Download complete user manual (PDF). - Brocade

More documents

Recommendations

Info

1 NETCONF in client/server architecture RPC and error handling If the RPC request fails, an element is encoded inside the element and sent to the client. The element indicates the first detected error. The server is not required to detect or report multiple errors. If the server detects multiple errors then the order of the error detection and reporting is at the discretion of the server. SSH subsystem The NETCONF client must use Secure Shell Version 2 (SSHv2) as the network transport to connect to the NETCONF server. Only the SSHv2 protocol is supported as the NETCONF transport protocol. To run NETCONF over SSHv2, the client establishes an SSH transport connection using the SSH transport protocol to the NETCONF port. The default NETCONF port is 830. The underlying SSH client and server exchange keys for message integrity and encryption. The SSHv2 client invokes the ssh-userauth service to authenticate the user. All currently supported SSH user authentication methods such as the public-key, password, and keyboard-interactive authentications are supported for a NETCONF session also. If the SSH user authentication is disabled, the user is allowed full access. On successful user authentication, the client invokes the ssh-connection service, also known as the SSH connection protocol. After the SSH session is established, the NETCONF client invokes NETCONF as an SSH subsystem called netconf. RFE References For details about NETCONF and YANG as defined by the Internet Engineering Task Force (IETF), refer to the following documents: • RFC 4741, “NETCONF Configuration Protocol.” • RFC 4742 “Using the NETCONF Configuration Protocol over Secure SHell (SSH).” • RFC 6020, “YANG - A Data Modeling Language for the Network Configuration Protocol (NETCONF)” 6 Network OS NETCONF Operations Guide 53-1002565-01
NETCONF support in Network OS 1 NETCONF support in Network OS This section describes the support in Network OS for NETCONF features. Table 1 describes the degree of support in Network OS for each NETCONF RPC. TABLE 1 NETCONF RPCs supported in Network OS RPC Function Support in Network OS Copies the startup configuration to the running configuration, copies the running configuration to the startup configuration, copies the startup or running configuration to a remote file, or copies the remote file to the startup or running configuration. Terminates the current NETCONF session gracefully. Use custom RPC instead. Supported Deletes a configuration datastore. Supported Makes changes to a configuration datastore. Retrieves the entire or partial configuration data and operational state data. Retrieves the entire or partial configuration data. Forces the termination of a NETCONF session. The merge and delete operations are supported. The replace and create operations are not supported. The target is supported. The target is not supported. The element supports only the stop-on-error value. It does not support the continue-on-error or rollback-on-error values Retrieval of configuration data is supported. Retrieval of operational state data is not supported; configuration state data is not modeled in the data models. Supported Supported Locks a configuration datastore. Not supported Unlocks a configuration datastore. Not supported For details of the RPCs listed in Table 1, refer to RFE 4741. To retrieve operational state data, Network OS supports two mechanisms: • Brocade customized RPCs • The proprietary action mechanism Refer to Chapter 2, “Basic NETCONF Operations,” for details about Brocade customized RPCs and the proprietary action mechanism. Network OS NETCONF Operations Guide 7 53-1002565-01
Page 1 and 2: 53-1002565-01 21 September 2012 ®
Page 3 and 4: Contents (High Level) Section I Net
Page 5 and 6: Contents (Detailed) About This Docu
Page 7 and 8: Time zone settings . . . . . . . .
Page 9 and 10: Zone configurations management. . .
Page 11 and 12: LDAP. . . . . . . . . . . . . . . .
Page 13 and 14: Spanning Tree configuration and man
Page 15 and 16: Configure LLDP global options . . .
Page 17 and 18: Configure ingress SPAN, egress SPAN
Page 19 and 20: Figures Figure 1 Four layers of NET
Page 21 and 22: Tables Table 1 NETCONF RPCs support
Page 23 and 24: About This Document In this chapter
Page 25 and 26: • Chapter 30, “Configuring VRRP
Page 27 and 28: Additional information This section
Page 29 and 30: Network OS Administration Section I
Page 31 and 32: NETCONF Overview Chapter 1 In this
Page 33: NETCONF in client/server architectu
Page 37 and 38: Basic NETCONF Operations Chapter 2
Page 39 and 40: Retrieve configuration data 2 • A
Page 41 and 42: Retrieve configuration data 2
Page 43 and 44: Retrieve operational Data 2 0 test
Page 45 and 46: Retrieve operational Data 2 tengiga
Page 47 and 48: Manage the configuration 2 The de
Page 49 and 50: Disconnect from a NETCONF session 2
Page 51 and 52: Basic Switch Management Chapter 3 I
Page 53 and 54: Switch attributes 3 • A host name
Page 55 and 56: Reboot a Brocade switch 3 To
Page 57 and 58: Interfaces, slots, and modules 3 Ob
Page 59 and 60: Interfaces, slots, and modules 3
Page 61 and 62: supportSave data 3 supportSave data
Page 63 and 64: supportSave data 3 5 success
Page 65 and 66: Syslog server setup 3 Enable or dis
Page 67 and 68: Syslog server setup 3 192.168.163.2
Page 69 and 70: Syslog server setup 3 testuser pass
Page 71 and 72: RASlog configuration 3 informationa
Page 73 and 74: Time Management and the Network Tim
Page 75 and 76: Time zone settings 4 Retrieve
Page 77 and 78: Network Time Protocol 4 Retrieve an
Page 79 and 80: Installing and Maintaining Firmware
Page 81 and 82: Download the firmware from a remote
Page 83 and 84: Download the firmware from a remote
Page 85 and 86:
Evaluate a firmware upgrade 5 3. Is
Page 87 and 88:
Evaluate a firmware upgrade 5
Page 89 and 90:
Evaluate a firmware upgrade 5 19:1
Page 91 and 92:
Administering Licenses Chapter 6 In
Page 93 and 94:
Install or remove a license 6 Insta
Page 95 and 96:
Override Dynamic POD assignments 6
Page 97 and 98:
Override Dynamic POD assignments 6
Page 99 and 100:
Administering SNMP Chapter 7 In thi
Page 101 and 102:
SNMP community strings 7 1. Issue t
Page 103 and 104:
SNMP version 3 usernames 7 public r
Page 105 and 106:
SNMP server hosts 7 snmp
Page 107 and 108:
SNMP server hosts 7 1. Issue the R
Page 109 and 110:
SNMP server hosts 7 Operator 1234
Page 111 and 112:
SNMP server hosts 7 10.17.37.107 pu
Page 113 and 114:
Fabric Chapter 8 In this chapter
Page 115 and 116:
Fabric interface configuration mana
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Administering Zones Chapter 9 In th
Page 129 and 130:
Zone database size 9 The following
Page 131 and 132:
Zone aliases 9 10:00:00:05:00:00:00
Page 133 and 134:
Zone aliases 9 10:00:00:00:00:00:00
Page 135 and 136:
Zone aliases 9 cfg-save De
Page 137 and 138:
Zoning information 9 Retrieve the d
Page 139 and 140:
Zoning information 9 Retrieve th
Page 141 and 142:
Zones management 9 1. Issue the RP
Page 143 and 144:
Zones management 9 1. Issue the RP
Page 145 and 146:
Zone configurations management 9
Page 147 and 148:
Page 149 and 150:
Zone configurations management 9 Di
Page 151 and 152:
Zone configurations management 9 Cl
Page 153 and 154:
Page 155 and 156:
Configure zones example 9 5. Use th
Page 157 and 158:
Configure zones example 9 zoneA
Page 159 and 160:
LSAN Zones 9 • A required naming
Page 161 and 162:
LSAN Zones 9 ?xml version="1.0" enc
Page 163 and 164:
Configuring Fibre Channel Ports Cha
Page 165 and 166:
Retrieve the Fibre Channel port con
Page 167 and 168:
Set the Fibre Channel port speed 10
Page 169 and 170:
Configure a Fibre Channel port for
Page 171 and 172:
Retrieve Fibre Channel interface in
Page 173 and 174:
System Monitor Configuration Chapte
Page 175 and 176:
FRU monitoring 11 1 2 1 2
Page 177 and 178:
FRU monitoring 11 removed raslo
Page 179 and 180:
Alert notifications 11 Alert notifi
Page 181 and 182:
Alert notifications 11 To change th
Page 183 and 184:
Resource monitoring 11 Con
Page 185 and 186:
SFP monitoring 11 Display SFP monit
Page 187 and 188:
SFP monitoring 11 Pause SF
Page 189 and 190:
Security monitoring 11 Configure se
Page 191 and 192:
Interface monitoring 11 custom
Page 193 and 194:
Interface monitoring 11 The followi
Page 195 and 196:
Interface monitoring 11 Continue in
Page 197 and 198:
Network OS Security Configuration S
Page 199 and 200:
Managing User Accounts Chapter 12 I
Page 201 and 202:
User accounts 12 1. Issue the RPC
Page 203 and 204:
User accounts 12 testUser hell
Page 205 and 206:
Role-based access control (RBAC) 12
Page 207 and 208:
Role-based access control (RBAC) 12
Page 209 and 210:
Command Access rules 12 Rule
Page 211 and 212:
Command Access rules 12 Delete a ru
Page 213 and 214:
Command Access rules 12 accept read
Page 215 and 216:
Password policies 12 Password stren
Page 217 and 218:
Password policies 12 5. To verif
Page 219 and 220:
Password policies 12 For more infor
Page 221 and 222:
External AAA server authentication
Page 223 and 224:
Login authentication mode configura
Page 225 and 226:
Login authentication mode configura
Page 227 and 228:
RADIUS 13 The parameters in Table 8
Page 229 and 230:
RADIUS 13 10.38.37.180
Page 231 and 232:
TACACS+ 13 Configure the client
Page 233 and 234:
TACACS+ 13 fec0:60:69bc:94:
Page 235 and 236:
TACACS+ accounting 13 3. Under the
Page 237 and 238:
TACACS+ accounting 13 Enable comman
Page 239 and 240:
LDAP 13 To disable login accounting
Page 241 and 242:
LDAP 13 Client-side A
Page 243 and 244:
LDAP 13 5. Optional: Use the del
Page 245 and 246:
LDAP 13 Remove the mapping of an Ac
Page 247 and 248:
Fabric Authentication Chapter 14 In
Page 249 and 250:
Device authentication configuration
Page 251 and 252:
Device authentication configuration
Page 253 and 254:
Switch connection control (SCC) pol
Page 255 and 256:
Switch connection control (SCC) pol
Page 257 and 258:
Network OS Layer 2 Switch Features
Page 259 and 260:
Administering Edge-Loop Detection C
Page 261 and 262:
Set interface parameters on a port
Page 263 and 264:
Edge-loop troubleshooting 15 N
Page 265 and 266:
Configuring AMPP Chapter 16 In this
Page 267 and 268:
Configure AMPP port-profiles 16
Page 269 and 270:
Page 271 and 272:
Page 273 and 274:
Configure AMPP port-profiles 16 2
Page 275 and 276:
Configure AMPP port-profiles 16 vm1
Page 277 and 278:
Page 279 and 280:
Configure AMPP port-profiles 16 vm
Page 281 and 282:
Page 283 and 284:
Page 285 and 286:
Monitor AMPP profiles 16 vm
Page 287 and 288:
Monitor AMPP profiles 16 Obtain por
Page 289 and 290:
Configuring FCoE Interfaces Chapter
Page 291 and 292:
Assign an FCoE map to a LAG 17 def
Page 293 and 294:
Obtain FCoE Status 17 5 default
Page 295 and 296:
Configuring VLANs Chapter 18 In thi
Page 297 and 298:
VLAN configuration and management 1
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Page 305 and 306:
Page 307 and 308:
Configure protocol-based VLAN class
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Obtain VLAN information 18 rpc-repl
Page 315 and 316:
Configure the MAC address table 18
Page 317 and 318:
Configure the MAC address table 18
Page 319 and 320:
Configuring STP, RSTP, MSTP, PVST,
Page 321 and 322:
Configure STP 19 22/0/13 32
Page 323 and 324:
Configure RSTP 19 For details, refe
Page 325 and 326:
Configure MSTP 19 custom 5 22
Page 327 and 328:
Configure PVST and Rapid PVST 19 Co
Page 329 and 330:
Spanning Tree configuration and man
Page 331 and 332:
Page 333 and 334:
Page 335 and 336:
Page 337 and 338:
Page 339 and 340:
Page 341 and 342:
Page 343 and 344:
Page 345 and 346:
Retrieve spanning tree-related info
Page 347 and 348:
Configure STP, RSTP, MSTP, PVST, or
Page 349 and 350:
Page 351 and 352:
Page 353 and 354:
Page 355 and 356:
Page 357 and 358:
Page 359 and 360:
Page 361 and 362:
Page 363 and 364:
Page 365 and 366:
Configuring Link Aggregation Chapte
Page 367 and 368:
Configure a vLAG 20 231 tengigabite
Page 369 and 370:
Configure the vLAG ignore split opt
Page 371 and 372:
Configure the vLAG ignore split opt
Page 373 and 374:
LACP configuration and management 2
Page 375 and 376:
LACP configuration and management 2
Page 377 and 378:
Configuring LLDP Chapter 21 In this
Page 379 and 380:
Configure LLDP global options 21 nc
Page 381 and 382:
Configure LLDP global options 21
Page 383 and 384:
Configure LLDP global options 21 3.
Page 385 and 386:
Configure LLDP global options 21 Co
Page 387 and 388:
Configure LLDP global options 21 1.
Page 389 and 390:
Configure LLDP global options 21 c.
Page 391 and 392:
Configure LLDP interface-level opti
Page 393 and 394:
Configuring ACLs Chapter 22 In this
Page 395 and 396:
MAC ACL configuration and managemen
Page 397 and 398:
Page 399 and 400:
Page 401 and 402:
Page 403 and 404:
IP ACL configuration and management
Page 405 and 406:
Page 407 and 408:
Page 409 and 410:
Configuring QoS Chapter 23 In this
Page 411 and 412:
Queueing 23 Verify QoS trust To ver
Page 413 and 414:
Queueing 23 1 2 3 4 5 6 7
Page 415 and 416:
Queueing 23 2. Return a list of
Page 417 and 418:
Queueing 23 22/0/2 22/0
Page 419 and 420:
Queueing 23 The following example a
Page 421 and 422:
Queueing 23 0 test Create a D
Page 423 and 424:
Queueing 23 Verify a DS
Page 425 and 426:
Queueing 23 Refer to the Network OS
Page 427 and 428:
Queueing 23 Verify a CoS-to-Traffic
Page 429 and 430:
Queueing 23 The following example c
Page 431 and 432:
Queueing 23 test test 1
Page 433 and 434:
Congestion control 23 1000 1000 100
Page 435 and 436:
Congestion control 23 10 10 80 80
Page 437 and 438:
Congestion control 23 on on
Page 439 and 440:
Broadcast, Unknown Unicast, and Mul
Page 441 and 442:
Scheduling 23 Schedule the QoS queu
Page 443 and 444:
Data Center Bridging map configurat
Page 445 and 446:
Data Center Bridging map configurat
Page 447 and 448:
Brocade VCS Fabric QoS 23 Brocade V
Page 449 and 450:
Port-Based Policer 23 Configure a c
Page 451 and 452:
Port-Based Policer 23 1 1 1 1 1 1
Page 453 and 454:
Port-Based Policer 23 5. Under the
Page 455 and 456:
Port-Based Policer 23 Class maps Th
Page 457 and 458:
Configuring 802.1x Port Authenticat
Page 459 and 460:
802.1x authentication configuration
Page 461 and 462:
Interface-specific administrative t
Page 463 and 464:
Page 465 and 466:
Check 802.1x configurations 24 NOTE
Page 467 and 468:
Configuring sFlow Chapter 25 In thi
Page 469 and 470:
Page 471 and 472:
Page 473 and 474:
Configuring Switched Port Analyzer
Page 475 and 476:
Delete a SPAN connection from a ses
Page 477 and 478:
Delete a SPAN session 26 2. Issue t
Page 479 and 480:
Network OS Layer 3 Routing Features
Page 481 and 482:
IP Route Policy Chapter 27 In this
Page 483 and 484:
Configure a Route-map 27 1. Issue t
Page 485 and 486:
Configure and activate an IP route
Page 487 and 488:
Configure and activate an IP route
Page 489 and 490:
IP Route Management Chapter 28 In t
Page 491 and 492:
Configure static routes 28 Specify
Page 493 and 494:
Other Routing Operations 28 30
Page 495 and 496:
Configuring OSPF Chapter 29 In this
Page 497 and 498:
OSPF in a VCS Fabric environment 29
Page 499 and 500:
Perform Basic OSPF Configuration 29
Page 501 and 502:
Page 503 and 504:
Page 505 and 506:
Page 507 and 508:
Page 509 and 510:
Configuring VRRP Chapter 30 In this
Page 511 and 512:
Basic VRRP configuration example 30
Page 513 and 514:
Basic VRRP configuration example 30
Page 515 and 516:
Enable preemption 30 VRRP-E
Page 517 and 518:
Configure the Track Priority 30 Ena
Page 519 and 520:
Configure the Track Priority 30
Page 521 and 522:
Configure a multigroup virtual rout
Page 523 and 524:
Page 525 and 526:
Page 527 and 528:
Verify VRRP and VRRP-E configuratio
Page 529 and 530:
Configuring Remote Monitoring Chapt
Page 531 and 532:
Configure RMON alarm settings 31 a.
Page 533 and 534:
Configure RMON alarm settings 31 de
Page 535 and 536:
Configuring IGMP Chapter 32 In this
Page 537 and 538:
Configure IGMP snooping querier 32
Page 539 and 540:
Appendixes Section V This section c
Page 541 and 542:
Managing NETCONF Appendix A In this
Page 543 and 544:
View NETCONF statistics and session
Page 545 and 546:
Index Numerics 802.1x authenticatio
Page 547 and 548:
edge port enabling, 295 edge port,
Page 549 and 550:
license ID, retrieving, 63 installi
Page 551 and 552:
policer class map, configuring clas
Page 553 and 554:
Role-based Access Control (RBAC) ov
Page 555 and 556:
subtree filtering, 12 support-inter
Page 557 and 558:
Z zone alias See zone alias configu
show all

Download complete user manual (PDF). - Brocade

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?