Brocade Fabric OS Encryption Administrator’s Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual
Page 10
x
Fabric OS Encryption Administrator’s Guide (LKM/SSKM)
53-1002925-01
Encryption group merge and split use cases . . . . . . . . . . . . . . . . .219
A member node failed and is replaced . . . . . . . . . . . . . . . . . .219
A member node reboots and comes back up . . . . . . . . . . . . .220
A member node lost connection to the group leader . . . . . . .221
A member node lost connection to all other nodes
in the encryption group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221
Several member nodes split off from an encryption
group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222
Adjusting heartbeat signaling values . . . . . . . . . . . . . . . . . . . .223
EG split possibilities requiring manual recovery . . . . . . . . . . .224
Configuration impact of encryption group split
or node isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228
Encryption group database manual operations . . . . . . . . . . . . . . .229
Manually synchronizing the encryption group database. . . . .229
Manually synchronizing the security database . . . . . . . . . . . .229
Aborting a pending database transaction . . . . . . . . . . . . . . . .230
Key vault diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230
Measuring encryption performance . . . . . . . . . . . . . . . . . . . . . . . .232
General encryption troubleshooting . . . . . . . . . . . . . . . . . . . . . . . .236
SSKM recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238
Troubleshooting examples using the CLI . . . . . . . . . . . . . . . . . . . . .239
Encryption Enabled CryptoTarget LUN . . . . . . . . . . . . . . . . . . .239
Encryption Disabled CryptoTarget LUN. . . . . . . . . . . . . . . . . . .240
Management application encryption wizard troubleshooting . . . . 241
Errors related to adding a switch to an existing group . . . . . . 241
Errors related to adding a switch to a new group . . . . . . . . . .242
General errors related to the Configure Switch
Encryption wizard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243
LUN policy troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244
Loss of encryption group leader after power outage . . . . . . . . . . .245
MPIO and internal LUN states . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246
Suspension and resumption of rekeying operations. . . . . . . .246
FS8-18 blade removal and replacement. . . . . . . . . . . . . . . . . . . . . 247
Multi-node EG replacement . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Single-node EG replacement. . . . . . . . . . . . . . . . . . . . . . . . . . .249
Brocade Encryption Switch removal and replacement. . . . . . . . . .251
Multi-node EG Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
Single-node EG Replacement . . . . . . . . . . . . . . . . . . . . . . . . . .254
Removing stale rekey information for a LUN. . . . . . . . . . . . . . . . . .256
Downgrading firmware from Fabric OS 7.1.0. . . . . . . . . . . . . . . . . .257
Splitting an encryption group into two encryption groups . . . . . . .258