beautypg.com

Brocade Fabric OS Encryption Administrator’s Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 10

background image

x

Fabric OS Encryption Administrator’s Guide (LKM/SSKM)

53-1002925-01

Encryption group merge and split use cases . . . . . . . . . . . . . . . . .219

A member node failed and is replaced . . . . . . . . . . . . . . . . . .219
A member node reboots and comes back up . . . . . . . . . . . . .220
A member node lost connection to the group leader . . . . . . .221
A member node lost connection to all other nodes
in the encryption group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221
Several member nodes split off from an encryption
group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222
Adjusting heartbeat signaling values . . . . . . . . . . . . . . . . . . . .223
EG split possibilities requiring manual recovery . . . . . . . . . . .224
Configuration impact of encryption group split
or node isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228

Encryption group database manual operations . . . . . . . . . . . . . . .229

Manually synchronizing the encryption group database. . . . .229
Manually synchronizing the security database . . . . . . . . . . . .229
Aborting a pending database transaction . . . . . . . . . . . . . . . .230

Key vault diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230

Measuring encryption performance . . . . . . . . . . . . . . . . . . . . . . . .232

Enabling encrypted LUNs in the disabled state following
zeroization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234

General encryption troubleshooting . . . . . . . . . . . . . . . . . . . . . . . .236

SSKM recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238

Troubleshooting examples using the CLI . . . . . . . . . . . . . . . . . . . . .239

Encryption Enabled CryptoTarget LUN . . . . . . . . . . . . . . . . . . .239
Encryption Disabled CryptoTarget LUN. . . . . . . . . . . . . . . . . . .240

Management application encryption wizard troubleshooting . . . . 241

Errors related to adding a switch to an existing group . . . . . . 241
Errors related to adding a switch to a new group . . . . . . . . . .242
General errors related to the Configure Switch
Encryption wizard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243

LUN policy troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244

Loss of encryption group leader after power outage . . . . . . . . . . .245

MPIO and internal LUN states . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246

Suspension and resumption of rekeying operations. . . . . . . .246

FS8-18 blade removal and replacement. . . . . . . . . . . . . . . . . . . . . 247

Multi-node EG replacement . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Single-node EG replacement. . . . . . . . . . . . . . . . . . . . . . . . . . .249

Brocade Encryption Switch removal and replacement. . . . . . . . . .251

Multi-node EG Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
Single-node EG Replacement . . . . . . . . . . . . . . . . . . . . . . . . . .254

Reclaiming the WWN base of a failed Brocade Encryption
Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256

Removing stale rekey information for a LUN. . . . . . . . . . . . . . . . . .256

Downgrading firmware from Fabric OS 7.1.0. . . . . . . . . . . . . . . . . .257

Splitting an encryption group into two encryption groups . . . . . . .258

See also other documents in the category Brocade Computer Accessories: