ZoneIng

8/12/2019 ZoneIng

1/39

2003 Brocade Communications Systems, Incorporated.Revision CFP261-1001-2003

Chapter 4 - 1

1

Zoning

Brocade

Product Training

Brocade Education Services

2003 Brocade Communications Systems,

Incorporated.

8/12/2019 ZoneIng

2/39


Chapter 4 - 2

2

Overview of Zoning Why use Brocade Zoning

What is a Zone

Components

Zone Management

Fabric OS Commands for Zoning

Zoning Considerations

Learning Objectives

8/12/2019 ZoneIng

3/39


Chapter 4 - 3

3Overview of Zoning

Creating virtual SANs from a

physical SAN Limiting the scope of initiators

Heterogeneity

Application role

Carving up hubs

Security

Hardware Enforcement

Frame Filter

Software Enforcement

Name Server Trap PLOGI

Zone Type LOOM

ASIC

BLOOM

ASIC

HardwareEnforced

HardwareEnforced

WWN Software

Enforced

Hardware

Enforced

MIXED Software

Enforced

Software

Enforced

8/12/2019 ZoneIng

4/39


Chapter 4 - 4

4

Example

The server in the red zone sees one loop of disks

The server in the blue zone sees two storage arrays

The server in the green zone sees one loop and one array

No server sees Loop 2

8/12/2019 ZoneIng

5/39


Chapter 4 - 5

5Forms of Zoning

No Fabric Zoning

Zoning by application

Zoning by operating system

8/12/2019 ZoneIng

6/39


Chapter 4 - 6

6Forms of Zoning (cont).

Zoning by port allocation

Zoning by single HBA

8/12/2019 ZoneIng

7/39


Chapter 4 - 7

7Storage Provisioning

Host Level

LUN Masking Persistent Binding

Selective Presentation

Storage Based Zoning LUN Security

Fabric Based Zoning

Host will query Name Server

Name Server determines zones the host belongs to

Name server replies with node information of active devices

Host will connect to device

8/12/2019 ZoneIng

8/39


Chapter 4 - 8

8

Zone Enforcement Tradeoffs

Hardware Enforced Frame LevelEasy to define

Cannot be bypassed or defeated (more secure)

Devices in a zone that are all specified by WWN can bemoved anywhere in the Fabric without changing zonedefinition

If a failed device is replaced, zone definition needs to changeif WWN was specified

If a switch is replaced, the new switch will need samedomain #

Software Enforced Session Level

Devices specified by WWN and are part of a Mixed Zonespecification (Port and WWN) can be moved anywhere inthe Fabric without changing the zone definition

If a failed device is replaced, zone definition needs to changeif WWN was specified

Design Considerations

8/12/2019 ZoneIng

9/39


Chapter 4 - 9

9Design Considerations (contd)

When hardware zone enforcement is desired, ensure the following:

Avoid defining a device which is hardware enforced in one zone andsoftware enforced in another

When a zone spans mixed generation ASICs, specify devices by port

When specifying devices by WWN in a zone, ensure that all devices areattached to a 3rdgeneration ASIC

8/12/2019 ZoneIng

10/39


Chapter 4 - 10

10Preparing to Set up Zoning

Create a detailed diagram

ISLs to the switches Detailed diagram of every switch

F_Port, FL_Port, Private HBAs

8/12/2019 ZoneIng

11/39


Chapter 4 - 11

11

Hierarchy of Components

Members

Configs

Zones

8/12/2019 ZoneIng

12/39


Chapter 4 - 12

12Zone Management

Zoning can be managed using

WEB TOOLS Fabric Manager

Command Line Interface (CLI)

Create Delete Add Remove Show

Alias aliCreate aliDelete aliAdd aliRemove aliShow

Zone zoneCreate zoneDelete zoneAdd zoneRemove ZoneShow

Config cfgCreate cfgDelete cfgAdd cfgRemove cfgShow

Fabric OS Management Commands

Zoning has more commands:

cfgEnable, cfgDisable, cfgSave, cfgClear,cfgTransAbort,cfgSize

8/12/2019 ZoneIng

13/39


Chapter 4 - 13

13Zoning Configuration

Effective Zone Configuration

Seen with cfgShow

Seen with switchShow

Saved across reboots

Effective config of none

Zone config not enabled

All hosts may see all

Enabling Zone Config cfgEnable

Never disable one to enable another

Enable one configuration over another

RSL_SWT153:admin> switchshow

switchName: RSL_SWT153

switchType: 9.1

switchState: Online

switchMode: Native

switchRole: Subordinate

switchDomain: 1

switchId: fffc01

switchWwn: 10:00:00:60:69:50:0d:d6

switchBeacon: OFF

Zoning: ON (Main_cfgA)

RSL_SWT153:admin> cfgshow

Effective configuration:

cfg: Main_cfgA

zone: domain129_zone

10:00:00:00:c9:2b:50:c7

10:00:00:00:c9:2a:b4:54

10:00:00:00:c9:2d:13:c3

Only one active zone configuration for the entire fabric

Zone configuration has 1 or more zones as its members

8/12/2019 ZoneIng

14/39


Chapter 4 - 14

14

Zoning Enforcement

Hard Zoning: Hardware enforcedAvailable through ASIC hardware logic checking Provides security in addition to soft zoning Denies illegal access from bad citizen HBAs

Soft Zoning: Name Server enforced Name Server restricts visibility

Always available regardless if zoning is enabled or not Relies on good citizens for security

Zone Definitions: or identifierWWN identifier

Mixed Zone Overlapping Zone Broadcast Zone

8/12/2019 ZoneIng

15/39


Chapter 4 - 15

15

Zoning Implementations on SilkWorm switches

SilkWorm 2000 series

SilkWorm 3000 and 12000 series switches

SilkWorm 2000, 3000 and 12000 series switches

8/12/2019 ZoneIng

16/39


Chapter 4 - 16

16Zoning Schemes

Switch/Port Level Zoning: Hardware Enforced

zoneCreatez1, 1,3; 1,4 WWN Level Zoning : Hardware Enforced

zoneCreatez2, WWN1; WWN2

Mixed Zoning : Software Enforced

zoneCreatez3,1,5; WWN3

In this example, the Mixed Zoning would be softwareenforced at the destination port.

8/12/2019 ZoneIng

17/39

8/12/2019 ZoneIng

18/39


Chapter 4 - 18

18Selecting Ports on a 12000

Ports on 12000 are often referred to as decimal area

Zoning in v4.1 requires area numbers Area numbers distinguish ports on different logical slots

PortSlot 1 Slot 2 Slot 3 Slot 4 Slot 7 Slot 8 Slot 9 Slot 10

==== ====== ====== ====== ====== ====== ====== ====== =======

15 15 31 47 63 15 31 47 6314 14 30 46 62 14 30 46 62

13 13 29 45 61 13 29 45 61

12 12 28 44 60 12 28 44 60

11 11 27 43 59 11 27 43 59

10 10 26 42 58 10 26 42 58

9 9 25 41 57 9 25 41 57

8 8 24 40 56 8 24 40 56

7 7 23 39 55 7 23 39 55

6 6 22 38 54 6 22 38 545 5 21 37 53 5 21 37 53

4 4 20 36 52 4 20 36 52

3 3 19 35 51 3 19 35 51

2 2 18 34 50 2 18 34 50

1 1 17 33 49 1 17 33 49

0 0 16 32 48 0 16 32 48

SWITCH 0 SWITCH 1

8/12/2019 ZoneIng

19/39


Chapter 4 - 19

19

Zoning Steps for a One-Switch Fabric

EngHost

MktHost

3 Switch 197

s3

s2

s1

s4

s5

1.Planzoning to meet objectives

2. Create Members

>aliCreate EngHost1,1,3

>aliCreate EngStor,s1wwn;s2wwn

>aliCreate Mkt,1,9;s5wwn;s4wwn;s3wwn

3. Create Zones

>zoneCreateZoneEng,EngHost1;EngStor

>zoneCreate ZoneMkt,Mkt

4. Create Configuration

>cfgCreate cfgEngMkt,ZoneEng;ZoneMkt

5. Enable Configuration

>cfgEnable cfgEngMkt

6. Save Configuration

>cfgSave

8/12/2019 ZoneIng

20/39


Chapter 4 - 20

20

cfgShowOutputEngHost

MktHost

3 Switch 1

7

s3

s2

s1

s4

s5

SW1:admin> cfgShowDefined configuration:cfg: cfgEngMkt

ZoneEng; ZoneMktzone: ZoneEng EngHost; EngStor;

zone: ZoneMkt Mkt

alias: EngStor 21:00:00:20:37:87:48:e7;

21:00:00:20:37:87:23:e2alias: EngHost 1,3alias: Mkt 21:00:00:20:37:87:49:29;

21:00:00:20:37:87:e5:20; 1,9;21:00:00:20:37:87:20:c5

Effective configuration:cfg: cfgEngMktzone: ZoneEng 1,3;

21:00:00:20:37:87:23:e2;

21:00:00:20:37:87:48:e7;

zone: ZoneMkt 1,9;

21:00:00:20:37:87:e5:20;21:00:00:20:37:87:49:29;

21:00:00:20:37:87:20:c5

9

8/12/2019 ZoneIng

21/39


Chapter 4 - 21

21portZoneShowCommandUsed to determine the type of zone enforcement being used

RSL_SWT122:admin> portzoneshow

PORT: 0 Enforcement: HARD PORT defaultHard: 1 F-port: 1

PORT: 1 Enforcement: HARD PORT defaultHard: 1 F-port: 1

PORT: 2 Enforcement: HARD WWN defaultHard: 0 F-port: 1

PORT: 3 Not Zoned

PORT: 4 Enforcement: E-Port defaultHard: 0 F-port: 0





[* Output Truncated *]

PORT: 31 Not Zoned

8/12/2019 ZoneIng

22/39


Chapter 4 - 22

22

WWN1

GREEN

Zone

BLUE

ZoneHardware Enforced

ZoningDom, Port

2,9

Dom, Port

2,8

RED

Zone

Software EnforcedZoning

Dom, Port

2,0

WWN3

PURPLE

Zone

WWN1

WWN2

Dom, Port

2,6Dom, Port

2,7

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Domain #2

Hardware & Software Zoning

8/12/2019 ZoneIng

23/39


Chapter 4 - 23

23

Red Zone

Red_Zone 4,1;WWN3

;Red_Zone

Software

Enforced

Software

Enforced

Purple Zone

Enabled Fabric Zoning

Prod_DailyPurple_ZonePurple_Zone WWN1;WWN2

Hardware

Enforced

Hardware

Enforced

FCAL Zoning

WWN2

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Domain 4

QuadQuad

QuadQuad

WWN1

FCAL

4,1

WWN3

8/12/2019 ZoneIng

24/39


Chapter 4 - 24

24

Software

Enforced ;Green_Zone

Green_Zone 4,4; WWN2

Green

Zone

Software

Enforced

4,4

Hardware

Enforced

Hardware

Enforced

Purple

Zone

Prod_Daily Purple_Zone

Purple_Zone WWN1; WWN2

Overlapping Zones, Port Hardware/Software Enforced

WWN1

QuadQuad

QuadQuad

WWN2

4,4

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Enabled Zoning

Domain 4

8/12/2019 ZoneIng

25/39


Chapter 4 - 25

25Zones and Mixed Generation ASICs

What happens when you zone across mixed generations of ASICs?

WWN zoning specification across ASICs

Port specification across ASICs

Mix of WWN and port across ASICs

8/12/2019 ZoneIng

26/39


Chapter 4 - 26

26

PurpleZone

Hardware

Enforced

Software

Enforced

Green

Zone

Hardware

Enforced

Hardware

Enforced

Blue

ZoneSoftware

Enforced

Software

Enforced

Red

Zone HardwareEnforced

Software

Enforced

Zoning in a Mixed Generation ASIC Environment

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15Domain #9

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Domain #2

WWN2

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Domain #4

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Domain #5

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Domain #6

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15Domain #7

Dom 9,15

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Domain #3

0 1 2 3 4 5 6 7

8 9 10 11 12 13 14 15

Domain #8

WWN5 Dom 8,4Dom 8,8WWN3

BLOOM BLOOM BLOOM

LOOM BLOOM LOOM

BLOOM BLOOM

WWN1Dom 4,7

2ndand 3rdgeneration ASICs

8/12/2019 ZoneIng

27/39


Chapter 4 - 27

27

Adding/Merging Zones

Adding a new switch to a existing Fabric

No previous zoning on switchISL to existing fabric

With zoning loaded on switch

cfgClearand cfgSavecommands to sanitize joining switch

When added, the zoning configuration in effect will propagate to the

new switch transparentlyMerging two switches/Fabric

Case 1- Identical zone configuration on both switches/Fabrics

New Fabric with all switches and same zone configuration in effect

Case 2 - Different zone configuration

Attempt to merge zone configurationsIf merging attempt fails, then ISL will segment and split a Fabric

If the zone merge fails, the Fabrics will remain two separate Fabrics withtheir original zone configuration, and the ISL will segment

8/12/2019 ZoneIng

28/39


Chapter 4 - 28

28

Flash

Memory

CONFIGURATION

DEFINITIONSENABLED

CONFIGURATION

SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

SDRAM

SilkWorm

SwitchDomain

1

SwitchDomain

2

Brocade Zoning

Adding a new switch with no zoning -cfgShow

8/12/2019 ZoneIng

29/39


Chapter 4 - 29

29

Flash

Memory

SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt

SDRAM

SilkWorm

Switch

Domain

1

SwitchDomain

2

ISL

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

Brocade Zoning

Current cfg Propagates to New Switch

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

Propagate Definitions

8/12/2019 ZoneIng

30/39


Chapter 4 - 30

30

Flash

Memory

CONFIGURATION

DEFINITIONS

test_cfgtestnt_zonetestsun_zone

ENABLED

CONFIGURATION

SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

SDRAM

SilkWorm

SwitchDomain

1

SwitchDomain

2

Brocade Zoning

Merging Configurations

8/12/2019 ZoneIng

31/39


Chapter 4 - 31

31

Flash

Memory

CONFIGURATION

DEFINITIONS


ENABLED

CONFIGURATION

test_cfg

testnt_zonetestsun_zone

SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

SDRAM

SilkWorm

SwitchDomain

1

SwitchDomain

2

Brocade Zoning

Merging Configurations >cfgenable test_cfg

8/12/2019 ZoneIng

32/39


Chapter 4 - 32

32

Flash

Memory

CONFIGURATION

DEFINITIONS


ENABLED

CONFIGURATION


SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

SDRAM

SilkWorm

SwitchDomain

1

SwitchDomain

2

ISL

Brocade Zoning

MergingZone ConflictISL the Fabrics

Fabric Segmented

8/12/2019 ZoneIng

33/39


Chapter 4 - 33

33

Flash

Memory

CONFIGURATION

DEFINITIONS

test_cfg


ENABLED

CONFIGURATION

SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt

SDRAM

SilkWorm

Switch

Domain

1

Switch

Domain

2

ISL

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

ISL

Brocade Zoning

MergingFix

>portDisable >cfgDisable

>portEnable

8/12/2019 ZoneIng

34/39


Chapter 4 - 34

34

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt


ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgEngMkt

ZoneEngZoneMkt


SDRAM

SilkWorm

Switch

Domain

1

SwitchDomain

2

ISL

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

Merge Definitions

Brocade Zoning

MergingProblem Now Resolved

8/12/2019 ZoneIng

35/39


Chapter 4 - 35

35

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgAll

ZoneEngZoneMkt


ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgAll

ZoneEngZoneMkt


SDRAM

SilkWorm

SwitchDomain

1

SwitchDomain

2

ISL

ENABLED

CONFIGURATION

cfgEngMkt

ZoneEngZoneMkt

Brocade Zoning

MergingUpdate definitions

8/12/2019 ZoneIng

36/39


Chapter 4 - 36

36

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgAll

ZoneEngZoneMkt


ENABLED

CONFIGURATION

cfgAll

ZoneEngZoneMkt


SDRAM

SilkWorm

Flash

Memory

CONFIGURATION

DEFINITIONS

cfgAll

ZoneEngZoneMkt


SDRAM

SilkWorm

SwitchDomain

1

SwitchDomain

2

ISL

ENABLED

CONFIGURATION

cfgAll

ZoneEngZoneMkt


Brocade Zoning

MergingEnable new definition >cfgenable cfgAll

8/12/2019 ZoneIng

37/39


Chapter 4 - 37

37Best Practices for Zoning

SilkWorm 2000 Series

Use for zone members

SilkWorm 3000 Series

Use WWN or zones

Referred to as Advanced Zoning

SilkWorm v4.x Series switches

Use WWN or zones

Referred to as Advanced Zoning

Mixed ASIC Fabrics

Preferable use identifiers

8/12/2019 ZoneIng

38/39


Chapter 4 - 38

38

Summary

Zoning logically separates the Fabric into subsets

Software enforced Uses NS, and HBAs need to be good citizens

Mixture of WWNs and pairs

Hardware enforced

Only with all pairs or allWWNs

When connected, a device automatically is in the zone

If zoning is enabled, all devices must be in a zone

Loom ASIC zones are treated independently and the entire cfgdoes

not go software enforced when a mixed zone type has been

introduced

8/12/2019 ZoneIng

39/39

2003 Brocade Communications Systems Incorporated

39Review Questions

1. What are some reasons for implementing Zoning?

2. What happens when two zone configurations do not match when

merging?

3. What is the purpose of a broadcast zone?

4. What is the difference betweenaliDelete and aliRemove?

ZoneIng

Documents

Transcript of ZoneIng