The fcconfig tool allows for controlling access to a VTL over the FC interface. Using the fcconfig tool rules can added to specify the host WWPN or GUID that can or cannot access a VDisk. Staring from 3.0.31 rules can be configured from the GUI described later in this document

To add a rule

/quadstorvtl/bin/fcconfig -a -v <VTL Name> -r <allow|disallow> -w <wwpn> -t <target wwpn>

For example

/quadstorvtl/bin/fcconfig -a -v FOO -r allow -w f0:f1:f2:f3:f4:f5:f6:f7 -t e0:e1:e2:e3:e4:e5:e6:e7

In the above example VTL FOO (autoloader and drives) is allowed access for a host with WWPN f0:f1:f2:f3:f4:f5:f6:f7 through the local HBA port e0:e1:e2:e3:e4:e5:e6:e7. The WWPN expected is a 23 character string. WWPN can be specified in upper case hexadecimal also. For example F0:F1:F2:F3:F4:F5:F6:F7

To delete the above rule

/quadstorvtl/bin/fcconfig -x -v FOO -r allow -w f0:f1:f2:f3:f4:f5:f6:f7 -t e0:e1:e2:e3:e4:e5:e6:e7

To list all existing rules

/quadstorvtl/bin/fcconfig -l

Examples

/quadstorvtl/bin/fcconfig -a -r disallow : Disallow access to all VTLs over the FC interface
/quadstorvtl/bin/fcconfig -a -r allow : Allow access to all VTLs over the FC interface
/quadstorvtl/bin/fcconfig -a -r disallow -w f0:f1:f2:f3:f4:f5:f6:f7 : Disallow access to all VTLs for WWPN f0:f1:f2:f3:f4:f5:f6:f7
/quadstorvtl/bin/fcconfig -x -r disallow : Delete all disallow rules
/quadstorvtl/bin/fcconfig -x -w   f0:f1:f2:f3:f4:f5:f6:f7  : Delete all rules for  WWPN  f0:f1:f2:f3:f4:f5:f6:f7
/quadstorvtl/bin/fcconfig -a -r allow -w f0:f1:f2:f3:f4:f5:f6:f7 -t e0:e1:e2:e3:e4:e5:e6:e7 -v FOO : Allow access to VTL FOO for host WWPN f0:f1:f2:f3:f4:f5:f6:f7 through incoming FC port e0:e1:e2:e3:e4:e5:e6:e7 

Rules can be combined. For example

/quadstorvtl/bin/fcconfig -a -r disallow
/quadstorvtl/bin/fcconfig -a -r allow -v FOO

The above two rules combined specify that access to only VTL FOO is allowed over the FC interface. It should be noted that without an explicit disallow access isn't restricted. For example if '/quadstorvtl/bin/fcconfig -a -r disallow' is not specified, other VDisks are still accessible.

Rule priority

For a given client WWPN an exact rule match for that WWPN and the target VTL is searched. If found that rule applies. Else the following matches are searched for with the first match in the following order being the rule to apply

  1. Rule matching the client WWPN
  2. Rule matching the target VTL
  3. Rule which applies to any WWPN

Rule matching the client WWPN

Rule matching the target VTL

Rule which applies to any WWPN

Rule which applies to any VTL

If there are no rule matches then access to the virtual tape library is considered allowed for the incoming client WWPN

Target Port Configuration

By default all HBA ports in the VTL have both initiator-mode and target-mode enabled. To change this click on "Access Management" All WWPNs detected for the HBA ports are show as seen in the figure below

Target Port Configuration

Click on "Modify" for any port whose mode needs to be changed and in the next page show select the desired mode - Target, Initiator or Dual and click on Submit to change the mode

FC access rule configuration

New rules can be added or deleted from the GUI. Click on "Access Management" and scroll to the "FC Access Rules" section. To add a rule add a rule click on "Add Rule". In the form shown in the next page

  • WWPN: This is the incoming host port WWPN Target
  • WWPN: Select "All" if the rule applies to all target ports (the HBA port on which the SCSI command will be received by the VTL) or select a specific WWPN from the list
  • Rule: Allow or Disallow/Deny
  • VTL Name: The name of the VTL
  • Drive ID: Values are 0: The rule applies to the entire VTL, both medium changer and drives 65535: Rule applies to the medium changer only 1 onwards: Rule applies to the drive only. Drives are numbered starting from 1 for each VTL.
Click on Submit to add the rule. Click on the delete icon to delete an existing rule

Host alias

In order to identify hosts by name rather than by WWPN in a rule, an alias can be specified. To add an alias, click on "Add Host" and in the next page shown specify the WWPN of the incoming host and an alias for the host. The alias can contain only characters a-z or A-Z or 0-9