Brocade Network OS NETCONF Operations Guide v4.1.1 Manuale Utente Pagina 219
- Pagina / 622
- Indice
- SEGNALIBRI
Valutato. / 5. Basato su recensioni clienti
Network OS NETCONF Operations Guide 187
53-1003231-02
Command access rules
15
Configuration examples
The following configuration examples illustrate the step-by-step configuration of two frequently
used administrative accounts: Brocade VCS Fabric security administrator, and FCoE Fabric
administrator.
Configuring a Brocade VCS Fabric security administrator account
The following example create a role for a Brocade VCS Fabric security administrator, creates a user
account and associates it with the newly created role, and creates rules to specify the RBAC
permissions for the NetworkSecurityAdmin role.
This example grants the secAdminUser account access to the configuration-level commands role,
rule, username, aaa, and radius-server. Any account associated with the NetworkSecurityAdmin
role can now create and modify user accounts, manage roles, and define rules. In addition, the role
permits configuring a RADIUS server and setting the login sequence.
<?xml version="1.0" encoding="UTF-8"?>
<rpc message-id="815" xmlns="urn:ietf:params:xml:ns:netconf:base:1.0">
<edit-config>
<target>
<running/>
</target>
<config>
<role xmlns="urn:brocade.com:mgmt:brocade-aaa">
<name>
<name>NetworkSecurityAdmin</name>
<desc>Manages security</desc>
</name>
</role>
<username xmlns="urn:brocade.com:mgmt:brocade-aaa">
<name>secAdminUser</name>
<role>NetworkSecurityAdmin</role>
<user-password>testpassword</user-password>
</username>
<rule xmlns="urn:brocade.com:mgmt:brocade-aaa">
<index>30</index>
<action>accept</action>
<operation>read-write</operation>
<role>NetworkSecurityAdmin</role>
<command>
<enumList>role</enumList>
</command>
</rule>
<rule xmlns="urn:brocade.com:mgmt:brocade-aaa">
<index>31</index>
<action>accept</action>
<operation>read-write</operation>
<role>NetworkSecurityAdmin</role>
<command>
<enumList>rule</enumList>
</command>
</rule>
<rule xmlns="urn:brocade.com:mgmt:brocade-aaa">
<index>32</index>
<action>accept</action>
<operation>read-write</operation>
<role>NetworkSecurityAdmin</role>
- Network OS 1
- Document History 2
- Contents (High Level) 3
- Contents (Detailed) 5
- Chapter 7 SNMP 8
- Chapter 8 Fabric 8
- Chapter 9 Metro VCS 8
- Chapter 13 VMware vCenter 10
- Chapter 19 Configuring AMPP 12
- Chapter 21 Configuring VLANs 13
- Chapter 22 Configuring VXLANs 14
- Chapter 25 Configuring UDLD 15
- Chapter 27 Configuring LLDP 16
- Chapter 28 Configuring ACLs 16
- Chapter 29 Configuring QoS 17
- Chapter 31 Configuring sFlow 18
- Chapter 32 IP Route Policy 18
- Chapter 34 Configuring OSPF 19
- Chapter 35 Configuring VRRP 19
- Section V Appendixes 20
- About This Document 27
- Document conventions 29
- Notes, cautions, and warnings 30
- Key terms 30
- Notice to the reader 31
- Additional information 31
- Getting technical help 32
- Document feedback 32
- Network OS Administration 33
- NETCONF Overview 35
- RPC request 37
- RPC reply 37
- RPC and error handling 38
- SSH subsystem 38
- RFC references 38
- NETCONF support in Network OS 39
- Basic NETCONF Operations 41
- Server capabilities 42
- Retrieving configuration data 43
- Subtree filtering 44
- Retrieving operational data 47
- Editing the configuration 50
- Managing the configuration 51
- Basic Switch Management 55
- Connecting to the switch 56
- Switch attributes 56
- Setting host attributes 57
- Rebooting a Brocade switch 59
- Replacing an interface module 61
- Configuring a switch banner 64
- </copy> 69
- </rpc-reply> 69
- Syslog server setup 70
- Adding syslog servers 71
- Removing a syslog server 74
- RASlog configuration 75
- Audit log configuration 77
- Network Time Protocol 79
- Time zone settings 80
- Evaluating a firmware upgrade 91
- ATTENTION 92
- Administering Licenses 97
- Obtaining a license key 98
- Reserving a port assignment 100
- 53-1003231-02 101
- In this chapter 105
- SNMP community strings 106
- Obtaining SNMP user names 108
- SNMP server hosts 109
- Removing the SNMP server host 111
- Enabling VCS Fabric mode 118
- Disabling VCS Fabric mode 118
- Enabling a fabric ISL 119
- Enabling a fabric trunk 120
- Disabling a fabric trunk 121
- Priorities 122
- Fabric ECMP load balancing 126
- Metro VCS 129
- Disabling a fabric ISL 130
- Administering Zones 133
- Default zoning access modes 134
- Zone database size 135
- Zone aliases 136
- Deleting an alias 141
- Zoning information 142
- Zone creation and management 147
- Adding a member to a zone 148
- Removing a member from a zone 149
- Deleting a zone 150
- Zone configuration management 151
- Enabling a zone configuration 154
- Deleting a zone configuration 155
- Zone configuration scenario 160
- • Cfg1 containing ZoneA only 161
- Compression 166
- Enabling a Fibre Channel port 168
- System Monitor Configuration 175
- FRU monitoring 176
- Alert notifications 180
- Configuring e-mail alerts 181
- To change the domain name: 183
- Resource monitoring 184
- Configuring CPU monitoring 185
- Security monitoring 186
- Interface monitoring 189
- Pausing interface monitoring 192
- VMware vCenter 195
- Step 2: Enabling CDP/LLDP 196
- Activating the vCenter 197
- Configuring Remote Monitoring 199
- Managing User Accounts 205
- Parameter Description 206
- Creating a user account 207
- Disabling a user account 209
- Deleting a user account 210
- Unlocking a user account 210
- Role-based access control 211
- User-defined roles 212
- Command access rules 214
- Rule processing 215
- Adding a rule 216
- Changing a rule 217
- Deleting a rule 217
- Verifying a rule 218
- Configuration examples 219
- Password policies 221
- Password encryption policy 222
- Account lockout policy 224
- Managing password policies 226
- Security event logging 228
- Login authentication mode 230
- TACACS+ servers 241
- TACACS+ accounting 243
- Enabling command accounting 244
- Disabling accounting 246
- Server authentication 247
- Deleting CA certificates 248
- FIPS compliance 249
- Active Directory groups 251
- Fabric Authentication 255
- Removing shared secrets 257
- Creating a defined SCC policy 260
- Modifying the SCC policy 261
- Activating the SCC policy 261
- Removing the SCC policy 263
- Edge-loop detection overview 267
- Configuring AMPP 273
- 7. Activate the profile 275
- Configuring VLAN profiles 276
- 3. Activate the profile 278
- Configuring FCoE profiles 281
- Configuring QoS profiles 282
- Configuring security profiles 286
- Deleting a port-profile 289
- Deleting a subprofile 291
- Deleting a port-profile-port 297
- Configuring FCoE Interfaces 303
- Configuring FCoE interfaces 304
- Obtaining FCoE status 307
- Configuring VLANs 309
- Creating a VLAN interface 312
- Enabling STP on a VLAN 312
- Disabling STP on a VLAN 314
- • Enables the interface 317
- • Specifies trunk mode 317
- Obtaining VLAN information 326
- Private VLANs 330
- Configuring a private VLAN 331
- Displaying PVLAN information 333
- Configuring VXLANs 335
- Displaying VXLAN information 341
- Configuring Virtual Fabrics 343
- • Primary VLAN 344
- • Isolated VLAN 344
- • Community VLAN 345
- Configuring MAC groups 358
- Transport service 359
- Configuring STP 362
- Configuring RSTP 364
- Configuring MSTP 367
- Specifying a link type 397
- Specifying the port priority 399
- Enabling spanning tree 403
- Disabling spanning tree 404
- Configuring UDLD 405
- Disabling UDLD 407
- Retrieving UDLD statistics 407
- Configuring Link Aggregation 409
- TABLE 12 Load balance flavor 415
- Configuring LLDP 421
- • <management-address> 428
- • <port-description> 428
- • <system-capabilities> 428
- • <adv-tlv-system-name> 428
- Configuring iSCSI priority 430
- Configuring LLDP profiles 430
- <edit-config> 431
- <target> 431
- <running/> 431
- (more interfaces go here) 434
- Deleting an LLDP profile 435
- Configuring ACLs 437
- Modifying MAC ACL rules 443
- Removing a MAC ACL 444
- Configuring QoS 453
- Rewriting 454
- Queueing 454
- Verifying QoS trust 455
- DSCP values User priority 460
- Verifying DSCP trust 461
- Creating a DSCP mutation map 462
- Traffic class mapping 469
- Mapping DSCP-to-Traffic-Class 473
- Congestion control 477
- Configuring CoS thresholds 478
- Random Early Detection 479
- Ethernet Pause 480
- Enabling Ethernet Pause 481
- Enabling Ethernet PFC 482
- Multicast rate limiting 483
- Configuring BUM storm control 484
- Scheduling 485
- Multicast queue scheduling 486
- Creating a CEE map 487
- Defining a priority-table map 489
- Verifying the CEE maps 490
- Brocade VCS Fabric QoS 491
- Port-based Policier 493
- Configuring the policy map 496
- Policy maps 499
- Class maps 500
- Priority maps 501
- Configuring Auto-QOS 502
- Disabling 802.1x globally 507
- 802.1x readiness check 508
- Configuring sFlow 517
- Flow-based sFlow 521
- Deleting a SPAN session 530
- SPAN in management cluster 531
- Configuring RSPAN 532
- VLAN 1010 as the destination 534
- IP Route Policy 537
- Configuring a route map 538
- IP Route Management 545
- Other routing operations 548
- Enabling IP load sharing 549
- Configuring OSPF 551
- OSPF over VRF 552
- OSPF in a VCS environment 552
- OSPF configuration rules 555
- Enabling OSPF on the router 556
- Disabling OSPF on the router 556
- Assigning OSPF areas 557
- Assigning virtual links 562
- Changing other settings 564
- Configuring VRRP 565
- Configuring the master router 567
- Configuring the backup router 569
- Enabling preemption 571
- Configuring VRF 585
- Enabling VRRP for VRF 588
- Configuring BGP 589
- Enabling BGP on an RBridge 590
- Disabling BGP on an RBridge 590
- Configuring BGP global mode 591
- Configuring IGMP 595
- Monitoring IGMP snooping 598
- Configuring DHCP Relay 599
- Appendixes 603
- Managing NETCONF 605
- • Capabilities 606
- • Datastores 606
- • Schemas 606
- • Sessions 606
- • Statistics 606
- Numerics 609
Prodotti e manuali riguardandi Accessori per computer Brocade Network OS NETCONF Operations Guide v4.1.1
Accessori per computer Brocade VDX 6730 QuickStart Guide (Supporting VDX 6730-32 Manuale Utente
(12 pagine)
(12 pagine)
Accessori per computer Brocade VDX 8770-8 Two-Post Flush and Mid-Mount Rack Kit I Manuale Utente
(8 pagine)
(8 pagine)
Accessori per computer Brocade VDX 6730 Hardware Reference Manual (Supporting VDX Manuale Utente
(90 pagine)
(90 pagine)
Accessori per computer Brocade VDX 8770-8 Four-Post Flush and Recessed Mount Rack Manuale Utente
(10 pagine)
(10 pagine)
Accessori per computer Brocade VDX 8770-4 Two-Post Flush and Mid-Mount Rack Kit I Manuale Utente
(10 pagine)
(10 pagine)
Accessori per computer Brocade VDX 8770-4 Four-Post Flush Mount Rack Kit Installa Manuale Utente
(8 pagine)
(8 pagine)
Accessori per computer Brocade VDX 8770-4 Four-Post Flush and Recessed Mount Inta Manuale Utente
(24 pagine)
(24 pagine)
Accessori per computer Brocade Universal Two-Post Rack Kit Installation Procedure Manuale Utente
(1 pagine)
(1 pagine)
Accessori per computer Brocade Universal Four Post Rack Kit Installation Procedur Manuale Utente
(20 pagine)
(20 pagine)
Accessori per computer Brocade VDX 6740 Hardware Reference Manual (Supporting VDX Manuale Utente
(78 pagine)
(78 pagine)
Accessori per computer Brocade 6910 Ethernet Access Switch MIB Reference Manuale Utente
(102 pagine)
(102 pagine)
(84 pagine)© 2020, manymanuals.it. Tutti i diritti riservati | 0.044 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commenti su questo manuale