HP StorageWorks 8/80 HP StorageWorks Fabric OS 6.1.x administrator guide (5697 - Page 379
IPSec concepts and implementation over FCIP
View all HP StorageWorks 8/80 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 379 highlights
Table 86 shows the default mapping of DSCP priorities to L2Cos priorities per tunnel ID. This may be helpful when consulting with the network administrator. These values may be modified per FCIP tunnel. Table 86 Default Mapping of DSCP priorities to L2Cos Priorities Virtual CIrcuit DSCP priority/bits (VC) L2CoS priority/bits Assigned to: 0 46 / 101110 7 / 111 Class F 1 7 / 000111 1 / 001 Medium QoS 2 11 / 001011 3 / 011 3 15 / 001111 3 / 011 4 19 / 010011 3 / 011 Medium QoS Medium QoS Medium QoS 5 23 / 010111 3 / 011 Medium QoS 6 27 / 011011 0 / 000 Class 3 Multicast 7 31 / 011111 0 / 000 Broadcast/Multicast 8 35 / 100011 0 / 000 9 39 / 100111 0 / 000 10 43 / 101011 4 / 100 Low Qos Low Qos High QoS 11 47 / 101111 4 / 100 High QoS 12 51 / 110011 4 / 100 High QoS 13 55 / 110111 4 / 100 High QoS 14 59 / 111011 4 / 100 High QoS 15 63 / 111111 0 / 000 - IPSec concepts and implementation over FCIP Internet Protocol security (IPSec) uses cryptographic security to ensure private, secure communications over Internet Protocol networks. IPSec supports network-level data integrity, data confidentiality, data origin authentication, and replay protection. It helps secure your SAN against network-based attacks from untrusted computers, attacks that can result in the denial-of-service of applications, services, or the network, data corruption, and data and user credential theft. By default, when creating an FCIP tunnel, IPSec is disabled. Used to provide greater security in tunneling on an FR4-18i blade or a 400 Multi-protocol Router , the IPSec feature does not require you to configure separate security for each application that uses TCP/IP. When configuring for IPSec, however, you must ensure that there is an FR4-18i blade or a 400 Multi-protocol Router at each end of the FCIP tunnel. IPSec works on FCIP tunnels with or without IP compression (IPComp), FCIP fastwrite, and tape pipelining. IPSec requires an IPSec license in addition to the High-Performance Extension over FCIP/FC license. Fabric OS 6.1.x administrator guide 379