Brocade Fabric OS Encryption Administrator’s Guide Supporting NetApp Lifetime Key Manager (LKM) and KeySecure Storage Secure Key Manager (SSKM) Environments (Supporting Fabric OS v7.2.0) User Manual

Page 10

background image

x

Fabric OS Encryption Administrator’s Guide (LKM/SSKM)

53-1002925-01

Encryption group merge and split use cases . . . . . . . . . . . . . . . . .219

A member node failed and is replaced . . . . . . . . . . . . . . . . . .219
A member node reboots and comes back up . . . . . . . . . . . . .220
A member node lost connection to the group leader . . . . . . .221
A member node lost connection to all other nodes
in the encryption group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .221
Several member nodes split off from an encryption
group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .222
Adjusting heartbeat signaling values . . . . . . . . . . . . . . . . . . . .223
EG split possibilities requiring manual recovery . . . . . . . . . . .224
Configuration impact of encryption group split
or node isolation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228

Encryption group database manual operations . . . . . . . . . . . . . . .229

Manually synchronizing the encryption group database. . . . .229
Manually synchronizing the security database . . . . . . . . . . . .229
Aborting a pending database transaction . . . . . . . . . . . . . . . .230

Key vault diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .230

Measuring encryption performance . . . . . . . . . . . . . . . . . . . . . . . .232

Enabling encrypted LUNs in the disabled state following
zeroization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .234

General encryption troubleshooting . . . . . . . . . . . . . . . . . . . . . . . .236

SSKM recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238

Troubleshooting examples using the CLI . . . . . . . . . . . . . . . . . . . . .239

Encryption Enabled CryptoTarget LUN . . . . . . . . . . . . . . . . . . .239
Encryption Disabled CryptoTarget LUN. . . . . . . . . . . . . . . . . . .240

Management application encryption wizard troubleshooting . . . . 241

Errors related to adding a switch to an existing group . . . . . . 241
Errors related to adding a switch to a new group . . . . . . . . . .242
General errors related to the Configure Switch
Encryption wizard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .243

LUN policy troubleshooting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .244

Loss of encryption group leader after power outage . . . . . . . . . . .245

MPIO and internal LUN states . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246

Suspension and resumption of rekeying operations. . . . . . . .246

FS8-18 blade removal and replacement. . . . . . . . . . . . . . . . . . . . . 247

Multi-node EG replacement . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Single-node EG replacement. . . . . . . . . . . . . . . . . . . . . . . . . . .249

Brocade Encryption Switch removal and replacement. . . . . . . . . .251

Multi-node EG Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .251
Single-node EG Replacement . . . . . . . . . . . . . . . . . . . . . . . . . .254

Reclaiming the WWN base of a failed Brocade Encryption
Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256

Removing stale rekey information for a LUN. . . . . . . . . . . . . . . . . .256

Downgrading firmware from Fabric OS 7.1.0. . . . . . . . . . . . . . . . . .257

Splitting an encryption group into two encryption groups . . . . . . .258

See also other documents in the category Brocade Computer Accessories: