Manualshelf

Brocade Fabric OS Encryption Administrator's Guide v6.3.0 (53-1001341-02, July 2009)

ManualsBrandsHP ManualsStorageHP Encryption SAN Switch
12345678910
x Encryption Administrator’s Guide
53-1001341-02
Turn off compression on extension switches . . . . . . . . . . . . . . . . .158
Re-keying best practices and policies . . . . . . . . . . . . . . . . . . . . . . .159
Manual re-key. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .159
Latency in re-key operations . . . . . . . . . . . . . . . . . . . . . . . . . . .159
Allow re-key to complete before deleting a container . . . . . . .159
Re-key operations and firmware upgrades . . . . . . . . . . . . . . .159
Do not change LUN configuration while re-keying. . . . . . . . . .160
Brocade native mode in LKM installations . . . . . . . . . . . . . . .160
Recommendation for Host I/O traffic during
online rekeying and first time encryption. . . . . . . . . . . . . . . . .160
Changing IP addresses in encryption groups . . . . . . . . . . . . . . . . .160
Disabling the encryption engine . . . . . . . . . . . . . . . . . . . . . . . . . . .160
Recommendations for Initiator Fan-Ins . . . . . . . . . . . . . . . . . . . . . .161
Best practices for host clusters in an encryption environment . . .162
HA Cluster Deployment Considerations and Best Practices . . . . .162
Chapter 6 Maintenance and Troubleshooting
In this Chapter. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .163
Encryption group and HA cluster maintenance. . . . . . . . . . . . . . . .163
Removing a node from an encryption group . . . . . . . . . . . . . .163
Deleting an encryption group . . . . . . . . . . . . . . . . . . . . . . . . . .165
Removing an HA cluster member . . . . . . . . . . . . . . . . . . . . . . .166
Displaying the HA cluster configuration . . . . . . . . . . . . . . . . . .166
Replacing an HA cluster member . . . . . . . . . . . . . . . . . . . . . . .167
Deleting an HA cluster member . . . . . . . . . . . . . . . . . . . . . . . .170
Performing a manual failback of an encryption engine . . . . .170
Encryption group merge and split use cases. . . . . . . . . . . . . . 171
Configuration impact of encryption group
split or node isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
General encryption troubleshooting using the CLI . . . . . . . . . . . . .177
Troubleshooting examples using the CLI. . . . . . . . . . . . . . . . . . . . .179
Encryption Enabled Crypto Target LUN. . . . . . . . . . . . . . . . . . .179
Encryption Disabled Crypto Target LUN . . . . . . . . . . . . . . . . . .180
Management application encryption wizard troubleshooting . . . .181
Errors related to adding a switch to an existing group . . . . . . . . . .181
Errors related to adding a switch to a new group . . . . . . . . . .182
General errors related to the Configure Switch Encryption
wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .184
LUN policy troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185
Loss of encryption group leader after power outage . . . . . . . . . . .186
MPIO and internal LUN states . . . . . . . . . . . . . . . . . . . . . . . . . . . . .187
Suspension and resumption of re-keying operations . . . . . . .187