Support for ipv6 addressing, Support for virtual fabrics, Filtering ports – Brocade Fabric OS Administrators Guide (Supporting Fabric OS v7.3.0) User Manual

Support for IPv6 addressing

IPv6 addressing is supported in Fabric OS v5.3.0 and later releases.

Support for Virtual Fabrics

Virtual Fabrics is supported in Fabric OS v6.2.0 and later releases.

When an SNMPv3 request arrives with a particular user name, it executes in the home Virtual Fabric.
From the SNMP manager, all SNMPv3 requests must have a home Virtual Fabric that is specified in the
contextName field. When the home Virtual Fabric is specified, it will be converted to the corresponding
switch ID and the home Virtual Fabric will be set. If the user does not have permission for the specified
home Virtual Fabric, this request fails with an error code of noAccess .

For an SNMPv3 user to have a home Virtual Fabric, a list of allowed Virtual Fabrics, an RBAC role, and
the name of the SNMPv3 user should match that of the Fabric OS user in the local switch database.
SNMPv3 users whose names do not match with any of the existing Fabric OS local users have a default
RBAC role of admin with the SNMPv3 user access control of read/write. Their SNMPv3 user logs in with
an access control of read-only. Both user types will have the default switch as their home Virtual
Fabrics.

The contextName field should have the format "VF:xxx", where xxx is the actual VF_ID, for example
"VF:1". If the contextName field is empty, then the home Virtual Fabric of the local Fabric OS user with
the same name is used. As Virtual Fabrics and Admin Domains are mutually exclusive, this field is
considered as Virtual Fabrics context when Virtual Fabrics is enabled. You cannot specify chassis
context in the contextName field.

The following example shows how the VF:xxx field is used in the snmpwalk command. This command
is executed on the host and it walks the entire MIB tree specified (.1).

switch# snmpwalk -v3 -a MD5 -A passpass -x AES128 -u admin1 -X passpass -n VF:4

10.20.8.17 1.3.6.1.4.1.1588.2.1.2.1.5.1 -l authPriv

Filtering ports

Each port can belong to only one Virtual Fabric at any time. An SNMP request coming to one Virtual
Fabric can only view the port information of the ports belonging to that Virtual Fabric. All port attributes
are filtered to allow SNMP to obtain the port information only from within the current Virtual Fabrics
context.

Switch and chassis context enforcement

All attributes are classified into one of two categories:

• Chassis-level attributes
• Switch-level attributes

Attributes that are specific to each logical switch belong to the switch category. These attributes are
available in the Virtual Fabrics context and not available in the Chassis context.

Attributes that are common across the logical switches belong to the chassis level. These attributes are
accessible to users having the chassis-role permission. When a chassis table is queried, the context is
set to chassis context, if the user has the chassis-role permission. The context is switched back to the
original context after the operation is performed.

Support for IPv6 addressing

Fabric OS Administrators Guide

195

53-1003130-01