Brocade Fabric OS Encryption Administrator's Guide Supporting Fabric OS v6.2.0 (53-1001201-04, May 2009)
138 Encryption Administrator’s Guide
53-1001201-04
CryptoTarget container configuration
3
NOTE
It is recommended you complete the encryption group and HA cluster configuration before
configuring the CryptoTarget containers.
Frame redirection
Name Server-based frame redirection enables the Brocade encryption switch or blade to be
deployed transparently to hosts and Targets in the fabric.
NS-based frame redirection is enabled as follows:
• You first create a zone that includes host (H) and target (T). This may cause temporary traffic
disruption to the host.
• You then create a CryptoTarget container for the target and configure the container to allow
access to the initiator.
• When you commit the transaction, a special zone called a “redirection zone” is generated
automatically. The redirection zone includes the host (H), the virtual target (VT), the virtual
initiator (VI), and the target (T).
• When configuring multi-path LUNs do not commit the CryptoTarget container configuration
before you have performed the following steps in sequence to prevent data corruption. Refer
to the section “Configuring a multi-path Crypto LUN” on page 152 for more information.
• Complete all zoning for ALL hosts that should gain access to the targets.
• Complete the CryptoTarget container configuration for ALL target ports in sequence,
including adding the hosts that should gain access to these targets.
Host-target zoning must precede any CryptoTarget configuration.
NOTE
To enable frame redirection, the host and target edge switches must run Fabric OS v6.1.1 and
Fabric OS v5.3.1.b or later firmware to ensure host and target connectivity with legacy platforms. In
McDATA fabrics, the hosts and the switches hosting the targets require firmware versions M-EOSc
9.8 and M-EOSn 9.8. Only the M6140, M4700F, McDATA 4400, and the Brocade Intrepid 10000
support frame redirection. Refer to Appendix E, Table 25 on page 223 for more information.