Zoning
Zoning enables you to set up access control between storage devices or user groups. If you have administrator privileges in your fabric, you can create zones to increase the network security and to prevent data loss or corruption. Zoning is enforced by examining the source-destination ID field.
From SAN Controller Release 12.0.1a, Regular zones, and IVR zones are merged into a single zoning page.
 Note |
When device aliases are used for zoning in Web UI, end devices must be logged into the fabric thus web GUI can configure zoning using device aliases. If end nodes are not logged in, PWWN can be used for zoning. |
The following table describes the fields and icons that appear on SAN Controller Virtual Management > Zoning tab.
| Field | Description | ||
|---|---|---|---|
|
Zoning Type |
Choose radio button next to Regular or IVR to select required zoning type. |
||
|
Fabric |
From the Fabric drop-down list, you can choose the fabric for which you are configuring or viewing the Zoning. If admin role locks the fabric, you can view lock icon next to the fabric field. |
||
|
VSAN |
Choose Regular Zoning type to view VSAN field. From the VSAN drop-down list, you can choose the VSAN for which you are configuring regular zones. |
||
|
Region ID |
Choose IVR Zoning type to view Region ID field. From the Region ID drop-down list, you can choose the region name for which you are configuring IVR zones. |
||
|
Enhanced Zoning |
Click configurations icon next to VSAN text field to view Enhanced zoning window.
For more details, refer to Enhanced Zoning section. |
||
|
Cisco Fabric Services (CFS) |
Click set-up assistant icon next to the Region ID field to view CFS window.
For more details, refer to CFS section. |
||
|
Switch |
From the Switch drop-down list, select the switch to which you want to configure. |
||
|
Action |
On Zoning field, click Actions to view the following items:
|
||
|
Changes |
On Zoning field, click .
|
||
|
Database |
On Zoning field, click .
|
||
|
Clear Server Cache |
On Zoning area, choose . Clears the cache on the server. |
||
|
Discovery Sync |
On Zoning area, choose . To synchronize zoning modules with discovery. |
This chapter contains the following sections:
Enhanced Zoning
From SAN Controller Release 12.0.1a, Enhanced Zoning feature is added for Regular Zoning type.
Enhanced zoning performs all configurations within a single configuration session for regular zoning. When you begin a session, the switch locks the entire fabric to implement the changes.
Choose Regular radio button on Zoning type, Click configurations icon next to VSAN field to view Enhanced zoning window.
The Enhanced Zoning window has the following fields and their descriptions.
|
Field |
Description |
|---|---|
|
Switch |
Specifies IP address of the switch. |
|
Mode |
Displays mode of the switch, that can be one of the following:
|
|
Result |
Displays the activation results, which can be one of the following:
|
|
Config DB locked by |
Displays the role name of locked configuration database. |
|
Action |
Displays the action on the switch, that can be one of the following:
Click edit icon on last column to select required action and click check mark icon to save. |
|
Last Action Results |
Displays status of last configuration database. |
|
Enforce full DB merge |
Displays status as enabled or disabled. Click edit icon on last column to select required action and click check mark icon to save. Enabling it ensures that both the active and local zones are merged and are identical on all switches for a VSAN. |
|
Read from |
For enhanced zones or IVR CFS enabled zones when a change is made to zoning DB on a switch, all zone data is pushed into a pending database, until commit command is issued. This flag helps user to get data either from pending zone DB (Copy DB) or regular zone DB (Effective DB). Click edit icon on last column to select required action and click check mark icon to save. |
|
Activation Date |
Specifies date of the zoneset activated. |
To perform various operations on Enhanced Zoning window from SAN Controller Web UI, perform the following steps:
Procedure
|
Step 1 |
Choose , choose required Zone Type, Fabric, and VSAN. |
|
Step 2 |
Click configurations icon adjacent VSAN field The Enhanced Zoning window is displayed. |
|
Step 3 |
Click Edit icon next to Read from column, to select required database and click Tick icon to save. |
|
Step 4 |
To change the mode from basic to enhanced, choose , and click Apply. |
|
Step 5 |
You can follow the same procedure to set mode from enhanced to basic, choose , and click Apply. |
CFS
Cisco Fabric Services (CFS) provides a common infrastructure for automatic configuration synchronization in the fabric for IVR zoning. When a CFS is configured on one switch and same properties can be transmitted on other switches. You can enable or disable IVR on the switch. Furthermore, you can enable or disable both CFS and global CFS on the selected switch.
Choose IVR radio button on Zoning type, Click set-up assistant icon next to VSAN field to view CFS window.
You can view below tabs on CFS window:
-
Control
-
IVR
-
Action
The following table describes the fields that appear on Control tab.
| Fields | Description |
|---|---|
| Switch | Specifies IP address of the switch. |
| IVR Status | Displays whether IVR is enabled or disabled on the switch. |
| Edit | Click Edit icon to enable or disable IVR on the switch and click tick mark to save changes. |
| Refresh | Click Refresh icon to refresh table. |
| Apply | Click Apply to save changes for each modification on the switch. |
| Done | Click Done to save all changes and to exit from CFS window. |
The following table describes the fields and descriptions that appears on IVR tab.
| Fields | Description |
|---|---|
| Switch | Specifies IP address of the switch. |
| CFS Status | Specifies whether CFS status is enabled or disabled. |
| Global CFS | Specifies whether this feature is enabled or disabled on the switch. |
| Read from |
Specifies status:
|
| Lock Owner | Specifies switch is locked by admin. |
| Merge Status | Specifies fabric merge that occurred. |
| Region ID | Specifies the region id of the switch. |
| Edit | Click Edit icon to perform changes in Read from and Region ID column for selected row. |
| Apply | Click Apply to save changes for each modification on the switch |
| Refresh | Click Refresh icon to refresh table. |
| Done | Click Done to save all changes and to exit from CFS window. |
To perform various operations on a switch in the IVR tab from SAN Controller Web UI, perform the following steps:
Procedure
|
Step 1 |
Select a switch, choose and click Apply to enable IVR on a switch.
|
||||||||||||||||||||||||
|
Step 2 |
Select a switch, choose and click Apply to disable IVR on a switch. |
||||||||||||||||||||||||
|
Step 3 |
Select a switch, choose and click Apply to clear IVR information on a switch. |
||||||||||||||||||||||||
|
Step 4 |
Select a switch, choose and click Apply to enable CFS on a switch. |
||||||||||||||||||||||||
|
Step 5 |
Select a switch, choose and click Apply to enable CFS globally on a switch. The following table describes the fields and descriptions that appears on Action tab.
|
Zonesets
Based on the selected Fabric, VSAN and Switch, the Zoneset area displays the configured zonesets and their status. You can create, copy, delete, or edit the zonesets. Further, the zonesets can be activated or deactivated.
The following table describes the fields and descriptions that appear on SAN Controller Zoning Zonesets table.
|
Field |
Description |
|---|---|
|
Zoneset Name |
Lists all the names that are configured under the selected Zoneset. Click on the Zoneset name to view the summary information in a slide-in pane. Click Edit Zoning to edit and activate zoneset. |
|
Modified |
Displays if the zoneset is modified or not. |
|
Activation Date |
Specifies date of the zoneset activated. |
Procedure
|
Step 1 |
To create zonesets from SAN Controller Web UI, choose . The Create Zoneset window appears. |
|
Step 2 |
Enter a valid name for the zoneset, and click Create zoneset. A zoneset is created and is listed in the Zoneset area. |
|
Step 3 |
To Copy/Clone zonesets, choose radio button and choose or click ellipse icon in last column on required zone name. The Clone or Copy Zoneset window shows two options. Choose the appropriate radio button. You can choose one of the following:
|
|
Step 4 |
To delete the zoneset, choose the zoneset radio button next to Zoneset Name column and choose . A confirmation window appears. Click Yes to delete the zoneset. |
|
Step 5 |
To edit the zone name, choose the zone radio button next to the Zoneset Name column and choose or click ellipse icon in last column on required zone name. The Zoneset page for the selected fabric is displayed. Choose check box next to Zone Name column, choose. Enter the new name for the zoneset. Click Rename. |
|
Step 6 |
To deactivate a zoneset, choose the zoneset radio button next to the Zoneset Name column and click . A confirmation window appears. Click Yes to deactivate the zoneset. |
|
Step 7 |
To activate a zoneset, choose radio button next to the Zoneset Name column and click Activate. The Zoneset Differences window shows the changes made to the zoneset since it was activated previously. Click Activate. |
Zones
UI Path: Zoning. Select a zone member, a slide-in panel appears. Click on Launch icon to view Zones window.
Based on the Zoneset that is selected, the zones that are configured under that zoneset are displayed in the Zones area. To view Zones tab, click on a radio button for a zoneset, choose . A Zoneset window is displayed. It also displays true or false only when the VSAN has smart zone that is enabled.
You can create, copy, delete, or clone, and rename the zones. It also displays true or false only when the VSAN has smart zone that is enabled. Furthermore, the zones can be added to or removed from the selected Zoneset. You can also enable or disable the smart zone on the zone table.
The Zones area has the following fields and their descriptions.
| Field | Description | ||
|---|---|---|---|
|
Filter by Attribute |
You can search by specifying the required zone name or zoneset and members. | ||
|
Add to zoneset |
You can select zone name and click Add to zoneset. |
||
|
Refresh |
Click Refresh icon to refresh table. |
||
|
Zone Name |
Displays the name of the zone. You can search by specifying the zone name. From Release 12.1.2e, you can click Topology icon next to the Zone name to view Zone Topology. The topology is displayed in Hierarchical Left-Right layout by default. In the topology view, hover on the nodes to see tool tip. Click on switch to view the switch summary. Click Launch icon to view Switch Overview.
Select the zone name to view the members of the zoneset. From Release 12.1.2e, the Status column displays if the zone member is online or offline. |
||
|
In Zoneset |
Specifies whether a zone is part of a zoneset. Displays true if the zone is part of a zoneset. Otherwise, displays false. You can search by choosing true or false from the In Zoneset drop-down list. |
||
|
Members |
Specifies the zone members of the zone. You can search by specifying the member. |
Procedure
|
Step 1 |
To create zones, choose Zoning. |
||
|
Step 2 |
In the Zonesets area, choose required Zoneset Name. A slide-in panel is displayed. |
||
|
Step 3 |
To create a zone, choose . |
||
|
Step 4 |
To enable a smart zone, choose required check box next to Zone Name, choose . You can view smart zone column only if smart zoning is enabled for VSAN. |
||
|
Step 5 |
To disable a smart zone, choose required check box next to Zone Name, choose . |
||
|
Step 6 |
To Clone Zones, choose Configure > SAN > Zoning > Zones, select the Zone radio button and click Clone Zone icon. The Clone Zone window is displayed. |
||
|
Step 7 |
To rename a zone from a zoneset, choose required check box next to Zone Name, choose . In the Name field, enter the new name for the zone, and click Rename. |
||
|
Step 8 |
To remove a zone from a zoneset, choose required check box next to Zone Name, choose . The zone is removed from the selected Zoneset. A green tick mark disappears next to the Zone name to indicate that the zone is removed from the zoneset. |
||
|
Step 9 |
To delete a zone from a zoneset, choose required check box next to Zone Name, choose . You can select single or multiple zones to delete at an instant.
|
FC Aliases
Navigation Path:
From SAN Controller Release 12.0.1a, FC Aliases feature is supported for regular zones. It is used to associate with one or more pWWNs to a required name. When you add a zone member, you can add FC Alias or delete existing FC Alias. FC Aliases tab displays below fields:
-
FC Alias – Specifies the name of FC Alias.
-
Member – Specifies members associated with FC Alias.
To do FCAliases operations, perform the following steps:
Procedure
|
Step 1 |
Choose , click required Zoneset Name. A slide-in panel window appears. |
|
Step 2 |
Click Edit Zoning or Launch icon to view Zoneset page. The Zoneset window is displayed. |
|
Step 3 |
Click FC Aliases tab to view the FC Aliases area. |
|
Step 4 |
To create a new FC alias, choose . The Create new FC Alias window is displayed. |
|
Step 5 |
To delete a new FC alias, select required check box next to the FC Alias column, choose . |
Members
UI Path:
Based on the selected zoneset and zone, the Members area displays the zone members and their status. Enter required field name in Filter by attributes text field to view member details.
The Members area has the following fields and their descriptions.
| Field | Description |
|---|---|
|
Zone/FC Alias |
Displays the name of the zone member. You can search by specifying the zone name. |
|
Member |
Displays the member name for the zone. |
|
Switch |
Specifies the switch that the zone member is linked. You can search by specifying the switch. |
|
Interface |
Specifies the interface that the zone member is attached to. You can search by specifying the interface. |
|
Status |
Specifies the status of zone. |
|
Zoned By |
Displays the type of zoning. You can search by type of zoning such as WWN, FCID, FC Alias, or iSCSI, FWWN, Device Alias, IP Subnet and many more. |
|
FCID |
Specifies the FCID associated with the zone member. You can search by specifying the FCID associated with the zone member. |
|
pWWN |
Specifies the pWWN of the switch. You can search by specifying the WWN of the switch. |
You can add or remove members from the zoneset. Furthermore, you can also add existing members and add existing FC Alias to members.
From SAN Controller Web UI, choose to view Members area on Zoneset window.
Select a zoneset and zones to view the list of zone members.
Procedure
|
Step 1 |
To create new member, In Members area, choose . In the Create and Add a new Member window, choose radio button of the appropriate zone. Enter a valid name in text field and click Create Member. Based on Zone by radio button section, the new name is only for the selected zone by and not for all the zone. For example, when you choose WWN zone by, the name in the text field is for WWN zone. Similarly, when you choose Domain & Port zone by, the Domain ID number and Switch Interface name. The Create new Member allows you to add a member to a zone that does not exist in the fabric, currently. This feature can be utilized when the device discovery did not discover all the devices. With the Available to add feature, you can add a discovered device to the zone. |
||||||||||||||||
|
Step 2 |
To remove a zone member, choose check box next to Parent column and then click You can select multiple zones in an instance to remove. |
||||||||||||||||
|
Step 3 |
To add existing member, choose . The Add existing members window is displayed. This window has the following fields and their descriptions.
|
||||||||||||||||
|
Step 4 |
Select the appropriate Zone by option and select required Member Name. |
||||||||||||||||
|
Step 5 |
Click Add members.
|
Feedback