Brocade Fabric OS Encryption Administrator’s Guide Supporting HP Secure Key Manager (SKM) and HP Enterprise Secure Key Manager (ESKM) Environments (Supporting Fabric OS v7.2.0) User Manual

212

Fabric OS Encryption Administrator’s Guide (SKM/ESKM)

53-1002923-01

Deployment in Fibre Channel routed fabrics

4

The following is a summary of steps for creating and enabling the frame redirection zoning features
in the FCR configuration (backbone to edge).

•

The encryption device creates the frame redirection zone automatically consisting of host,
target, virtual target, and virtual initiator in the backbone fabric when the target and host are
configured on the encryption device.

•

Create the frame redirection zone consisting of host, target, virtual target, and virtual initiator
in both the host and target edge fabrics. The CLI command is zone

--

rdcreate [host wwn]

[target wwn] [VI wwn] [VT wwn][nonrestartable] [FCR]. Always specify nonrestartable as a
policy for creating redirection zones. The VI and VT port WWNs can be obtained by running the
cryptocfg

--

show

-

container

-

cfg command on the encryption

switch or blade. After the redirection zones are created, commit the configuration with the
cfgsave command.

•

Create the LSAN zone consisting of host, target, virtual target, and virtual initiator in both the
backbone fabric and the target edge fabrics. Refer to the Fabric OS Administrator’s Guide for
information about LSANs, LSAN zoning, and Fibre Channel routing (FCR) configurations.