ONTAP Discussions

Aggr and Vol encryption both enabled

Baiju
3,861 Views

Hi Gents,

 

I have Aggr encryption  enabled and also used keyword -encrypt true while creating volumes on AFF. Having both enabled (aggr and vol encryption) has any adverse effect? also does this impact the cross volume deduplication savings? please advise.

 

7 REPLIES 7

Ontapforrum
3,833 Views

No.  No,  Data encryption happens at the RAID layer, which allows storage efficiencies to stay in place because they are performed before the encryption functions.

 

This Kb is very resourceful:
https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/FAQ%3A_NetApp_Volume_Encryption_and_NetApp_Aggregate_Encryption

TMACMD
3,824 Views

On an AFF, you must enable the aggregate encryption to use any of the cross volume efficiencies. 

Baiju
3,603 Views

Hi TMAC,

 

I have NAE and on top of that I have NVE. I think I need to covert NAE vols to NAE vols to enable encryption right?

 

 

Fabian1993
3,597 Views

https://kb.netapp.com/Advice_and_Troubleshooting/Data_Storage_Software/ONTAP_OS/How_to_convert_volumes_from_NetApp_Volume_Encryption_to_NetApp_Aggrega...

 

Look here, there is Guide to complete the whole Task,if you have all the things already done, you are fine 🙂

TMACMD
3,790 Views

Also, If I recall....if you have NAE (NetApp Aggregate Encryption enabled, any volume you create will automatically be encrypted (you do not need to use the -encrypt option)

Fabian1993
3,780 Views

Does NVE and NAE work with aggregate deduplication?

You can put NVE volumes in aggregated deduplicated aggregates. The NVE volumes do not participate in the aggregate deduplication savings; the NVE volumes are ignored.  NAE volumes do participate in aggregate deduplication savings.

 

 

Baiju
3,601 Views

I think I can use vol move command and convert NVE vol to NAE vol so that I can enable cross volume dedupe. Wondering any one has done a similar task and are there any risk involved (NetApp encryption power guide, page 39). i have got a A400 system with less than 5% CPU utilization now.

 

 

Public