Support User Manuals

Q-Logic 59048-02 A Switch User Manual

Open as PDF

of 226

3 – Managing Fabrics

Zoning a Fabric

59048-02 A 3-15

Q

3.4.1.1.2

Access Control List Hard Zones

Access Control List (ACL) zoning divides the fabric for purposes of controlling

discovery and inbound traffic. ACL zoning is a type of hard zoning that is

hardware enforced. This type of zoning is useful for controlling access to certain

devices without totally isolating them from the fabric. Members can communicate

with each other and transmit outside the ACL zone, but cannot receive inbound

traffic from outside the zone. The ACL zone boundary is secure against inbound

traffic. ACL zones can overlap; that is, a port can be a member of more than one

ACL zone. ACL zones that include members from multiple switches need not

include the ports of the inter-switch links. ACL zone boundaries supersede soft

zone boundaries, but yield to VPF zone boundaries. Membership can be defined

only by domain ID and port number. ACL zoning supports all port modes except

TL_Ports.

3.4.1.1.3

Virtual Private Fabric Hard Zones

Virtual Private Fabric (VPF) zoning divides the fabric for purposes of controlling

discovery and both inbound and outbound traffic. This type of zoning is useful for

providing security and reserving paths between devices to guarantee bandwidth.

VPF zoning is a type of hard zoning that is hardware enforced. Members can only

transmit to and receive from members of the same VPF zone. The VPF zone

boundary is secure against both inbound and outbound traffic. VPF zones that

include members from multiple switches must include the ports of the inter-switch

links. VPF zones cannot overlap; that is, a port can be a member of only one VPF

zone. VPF zone boundaries supersede both soft and ACL zone boundaries.

Membership can be defined only by domain ID and port number. VPF zoning

supports all port modes.

Note: Domain ID conflicts can result in automatic reassignment of switch

domain IDs. These reassignments are not reflected in zones that use

domain ID and port number pairs or Fibre Channel addresses to define

their membership. Be sure to reconfigure zones that are affected by a

domain ID change. To prevent zoning definitions from becoming invalid

when the membership is defined by domain ID/port number or Fibre

Channel address, you must lock domain IDs. Refer to ”Domain ID and

Domain ID Lock” on page 4-16 and ”Set Config Command” on page A-

32 for more information.

previous next