Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
What is SID LOCKDOWN ? When to use it ? 1
- Thread starter vptl
- Start date
-
1
- #2
when a node flogis into the fabric the fabric controller assigns a 3-byte S_ID/D_ID. This is in hex and for a Mcdata switch would take the form of 0x7C0D13 (Mcdata always ends in 13). the S_id contains info on the domain id the node has logged into (1st byte 7C) and the port it is logged into (2nd byte 0d), these are at offsets. By using S_Id lockdown you are tying the WWPN of the node to a particular S_Id, so that if someone tried spoofing your WWPN , they would have to plug into a different port and therefore have a different S_ID.
when I say offsets, what I mean is that with mcdata if you were to get the true domain id you would need to subtract 60hex from 7c and then convert the result to dec to find the true domain id (I believe a hangover from Mcdatas Escon switch days), with the port id you subtract 4 to get the correct port id. Brocade does things a bit differently, not sure if they use an offset or not. I think with the port they don't ut can't remember for the domain id .
- Status
