Manualshelf

Users Guide

ManualsBrandsDell ManualsComputer equipmentPowerEdge M IO Aggregator
81828384858687888990
How FIP Snooping is Implemented
As soon as the Aggregator is activated in an M1000e chassis as a switch-bridge, existing VLAN-specific and FIP snooping auto-
configurations are applied. The Aggregator snoops FIP packets on VLANs enabled for FIP snooping and allows legitimate sessions. By
default, all FCoE and FIP frames are dropped unless specifically permitted by existing FIP snooping-generated ACLs.
FIP Snooping on VLANs
FIP snooping is enabled globally on an Aggregator on all VLANs:
FIP frames are allowed to pass through the switch on the enabled VLANs and are processed to generate FIP snooping ACLs.
FCoE traffic is allowed on VLANs only after a successful virtual-link initialization (fabric login FLOGI) between an ENode and an FCF.
All other FCoE traffic is dropped.
Atleast one interface is auto-configured for FCF (FIP snooping bridge — FCF) mode on a FIP snooping-enabled VLAN. Multiple FCF
trusted interfaces are auto-configured in a VLAN.
A maximum of eight VLANs are supported for FIP snooping on an Aggregator. FIP snooping processes FIP packets in traffic only from
the first eight incoming VLANs.
FC-MAP Value
The FC-MAP value that is applied globally by the Aggregator on all FCoE VLANs to authorize FCoE traffic is auto-configured.
The FC-MAP value is used to check the FC-MAP value for the MAC address assigned to ENodes in incoming FCoE frames. If the FC-
MAP values does not match, FCoE frames are dropped. A session between an ENode and an FCF is established by the switch —bridge
only when the FC-MAP value on the FCF matches the FC-MAP value on the FIP snooping bridge.
Bridge-to-FCF Links
A port directly connected to an FCF is auto-configured in FCF mode. Initially, all FCoE traffic is blocked; only FIP frames are allowed to
pass.
FCoE traffic is allowed on the port only after a successful FLOGI request/response and confirmed use of the configured FC-MAP value
for the VLAN.
Impact on other Software Features
FIP snooping affects other software features on an Aggregator as follows:
MAC address learning: MAC address learning is not performed on FIP and FCoE frames, which are denied by ACLs dynamically created
by FIP snooping in server-facing ports in ENode mode.
MTU auto-configuration: MTU size is set to mini-jumbo (2500 bytes) when a port is in Switchport mode, the FIP snooping feature is
enabled on the switch, and the FIP snooping is enabled on all or individual VLANs.
Link aggregation group (LAG): FIP snooping is supported on port channels on ports on which PFC mode is on (PFC is operationally
up).
FIP Snooping Prerequisites
On an Aggregator, FIP snooping requires the following conditions:
A FIP snooping bridge requires DCBX and PFC to be enabled on the switch for lossless Ethernet connections (refer to
Data Center
Bridging (DCB)
). Dell recommends that you also enable ETS; ETS is recommended but not required. DCBX and PFC mode are auto-
82
FIP Snooping