Deployment Guide
Figure 43. FIP Snooping on an Aggregator
The following sections describes how to congure the FIP snooping feature on a switch that functions as a FIP snooping bridge so that it
can perform the following functions:
• Performs FIP snooping (allowing and parsing FIP frames) globally on all VLANs or on a per-VLAN basis.
• Set the FCoE MAC address prex (FC-MAP) value used by an FCF to assign a MAC address to an ECoE end-device (server ENode or
storage device) after a server successfully logs in.
• Set the FCF mode to provide additional port security on ports that are directly connected to an FCF.
• Check FIP snooping-enabled VLANs to ensure that they are operationally active.
• Process FIP VLAN discovery requests and responses, advertisements, solicitations, FLOGI/FDISC requests and responses, FLOGO
requests and responses, keep-alive packets, and clear virtual-link messages.
How FIP Snooping is Implemented
As soon as the Aggregator is activated in an Dell PowerEdge FX2 server chassis as a switch-bridge, existing VLAN—specic and FIP
snooping auto-congurations are applied. The Aggregator snoops FIP packets on VLANs enabled for FIP snooping and allows legitimate
sessions. By default, all FCoE and FIP frames are dropped unless specically permitted by existing FIP snooping-generated ACLs.
FIP Snooping on VLANs
FIP snooping is enabled globally on an Aggregator on all VLANs:
• FIP frames are allowed to pass through the switch on the enabled VLANs and are processed to generate FIP snooping ACLs.
FIP Snooping
329