Srdf pairs, Metadata requirements and remote replication – Brocade Network Advisor SAN User Manual v12.3.0 User Manual
Page 880
828
Brocade Network Advisor SAN User Manual
53-1003154-01
Adding target disk LUNs for encryption
20
SRDF pairs
Remote replication is implemented by establishing a synchronized pair of SRDF devices connected
by FC or IP links. A local source device is paired with a remote target device while data replication is
taking place. While the SRDF devices are paired, the remote target device is not locally accessible
for read or write operations. When the data replication operation completes, the pair may be split to
enable normal read/write access to both devices. The pair may be restored to restore the data on
the local source device.
shows the placement of encryption switches in an SRDF configuration. When
encryption is enabled for the primary LUN, encrypted data written by the local application server to
the primary LUN is replicated on the secondary LUN. The data is encrypted using a DEK that was
generated on the local encryption switch and stored on the local DPM key vault. When each site
has an independent key vault, as shown in
, the key vaults must be synchronized to
ensure the availability of the DEK at the remote site. Refer to DPM user documentation for
information about how to synchronize the key vaults. Both sites may share the same key vault,
which eliminates the need for synchronization across sites. Depending on distance between sites,
sharing a key vault may add some latency when retrieving a key.
FIGURE 383
Basic SRDF configuration with encryption switches
Metadata requirements and remote replication
When the metadata and key ID are written, the primary metadata on blocks 1–16 is compressed
and encrypted. However, there are scenarios whereby these blocks cannot be compressed, and the
metadata is not written to the media. If blocks 1–16 are not compressible on the local source
device and metadata is not written, obtaining the correct DEK for the remote target device
becomes problematic. This problem is avoided by reserving the last three blocks of the LUN for a
copy of the metadata. These blocks are not exposed to the host initiator. When a host reads the
capacity of the LUN, the size reported is always three blocks less than the actual size. The behavior
is enforced by selecting the New LUN check box on the Select LUN screen of the Add New Path
wizard when adding LUNs for an SRDF pair (for example, R1 and R2 in
).