of Ports : 40
IP Address(es) : 10.17.31.2
Firmware Version : v7.1.0ING
N-Ports : 5
F-Ports : 5
Attached F-Port information :
PortID Port WWN Switch F-port
--------------------------------------------------
0x010101 10:00:00:05:1e:65:95:81 0
0x010102 20:01:00:05:1e:85:92:88 0
0x010d01 20:02:00:05:1e:85:92:88 13
0x010c01 20:03:00:05:1e:85:92:88 12
Access Gateway F-Port Information :
F-Port NumberF-Port IDF-Port WWN
-------------------------------------------------
23 0x01010120:17:00:05:1e:85:ae:f8
To display the locally registered Access Gateways:
switch:admin> agshow --local
Worldwide Name Ports Enet IP Addr Firmware \
----------------------------------------------------\
10:00:00:05:1e:04:06:ae 24 10.32.173.64 v6.4.0 \
Local/Remote Name
----------------------------
local L5D_B14_4024_1
To display all Access Gateways attached to the fabric:
switch:admin> agshow
Worldwide Name Ports Enet IP Addr Firmware \
----------------------------------------------------\
10:00:00:05:1e:02:b7:2c 16 10.32.173.62 v6.4.0 \
10:00:00:05:1e:04:06:ae 24 10.32.173.64 v6.4.0 \
10:00:00:05:1e:04:06:ae 24 10.32.173.51 v6.4.0 \
Local/Remote Name
----------------------------------
local L5D_B10_4016_1
local L5D_B14_4024_1
local L5D_B13_200_AG
SEE ALSO portCfgNPIVPort
Fabric OS Command Reference 49
53-1003108-01
aliAdd 2
aliAdd
Adds a member to a zone alias.
SYNOPSIS aliadd "aliName","member[; member...]"
DESCRIPTION Use this command to add one or more members to an existing zone alias. The alias member list cannot
contain another zone alias.
This command changes the defined configuration. For the change to become effective, enable the zone
configuration with the cfgEnable command. For the change to be preserved across switch reboots, save
the zone configuration to nonvolatile memory with the cfgSave command.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
When an FCS policy is enabled, this command can be issued only from the primary FCS switch.
OPERANDS The following operands are required:
"aliName"Specify the name of a zone alias, enclosed in double quotation marks.
"member"Specify a member or list of members to be added to the alias, enclosed in double
quotation marks. Members must be separated by semicolons. An alias member
can be specified by one or more of the following methods:
A switch domain and port index pair. Use switchShow for a list of valid port
index numbers.
A world wide name (WWN).
EXAMPLES To add members to zone aliases array1, array2, and loop1:
switch:admin> aliadd "array1", "1,2"
switch:admin> aliadd "array2", "21:00:00:20:37:0c:72:51"
SEE ALSO aliCreate, aliDelete, aliRemove, aliShow
50 Fabric OS Command Reference
53-1003108-01
aliCreate
2
aliCreate
Creates a zone alias.
SYNOPSIS alicreate "aliName","member[; member...]"
DESCRIPTION Use this command to create a new zone alias. The zone alias member list must have at least one
member (empty lists are not allowed). The alias member list cannot contain another zone alias. Refer to
the zoneCreate command for more information on name and member specifications.
This command changes the defined configuration. For the change to become effective, enable the zone
configuration with the cfgEnable command. For the change to be preserved across switch reboots, save
the zone configuration to nonvolatile memory with the cfgSave command.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
When an FCS policy is enabled, this command can be issued only from the primary FCS switch.
OPERANDS The following operands are required:
"aliName"Specify a name for the zone alias, in double quotation marks. A zone alias name
must begin with a letter and can be followed by any number of letters, numbers,
and underscore characters. Names are case-sensitive. For example, "Ali_1" and
"ali_1" are different zone aliases. Spaces are ignored.
"member"Specify a member or list of members to be added to the alias, enclosed in double
quotation marks. Members must be separated by semicolons. An alias member
can be specified by one or more of the following methods:
A switch domain and port index pair. Use switchShow for a list of valid port
index numbers.
A world wide name (WWN).
EXAMPLES To create a zone alias defined by domain and port index pairs:
switch:admin> alicreate "array1", "2,32; 2,33; 2,34"
To create a zone alias with one member defined by WWN.
switch:admin> alicreate "array2", "21:00:00:20:37:0c:66:23"
SEE ALSO aliAdd, aliDelete, aliRemove, aliShow
Fabric OS Command Reference 51
53-1003108-01
aliDelete 2
aliDelete
Deletes a zone alias.
SYNOPSIS alidelete "aliName"
DESCRIPTION Use this command to delete a zone alias.
This command changes the defined configuration. For the change to become effective, enable the zone
configuration with the cfgEnable command. For the change to be preserved across switch reboots, save
the zone configuration to nonvolatile memory with the cfgSave command.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
When an FCS policy is enabled, this command can be issued only from the primary FCS switch.
OPERANDS The following operand is required:
"aliName"Specify the name of the zone alias to be deleted. Double quotation marks are
optional.
EXAMPLES To delete the zone alias "array2":
switch:admin> alidelete "array2"
switch:admin> alidelete array1
SEE ALSO aliAdd, aliCreate, aliRemove, aliShow
52 Fabric OS Command Reference
53-1003108-01
aliRemove
2
aliRemove
Removes a member from a zone alias.
SYNOPSIS aliremove "aliName","member[; member...]"
DESCRIPTION Use this command to remove one or more members from an existing zone alias.
If all members are removed, the zone alias is deleted.
This command changes the defined configuration. For the change to become effective, enable the zone
configuration with the cfgEnable command. For the change to be preserved across switch reboots, save
the zone configuration to nonvolatile memory with the cfgSave command.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
When an FCS policy is enabled, this command can be issued only from the primary FCS switch.
OPERANDS This command has the following operands:
"aliName"Specify the name of the zone alias from which members are to be removed in
double quotation marks. This operand is required.
"member"Specify a member or list of members to be removed from the alias. The list must
be enclosed in double quotation marks. Members must be separated by
semicolons. An alias member can be specified by one or more of the following
methods:
A switch domain and port index number pair. Use switchShow for a list of
valid port index numbers.
A world wide name (WWN)
The member list is located by an exact string match; therefore, it is important to
maintain the order when removing multiple members. For example, if a zone alias
contains"1,2; 1,3; 1,4", then removing"1,3; 1,4" succeeds but removing"1,4; 1,3"
fails.
EXAMPLES To remove a world wide name from"array1":
switch:admin> aliremove "array1", "3,5"
switch:admin> aliremove "array1", "21:00:00:20:37:0c:76:8c"
switch:admin> aliremove "array1", "0xEF"
SEE ALSO aliAdd, aliCreate, aliDelete, aliShow
Fabric OS Command Reference 53
53-1003108-01
aliShow 2
aliShow
Displays zone alias information.
SYNOPSIS alishow [--ic] ["pattern"][, mode]
alishow --help
DESCRIPTION Use this command to display zone configuration information.
Use the pattern operand to display only matching zone alias names in the defined configuration.
If no parameters are specified, all zone configuration information (both defined and effective) is
displayed. Refer to cfgShow for a description of this display.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
When an FCS policy is enabled, this command can be issued only from the primary FCS switch.
OPERANDS When invoked without an operand, this command displays all zone configuration information (defined
and effective). Refer to cfgShow for a description of this display. The following operands are optional:
--ic Displays all configured zone alias names for a given pattern without case
distinction.
"pattern"A POSIX-style regular expression that matches zone alias names. This operand
must be enclosed in quotation marks. Patterns may contain:
Question mark (?) - matches any single character.
Asterisk (*) - matches any string of characters.
Range - matches any character within the range. Ranges must be enclosed
in brackets: for example, [0-9] or [a-f].
mode Specify 0 to display the contents of the transaction buffer (the contents of the
current transaction), or specify 1 to display the contents of the nonvolatile
memory. The default value is 0.
--help Displays the command usage.
EXAMPLES To display all zone aliases beginning with "arr":
switch:admin> alishow "arr*"
alias: array1 21:00:00:20:37:0c:76:8c
alias: array2 21:00:00:20:37:0c:66:23
To display all zone alias names beginning with "arr", regardless of the case:
switch:admin> alishow --ic "arr*"
alias: array1 20:e0:00:05:33:11:1f:00
alias: ARRAY2 2f:11:00:05:33:c1:37:a2
SEE ALSO aliAdd, aliCreate, aliDelete, aliRemove
54 Fabric OS Command Reference
53-1003108-01
appLoginHistory
2
appLoginHistory
Displays the history of HTTP login sessions.
SYNOPSIS apploginhistory --show
apploginhistory --help
DESCRIPTION Use this command to display the history of HTTP login sessions from external management applications
such as Brocade Network Advisor or Web Tools. The command displays both current sessions and a
history of past sessions. For each entry, the command output shows the following information:
The date and time when the session started (YYYY/MM/DD-HH:MM:SS.MS).
The IP address of the machine that initiated the HTTP login.
The role of the user initiating the login.
The application initiating the login.
The history supports a maximum of 100 entries. If the history exceeds the maximum size, the oldest
entries will be removed.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following operands:
--show Displays the currently active logins and a history of past logins.
--help Displays the command usage.
EXAMPLES To display the application login history:
switch:admin> apploginhistory -- show
The following are history of logins to the switch from external
applications
(Login Timestamp, IP Address, User Account, Application):
2011/10/13-15:51:31.203814, 10.20.10.160, admin, DCFM-HttpConnector/null
2011/10/13-15:51:33.095638, 10.20.10.160, admin, DCFM-HttpConnector/null
2011/10/13-15:52:14.178299, 10.20.10.161, admin, DCFM-HttpConnector/null
2011/10/13-15:52:14.643639, 10.20.10.161, admin, DCFM-HttpConnector/null
2011/10/13-15:53:55.966050, 10.20.10.161, admin, DCFM-HttpConnector/null
2011/10/13-15:53:56.329979, 10.20.10.161, admin, DCFM-HttpConnector/null
2011/10/13-15:53:56.858216, 10.20.10.161, admin, DCFM-HttpConnector/null
2011/10/13-15:53:57.547672, 10.20.10.161, admin, DCFM-HttpConnector/null
The following are the sessions from the external applications that are
Fabric OS Command Reference 55
53-1003108-01
appLoginHistory 2
active currently:
2011/10/13-15:51:31.203814, 10.20.10.160, admin, DCFM-HttpConnector/null
2011/10/13-15:51:33.095638, 10.20.10.160, admin, DCFM-HttpConnector/null
2011/10/13-15:52:14.178299, 10.20.10.161, admin, DCFM-HttpConnector/null
2011/10/13-15:53:57.547672, 10.20.10.161, admin, DCFM-HttpConnector/null
SEE ALSO None
56 Fabric OS Command Reference
53-1003108-01
aptPolicy
2
aptPolicy
Changes or displays the Advanced Performance Tuning (APT) policy.
SYNOPSIS aptpolicy [policy]
aptpolicy -ap [ap_policy]
DESCRIPTION Use this command to display and change the advanced performance tuning (APT) policies on a switch.
Several internal performance tuning parameters can be modified with this command. The default
parameters (AP shared Link Policy) are optimized for most SAN applications; in most environments,
there is no need to modify the default policy.
Distributed path selection (DPS) is supported in logical fabrics. APT policy settings affecting the DPS
behavior can be configured per logical switch, and settings apply to the partition for which they are set.
Note that policy settings for the base switch or any switch in the base fabric affect all traffic going through
the base fabric including any logical fabric traffic that uses the base fabric.
In a logical fabric environment, Link Policy settings (aptpolicy -ap) apply only to the base switch and can
be executed only on the base switch.
When invoked without arguments, this command displays the APT policies supported on this switch, as
well as the current policy.
NOTES You must disable the switch before using this command to change the current policy. Changes take effect
immediately for all EX/VEX_Ports after the switch is re-enabled.
For details on performance tuning, refer to the Fabric OS Administrator's Guide.
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following operands:
policy Specifies the APT policy. The following polices are supported:
1Port-based routing policy. With this policy, the path chosen for an ingress frame is
based on both of the following items:
The ingress port on which the frame was received.
The destination domain for the frame.
The chosen path remains the same if Dynamic Load Sharing (DLS) is not
enabled. If DLS is enabled, a different path may be chosen for a fabric event.
Refer to dlsSet for a definition of a fabric event.
This policy may provide better ISL utilization when there is little or no
oversubscription of the ISLs.
Note that static routes are supported only with this policy.
2Device Based Routing Policy (FICON support only). Device-based routing is
supported in FICON environments only. With this policy, the path chosen for an
ingress frame is based on the following items:
The ingress port on which the frame was received.
The FC address of the source fabric device (SID) for this frame.
The FC address of the destination fabric device (DID) for this frame.
Fabric OS Command Reference 57
53-1003108-01
aptPolicy 2
This policy optimizes the utilization of the available paths by allowing I/O traffic
between different source fabric device (SID) or destination fabric device (DID)
pairs to use different paths. As a result, every distinct flow in the fabric can take a
different path through the fabric. Effectively, device based routing works the same
as exchange-based routing but does not use the Originator Exchange ID (OXID)
field. This helps to ensure that the exchanges between a pair of devices stay in
order.
Device-based routing is also a form of Dynamic Path Selection (DPS). DPS
assigns communication paths between end devices in a fabric to egress ports in
ratios proportional to the potential bandwidth of the ISL, ICL, or trunk group. When
there are multiple paths to a destination, the input traffic is distributed across the
different paths in proportion to the bandwidth available on each of the paths. This
improves utilization of the available paths and reduces possible path congestion.
3Exchange-based routing policy (default). With this policy, the path chosen for an
ingress frame is based on all of the following items:
The ingress port on which the frame was received.
The FC address of the SID for this frame.
The FC address of the DID for this frame.
The FC OXID for this frame.
This policy optimizes the utilization of the available paths by allowing I/O traffic
between different SID, DID, or OXID pairs to use different paths. All frames
received on an ingress port with the same SID, DID, or OXID parameters take the
same path unless there is a fabric event. Refer to dlsSet for the definition of a
fabric event.
This policy does not support static routes. DLS is always enabled and the DLS
setting cannot change with this policy.
-ap ap_policy Specifies an additional AP policy option supported under both port-based and
exchange-based policies. If logical fabrics are enabled, this command is valid only
on the base switch. The following policies are supported:
0AP Shared Link Policy (default).
1AP Dedicated Link Policy. This policy dedicates some links to the ingress traffic
and some links to the egress traffic. This policy relieves internal congestion in an
environment where there is a large amount of traffic going through both directions
at the same time. In addition, it can reduce the impact of slow devices on the
overall switch performance.
EXAMPLES To display the current APT policy:
switch:admin> aptpolicy
Current Policy: 3 1(ap)
3 1 (ap): Default Policy
1: Port Based Routing Policy
2: Device Based Routing Policy (FICON support only)
3: Exchange Based Routing Policy
0: AP Shared Link Policy
1: AP Dedicated Link Policy
58 Fabric OS Command Reference
53-1003108-01
aptPolicy
2
To change the current APT policy to the AP Shared Link Policy:
switch:admin> aptpolicy -ap 0
Switch must be disabled in order to modify \
this configuration parameter. To disable the switch, \
use the "switchDisable" command.
switch:admin> switchdisable
switch:admin> aptpolicy -ap 0
Policy updated successfully.
switch:admin> switchenable
switch:admin> aptpolicy
Current Policy: 3 0(ap)
3 0(ap): Default Policy
1: Port Based Routing Policy
2: Device Based Routing Policy (FICON support only)
3: Exchange Based Routing Policy
0: AP Shared Link Policy
1: AP Dedicated Link Policy
SEE ALSO dlsReset, dlsSet, dlsShow, switchDisable
Fabric OS Command Reference 59
53-1003108-01
auditCfg 2
auditCfg
Modifies and displays the audit log filter configuration.
SYNOPSIS auditcfg --class audit_class
auditcfg --enable | --disable
auditcfg --severity severity_level
auditcfg --show
DESCRIPTION Use this command to configure the audit logging and to display the audit log configuration. This
command allows you to set filters by configuring certain classes, to add or remove any of the classes in
the filter list, to set severity levels for audit messages, and to enable or disable audit filters. Based on the
configuration, certain classes are logged to syslog for auditing. Syslog configuration is required for
logging audit messages. Use the syslogdIpAdd command to add the syslogd server IP address.
NOTES The RAS class is not configurable; its function is to audit the audit log management operations and it is
always enabled internally.
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following operands:
--class Configures filters for a specified audit class. To add or remove any of the classes
in the filter list, reissue the --class option.
audit_class Specifies the filters to be configured. Valid values are: 1-ZONE, 2-SECURITY,
3-CONFIGURATION, 4-FIRMWARE, 5-FABRIC, 6-FW (Fabric Watch), and 7-LS
(Logical Switch), 8-CLI, 9-MAPS. The filter is specified by its numeric value. To
add more than one filter, the numeric values must be separated by commas.
Spaces are not permitted. This operand is required.
--severity Sets audit severity level to a specified value. When severity is set, only log
messages of type severity_level and higher are displayed. You cannot enter
multiple severity levels.
severity_level Valid values are INFO, WARNING, ERROR, and CRITICAL. By default, all
messages are logged. This operand is required.
--enable Enables all filters. This action enables an existing configuration; it does not
change the configuration.
--disable Disables all filters.This action disables an existing configuration; it does not
change the configuration.
--show Displays the current configuration. This operand is optional.
60 Fabric OS Command Reference
53-1003108-01
auditCfg
2
EXAMPLES To configure the audit log filter:
switch:admin> auditcfg --class 2,3,8
Audit filter is configured.
To enable audit logging:
switch:admin> auditcfg --enable
Audit filter is enabled.
To display the configuration:
switch:admin> auditcfg --show
Audit filter is enabled.
2-SECURITY
3-CONFIGURATION
8-CLI
Severity level: INFO
To disable audit logging and to display the configuration (the filters are unchanged but show the disabled
state):
switch:admin> auditcfg --disable
Audit filter is disabled.
switch:admin> auditcfg --show
Audit filter is disabled.
2-SECURITY
3-CONFIGURATION
8-CLI
Severity level: INFO
SEE ALSO auditDump, rasAdmin
Fabric OS Command Reference 61
53-1003108-01
auditDump 2
auditDump
Displays or clears the audit log.
SYNOPSIS auditdump -s | -show
auditdump -c | -clear
DESCRIPTION Use this command to display or clear the audit log on the switch. The audit log persistently saves the
most recent 256 log entries on the switch. On modular platforms, the entries are not shared across CPs.
Each CLI executed on a switch from non-root user account is saved as an audit log. To display or clear
the logs, this command must be issued for each CP separately.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following operands:
-s | -show Displays the audit log on the switch or the CP.
-c | -clear Clears the audit log on the switch or the CP.
EXAMPLES To display the audit log:
switch:admin> auditdump -s
0 AUDIT, 2010/02/18-01:45:52 (PDT), [SEC-3022], INFO, SECURITY,
admin/admin/10.32.220.161/http/DCFM-HttpConnec, ad_0/ras035/FID
128,, Event: logout, Status: success, Info: Successful logout
by user [admin].
1 AUDIT, 2010/02/18-01:46:00 (PDT), [SEC-3022], INFO, SECURITY,
admin/admin/10.32.220.161/http/DCFM-HttpConnec, ad_0/ras035/FID
128,, Event: logout, Status: success, Info: Successful logout
by user [admin].
2 AUDIT, 2010/02/18-01:46:18 (PDT), [SEC-3020], INFO, SECURITY,
admin/admin/10.32.220.161/http/DCFM-HttpConnec, ad_0/ras035/FID
128,, Event: login, Status: success, Info: Successful login
attempt via HTTP, IP Addr: 10.32.220.161.
3 AUDIT,2012/05/23-03:45:15 (UTC),[RAS-3005], INFO, CLI,
admin/admin/NONE/console/CLI,ad_0/McKsSpirit/CHASSIS,
CLI:clihistory
4 AUDIT,2012/05/23-04:12:04 (UTC),[RAS-3005],INFO,CLI,
admin/admin/NONE/console/CLI,ad_0/McKsSpirit/CHASSIS,
CLI:auditdump -s
(output truncated)
To clear the audit log:
switch:admin> auditdump -c
SEE ALSO auditCfg
62 Fabric OS Command Reference
53-1003108-01
authUtil
2
authUtil
Displays and sets the authentication configuration.
SYNOPSIS authutil
authutil --show
authutil --set option value
authutil --policy -sw option | -dev option
authutil --authinit [slot/]port[, [slot/]port...] | allE
DESCRIPTION Use this command to display and set local switch authentication parameters.
Use --set to change authentication parameters such as protocol, Diffie-Hellman group (DH group), or
hash type. When no protocol is set, the default setting of "FCAP, DH- CHAP" is used. When no group is
set, the default setting of "*" (meaning "0,1,2,3,4") is used. Configuration settings are saved persistently
across reboots. Configuration changes take effect during the next authentication request.
Use the --show command to display the current authentication configuration.
Authentication parameters are set on a per-switch basis. If Virtual Fabrics are enabled, all authentication
parameters apply to the current logical switch context only, and must be configured separately for each
logical switch. Use setContext to change the current logical switch context.
In a VF environment, authentication is performed only on physical E_Ports, not on logical interswitch
links (LISLs).
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following operands:
--show Displays the local authentication configuration.This option is supported in the
Access Gateway (AG) mode.
--set option value Modifies the authentication configuration. Valid options and their values include
the following:
-a fcap | dhchap | all
Sets the authentication protocol. Specify "fcap" to set only FCAP authentication.
Specify "dhchap" to set only DH-CHAP authentication. Specify "all" to set both
FCAP and DH-CHAP, which is the default setting. When authentication is set to
"all", the implicit order is FCAP followed by DH-CHAP. This means that in
authentication negotiation, FCAP is given priority over DH-CHAP on the local
switch. If the negotiation is done for an encrypted port, DHCHAP takes
precedence over FCAP. The --set dhchap and --set all options are supported in
the AG mode.
-g 0 | 1 | 2 | 3 |4 | *
Sets the Diffie-Hellman (DH) group. Valid values are 0 to 4 and "*". The DH group
0 is called NULL DH. Each DH group implicitly specifies a key size and associated
parameters. A higher group value provides stronger cryptography and a higher
level of security. When DH group is set to a specified value, only that DH group is
Fabric OS Command Reference 63
53-1003108-01
authUtil 2
enabled. Specifying "*" enables all DH groups 0, 1, 2, 3, and 4, in that order. This
means that in authentication negotiation, the NULL DH group is given priority over
all other groups. In the case of a port that is enabled for encryption and you
specify "*", the DH group 4 is selected.This option is supported in AG mode.
-h sha1 | sha256 | md5 | all
Sets the hash type. Valid values are "sha1", "sha256", "md5", or "all". When set to
"all", md5 and sha1 hash types are set. Use this option to disable md5
authentication access by setting the hash type to sha1. Enabling sha256 access
is required when configuring the system for FIPS. Refer to the Fabric OS
Administrator's Guide for details on FIPS configuration. This option is supported in
AG mode.
--policy Sets the switch authentication policy or device authentication policy. The following
options are supported:
-sw on |off | active | passive
Sets the switch authentication policy. Specify one of the following modes.
Operands are exclusive. If the switch has ports enabled for encryption, only the
ON and ACTIVE options are supported. Only on and off options are supported in
AG mode.
on Sets the switch authentication policy to ON mode. Strict authentication is
enforced on all E_Ports. The interswitch link (ISL) goes down (port disable), if
the connecting switch does not support the authentication or the
authentication policy is switched off.
off Turns the authentication policy off, and the switch rejects any authentication
requests.
active Sets the authentication policy to active mode. During switch initialization,
authentication is initiated on all E_Ports, but the port is not disabled if the
connecting switch does not support authentication or the authentication policy
is turned off.
passive Sets the authentication policy to passive mode (default) . The switch does not
initiate authentication but participates in authentication if the connecting
switch initiates authentication.
-dev off | passive | on
Sets the device authentication policy. Three modes are supported. Device
authentication policy is off by default. This option and suboptions are supported in
AG mode.
off Turns off the device authentication policy. Authentication is not required. The
switch ignores any authentication requests and continues with the FC probing
without authentication.
passive Sets the authentication policy to passive mode. Authentication is optional. If
the attached device is capable of doing the authentication then the switch
participates in authentication; otherwise it forms an F_Port without
authentication. In this mode the device accepts authentication on all F_Ports.
64 Fabric OS Command Reference
53-1003108-01
authUtil
2
on Sets the authentication policy to "on" mode. Authentication is mandatory. If
the attached device is not capable of doing authentication, the corresponding
port is disabled.
--authinit [slot/]port [, [slot/]port...| allE
Reinitiates authentication on selected ports after changing the DH-CHAP group,
hash type, and shared secret between a pair of switches. This command does not
work on Private, Loop, NPIV and FICON devices. This command may bring down
the E_Ports if the DH-CHAP shared secrets are not installed correctly. This
command is not supported on encrypted ports. This option is not supported in AG
mode. Valid options include the following:
slot Specify the slot number, if applicable, followed by a slash (/).
port Specify the port number. On enterprise-class platforms, use the slot/port format for
specifying the port number.
allE Specify all E_Ports in the switch.
EXAMPLES To set DH-CHAP as the authentication protocol:
switch:admin> authutil --set -a dhchap
Authentication is set to dhchap.
To set both protocols in order of FCAP and then DH-CHAP:
switch:admin> authutil --set -a all
Authentication is set to fcap,dhchap.
To enable sha1 hash type:
switch:admin> authutil --set -h sha1
Hash is set to sha1.
To enable all hash types:
switch:admin> authutil --set -h all
Hash is set to sha1,md5.
To check the hash types set:
switch:admin> authutil --show
AUTH TYPE HASH TYPE GROUP TYPE
--------------------------------------
fcap,dhchap sha1,md5 1
Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF
Fabric OS Command Reference 65
53-1003108-01
authUtil 2
To enable Sha256 hash type:
sha256 hash type is recommended only for FIPS configuration.
switch:admin> authutil --set -h sha256
Hash is set to sha256.
switch:admin> authutil --show
AUTH TYPE HASH TYPE GROUP TYPE
--------------------------------------
fcap,dhchap sha256 1
Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF
To set DH group 3:
switch:admin> authutil --set -g 3
DH Group was set to 3.
To set all DH groups to be specified in the authentication negotiation in the order of 0, 1, 2, 3, and 4:
switch:admin> authutil --set -g "*"
DH Group is set to 0,1,2,3,4
To set the Switch policy to active mode:
switch:admin> authutil --policy -sw active
Warning: Activating the authentication policy requires
either DH-CHAP secrets or PKI certificates depending
on the protocol selected. Otherwise, ISLs will be
segmented during next E-port bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Auth Policy is set to ACTIVE
To set the Device policy to passive mode:
switch:admin> authutil --policy -dev passive
Warning: Activating the authentication policy requires
DH-CHAP secrets on both switch and device. Otherwise,
the F-port will be disabled during next F-port
bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Device authentication is set to PASSIVE
To set the device authentication policy to "on" mode:
switch:admin> authutil --policy -dev on
Warning: Activating the authentication policy requires
DH-CHAP secrets on both switch and device. Otherwise,
the F-port will be disabled during next F-port
bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Device authentication is set to ON
2008/03/24-23:13:06, [AUTH-1003], 112,, INFO, Stealth_3,
Device authentication type has been successfully set to ON
66 Fabric OS Command Reference
53-1003108-01
authUtil
2
To start authentication on E/F_Ports 2, 3, and 4:
switch:admin> authutil --authinit 2,3,4
Warning: Initiating the authentication requires either DH-CHAP
secrets or PKI certificates depending on the protocol selected.
Failed authentication may result in traffic disruption.
Authentication will not be initiated on encrypted ports.
ARE YOU SURE (yes, y, no, n): [no]y
SEE ALSO portShow, secAuthSecret
Fabric OS Command Reference 67
53-1003108-01
bannerSet 2
bannerSet
Sets the banner on the local switch.
SYNOPSIS bannerset [banner]
DESCRIPTION Use this command to set the banner on the local switch.
The banner is a string of alphanumeric characters. It is displayed after you log in to a switch.
The banner can be created using the banner operand or interactively by entering the bannerSet
command without an operand.
If you enter the banner text using the interactive method, the valid length is 1022 characters. If the
banner text length exceeds the maximum allowed, the software truncates the input. To close the banner
text string, enter a period at the beginning of a new line.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following optional operand:
banner Specify a text string to be displayed upon login. If you enter the banner text using
the banner operand, the valid length is 116 characters.
EXAMPLES To set a new banner for a switch:
switch:admin> bannerset "My banner"
switch:admin> bannerSet
Please input context of security banner (press "." RETURN \
at the beginning of a newline to finish input):
SEE ALSO bannerShow, motd
68 Fabric OS Command Reference
53-1003108-01
bannerShow
2
bannerShow
Displays the banner text.
SYNOPSIS bannershow
DESCRIPTION Use this command to display the text of the local switch banner.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS None
EXAMPLES To display the banner for a switch:
switch:admin> bannershow
Banner: Do not disturb the setup on this switch.
SEE ALSO bannerSet, motd
Fabric OS Command Reference 69
53-1003108-01
bcastShow 2
bcastShow
Displays broadcast routing information.
SYNOPSIS bcastshow
DESCRIPTION Use this command to display the broadcast routing information for all ports in the switch. The broadcast
routing information indicates all ports that are members of the broadcast distribution tree: ports that are
able to send and receive broadcast frames.
Normally, all F_Ports and FL_Ports are members of the broadcast distribution tree. The broadcast path
selection protocol selects the E_Port members of this tree in a manner designed to prevent broadcast
routing loops.
The following fields are displayed:
Group The multicast group ID of the broadcast group (always 256).
Member Fx_Ports A map of all F_Ports and FL_Ports ports in the broadcast tree.
Member E_Ports A map of all E_Ports in the broadcast tree.
The broadcast routing information for the ports is displayed as a set of hexadecimal bit maps. Each bit in
a bit map represents a port, with the least significant bit in each row representing port 0, 32, 64, and so
on.
NOTES The output from this command may vary depending on the hardware platform.
The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS None
EXAMPLES To display the broadcast routing information for all ports in the switch:
switch:admin> bcastShow
Group Member Ports Member ISL Ports
----------------------------------------
256 0x00012083 0x00002080
0x00000440 0x00000400
0x00770000 0x00700000
0x00008200 0x00000000
0x00000001 0x00000000
In this example from a switch with 128 ports, the member ports consist of ports 7, 13, 42, 84, 85, and 86.
The final Member Ports bit set represents the embedded port (frames sent to be handled by
firmware).and is typically set.
SEE ALSO portRouteShow
70 Fabric OS Command Reference
53-1003108-01
bladeCfgGeMode
2
bladeCfgGeMode
Configures a GbE port or a 10GbE port on the Brocade FX8-24 blade.
SYNOPSIS bladecfggemode --set mode -slot slot
bladecfggemode --show -slot slot | -all
bladecfggemode --help
DESCRIPTION Use this command to configure the GbE port mode on the Brocade FX8-24 extension blade or to display
the configuration. The mode configuration controls which ports are enabled.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
This command is supported only on the Brocade FX8-24 blade in a DCX or DCX-S4 chassis.
OPERANDS This command has the following operands:
--set mode Sets the GbE port mode for a specified slot. Valid modes are one of the following:
1g Enables the GbE ports ge0-ge9 (xge0 and xge1 are disabled).
10g Enables the GbE ports xge0 and xge1 (ge0-ge9 ports are disabled).
dual Enables the GbE ports ge0-ge9 and xge0 (xge1 is disabled).
-slot slot Specifies the slot number for the FX8-24 blade. This operand is required when
setting the GbE port mode
--show Displays the GbE port mode for the specified slots.
-slot slot Displays the GbE port mode for a single slot.
-all Displays the GbE port mode for all configured slots.
--help Displays the command usage.
EXAMPLES To configure the Brocade FX8-24 blade in slot 4 in 1G mode:
switch:admin> bladecfggemode --set 1g -slot 4
To display the GbE port mode for the Brocade FX8-24 blade in slot 4:
switch:admin> bladecfggemode --show -slot 4
bladeCfgGeMode: Blade in slot 4 is configured in 10GigE Mode
10GigE mode: only xge0 and xge1 are enabled (ge0-9 ports \
are disabled)
Fabric OS Command Reference 71
53-1003108-01
bladeCfgGeMode 2
To display the GbE port mode for all configured slots:
switch:admin> bladecfggemode --show -all
bladeCfgGeMode: Blade in slot 1 is configured in 1GigE Mode
1GigE mode: only the ge0-9 ports are enabled (xge0 and xge1 \
are disabled)
bladeCfgGeMode: Blade in slot 4 is configured in 10GigE Mode
10GigE mode: only xge0 and xge1 are enabled (ge0-9 ports \
are disabled)
SEE ALSO None
72 Fabric OS Command Reference
53-1003108-01
bladeDisable
2
bladeDisable
Disables all user ports on a blade.
SYNOPSIS bladedisable slot
DESCRIPTION Use this command to disable all user ports on a blade. All Fibre Channel ports on the blade are taken
offline. If the switch was connected to a fabric through this blade, the remaining switches reconfigure,
and the switch reconfigures based on the other blade ports. As each port is disabled, the front panel LED
changes to a slow-flashing amber.
After issuing bladeDisable on a slot in a chassis, switchShow displays the user ports in the disabled
state. The blade is still shown as enabled in both switchShow and slotShow output.
The blade must be disabled before making configuration changes or before running many of the
diagnostic tests. The blade does not need to be disabled before rebooting or powering off.
You cannot disable a blade when the blade is faulted, powered off, or running diagnostics.
This command disables the ports on a single blade. To disable the ports in an entire chassis, use the
chassisDisable command.
NOTES The execution of this command is subject to Virtual Fabric or Admin Domain restrictions that may be in
place. Refer to Chapter 1, "Using Fabric OS Commands" and Appendix A, "Command Availability" for
details.
OPERANDS This command has the following operand:
slot Specifies the slot number for the ports to be disabled.
EXAMPLES To disable a blade in slot 5:
switch:admin> bladedisable 5
Blade 5 is being disabled...Done
To verify that the user ports on the blade are disabled:
switch:admin> switchshow -slot 5
switchName: DCX57_9
switchType: 62.1
switchState: Online
switchMode: Native
switchRole: Subordinate
switchDomain: 9
switchId: fffc09
switchWwn: 10:00:00:05:1e:40:4a:00
zoning: ON (all_cfg)
switchBeacon: OFF
FC Router: OFF
FC Router BB Fabric ID: 128
Slot Blade Type ID Model Name Status
-----------------------------------------------------
5 COREBLADE 52 CORE8 ENABLED
Index Slot Port Address Media Speed State Proto
===================================================
384 5 0 ------ cu 8G In_Sync FC Disabled
Fabric OS Command Reference 73
53-1003108-01
bladeDisable 2
385 5 1 ------ cu 8G In_Sync FC Disabled
386 5 2 ------ cu 8G In_Sync FC Disabled
387 5 3 ------ cu 8G In_Sync FC Disabled
388 5 4 ------ cu 8G In_Sync FC Disabled
389 5 5 ------ cu 8G In_Sync FC Disabled
390 5 6 ------ cu 8G In_Sync FC Disabled
391 5 7 ------ cu 8G In_Sync FC Disabled
392 5 8 ------ cu 8G In_Sync FC Disabled
393 5 9 ------ cu 8G In_Sync FC Disabled
394 5 10 ------ cu 8G In_Sync FC Disabled
395 5 11 ------ cu 8G In_Sync FC Disabled
396 5 12 ------ cu 8G In_Sync FC Disabled
397 5 13 ------ cu 8G In_Sync FC Disabled
398 5 14 ------ cu 8G In_Sync FC Disabled
399 5 15 ------ cu 8G In_Sync FC Disabled
400 5 16 ---