用命令操作 Brocade SAN 交換器 - Part1: 基本操作

# 用命令操作 Brocade SAN 交換器 - Part1: 基本操作 ###### tags: `san` `storage` `brocade` [toc] 最近看到機房放著 SAN 交換器，就趕緊問問是那位同事的！趕緊請同事指導一下，也讓我趁機學學，要不然每次看到同事在安裝存儲系統時，設定 SAN 交換器的那股帥勁，真的很令人羨慕！ :::info - 機房現有的 SAN 交換器是 **IBM System Storage SAN48B-5（Brocade 6510）**，系統為 **Brocade Fabric OS** [[**產品資訊**]](https://www.redbooks.ibm.com/abstracts/tips1103.html)。 ![](https://hackmd.io/_uploads/SJ8C0Y4E3.png) - 目前各家 SAN 交換器應為 **Brocade Fabric** 和 **Cisco MDS** 二大陣營。 - Brocade 與 IBM 產品對應 | Brocade 產品名稱 | IBM 產品名稱 | IBM 機種料號 | | --- | --- | --- | | Brocade 6510 | SAN48B-5 | 2498 Model F48 | ::: # 連線準備 ## Web Tools Brocade® Web Tools 是嵌入在 Fabric OS® 韌體中的**圖形使用者界面(GUI)**，讓管理員能夠輕鬆地透過**瀏覽器**用來監控和管理單個或小型結構(Fabric)、交換機和網路界面。原本打算偷懶用 GUI 界面簡單學習！不過沒想到這台 SAN 交換器的管理工具，還**需要使用到 Java** ？！目前已知 SAN 交換器的**系統版本是 v7.4.1b**，應該是太舊了，似乎也和我安裝的 Java 版本不相容？！ ```bash java -version openjdk version "17.0.6" 2023-01-17 OpenJDK Runtime Environment (Red_Hat-17.0.6.0.10-1.fc38) (build 17.0.6+10) OpenJDK 64-Bit Server VM (Red_Hat-17.0.6.0.10-1.fc38) (build 17.0.6+10, mixed mode, sharing) ``` > 原先在 Linux 有個 **Java Web Start 套件 - icedtea-web**，似乎已經從 Fedora 套件庫移除了！該專案好像移轉至 [[Adoptium]](https://adoptium.net/)，嘗試安裝了 OpenJDK 跟 icedtea-web，不知道是不是版本相容問題，就是一直帶不起來管理界面。如果作業系統有正確安裝 Java，應該是可以順利使用 GUI 方式登入管理工具。 > 結果我改用辦公室 Windows 系統的電腦，還是不行（已經浪費 27 分鐘了），看來真的不合！同事是使用 MacOS 開啟終端機輸入以下命令開啟管理工具。 > javaws - JAVA Web Start 說實在的，腦容量有限，真心不懂！ ```bash javaws "http://<IP_Address_of_SAN_Switch>/switchExplorer_installed.html" ``` 還好問了一下同事，是否可以使用 **SSH/Console 連線**和**命令操作**方式嗎？**OK的！** 努力嘗試使用 GUI 界面 30 分鐘後終告放棄！ > 初始化組態也是先採用 Console 界面以命令設定基本組態。 :::danger **注意** 所以之後就不會費心有 GUI 畫面來操作 SAN 交換器了！ ::: ## 界面端視圖大致先了解設備連線界面吧。 ![](https://hackmd.io/_uploads/B1RxchE42.png) ||| | :-: | --- | | 1 | System Status LED | | 2 | Management Ethernet port with LED | | 3 | USB Port | | 4 | FC port 0-3 | | 5 | FC port 40-43 | | 6 | FC port 44-47 | | 7 | FC port 4-7 | | 8 | Switch ID poll-out tab | | 9 | Serial console port | | 10 | System power LED | :::warning - 所有 LED 顯示燈號皆在最上方界面埠的上方。左邊是上方界面埠，右邊是下方界面埠。 - 界面埠的編號是以 8 組埠為群組，由左至右、由上至下進行編號。 ::: # 連線方式 ![](https://hackmd.io/_uploads/S1Lp20r42.png) 1. 連接電源線至 SAN 交換器，可觀察 LED 燈號確認開機狀態。 2. 準備一台網路交換器，分別連接 SAN 交換器管理網路埠及設定筆電的網路埠。後續可透過使用 Telnet/SSH 連線登入，使用命令列設定。 3. 若要使用 Serial 連線，將 SAN 交換器的 Console 埠與設定筆電的 COM 埠連接即可。 ## Console 連線 **所有基礎設定都是先使用 serial console 連線完成**。還好之前有一點設定網路交換器的經驗，基本大致上相同，以下是終端機設定： | 參數 | 設定值 | | --- | --- | | Bits per second | 9600 | | Databits | 8 | | Parity | None | | Stop bits | 1 | | Flow control | None | :::info - 在 Linux 系統中推薦使用 **minicom**。 - 大多數目前筆電都是透過 USB 轉 Serial 埠，所以界面就設定成 **/dev/ttyUSB0** 就可以了！ - 由於同事已經完成 SAN 交換器的管理 IP 位址設定，就不透過 console 連線做初始化組態，直接用 SSH 連線管理 IP 進行登入。 ::: ## 管理 IP 連線接著跟同事要了交換器的基本連線及登入資訊，簡單測試一下 SSH 連線，確認可順利登入系統。 #### SAN 交換器登入資訊 | | | | --- | --- | | IP 位址 | 10.7.150.111 | | 登入帳號 | **admin**(預設) | | 登入密碼 | **password**(預設) | #### SSH 連線命令 ```bash $ ssh admin@10.7.150.111 The authenticity of host '10.7.150.111 (10.7.150.111)' can't be established. ECDSA key fingerprint is SHA256:XDGS1daGUO8L4xWbonpauHaN6nwNxoQahE7AgOtl4NA. This key is not known by any other names Are you sure you want to continue connecting (yes/no/[fingerprint])? yes Warning: Permanently added '10.7.150.111' (ECDSA) to the list of known hosts. admin@10.7.150.111's password: This Computer system, including all related equipment's, networks and network devices are provided only for authorized employees and other authorized personnel. Use of this system is monitored, recorded and audited for all lawful purposes. Unauthorized or improper use of this system may result in disciplinary action and/or civil charges/criminal penalties and /or prosecution by law. Evidence of unauthorized use collected during monitoring may be used for administrative, criminal, or other adverse action. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use. ----------------------------------------------------------------- switch:admin> ``` ## 簡化連線測試為了偷懶，所以簡化以上連線方式，將 SAN 交換器連線資訊讀入後使用 SSH 進行連線。根據上述的想法，進行初步測試驗證，結果還可接受。 #### `san_switch.conf` ```bash export SAN_SWITCH='10.7.150.111' export SAN_SWITCH_USERNAME='admin' export SAN_SWITCH_PASSWORD='password' ``` #### `connectSanSwitch.sh` ```bash #!/bin/bash sshpass -p ${SAN_SWITCH_PASSWORD} ssh -o StrictHostKeyChecking=no ${SAN_SWITCH_USERNAME}@${SAN_SWITCH} ``` ![](https://i.imgur.com/uM8pf8Q.png) > 天啊！設備有點年紀了順利完成登陸，為了加速測試，再把兩台 SAN 交換器要登入的資訊及連線命令精簡一些。 ![](https://i.imgur.com/KdxeREx.png) 準備就緒，開始探索......。 # 命令操作本次的目的在於透過命令可以簡單地完成日常任務。了解使用命令列的方式，也跟一般提供命令列的設備大同小異。透過遠端連線，根據所登入使用者帳號的權限及角色，賦予授權可用的命令，配合設備授權，進行可應用的功能組態。 ## Help 對於命令內容不清楚，可以透過 **`help <command>`** 或是 **`<command> --help`** 顯示命令執行說明。 ```bash switch:admin> help portshow User Commands portShow(1) NAME portShow - Displays status and configuration parameters for ports and GbE ports. SYNOPSIS portshow [slot/][ge]port portshow [slot/]port -link [-force] portshow -i [ index1 [-index2] [...]] [-f] portshow -pid pid portshow -x [hex1[-hex2] [...]] portshow option [slot/]ge_port [optional_args] portshow option [all | ve_port] arguments [optional_arguments] portshow option [all |ge_port] arguments [optional_arguments] DESCRIPTION Use this command to display general port status and specific configuration parameters for a specified port, GbE port, or VE_Port. If this command is executed for a specified port with no Type <CR> or <SPACE BAR> to continue, <q> to stop ``` :::info - 直接輸入 **`help`** 則會顯示**所有命令**。 - 也支援 **`| grep`** 可根據關鍵字搜尋命令。 ```bash switch:admin> help | grep user bladedisable Disables all user ports on a blade. ceeportledtest Cycle user port LEDs. fcipledtest Cycle user port LEDs. login Login as a new user passwd Set usernames and passwords portledtest Cycle user port LEDs. roleconfig Manage user-defined RBAC roles userconfig Display or configure user accounts userrename Rename user login name ``` ::: ## Help 主題內容以下 help 命令將提供特定主題相關的命令說明。 | Topic name | Help contents description | | --- | --- | | diagHelp | Diagnostic help information | | fcipHelp |FCIP help information | | ficonHelp | FICON help information | | mapsHelp | MAPS help information | | routeHelp | Routing help information | | secHelp | Security help information | | zoneHelp | Zoning help informatio | 其中 **zonehelp** 執行顯示的內容。 ```bash switch:admin> zonehelp aliadd Add a member to a zone alias alicreate Create a zone alias alidelete Delete a zone alias aliremove Remove a member from a zone alias alishow Print zone alias information bootluncfg Configure boot LUN for an HBA cfgactvshow Display Effective zone configuration information cfgadd Add a member to a configuration cfgclear Clear all zone configurations cfgcreate Create a zone configuration cfgdelete Delete a zone configuration cfgdisable Disable a zone configuration cfgenable Enable a zone configuration cfgremove Remove a member from a configuration cfgsave Save zone configurations in flash cfgshow Print zone configuration information cfgsize Print size details of zone database cfgtransabort Abort zone configuration transaction cfgtransshow Print zone configurations in transaction buffer defzone Activates or deactivates a default zone Configuration. msfr Create a MSFR Zone nsdevlog Manage Name Server device logs nszonemember Display the information of all the online devices which are zoned with the given device. openfr Create a MSFR Zone zone Configure zone objects zoneadd Add a member to a zone zonecreate Create a zone zonedelete Delete a zone zonehelp Print zoning help info zoneobjectcopy Copies a zone object zoneobjectexpunge Expunges a zone object zoneobjectrename Rename a zoning Object zoneobjectreplace Replace a zoning Object zoneremove Remove a member from a zone zoneshow Print zone information ``` ## more 若命令輸出結果太長，可以使用 **`<command> | more`** 逐頁顯示。 ```bash switch:admin> switchshow | more switchName: switch switchType: 109.1 switchState: Online switchMode: Native switchRole: Principal switchDomain: 112 switchId: fffc70 switchWwn: 10:00:50:eb:1a:42:88:7c zoning: OFF switchBeacon: OFF FC Router: OFF FC Router BB Fabric ID: 1 Address Mode: 0 HIF Mode: OFF Index Port Address Media Speed State Proto ================================================== 0 0 700000 id N16 No_Light FC 1 1 700100 id N16 No_Light FC 2 2 700200 id N16 No_Light FC 3 3 700300 id N16 No_Light FC 4 4 700400 id N16 No_Light FC 5 5 700500 id N16 No_Light FC 6 6 700600 id N16 No_Light FC 7 7 700700 id N16 No_Light FC 8 8 700800 id N16 No_Light FC 9 9 700900 id N16 No_Light FC 10 10 700a00 id N16 No_Light FC 11 11 700b00 id N16 No_Light FC 12 12 700c00 id N16 No_Light FC 13 13 700d00 id N16 No_Light FC 14 14 700e00 id N16 No_Light FC Type <CR> or <SPACE BAR> to continue, <q> to stop ``` ## clihistory - 輸入 **`clihistory`** 可顯示目前使用者先前執行命令的歷史清單。 - 輸入 **`clihistory --showuser <username>`** 可以指定使用者顯示其執行命令的歷史清單。 - 輸入 **`clihistory --showall`** 則顯示所有使用者執行命令的歷史清單。 - 會紀錄**時間戳記(timestamp)**、**使用者名稱(username)**、**FID**、**IP位址**和選項(option)及參數(argument)。 > FID for VF mode only **僅顯示使用者 admin** ```bash switch:admin> clihistory | more CLI history Date & Time Message Fri May 29 09:18:23 2020 admin, FID 128, 10.3.1.186, portperfshow Fri May 29 09:18:34 2020 admin, FID 128, 10.3.1.186, switchshow Fri May 29 09:22:11 2020 admin, FID 128, 10.3.1.186, portperfshow Fri May 29 09:22:14 2020 admin, FID 128, 10.3.1.186, switchshow Fri May 29 09:59:11 2020 admin, FID 128, 10.3.1.186, portperfshow Fri May 29 10:03:15 2020 admin, FID 128, 10.3.1.186, switchshow Fri May 29 10:14:53 2020 admin, FID 128, 10.3.1.186, portperfshow Mon Jun 1 16:28:22 2020 admin, FID 128, 10.3.1.186, switchshow Mon Jun 1 16:31:38 2020 admin, FID 128, 10.3.1.186, zoneshow ...... <以下省略> ``` **顯示所有使用者** ```bash switch:admin> clihistory --showall | more CLI history Date & Time Message Mon Oct 7 13:29:42 2019 sysage, 10.7.150.128, fosexec --fid 128 -cmd "portdisable 40" Mon Oct 7 13:29:44 2019 sysage, 10.7.150.128, fosexec --fid 128 -cmd "portdisable -i 40" Mon Oct 7 13:29:50 2019 sysage, 10.7.150.128, sleep 1 Mon Oct 7 13:48:32 2019 sysage, 10.7.150.128, printf "hello_from_cds\n" Mon Oct 7 13:49:09 2019 sysage, 10.7.150.128, printf "y\n" | lscfg --create 103 Mon Oct 7 13:49:11 2019 sysage, 10.7.150.128, setcontext 103 Mon Oct 7 13:49:20 2019 sysage, 10.7.150.128, fosexec --fid 103 -cmd "switchdisable" Mon Oct 7 13:49:23 2019 sysage, 10.7.150.128, printf "yes\n103\n\n\n\n\n\n\n" | configure Mon Oct 7 13:49:26 2019 sysage, 10.7.150.128, fosexec --fid 103 -cmd "switchenable" ...... <以下省略> ``` ## 其他稍微探索了一下命令環境，若要完成基本的 SAN 交換器設定，只要簡單了解幾個命令的使用參數及操作邏輯，應該就夠一般使用需求了，同事跟我這樣說的，所以暫定以下目標吧！ :::success **主要目標** 將連接 SAN 交換器的 ESXi 主機和存儲設備，完成簡單的 **Zoning 組態**。 ::: #### 發現？就隨便逛逛，有了以下的發現！似乎底層也是某種 Shell(rbash)？ ```bash switch:admin> echo $SHELL /bin/rbash switch:admin> echo $PATH /fabos/link_abin:/fabos/link_sbin:/fabos/link_bin ``` - 可使用 **Tab** 鍵帶出或補齊命令。 ```bash switch:admin> port portaddress portcfgencrypt portcfglongdistance portcfgspeed portflagsshow portlogportenable portshow portalpashow portcfgeport portcfglosstov portcfgtdz portledtest portlogreset portstats64show portbeacon portcfgeportcredits portcfglport portcfgtrunkport portlogclear portlogresize portstatsclear portbuffercalc portcfgexport portcfgnondfe portcfgvexport portlogconfigshow portlogshow portstatsshow portbuffershow portcfgfaultdelay portcfgnpivport portchannelshow portlogdisable portlogshowport portswap portcamshow portcfgfec portcfgnport portcmd portlogdump portlogtypedisable portswapdisable portcfg portcfgfillword portcfgoctetspeedcombo portdebug portlogdumpport portlogtypeenable portswapenable portcfgalpa portcfgflogilogout portcfgpersistence portdecom portlogenable portloopbacktest portswapshow portcfgautodisable portcfgfportbuffers portcfgpersistentdisable portdisable portlogeventshow portmirror porttest portcfgcompress portcfgge portcfgpersistentenable portdporttest portloggetdisable portname porttestshow portcfgcreditrecovery portcfggemediatype portcfgportgroup portenable portloginshow portpeerbeacon porttrunkarea portcfgdefault portcfggport portcfgqos portenccompshow portlogpdisc portperfshow portzoneshow portcfgdport portcfgislmode portcfgshow porterrshow portlogportdisable portrouteshow ``` - 也提供有限的殼層命令 **`grep`** 和 **`for 迴圈`**。 ```bash switch:admin> portshow -i 0-4 | grep 'portWwn:' portWwn: 20:00:50:eb:1a:7a:fe:5e portWwn: 20:01:50:eb:1a:7a:fe:5e portWwn: 20:02:50:eb:1a:7a:fe:5e portWwn: 20:03:50:eb:1a:7a:fe:5e portWwn: 20:04:50:eb:1a:7a:fe:5e ``` ```bash switch:admin> for ((i=0;i<5;i++)); do portshow $i | grep 'portWwn:';done portWwn: 20:00:50:eb:1a:7a:fe:5e portWwn: 20:01:50:eb:1a:7a:fe:5e portWwn: 20:02:50:eb:1a:7a:fe:5e portWwn: 20:03:50:eb:1a:7a:fe:5e portWwn: 20:04:50:eb:1a:7a:fe:5e ``` - 關閉指定埠範圍。 ```bash! switch:admin> portdisable 8-15 switch:admin> switchshow ...... <中間省略> ...... Index Port Address Media Speed State Proto ================================================== 0 0 6f0000 id N16 No_Light FC 1 1 6f0100 id N16 No_Light FC 2 2 6f0200 id N16 No_Light FC 3 3 6f0300 id N16 No_Light FC 4 4 6f0400 id N16 No_Light FC 5 5 6f0500 id N16 No_Light FC 6 6 6f0600 id N16 No_Light FC 7 7 6f0700 id N16 No_Light FC 8 8 6f0800 id N16 No_Light FC Disabled 9 9 6f0900 id N16 No_Light FC Disabled 10 10 6f0a00 id N16 No_Light FC Disabled 11 11 6f0b00 id N16 No_Light FC Disabled 12 12 6f0c00 id N16 No_Light FC Disabled 13 13 6f0d00 id N16 No_Light FC Disabled 14 14 6f0e00 id N16 No_Light FC Disabled 15 15 6f0f00 id N16 No_Light FC Disabled 16 16 6f1000 id N16 No_Light FC 17 17 6f1100 id N16 No_Light FC 18 18 6f1200 id N16 No_Light FC ``` :::info 指定界面可以使用: - **`[slot/]port1[-port2]`**: 單機的 slot 編號為 **'0'**，可省略。界面編號從 **'0'** 開始，第 48 埠界面編號為 **'47'**。 - **`-i [index1[-index2]`**: 單機埠的索引編號(Index)與埠編號(Port)相同。 - 若要指定第 9 埠至第 16 埠，使用界面編號為 **'[0/]8-15'** 或用索引編號為 **-i 8-15**。 ::: - 輸入 **'yes'** 強制確認有些命令採取互動式完成組態，雖然增加了準確性，但也降低了效率。有些命令有提供 **'--force|-f'**，但有些命令沒有。需要手動輸入答案進行互動。 ```bash switch:admin> cfgsave You are about to save the Defined zoning configuration. This action will only save the changes on Defined configuration. If the update includes changes to one or more traffic isolation zones, you must issue the 'cfgenable' command for the changes to take effect. Do you want to save the Defined zoning configuration only? (yes, y, no, n): [no] n Operation canceled... ``` 透過 **`echo '<action>' | <command>`** 直接給定選項完成命令。 ```bash switch:admin> echo 'n' | cfgsave You are about to save the Defined zoning configuration. This action will only save the changes on Defined configuration. If the update includes changes to one or more traffic isolation zones, you must issue the 'cfgenable' command for the changes to take effect. Do you want to save the Defined zoning configuration only? (yes, y, no, n): [no] Operation canceled... ``` 初步了解命令列應該這樣就夠了。 # 基本設定接著使用命令列來完成下列設定任務。 - IP 設定，包含網路遮罩、預設閘道。 - 交換器名稱 - DNS - 日期及時間: 包含時區及 NTP。 - 網域編號(Domain ID) ## IP 設定首先可以用 **`ipaddrshow`** 顯示目前系統的 IP 配置。 ```bash switch:admin> ipaddrshow SWITCH Ethernet IP Address: 10.7.150.113 Ethernet Subnetmask: 255.255.255.0 Gateway IP Address: 10.7.150.254 DHCP: Off ``` 使用 **`ipaddrset`** 設定管理埠的靜態 IP 位址資訊。 ```bash switch:admin> ipaddrset -ipv4 -add -ethip 10.7.150.112 \ > -ethmask 255.255.255.0 -gwyip 10.7.150.254 -dhcp off ``` :::danger **`ipaddrset --clear`** 清除所有 ipv4 和 ipv6 組態資訊。 ::: ## DNS 使用 **`dnsconfig`** 命令完成任務。若命令後未加入參數則會進入互動式設定。 - 顯示 DNS 資訊 ```bash switch:admin> dnsconfig --show Domain Name Server Configuration Information ____________________________________________ Please set domain name and name server IP address ``` - 設定 DNS 資訊 ```bash switch:admin> dnsconfig --add -domain metaage.lab \ > -serverip1 8.8.8.8 -serverip2 8.8.4.4 DNS parameters saved successfully switch:admin> dnsconfig --show Domain Name Server Configuration Information ____________________________________________ Domain Name = metaage.lab Name Server IP Address = 8.8.8.8 Name Server IP Address = 8.8.4.4 ``` - 刪除 DNS 資訊 ```bash switch:admin> dnsconfig --delete DNS parameters removed successfully ``` ## 日期和時間輸入命令 **`date "mmddHHMMyy"`** 調整日期和時間。 | | | | :-: | --- | | mm | 月, 01 - 12 | | dd | 日, 01 - 31 | | HH | 時, 00 - 23 | | MM | 分, 00 - 59 | | yy | 年, 00 - 37(2000 - 2037); 70-99(1970 - 1999) | ```bash switch:admin> date "0509002523" Tue May 9 00:25:00 UTC 2023 switch:admin> date Tue May 9 00:26:19 UTC 2023 ``` :::warning **注意** 若系統上已安裝 **temporary license**，除非先移除 temporary license，否則交換器將無法進行系統時間和日期的調整。請參考 [[**Date Change Restriction**]](https://techdocs.broadcom.com/us/en/fibre-channel-networking/fabric-os/fabric-os-software-licensing/9-1-x/v26447738/v26447699/GUID-01CA79AF-D7E7-40CF-A2EA-D70B9E18E482_3.html)。 ```bash switch:admin> date "0520052023" Cannot change the date since temporary licenses are installed on the switch ``` ::: ## 系統時區輸入 **`tstimezone`** 顯示目前設定時區。 ```bash switch:admin> tstimezone UTC ``` 若要設定時區，可以使用 **`tstimezone --interactive`** 互動式完成時區選擇設定。 ```bash switch:admin> tstimezone --interactive Please identify a location so that time zone rules can be set correctly. Please select a continent or ocean. 1) Africa 2) Americas 3) Antarctica 4) Arctic Ocean 5) Asia 6) Atlantic Ocean 7) Australia 8) Europe 9) Indian Ocean 10) Pacific Ocean 11) none - I want to specify the time zone using the POSIX TZ format. Enter number or control-D to quit ?5 Please select a country. 1) Afghanistan 18) Israel 35) Palestine 2) Armenia 19) Japan 36) Philippines 3) Azerbaijan 20) Jordan 37) Qatar 4) Bahrain 21) Kazakhstan 38) Russia 5) Bangladesh 22) Korea (North) 39) Saudi Arabia 6) Bhutan 23) Korea (South) 40) Singapore 7) Brunei 24) Kuwait 41) Sri Lanka 8) Cambodia 25) Kyrgyzstan 42) Syria 9) China 26) Laos 43) Taiwan 10) Cyprus 27) Lebanon 44) Tajikistan 11) East Timor 28) Macau 45) Thailand 12) Georgia 29) Malaysia 46) Turkmenistan 13) Hong Kong 30) Mongolia 47) United Arab Emirates 14) India 31) Myanmar (Burma) 48) Uzbekistan 15) Indonesia 32) Nepal 49) Vietnam 16) Iran 33) Oman 50) Yemen 17) Iraq 34) Pakistan Enter number or control-D to quit ?43 The following information has been given: Taiwan Therefore TZ='Asia/Taipei' will be used. Local time is now: Tue May 9 10:04:36 CST 2023. Universal Time is now: Tue May 9 02:04:36 UTC 2023. Is the above information OK? 1) Yes 2) No Enter number or control-D to quit ?1 System Time Zone change will take effect at next reboot switch:admin> tstimezone Asia/Taipei switch:admin> date Tue May 9 10:20:16 CST 2023 ``` 若是知道**時區編寫格式(country/city)**，直接使用 **`tstimezone <timeZone_format>`** 就可以完成時區設定。 ```bash switch:admin> tstimezone Asia/Taipei System Time Zone change will take effect at next reboot switch:admin> tstimezone Asia/Taipei ``` 另一種設定的方式，也是**預設時區的設定方式使用 GMT(0,0)**。設定方式為 **`tstimezone --old hourOffset[,minuteOffset]`**。 ```bash switch:admin> date Tue May 9 02:21:49 UTC 2023 switch:admin> tstimezone UTC switch:admin> tstimezone --old +8 System Time Zone change will take effect at next reboot switch:admin> tstimezone Time Zone Hour Offset: 8 Time Zone Minute Offset: 0 switch:admin> date Tue May 9 10:22:24 Localtime 2023 ``` ## NTP 網路校時使用 **`tsclockserver`** 命令可以顯示及設定 NTP 資訊。 ```bash switch:admin> tsclockserver 10.7.150.254 Updating Clock Server configuration...done. Updated with the NTP servers switch:admin> tsclockserver Active NTP Server 10.7.150.254 Configured NTP Server List 10.7.150.254 --- switch:admin> tsclockserver "time1.google.com; time2.google.com" Updating Clock Server configuration...done. Updated with the NTP servers switch:admin> tsclockserver Active NTP Server time1.google.com Configured NTP Server List time1.google.com;time2.google.com ``` :::warning - 若要使用 FQDN 請先配置 DNS 設定。 - 定義多組 NTP 服務主機，請用 **';'** 區隔。 ::: 若指定 NTP 服務主機無法完成，會出現以下錯誤。請確認所設定 NTP 服務是否可到達。 ```bash switch:admin> tsclockserver 10.7.150.119 Updating Clock Server configuration...NTP Query Failed. No server is reachable ``` 另外可以使用 **`ipfilter --show`** 命令確認 **port 123** 是否開啟。 ```bash switch:admin> ipfilter --show Name: default_ipv4, Type: ipv4, State: active Rule Source IP Protocol Dest Port Action 1 any tcp 22 permit 2 any tcp 23 permit 3 any tcp 80 permit 4 any tcp 443 permit 5 any udp 161 permit 6 any udp 123 permit 7 any tcp 600 - 1023 permit 8 any udp 600 - 1023 permit Name: default_ipv6, Type: ipv6, State: active Rule Source IP Protocol Dest Port Action 1 any tcp 22 permit 2 any tcp 23 permit 3 any tcp 80 permit 4 any tcp 443 permit 5 any udp 161 permit 6 any udp 123 permit 7 any tcp 600 - 1023 permit 8 any udp 600 - 1023 permit ``` 預設 NTP 服務應為 **LOCL**。 ```bash switch:admin> tsclockserver LOCL Updating Clock Server configuration...done. Updated with the NTP servers switch:admin> tsclockserver Active NTP Server LOCL Configured NTP Server List LOCL switch:admin> configshow | grep '^ts.' ts.clockServer:LOCL ts.clockServerIndex:-1 ts.clockServerIndexList:-1 ts.clockServerList:LOCL ``` ## 設備名稱更改**機箱名稱(Chassis Name)** 和**交換機名稱(Switch Name)** 對於識別設備及日誌紀錄追蹤十分有用。請為機箱和交換機指定一個易於理解有意義的名稱。 ### 機箱名稱使用 **`chassisname`** 命令可以達成目的。 :::info 測試機種預設的機箱名稱為 **IBM_2948_F48**。 ::: ```bash switch:admin> chassisname IBM_2498_F48_112 switch:admin> chassisname IBM_2498_F48_112 ``` ### 交換器名稱使用 **`switchname`** 命令可以輕易完成，重新登入後變更生效。 ```bash switch:admin> switchname switch switch:admin> switchname SAN48-112 Committing configuration... Done. Switch name has been changed.Please re-login into the switch for the change to be applied. switch:admin> login SAN48-112 login: admin Password: This Computer system, including all related equipment's, networks and network devices are provided only for authorized employees and other authorized personnel. Use of this system is monitored, recorded and audited for all lawful purposes. Unauthorized or improper use of this system may result in disciplinary action and/or civil charges/criminal penalties and /or prosecution by law. Evidence of unauthorized use collected during monitoring may be used for administrative, criminal, or other adverse action. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use. ----------------------------------------------------------------- SAN48-112:admin> switchname SAN48-112 ``` --- 以上應該就是初步 SAN 交換器的設定。後續接著就是最常用到的 [**Zoning 配置**](https://hackmd.io/@farmer87/brocade_learning_02)。 # 參考 - IBM System Storage SAN48B-5: Installation, Service, and User Guide [[**連結**]](https://www.ibm.com/support/pages/system/files/support/ssg/ssgdocs.nsf/0/105917ac01b79da0852578f500768d0e/$FILE/bf485isug03.pdf) --- # 其他用命令操作 Brocade SAN 交換器 - [Part1: 基本操作](https://hackmd.io/@farmer87/brocade_learning_01) - [Part2: Zoning 設定](https://hackmd.io/@farmer87/brocade_learning_02) - [Part3: 交換器互連](https://hackmd.io/@farmer87/brocade_learning_03)