Deployment as part of an edge fabric – Brocade Fabric OS Encryption Administrator’s Guide Supporting Key Management Interoperability Protocol (KMIP) Key-Compliant Environments (Supporting Fabric OS v7.1.0) User Manual

Page 240

Advertising
background image

222

Fabric OS Encryption Administrator’s Guide (KMIP)

53-1002747-02

Deployment as part of an edge fabric

4

Deployment as part of an edge fabric

In this deployment, the encryption switch is connected to either the host or target edge fabric. The
backbone fabric may contain a 7800 extension switch or FX8-24 blade in a DCX or DCX 8510
Backbone, or an FCR-capable switch or blade. The encryption resources of the encryption switch
can be shared with the other edge fabrics using FCR in the backbone fabric (

Figure 128

).

.

FIGURE 128

Encryption switch as part of an edge fabric

The following is a summary of steps for creating and enabling the frame redirection features in the
FCR configuration (edge to edge):

The encryption device creates the frame redirection zone automatically, consisting of host,
target, virtual target, and virtual initiator. when the target and host are configured on the
encryption device. In

Figure 128

, the encryption device is connected to the host edge fabric.

Create the frame redirection one consisting of host, target, virtual target, and virtual initiator in
the target edge fabric. The CLI command is zone

--

rdcreate [host wwn] [target wwn] [VI wwn]

[VT wwn][nonrestartable] [noFCR]. Always specify nonrestartable as policy for creating
redirection zones in case of the encryption device. The VI and VT port WWNs can be obtained
by running the cryptocfg

--

show

-

container <crypto container name>

-

cfg command on the

encryption switch or blade. After the redirection zones are created, commit the configuration
with the cfgsave command.

Create the LSAN zone consisting of host, target, virtual target, and virtual initiator in both the
backbone fabric and the target edge fabrics. Refer to the Fabric OS Administrator’s Guide for
information about LSANs, LSAN zoning, and Fibre Channel routing (FCR) configurations.

Host

Target

Encryption

Switch

Backbone Fabric

Host

Target

Virtual
Initiator

Virtual
Target

Ex_Port

E_Port

E_Port

E_Port

Ex_Port

Host Edge Fabric

Target Edge Fabric

Create zone: Host, Target,

Virtual Initiator, Virtual Target

Redirection zone:
(Automatically created)

Extension

Switch

Advertising
Popular Brands
Popular manuals