Brocade Communications Systems Brocade 8/12c Administrator's Manual page 188

3
Configuring a multi-path Crypto LUN
4. Discover the LUNs. Perform steps 4 a. through c. to discover the LUNs for ALL CryptoTarget
5. Configure the LUN for all CryptoTarget containers in sequence by adding the LUN to each
168
c. Add host port 1 to the container CTC1.
FabricAdmin:switch>cryptocfg --add -initiator <CTC1> <Host Port1 WWN> \
<Host NWWN>
d. Add host port 2 to the container CTC2.
FabricAdmin:switch>cryptocfg --add -initiator <CTC2> <Host Port2 WWN>
<Host NWWN>
e. Commit the configuration.
FabricAdmin:switch>cryptocfg --commit
Upon commit, redirection zones are created for target port 1, host port 1 and target port 2,
host port 2. These redirection zones include the virtual target VT1 for CTC1, the virtual initiator
VI1 for host port 1, the virtual target VT2 for CTC2 and the virtual initiator VI2 for host port 2. At
this stage, the host loses access to all LUNs until the LUNs are explicitly added to the Crypto
Target containers.
containers in sequence. Refer to the section
the LUN discovery process and a command output example.
a. On the encryption switch 1 (the group leader), enter the cryptocfg
container CTC1. The command output displays the LUNs present in the target as exposed
from target port 1 and as seen by host port1, the LUN Number, host port1 WWN, and the
LUN Serial Number.
FabricAdmin:switch>cryptocfg --discoverLUN CTC1
b. On the encryption switch 2, enter the cryptocfg
command output displays the LUNs present in the target as exposed from target port and
as seen by host port 2, the LUN Number, host port1 WWN, and the LUN Serial Number.
FabricAdmin:switch>cryptocfg --discoverLUN CTC2
c. Review the output of the LUN discovery to ensure that the LUN serial number for ALL LUNs
are the same as seen from target-port 1 to host-Port 1 path and from target-port 2 to
host-port 2. Identical LUN serial numbers validate the multi-path configuration.
CryptoTarget container with identical policy settings. Refer to the sections
Crypto LUN" on page 154 and
information.
a. Add the LUN to the CryptoTarget container CTC1 with policies.
FabricAdmin:switch>cryptocfg --add -LUN CTC1 0 <Host Port1 WWN> \
<Host NWWN> -lunstate cleartext -encryption_format native -encrypt \
-enable_encexistingdata -enable_rekey 10
b. Add the same LUN to the CryptoTarget container CTC2. Use exactly the same LUN state
and policy settings that you used for the LUN added to CTC1.
FabricAdmin:switch>cryptocfg --add -LUN CTC2 0 <Host Port1 WWN> \
<Host NWWN> -lunstate cleartext -encryption_format native -encrypt \
-enable_encexistingdata -enable_rekey 10
"Discovering a LUN"
discoverLUN for the container CTC2. The
--
"Crypto LUN parameters and policies"
on page 154 for details on
discoverLUN for the
--
"Configuring a
on page 156 for more
Fabric OS Encryption Administrator's Guide
53-1002159-03