1. Manuals
  2. Brands
  3. Brocade Communications Systems Manuals
  4. Software
  5. StoreFabric SN6500B
  6. Administrator's manual

Lun Policy Troubleshooting - Brocade Communications Systems StoreFabric SN6500B Administrator's Manual

Brocade fabric os encryption administrator's guide v7.1.0 (53-1002721-01, march 2013)
Hide thumbs Also See for StoreFabric SN6500B:
Table of Contents

Advertisement

LUN policy troubleshooting

Table 14
TABLE 14

LUN policy troubleshooting

Case
Reasons for the LUN getting disabled by
the encryption switch
1
The LUN was modified from encrypt
policy to cleartext policy but metadata
exists.
2
The LUN was set up with an encrypt
policy and the LUN was encrypted
(metadata is present on the LUN), but
the DEK for the key ID present in the
metadata does not exist in the key
vault.
3
The LUN was set up with an encrypt
policy and the LUN was encrypted
(metadata is present on the LUN), but
the current state of the LUN is
cleartext instead of encrypted.
Fabric OS Encryption Administrator's Guide (SKM/ESKM)
53-1002721-01
may be used as an aid in troubleshooting problems related to LUN policies.
Action taken
LUN is disabled.
Reason code:
Metadata exists
but the LUN
policy is cleartext.
LUN is disabled.
Reason code:
Metadata exists
but the DEK for
the key ID from
the metadata
does not exist.
LUN is disabled.
Reason code:
Metadata exists,
but the LUN
policy is indicated
as cleartext.
LUN policy troubleshooting
If you do not need to save the data:
Issue the cryptocfg --enable
-LUN command on one path of the
LUN. This erases the metadata on
the LUN and the LUN is then
enabled with cleartext policy. Issue
the cryptocfg --discoverLUN
command on other paths of the
LUN in the DEK cluster to enable
the LUN.
Modify the LUN policy to cleartext.
The subsequent handling is same
as in case 1.
Modify the LUN policy to cleartext.
The subsequent handling is the
same as in case 1.
6
If you need to save the data:
Modify the LUN back to encrypt
policy.
Make sure the key vault has the
DEK and when the DEK gets
restored to the key vault, perform
one of the following tasks on one
of the paths of the LUN to enable
the LUN:
Issue the cryptocfg
--discoverLUN command
Remove the LUN from the
container and then add it
back
Bounce the target port
Then issue the cryptocfg
--discoverLUN command on
other paths of the LUN in the
DEK cluster.
Remove the LUN from the
container and then add the LUN
back with the LUN state as
encrypted, or issue the cryptocfg
--enable -LUN command on
one of the paths of the LUN
which will enable the LUN by
using the appropriate key. Then
issue the cryptocfg
--discoverLUN command on
other paths of the LUN in the
DEK cluster to enable the LUN.
333

Advertisement

Table of Contents
loading

Related Manuals for Brocade Communications Systems StoreFabric SN6500B

Related Content for Brocade Communications Systems StoreFabric SN6500B

This manual is also suitable for:

Fabric os 7.1.0

Table of Contents