Brocade
Product Training
Zoning
Brocade Education Services
2003 Brocade Communications Systems, Incorporated.
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 1
Learning Objectives
Overview of Zoning Why use Brocade Zoning
What is a Zone
Components Zone Management Fabric OS Commands for Zoning
Zoning Considerations
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 2
�Overview of Zoning
Creating virtual SANs from a
physical SAN Limiting the scope of initiators Heterogeneity Zone Type Application role Carving up hubs <domain,port> Security
Hardware Enforcement
LOOM ASIC Hardware Enforced Software Enforced Software Enforced
BLOOM ASIC Hardware Enforced Hardware Enforced Software Enforced
Frame Filter Software Enforcement Name Server Trap PLOGI
WWN
MIXED
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 3
Example
The server in the red zone sees one loop of disks The server in the blue zone sees two storage arrays The server in the green zone sees one loop and one array No server sees Loop 2
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 4
�Forms of Zoning
No Fabric Zoning
Zoning by application
Zoning by operating system
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 5
�Forms of Zoning (cont).
Zoning by port allocation
Zoning by single HBA
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 6
�Storage Provisioning
Host Level
LUN Masking Persistent Binding Selective Presentation
Storage Based Zoning
LUN Security
Fabric Based Zoning
Host will query Name Server Name Server determines zones the host belongs to Name server replies with node information of active devices Host will connect to device
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 7
�Design Considerations
Zone Enforcement Tradeoffs
Hardware Enforced Frame Level Easy to define Cannot be bypassed or defeated (more secure) Devices in a zone that are all specified by WWN can be moved anywhere in the Fabric without changing zone definition If a failed device is replaced, zone definition needs to change if WWN was specified If a switch is replaced, the new switch will need same domain # Software Enforced Session Level Devices specified by WWN and are part of a Mixed Zone specification (Port and WWN) can be moved anywhere in the Fabric without changing the zone definition If a failed device is replaced, zone definition needs to change if WWN was specified
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 8
�Design Considerations (contd)
When hardware zone enforcement is desired, ensure the following:
Avoid defining a
device which is hardware enforced in one zone and software enforced in another zone spans mixed generation ASICs, specify devices by port
When a
When specifying devices by
WWN in a zone, ensure that all devices are attached to a 3rd generation ASIC
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 9
�Preparing to Set up Zoning
Create a detailed diagram
10
ISLs to the switches Detailed diagram of every switch F_Port, FL_Port, Private HBAs
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 10
�11
Hierarchy of Components
Members
Zones
Configs
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 11
�Zone Management
Zoning can be managed using
12
WEB TOOLS Fabric Manager Command Line Interface (CLI) Fabric OS Management Commands
Create Alias Zone
aliCreate
Delete
aliDelete
Add
aliAdd
Remove
aliRemove
Show
aliShow
zoneCreate
zoneDelete
zoneAdd
zoneRemove
ZoneShow
Config cfgCreate
cfgDelete
cfgAdd
cfgRemove
cfgShow
Zoning has more commands: cfgEnable, cfgDisable, cfgSave, cfgClear,cfgTransAbort,cfgSize
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 12
�Zoning Configuration
Only one active zone configuration for the entire fabric Zone configuration has 1 or more zones as its members Effective Zone Configuration Seen with cfgShow Seen with switchShow Saved across reboots Effective config of none Zone config not enabled All hosts may see all
Enabling Zone Config
RSL_SWT153:admin> switchshow switchName: switchType: switchState: switchMode: switchRole: switchDomain: switchId: RSL_SWT153 9.1 Online Native Subordinate 1 fffc01
13
switchWwn:
switchBeacon: Zoning:
10:00:00:60:69:50:0d:d6
OFF ON (Main_cfgA)
RSL_SWT153:admin> cfgshow Effective configuration: cfg: Main_cfgA
cfgEnable
zone:
domain129_zone
10:00:00:00:c9:2b:50:c7 10:00:00:00:c9:2a:b4:54 10:00:00:00:c9:2d:13:c3
Never disable one to enable another Enable one configuration over another
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 13
�Zoning Enforcement
Hard Zoning: Hardware enforced
14
Available through ASIC hardware logic checking Provides security in addition to soft zoning Denies illegal access from bad citizen HBAs
Soft Zoning: Name Server enforced
Name Server restricts visibility Always available regardless if zoning is enabled or not Relies on good citizens for security
Zone Definitions:
<domain, port> or <domain, area> identifier WWN identifier Mixed Zone Overlapping Zone Broadcast Zone
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 14
�Zoning Implementations on SilkWorm switches
SilkWorm 2000 series SilkWorm 3000 and 12000 series switches
15
SilkWorm 2000, 3000 and 12000 series switches
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 15
�Zoning Schemes
Switch/Port Level Zoning: Hardware Enforced
16
zoneCreate z1, 1,3; 1,4 WWN Level Zoning : Hardware Enforced zoneCreate z2, WWN1; WWN2 Mixed Zoning : Software Enforced zoneCreate z3,1,5; WWN3
In this example, the Mixed Zoning would be software
enforced at the destination port.
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 16
�Zone Objects
Zone Objects
17
<domain,port> Up to 64 characters Aliases Node World Wide Name Includes all PWWN that share NWWN Port World Wide Name Only single port is in the zone Zone Aliases Up to 64 characters Friendly names conventions for zone objects SRV for Server SRV_SUNHOST1 STO for Storage STO_ENTPRISE_STORAGE TPE for Tape TPE_TAPE_DRIVE1 VRA for Virtual Appliance VRA_VIT_APPLIANCE
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 17
�Selecting Ports on a 12000
Ports on 12000 are often referred to as decimal area Zoning in v4.1 requires area numbers Area numbers distinguish ports on different logical slots
18
SWITCH 0
SWITCH 1
Port Slot 1 Slot 2 Slot 3 Slot 4 Slot 7 Slot 8 Slot 9 Slot 10 ==== ====== ====== ====== ====== ====== ====== ====== ======= 15 15 31 47 63 15 31 47 63 14 14 30 46 62 14 30 46 62 13 13 29 45 61 13 29 45 61 12 12 28 44 60 12 28 44 60 11 11 27 43 59 11 27 43 59 10 10 26 42 58 10 26 42 58 9 9 25 41 57 9 25 41 57 8 8 24 40 56 8 24 40 56 7 7 23 39 55 7 23 39 55 6 6 22 38 54 6 22 38 54 5 5 21 37 53 5 21 37 53 4 4 20 36 52 4 20 36 52 3 3 19 35 51 3 19 35 51 2 2 18 34 50 2 18 34 50 1 1 17 33 49 1 17 33 49 0 0 16 32 48 0 16 32 48
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 18
�19
Zoning Steps for a One-Switch Fabric
1. Plan zoning to meet objectives
EngHost MktHost 3 s1 s2 s3 9 Switch 1
2. Create Members >aliCreate EngHost1,1,3 >aliCreate EngStor,s1wwn;s2wwn >aliCreate Mkt,1,9;s5wwn;s4wwn;s3wwn 3. Create Zones >zoneCreateZoneEng,EngHost1;EngStor >zoneCreate ZoneMkt,Mkt
s5 s4
4. Create Configuration
>cfgCreate cfgEngMkt,ZoneEng;ZoneMkt 5. Enable Configuration >cfgEnable cfgEngMkt 6. Save Configuration >cfgSave
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 19
�cfgShow Output
EngHost MktHost 3 s1 s2 9 Switch 1
SW1:admin> cfgShow
20
Defined configuration:
cfg: zone: zone: cfgEngMkt ZoneEng; ZoneMkt ZoneEng EngHost; EngStor; ZoneMkt Mkt
alias: EngStor 21:00:00:20:37:87:48:e7; 21:00:00:20:37:87:23:e2 alias: EngHost 1,3 alias: Mkt 21:00:00:20:37:87:49:29; 21:00:00:20:37:87:e5:20; 1,9; 21:00:00:20:37:87:20:c5
s5 s4
Effective configuration: cfg: zone: cfgEngMkt ZoneEng 1,3; 21:00:00:20:37:87:23:e2; 21:00:00:20:37:87:48:e7; ZoneMkt 1,9; 21:00:00:20:37:87:e5:20; 21:00:00:20:37:87:49:29; 21:00:00:20:37:87:20:c5
s3
zone:
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 20
�portZoneShow Command
Used to determine the type of zone enforcement being used
RSL_SWT122:admin> PORT: 0 PORT: 1 PORT: 2 PORT: 3 PORT: 4 PORT: 5 PORT: 6 PORT: 7 PORT: 8 [* Output PORT: 31 portzoneshow Enforcement: Enforcement: Enforcement: Not Zoned Enforcement: Enforcement: Enforcement: Enforcement: Enforcement: Truncated *] Not Zoned HARD PORT defaultHard: 1 F-port: 1 HARD PORT defaultHard: 1 F-port: 1 HARD WWN defaultHard: 0 F-port: 1 E-Port E-Port E-Port E-Port E-Port defaultHard: defaultHard: defaultHard: defaultHard: defaultHard: 0 0 0 0 0 F-port: F-port: F-port: F-port: F-port: 0 0 0 0 0
21
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 21
�Hardware & Software Zoning
RED Zone Dom, Port
2,0
22
Software EnforcedDom, Port Zoning 2,6
WWN3
Dom, Port 2,7
0 1 2 3
4 5 6 7
Domain #2
Dom, Port 2,8
PURPLE Zone
WWN1
8 9 10 11 12 13 14 15
GREEN Dom, Port Zone 2,9
Hardware Enforced Zoning
WWN2
BLUE Zone
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 22
�FCAL Zoning
Enabled Fabric Zoning Prod_Daily Purple_Zone ;Red_Zone Purple_Zone WWN1;WWN2 Red_Zone 4,1;WWN3 5 6 7
23
WWN1
4,1
Software Enforced
Hardware Enforced
2 Quad
Quad
Domain 4
Purple Zone Quad
Hardware Enforced
Red Zone
Quad
9 10 11
12 13 14 15
Software Enforced
FCAL
WWN2 WWN3
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 23
�Overlapping Zones, Port Hardware/Software Enforced
Purple Zone
Hardware Enforced
24
Green Zone
4,4
WWN1 0 1 2 3
Software Enforced
5 6 7
Enabled Zoning
Prod_Daily Purple_Zone ;Green_Zone Purple_Zone WWN1; WWN2
Quad
Quad
Green_Zone 4,4; WWN2
Domain 4
Quad
8 9 10 11 12
Quad
13 14 15
Hardware Enforced
WWN2
Software Enforced
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 24
�Zones and Mixed Generation ASICs
What happens when you zone across mixed generations of ASICs?
WWN zoning specification across ASICs
Port specification across ASICs Mix of WWN and port across ASICs
25
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 25
�Zoning in a Mixed Generation ASIC Environment 2nd and 3rd generation ASICs
WWN1 Dom 4,7
26
0 1 2 3
Hardware Enforced
4 5 6 7
0 1 2 3
4 5 6 7
0 1 2 3
4 5 6 7
Hardware Enforced
Domain #2
8 9 10 11 12 13 14 15 0 1 2 3
BLOOM
Domain #3
8 9 10 11 12 13 14 15 4 5 6 7 0 1 2 3
BLOOM
Domain #4
8 9 10 11 12 13 14 15 4 5 6 7
BLOOM
BLOOM
Purple Zone
0 1 2 3
Software Enforced LOOM
Domain #5
8 9 10 11 12 13 14 15 4 5 6 7 0 1 2 3
BLOOM
Domain #6
8 9 10 11 12 13 14 15 4 5 6 7 0 1 2 3
Green Zone
Hardware Enforced
4 5 6 7
Domain #7
8 9 10 11 12 13 14 15
WWN2 Software Enforced
Domain #8
8 9 10 11 12 13 14 15
Software Enforced Software Enforced
BLOOM
LOOM
Domain #9
8 9 10 11 12 13 14 15
Hardware Enforced Dom 9,15
Blue Zone
Red Zone
WWN3
Dom 8,8
WWN5
Dom 8,4
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 26
�Adding/Merging Zones
Adding a new switch to a existing Fabric No previous zoning on switch
27
ISL to existing fabric With zoning loaded on switch cfgClear and cfgSave commands to sanitize joining switch When added, the zoning configuration in effect will propagate to the new switch transparently Merging two switches/Fabric Case 1 - Identical zone configuration on both switches/Fabrics New Fabric with all switches and same zone configuration in effect Case 2 - Different zone configuration Attempt to merge zone configurations If merging attempt fails, then ISL will segment and split a Fabric If the zone merge fails, the Fabrics will remain two separate Fabrics with their original zone configuration, and the ISL will segment
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 27
�Brocade Zoning
Adding a new switch with no zoning - cfgShow SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
28
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
cfgEngMkt ZoneEng ZoneMkt
cfgEngMkt ZoneEng ZoneMkt
SDRAM Switch Domain 1
SDRAM Switch Domain 2
Flash Memory
Flash Memory
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 28
�Brocade Zoning Current cfg Propagates to New Switch SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
29
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
cfgEngMkt ZoneEng ZoneMkt
cfgEngMkt ZoneEng ZoneMkt
cfgEngMkt ZoneEng ZoneMkt
cfgEngMkt ZoneEng ZoneMkt
ISL
Propagate Definitions
SDRAM
Switch Domain 1
Flash Memory
SDRAM Switch Domain 2
Flash Memory
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 29
�Brocade Zoning
Merging Configurations SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
30
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
cfgEngMkt ZoneEng ZoneMkt
cfgEngMkt ZoneEng ZoneMkt
test_cfg testnt_zone testsun_zone
SDRAM Switch Domain 1
SDRAM Switch Domain 2
Flash Memory
Flash Memory
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 30
�Brocade Zoning
Merging Configurations SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
31
>cfgenable test_cfg
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
cfgEngMkt ZoneEng ZoneMkt
cfgEngMkt ZoneEng ZoneMkt
test_cfg testnt_zone testsun_zone
test_cfg testnt_zone testsun_zone
SDRAM Switch Domain 1
SDRAM Switch Domain 2
Flash Memory
Flash Memory
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 31
�Brocade Zoning
Merging Zone Conflict ISL the Fabrics SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
32
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
cfgEngMkt ZoneEng ZoneMkt
cfgEngMkt ZoneEng ZoneMkt
test_cfg testnt_zone testsun_zone
test_cfg testnt_zone testsun_zone
SDRAM Switch Domain 1
ISL
SDRAM Switch Domain 2
Flash Memory
Flash Memory
Fabric Segmented
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 32
�Brocade Zoning
Merging Fix SilkWorm
CONFIGURATION DEFINITIONS
>portDisable <E_Port#> >cfgDisable >portEnable <E_Port#>
33
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
ENABLED CONFIGURATION
cfgEngMkt ZoneEng ZoneMkt
cfgEngMkt ZoneEng ZoneMkt
test_cfg testnt_zone testsun_zone
SDRAM
ISL
SDRAM
Switch Domain 1
Flash Memory
Switch Domain 2
Flash Memory
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 33
�Brocade Zoning
Merging Problem Now Resolved SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
34
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
cfgEngMkt ZoneEng ZoneMkt test_cfg testnt_zone testsun_zone
cfgEngMkt ZoneEng ZoneMkt
ISL
Merge Definitions
cfgEngMkt ZoneEng ZoneMkt test_cfg testnt_zone testsun_zone
cfgEngMkt ZoneEng ZoneMkt
SDRAM
Switch Domain 1
Flash Memory
SDRAM Switch Domain 2
Flash Memory
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 34
�Brocade Zoning
Merging Update definitions SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
35
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
cfgAll ZoneEng ZoneMkt testnt_zone testsun_zone
cfgEngMkt ZoneEng ZoneMkt
ISL
cfgAll ZoneEng ZoneMkt testnt_zone testsun_zone
cfgEngMkt ZoneEng ZoneMkt
SDRAM
Switch Domain 1
Flash Memory
SDRAM Switch Domain 2
Flash Memory
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 35
�Brocade Zoning
Merging Enable new definition SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
36
>cfgenable cfgAll
SilkWorm
CONFIGURATION DEFINITIONS ENABLED CONFIGURATION
cfgAll ZoneEng ZoneMkt testnt_zone testsun_zone
cfgAll ZoneEng ZoneMkt testnt_zone testsun_zone
ISL
cfgAll ZoneEng ZoneMkt testnt_zone testsun_zone
cfgAll ZoneEng ZoneMkt testnt_zone testsun_zone
SDRAM
Switch Domain 1
Flash Memory
SDRAM Switch Domain 2
Flash Memory
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 36
�Best Practices for Zoning
SilkWorm 2000 Series
37
Use <domain, port> for zone members
SilkWorm 3000 Series
Use WWN or <domain, port> zones Referred to as Advanced Zoning
SilkWorm v4.x Series switches
Use WWN or <domain, area> zones Referred to as Advanced Zoning
Mixed ASIC Fabrics
Preferable use <domain, port> identifiers
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 37
�Summary
38
Zoning logically separates the Fabric into subsets Software enforced Uses NS, and HBAs need to be good citizens Mixture of WWNs and <domain,port> pairs Hardware enforced Only with all <domain,port> pairs or all WWNs When connected, a device automatically is in the zone If zoning is enabled, all devices must be in a zone Loom ASIC zones are treated independently and the entire cfg does not go software enforced when a mixed zone type has been introduced
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 38
�Review Questions
39
1.
What are some reasons for implementing Zoning?
2. What happens when two zone configurations do not match when merging?
3. What is the purpose of a broadcast zone?
4. What is the difference between aliDelete and aliRemove?
2003 Brocade Communications Systems, Incorporated. Revision CFP261-1001-2003 Chapter 4 - 39
