Manualshelf

Fabric OS Administrator's Guide v7.0.0 (53-1002148-02, June 2011)

ManualsBrandsHP ManualsSoftwareHP StorageWorks ISL quick loop
351352353354355356357358359360
Fabric OS Administrator’s Guide 319
53-1002148-02
Encryption and compression example
14
Encryption and compression example
The following example shows configuring and enabling encryption and compression.In this case,
encryption and compression are applied to the E_Ports at either end of and ISL connecting a port
on a blade in an enterprise class platform named myDCX to a port on a Brocade 6510 switch
named myswitch. Table 59 identifies each end of the ISL connection by device name, device WWN,
and port number.
The example includes the following steps:
Setting up authentication to permit key generation
Enabling encryption
Enabling compression
Disabling encryption
Disabling compression
Example of enabling encryption and compression on a port
This example configures and enables encryption and compression on a given port. Authentication
and secret key must also be configured as these are required before configuring encryption. The
commands in this example are shown entered on the Brocade 6510 named myswitch. The same
commands must also be entered on the peer switch.
This first part of the example shows a command sequence that sets up authentication in
preparation for in-flight encryption. Specifically, it configures the DH-CHAP protocol for
authentication, sets the DH group to group 4, and activates authentication:
myswitch:root> authutil --show
AUTH TYPE HASH TYPE GROUP TYPE
--------------------------------------
fcap,dhchap sha1,md5 0,1,2,3,4
Switch Authentication Policy: PASSIVE
Device Authentication Policy: OFF
myswitch:root> authutil --set -a dhchap
myswitch:root> authutil --set -g “*”
myswitch:root> authutil --policy -sw active
Warning: Activating the authentication policy requires either DH-CHAP secrets
or PKI certificates depending on the protocol selected. Otherwise, ISLs will
be segmented during next E-port bring-up.
ARE YOU SURE (yes, y, no, n): [no] y
Auth Policy is set to ON
TABLE 59 Example ISL connections
Enterprise class platform Brocade 6510
Name myDCX myswitch
WWN 10:00:00:05:1e:e5:cb:00 10:00:00:05:33:13:71:3e
port ID port index: 246
slot number: 12
port number: 22
port number: 0