HP SN6000 /Qlogic Sanbox 5000 switch cli install guide

HP SN6000 /Qlogic Sanbox 5000 switch cli install guide 
Note: All IP addresses and host-names have been edited to protect the innocent!

So the day has arrived, you’re itching to get this all connected up, after spending half an hour unpacking all the switches individually boxed sfp’s and cables let’s begin.

This guide is based on a stacked topology of 4 switches per fabric, in the event of switch failure only one segment in the stack will be lost due to the mesh design. This will result in an MPIO failure for any HBA’s attached to that switch. However, provided you have correctly configured  – cabled/zoned the host and storage to both fabrics you should not suffer any outages.

HP SN6000_Stacked

For the initial setup you will need to connect to the fabric switches via terminal connection, after some configuration changes we will be able access the switch via SSH.

The default admin password is ‘password’

1. Initial setup, Configuring an IPv4 address:

At the session prompt enter:
SN6000 FC Switch #> admin start
SN6000 FC Switch (admin) #> set setup system ipv4
A list of attributes with formatting and current values will follow.
Enter a new value or simply press the ENTER key to accept the current value.
If you wish to terminate this process before reaching the end of the list
press ‘q’ or ‘Q’ and the ENTER key to do so.
Current Values: (system default values)
EthIPv4NetworkEnable      True
EthIPv4NetworkDiscovery  Static
EthIPv4NetworkAddress    10.0.0.1
EthIPv4NetworkMask         255.0.0.0
EthIPv4GatewayAddress   10.0.0.254

New Value (press ENTER to accept current value, ‘q’ to quit, ‘n’ for none):
EthIPv4NetworkEnable      (True / False)                                         :  True
EthIPv4NetworkDiscovery (1=Static, 2=Bootp, 3=Dhcp, 4=Rarp)   :  Static
EthIPv4NetworkAddress    (dot-notated IP Address)                       :  172.16.20.1
EthIPv4NetworkMask         (dot-notated IP Address)                       :  255.255.255.0
EthIPv4GatewayAddress   (dot-notated IPv4 Address)                   :  172.16.20.254

Do you want to save and activate this system setup? (y/n): [n] y
System setup saved and activated.

Don’t worry about the time being incorrect we will rectify this later…
Log Msg: [Sat Jan 1 07:40:26.522 UTC 2000][C][8400.003C][Switch][Network setup is changing – may lose connection – admin being released automatically]
SN6000 FC Switch (admin) #>

2. Next up, changing the default admin password:

SN6000 FC Switch #>
SN6000 FC Switch #> admin start
SN6000 FC Switch (admin) #> passwd
Press ‘q’ and the ENTER key to abort this command.
account OLD password               : ********
account NEW password (8-20 chars)  :
please confirm account NEW password:
password has been changed.

SN6000 FC Switch (admin) #>

3. Setting the TimeZone, this is a pretty important step not only for future auditing and access control, but doing this now will avoid issues with certificate generation required for SSH connectivity.

SN6000 FC Switch #> admin start
SN6000 FC Switch (admin) #> set timezone
SN6000 FC Switch (admin) #>Europe/London

4. Setting up NTP

SN6000 FC Switch #> admin start
SN6000 FC Switch (admin) #> set setup system ntp
New Value (press ENTER to accept current value, ‘q’ to quit, ‘n’ for none):
NTPClientEnabled          (True / False)                                  :  true
NTPServerDiscovery      (1=Static, 2=Dhcp, 3=Dhcpv6)       :  1
NTPServerAddress        (hostname, IPv4, or IPv6 Address) :  Some NTP appliance IP address

5. Identify domain name servers
SN6000 FC Switch (admin) #> set setup system dns
A list of attributes with formatting and current values will follow. Enter a new value or simply press the ENTER key to accept the current value.

New Value (press ENTER to accept current value, ‘q’ to quit, ‘n’ for none):
DNSClientEnabled          (True / False)                :  true
DNSLocalHostname        (hostname)                   :  (enter switch name for example site # building # fabric# switch#)
DNSServerDiscovery      (1=Static, 2=Dhcp, 3=Dhcpv6) :  1
DNSServer1Address       (IPv4, or IPv6 Address)      :  172.16.100.1
DNSServer2Address       (IPv4, or IPv6 Address)      :  172.16.100.2
DNSServer3Address       (IPv4, or IPv6 Address)      :
DNSSearchListDiscovery  (1=Static, 2=Dhcp, 3=Dhcpv6) :  1
DNSSearchList1          (domain name)                :  vikernel.com
DNSSearchList2          (domain name)                :
DNSSearchList3          (domain name)                :
DNSSearchList4          (domain name)                :
DNSSearchList5          (domain name)                :
Do you want to save and activate this system setup? (y/n): [n] y
System setup saved and activated.

6. Enabling SSH

SN6000 FC Switch #> admin start
SN6000 FC Switch (admin) #> set setup services

TelnetEnabled       (True / False)        [True ]  Security best practice dictates that this should be disabled.
SSHEnabled          (True / False)       [False]  true
GUIMgmtEnabled      (True / False)   [True ]  true
SSLEnabled          (True / False)       [False]  true
EmbeddedGUIEnabled  (True / False)  [True ]  true
SNMPEnabled         (True / False)     [True ]  true
NTPEnabled          (True / False)       [False]  true
CIMEnabled          (True / False)       [True ]  true
FTPEnabled          (True / False)       [True ]  Security best practice dictates that this should be disabled, you will need to enable it for any future firmware upgrades.
MgmtServerEnabled   (True / False) [True ]  true
CallHomeEnabled     (True / False)  [True ]  unless you have this as a managed option from HP I recommend disabling this!

When enabling SSL, please verify that the date/time settings on this switch and the workstation from where the SSL connection will be started match, and then a new certificate may need to be created to ensure a secure connection to this switch.

7. Configure SSL Self Signed Certificate

SN6000 FC Switch (admin) #> create certificate
The current date and time is Jan 18 15:57:33 GMT 2014.  This is the time used to stamp onto the certificate.  Is the date and time correct? (y/n): [n] y
Certificate generation successful.

SN6000 FC Switch (admin) #>

8.  Setting Switch Stack Principality

The principal switch has the responsibility of assigning domain IDs in the fabric should a domain ID conflict occur. This is assuming that the domain ID’s are not locked on the switches. If the domain IDs are locked when a domain ID conflict occurs, the ISL between the switches will be forced to isolate.

Which switch is selected to be the principal switch in a SAN depends first upon the value set for the principal switch priority and second upon the WWN (World Wide Name) of the switch.
The principal switch priority are selectable values between 1 and 255 (1 being the highest priority). If the ‘principal switch priority’ is the same between the switches, the role of principal switch is given to the switch with the lowest WWN.
On HP SN6000H/QLogic switches, the current setting for the principal switch priority can be viewed through the use of the CLI ‘show config switch’ command.

SN6000 FC Switch #> show config switch
Configuration Name: default
——————-
Switch Configuration Information
——————————–
AdminState                 Online
BroadcastEnabled      True
InbandEnabled           True
FdmiEnabled              True
FdmiEntries                1000
DefaultDomainID       2 (0x2)
DomainIDLock           False
SymbolicName          SN6000 FC Switch
PrincipalPriority         254
ConfigDescription        Default Config
ConfigLastSavedBy      admin@OB-session4
ConfigLastSavedOn     Sat Jan  1 00:14:35 2000
InteropMode                 Standard

The principal switch priority is set by using the command line interface shell using the ‘set config switch’ command. The default setting is 254. It is **not** recommended that a value of 255 (the lowest priority) be used since this value will cause the switch to **never** attempt to be the principal switch which can be a problem should the switch ever be the only switch in the fabric.
Admin configured values:

For example a stack topology of 4 switches with 2 fabrics would look like this, generally you will have two independent fabrics, the values will look something like this:
Fabric 1 Switch 1                       10         Fabric 2 Switch 1
Fabric 1 Switch 2                       20         Fabric 2 Switch 2
Fabric 1 Switch 3                       30         Fabric 2 Switch 3
Fabric 1 Switch 4                       40         Fabric 2 Switch 4

SN6000 FC Switch #> admin start
SN6000 FC Switch (admin) #> config edit
The config named default is being edited.
SN6000 FC Switch (admin-config) #> set config switch

AdminState                 (1=Online, 2=Offline, 3=Diagnostics)   [Online          ]
BroadcastEnabled      (True / False)                         [True             ]
InbandEnabled           (True / False)                         [True             ]
FdmiEnabled              (True / False)                         [True             ]
FdmiEntries                (decimal value, 0-1000)         [1000            ]
DefaultDomainID        (decimal value, 1-239)           [4                  ]
DomainIDLock            (True / False)                         [False           ]
SymbolicName           (string, max=32 chars)           [SN6000 FC Switch]
PrincipalPriority          (decimal value, 1-255)            [254             ]  40
ConfigDescription      (string, max=64 chars)            [Default Config  ]

Finished configuring attributes.
This configuration must be saved (see config save command) and
activated (see config activate command) before it can take effect.
To discard this configuration use the config cancel command.

SN6000 FC Switch (admin-config) #> config save
The config named default has been saved.
SN6000 FC Switch (admin) #>

Verifying which switch has actually been selected as the principal switch can be done by checking the value (true or false) of PrincipalSwitchRole using the CLI command ‘show switch’.
SN6000 FC Switch #> show switch

Switch Information
——————
SymbolicName                     SN6000 FC Switch
SwitchWWN                         10:00:00:c0:12:34:55:aa
BootVersion                          V1.12.5.92.0 (Mon Nov  2 10:29:59 2009)
CreditPool                             0
DomainID                              1 (0x1)
FirstPortAddress                   010000
FlashSize – MBytes               256
LogFilterLevel                       Info
MaxPorts                               24
NumberOfResets                  6
ReasonForLastReset            PowerUp
ActiveImageVersion – build date   V8.0.14.3.0 (Fri Dec 16 22:50:58 2011)
PendingImageVersion – build date  V8.0.14.3.0 (Fri Dec 16 22:50:58 2011)
ActiveConfiguration               default
AdminState                            Online
AdminModeActive                  False
BeaconOnStatus                    False
OperationalState                    Online
PrincipalSwitchRole               True
POSTFaultCode                     00000000
POSTStatus                           Passed
TestFaultCode                        00000000
TestStatus                              NeverRun
BoardTemp (1) – Degrees Celsius   23
BoardTemp (2) – Degrees Celsius   22
BoardTemp (3) – Degrees Celsius   20
SwitchTemperatureStatus           Normal

SN6000 FC Switch #>

9.  Changing Switch Symbolic Name (For reference only – this serves no administrative function)

SN6000 FC Switch #> admin start
SN6000 FC Switch (admin) #> config edit
The config named default is being edited.

SN6000 FC Switch (admin-config) #> set config switch

AdminState                 (1=Online, 2=Offline, 3=Diagnostics)   [Online          ]
BroadcastEnabled      (True / False)                         [True            ]
InbandEnabled           (True / False)                         [True            ]
FdmiEnabled              (True / False)                         [True            ]
FdmiEntries                (decimal value, 0-1000)         [1000            ]
DefaultDomainID        (decimal value, 1-239)           [4               ]
DomainIDLock            (True / False)                         [False           ]
SymbolicName            (string, max=32 chars)          [site # building # fabric# switch#]
PrincipalPriority           (decimal value, 1-255)           [254             ]  40
ConfigDescription        (string, max=64 chars)          [Default Config  ]

Finished configuring attributes.
This configuration must be saved (see config save command) and
activated (see config activate command) before it can take effect.
To discard this configuration use the config cancel command.

SN6000 FC Switch (admin-config) #> config save
The config named default has been saved.
SN6000 FC Switch (admin) #>

10.  Changing the Switch negotiated domain ID (if necessary)

The domain ID is a unique Fibre Channel identifier for the switch. The Fibre Channel address consists of the domain ID, port ID, and the Arbitrated Loop Physical Address (ALPA). The maximum number of switches within a fabric is 239 with each switch having a unique domain ID.Switches come from the factory with the domain IDs unlocked. This means that if there is a domain ID conflict in the fabric, the switch with the highest principal priority, or the principal switch, will reassign any domain ID conflicts and establish the fabric. If you lock the domain ID on a switch and a domain ID conflict occurs, one of the switches will isolate as a separate fabric and the Logged-In LEDs on both switches will flash to show the affected ports. If you connect a new switch to an existing fabric with its domain ID unlocked, and a domain conflict occurs, the new switch will isolate as a separate fabric. However, you can remedy this by resetting the new switch or taking it offline then back online. The principal switch will reassign the domain ID and the switch will join the fabric
Administrative defined domain ID’s –

For example a stack topology of 4 switches with 2 fabrics would look like this:

Fabric 1 Switch 1                       1×1       Fabric 2 Switch 1
Fabric 1 Switch 2                       2×2       Fabric 2 Switch 2
Fabric 1 Switch 3                       3×3       Fabric 2 Switch 3
Fabric 1 Switch 4                       4×4       Fabric 2 Switch 4

SN6000 FC Switch #> admin start
SN6000 FC Switch (admin) #> config edit
The config named default is being edited.

SN6000 FC Switch (admin-config) #> set config switch

AdminState               (1=Online, 2=Offline, 3=Diagnostics)   [Online          ]
BroadcastEnabled    (True / False)                               [True            ]
InbandEnabled         (True / False)                               [True            ]
FdmiEnabled            (True / False)                               [True            ]
FdmiEntries              (decimal value, 0-1000)               [1000            ]
DefaultDomainID      (decimal value, 1-239)                 [              ]
DomainIDLock          (True / False)                               [False           ]
SymbolicName         (string, max=32 chars)                 [Fabric# Switch#]
PrincipalPriority        (decimal value, 1-255)                  [254             ]  40
ConfigDescription     (string, max=64 chars)                 [Default Config  ]

Finished configuring attributes.
This configuration must be saved (see config save command) and
activated (see config activate command) before it can take effect.
To discard this configuration use the config cancel command.

SN6000 FC Switch (admin-config) #> config save
The config named default has been saved.
SN6000 FC Switch (admin) #>

11.  Troubleshooting HTTP login issues

To prevent issues with logging into switch via http – make sure the SSL certificate is configured correctly. Check the time/date of the client computer against that of the switch, if NTP is not being enforced perform a hard reset then create a new certificate.

Perform a reboot of the switch:
SN6000 FC Switch (admin) #>hardreset

Then re-create a new SSL certificate:
SN6000 FC Switch (admin) #> create certificate

You should be gain access to the switch via a web browser now.

That’s pretty much it, shutdown the switches and proceed with stacking using either the copper 10-Gigabit/s XPAK or the XPAK LC optical connectors.

In subsequent post’s we’ll have a look at the HP StorageWorks Fabric Manager.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s