Node is a group leader node, Node is a member node – Brocade Fabric OS Encryption Administrator’s Guide Supporting RSA Data Protection Manager (DPM) Environments (Supporting Fabric OS v7.2.0) User Manual
Page 152
132
Fabric OS Encryption Administrator’s Guide (DPM)
53-1002922-01
Configuring cluster links
3
DHCP: Off
eth0: 10.33.54.208/20
eth1: none/none
Gateway: 10.33.48.1
NOTE
The IP address of the cluster link should be configured before enabling the encryption engine for
encryption. If the IP address is configured after the encryption engine is enabled for encryption, or
if the IP address of the cluster link ports is modified after the encryption engine is enabled for
encryption, the encryption switch must be rebooted, and the encryption blade must be powered off
and powered on (slotpoweroff/slotpoweron) for the IP address configuration to take effect. Failure
to do so will result in the rekey operation not starting in the encryption group or high availability (HA)
cluster.
IP Address change of a node within an encryption group
Modifying the IP address of a node that is part of an encryption group is disruptive in terms of
cluster operation. The change causes the encryption group to split, and if the node was part of an
HA cluster, failover/failback capability is lost. The ipAddrSet command issues no warning and you
are not prevented from changing a node IP address that is part of a configured encryption group or
HA cluster. The recommended steps for modifying the IP address of a node are provided below. the
procedures are based on whether the node is a group leader or a member node.
Node is a group leader node
1. Log in to the group leader as Admin or SecurityAdmin.
2. Reboot the encryption switch/DCX Backbone chassis (both active and standby central
processors) so the existing group leader fails over and one of the member nodes assumes the
role of group leader.
a. If the Encryption Group (EG) is not a single node EG, reboot the encryption switch/DCX
Backbone chassis (both active and standby central processors) so the existing group
leader fails over and one of the member nodes assumes the role of group leader.
b. If the node is a single node EG, complete the following steps:
1. Delete the encryption group.
2. Change the IP of the switch.
3. Create the encryption group.
3. After the encryption group is converged, complete the steps noted in
Node is a member node
1. Log in to the group leader as Admin or SecurityAdmin.
2. Eject and deregister the node from the encryption group.
3. Change the IP address of the member node using the new IP address.