Languages

Qlogic firmware: Initiators won't recognize targets during setup in some versions

Initiators may not automatically recognize targets initially connected to a Qlogic 9000 or 5000 series switch. In Fibre switch terminology, hosts such as an Xserve or a Mac Pro workstation are known as initiators, while storage devices such as the Xserve RAID are known as targets.

Section 1: Discussion

QLogic has traditionally configured switches with an 'open' policy, That is, everything plugged into the switch was automatically a member of a shared orphan zone. An "orphan zone" allows any device, whether target or initiator, that is plugged into the switch, to be visible to every other device plugged into the switch.

The QLogic SANbox 9000-series switch with firmware version 6.6.x or later and the Qlogic SANbox 5000 series switch with firmware version 6.8 or later, unlike previous Qlogic switches, do not have an orphan zone available by default. As a result, by default, no device has visibility to any other device connected to the switch until the switch is configured to have a zone or zones.

Section 2: Types of zones

Subsection 1: Orphan zone
An orphan zone, which allows every device connected to the switch to communicate with every other device on the switch, is inherently insecure. However, this type of zone is sufficient to address the security concerns of sites that intend to allow initiators full access to all targets.

To configure an Orphan Zone, follow these steps:

  1. Open Terminal and issue the following command:
    $ telnet IP_Address

    Replace IP_Address with the IP address assigned to the switch's Ethernet port. If you are not certain which IP Address is assigned to the switch, reference the Qlogic Installation Guide, downloadable from Qlogic's website.
     
  2. Provide the login and password when prompted. If you are not certain which administrator name and password is assigned to the switch, reference the Qlogic Installation Guide, which is downloadable from the Qlogic website.
     
  3. Issue to following commands:
    > admin start
    > config edit
    > set config zoning


    After running this command, an interactive mode will begin. Select the following values to create an orphan zone:
    • InteropAutoSave: Set this value to True.
    • DefaultZone: Set this value to True.
    • DiscardInactive: Set this value to False.
    • Implicit Hard Zoning: Set this value to False.
  4. Enter these last two commands:
    > config save
    > config activate

This completes the creation and activation of an orphan zone.

Subsection 2: Security Zones
If it is necessary to control which specific initiators will have access to specific targets while excluding access to specific targets by specific initiators, zones need to be created. By default, the Qlogic 9000 and 5000 series switches are configured to offer maximum security by restricting communications between all initiators and targets. An administrator's manual intervention is required to define which switch ports will be provided with or excluded from access to one another. For instructions on configuring zones, reference Qlogic's QuickTools Switch Management User Guide or the Enterprise Fabric Suite 2007 User Guide, which are downloadable from Qlogic's website.

Important: Mention of third-party websites and products is for informational purposes only and constitutes neither an endorsement nor a recommendation. Apple assumes no responsibility with regard to the selection, performance or use of information or products found at third-party websites. Apple provides this only as a convenience to our users. Apple has not tested the information found on these sites and makes no representations regarding its accuracy or reliability. There are risks inherent in the use of any information or products found on the Internet, and Apple assumes no responsibility in this regard. Please understand that a third-party site is independent from Apple and that Apple has no control over the content on that website. Please contact the vendor for additional information.
Last Modified: Jun 4, 2009
Helpful?
Yes
No
  • Last Modified: Jun 4, 2009
  • Article: HT3594
  • Views:

    3155
  • Rating:
    • 100.0

    (1 Responses)

Additional Product Support Information

Start a Discussion
in Apple Support Communities
See all questions on this article See all questions I have asked