Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 212

Advertising
background image

194

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

Configuring a multi-path Crypto LUN

3

b. Add the same LUN to the CryptoTarget container CTC2. Use exactly the same LUN state

and policy settings that you used for the LUN added to CTC1.

FabricAdmin:switch> cryptocfg --add -LUN CTC2 0 <Host Port1 WWN> \
<Host NWWN> -lunstate cleartext -encryption_format native -encrypt \
-enable_encexistingdata -enable_rekey 10

NOTE

The LUN policies must be exactly the same on both CTC1 and CTC2. Failure to do so results in
undefined behavior and data corruption.

6. Validate the LUN policies for all containers. Display the LUN configuration for ALL CryptoTarget

containers to confirm that the LUN policy settings are the same for all CryptoTarget containers.

FabricAdmin:switch> cryptocfg --show -LUN CTC1 0 <Host Port1 WWN> -cfg
FabricAdmin:switch> cryptocfg --show -LUN CTC2 0 <Host Port2 WWN> -cfg

Example:

FabricAdmin:switch> cryptocfg --show -LUN cx320-157A 0x1
10:00:00:00:c9:56:e4:7b -cfg
EE node: 10:00:00:05:1e:40:4c:00
EE slot: 9
Target: 50:06:01:60:30:20:db:34 50:06:01:60:b0:20:db:34
VT: 20:00:00:05:1e:53:8d:cd 20:01:00:05:1e:53:8d:cd
Number of host(s): 1
Configuration status: committed
Host: 10:00:00:00:c9:56:e4:7b 20:00:00:00:c9:56:e4:7b
VI: 20:02:00:05:1e:53:8d:cd 20:03:00:05:1e:53:8d:cd
LUN number: 0x1
LUN type: disk
LUN CFG state: encrypted
Encryption mode: encrypt
Encryption format: native
Encrypt existing data: disabled
Rekey: enabled
Key ID: not available
New LUN: No
Key life: 30 (days) 0 (minutes)
Operation succeeded.

7. Commit the LUN configuration.

FabricAdmin:switch> cryptocfg --commit

Make sure the LUNs in previously committed LUN configurations and LUN modifications have a
LUN state of Encryption Enabled before creating and committing another batch of LUN
configurations or modifications.

NOTE

A maximum of 25 disk LUNs can be added or modified in a single commit operation. The
maximum commit for tape LUNs is eight. Attempts to commit configurations or modifications
that exceed the maximum commit allowed will fail with a warning. There is a five-second delay
before the commit operation takes effect.

Advertising
Popular Brands
Popular manuals