beautypg.com

Enabling the fabric-wide consistency policy, Enabling high-integrity fabric mode – Brocade FICON Administrator’s Guide (Supporting Fabric OS v7.3.0) User Manual

Page 37

background image

Enter the secpolicycreate command to add all switches in the fabric, if they are connected.

secpolicycreate "SCC_POLICY","*"

Enter the secpolicyadd command to add one or more members to an existing policy. The
following command is an example of adding a member using device WWNs.

secpolicyadd "SCC_POLICY","wwn1;wwn2"

3.

Enter the secpolicyactivate command to activate the currently defined SCC policy.
This activates the policy set on the local switch or all switches in the fabric, depending on the
configured fabric-wide consistency policy.

Enabling the fabric-wide consistency policy

Enable the fabric-wide consistency policy after all the switches have joined the merged fabric. If there
are fabric-wide data distribution (FDD) conflicts on any of the ISLs, disable the fabric-wide consistency
policy on each switch in the fabric.

Once the fabric has merged successfully (use fabricShow to verify), enter the following command.

fddcfg --fabwideset "SCC:S"

Following are considerations for enabling the fabric-wide security policy:

SCC:S enforces strict mode, which is required for FICON.

Fabric-wide consistency policy cannot be set to strict mode on an edge fabric if the fabric connects
to a FCR, although FCR front and translate domains can exist in the fabric. For more information,
refer to

FCR and FICON cascading

on page 42.

Enabling High-Integrity Fabric mode

Setting High-Integrity Fabric (HIF) mode on a switch verifies that the switch meets high-integrity fabric
requirements through the channel's Extended Link Services Exchange Query Security Attributes (ELS
QSA) function.

For a list of high-integrity fabric requirements for switches, refer to

Meeting high-integrity fabric

requirements

on page 33. Setting HIF mode locks the IDID, fabric-wide consistency policy, and SCC

policy settings to ensure that the fabric is of high integrity so that it can connect with the FICON
channel. You cannot change these settings without disabling HIF mode.

NOTE
HIF mode must be enabled to enable FMS mode.

To enable HIF mode, use the following steps.

1.

Connect to the switch and log in using an account assigned to the admin role.

2.

Enter the configure command and step through the interactive prompts.
a)

At the "Fabric parameters" prompt, type y.

b)

At the "High Integrity Fabric Mode" prompt, type y.

If HIF configuration requirements have not been met, an error message describes what you must
configure for the command to succeed. For example, the following message states that an IDID, SCC
policy or fabric-wide consistency policy have not been configured for the switch. Perform additional
configuration if required, then enable HIF mode.

Error: Unable to set HIF Mode. No valid IDID settings,

SCC policy and/or Fabric wide(SCC:S) configuration

Enabling the fabric-wide consistency policy

FICON Administrator's Guide

35

53-1003144-01

See also other documents in the category Brocade Computer Accessories: