The following example shows a zone in the active zone set for a VSAN. This is the basic programming that
exists on an interface because of Hard zoning.
zone1
member host (FCID 0x010001)
member target1 (FCID 0x010002)
In such a scenario, the following is the ACL programming:
fc1/1 - Host interface
Entry# Source ID Mask Destination ID Mask Action
1 010001 ffffff 010002(target1) ffffff Permit
2 000000 000000 000000 000000 Drop
fc1/2 - Target1 interface
Entry# Source ID Mask Destination ID Mask Action
1 010002 ffffff 010001(Host) ffffff Permit
2 000000 000000 000000 000000 Drop
In addition to what is provided here, additional programming exists.
Note
The mask indicates which parts of the FCIDs are matched with the input frame. So, when there is a mask
0xffffff, the entire FCID is considered when matching it to the ACL entry. If the mask is 0x000000, none of
it is considered because, by default, it will match all the FCIDs.
In the above programming example, note that when a frame is received on fc1/1, and if it has a source ID(FCID)
of 0x010001(the host) and a destination ID(FCID) of 0x010002(Target1), it will be permitted and routed to
the destination. If it is any other end-to-end communication, it will be dropped.
The following example shows another scenario where zoning is changed:
zone1
member host (FCID 010001)
member target1 (FCID 010002)
member target2 (FCID 010003)
member target3 (FCID 010004)
In such a scenario, the following is the ACL programming:
Cisco MDS 9000 Series Fabric Configuration Guide, Release 8.x
139
Configuring and Managing Zones
Zoning Types
To Next Page
Loading...
Need help?
General
