Manualshelf

Technical data

ManualsBrandsBrocade Communications Systems ManualsGadgets1606
41424344454647484950
28 Fabric OS FCIP Administrator’s Guide
53-1002474-01
Compression options
2
Compression options
The following compression options are available on both the 7800 switch and the FX8-24 blade.
Compression is defined on the FCIP tunnel.
Standard - This is a hardware compression mode.
Moderate - This is a combination of hardware and software compression that provides more
compression than hardware compression alone. This option supports up to 8 Gbps of FC
traffic.
Aggressive - This is software-only compression that provides a more aggressive algorithm than
used for the standard and moderate options. This option supports up to 2.5 Gbps of FC traffic.
Auto - This allows the system to set the best compression mode based on the tunnel’s
configured bandwidth and the bandwidth of all tunnels in the system.
NOTE
Fibre Channel throughput for aggressive and moderate mode is dependent on the compression ratio
for the data pattern.
Follow the guidelines for assigning explicit compression levels for tunnels in Table 6.
IPsec implementation over FCIP tunnels
Internet Protocol security (IPsec) uses cryptographic security to ensure private, secure
communications over Internet Protocol networks. IPsec supports network-level data integrity, data
confidentiality, data origin authentication, and replay protection. It helps secure your SAN against
network-based attacks from untrusted computers.
The following describes the sequence of events that invokes the IPsec protocol.
1. IPsec and Internet Key Exchange (IKE) policies are created and assigned on peer switches or
blades on both ends of the FCIP tunnel.
2. Traffic from an IPsec peer with the lower local IP address initiates the IKE negotiation process.
3. IKE negotiates security association (SA) parameters, setting up matching SAs in the peers.
Some of the negotiated SA parameters include encryption and authentication algorithms,
Diffie-Hellman key exchange, and SA lifetimes.
4. Data is transferred between IPsec peers based on the IPsec parameters and keys stored in the
SA database.
5. SA lifetimes terminate through deletion or by timing out. An SA lifetime equates to
approximately two billion frames of traffic passed through the SA.
TABLE 6 Assigning compression levels
Total effective tunnels bandwidth Compression level
Equal to or Less than 512 Mbps Aggressive
More than 512 and less than or equal to 2 Gbps Moderate
More than 2 Gbps Standard