Database Merge Guidelines
Database Merge Guidelines
A database merge refers to a union of the configuration database and static (unlearned) entries in the active
database.
When merging the database between two fabrics, follow these guidelines:
• Verify that the activation status and the auto-learning status is the same in both fabrics.
• Verify that the combined number of configurations for each VSAN in both databases does not exceed 2
Caution
If you do not follow these two conditions, the merge will fail. The next distribution will forcefully synchronize
the databases and the activation states in the fabric.
Database Interaction
The following table lists the differences and interaction between the active and configuration databases.
Table 22: Active and Configuration Port Security Databases
Active Database
Read-only.
Saving the configuration only saves the activated entries.
Learned entries are not saved.
Once activated, all devices that have already logged into
the VSAN are also learned and added to the active database.
You can overwrite the active database with the configured
database by activating the port security database. Forcing
an activation may violate the entries already configured in
the active database.
Note
You can overwrite the configuration database with the active database using the port-security database copy
vsan command. The port-security database diff active vsan command in EXEC mode lists the differences
between the active database and the configuration database.
This section includes the following topics:
Cisco MDS 9000 Series Security Configuration Guide, Release 8.x
240
K.
Configuring Port Security
Configuration Database
Read-write.
Saving the configuration saves all the entries in
the configuration database.
Once activated, the configuration database can
be modified without any effect on the active
database.
You can overwrite the configuration database
with the active database.