Users Guide
FIP Snooping in a Switch Stack
FIP snooping supports switch stacking as follows:
• A switch stack conguration is synchronized with the standby stack unit.
• Dynamic population of the FCoE database (ENode, Session, and FCF tables) is synchronized with the standby stack unit. The
FCoE database is maintained by snooping FIP keep-alive messages.
• In case of a failover, the new master switch starts the required timers for the FCoE database tables. Timers run only on the
master stack unit.
Using FIP Snooping
After you enable FcoE transit, the conguration of FIP snooping on an S5000 switch not congured as an NPIV proxy gateway
consists of the following tasks.
For more information about FIP snooping on an NPIV proxy gateway, refer to FIP Snooping on an NPIV Proxy Gateway.
There are four steps to congure FCoE transit.
1. Enable the FCoE transit feature on a switch to maintain FIP snooping information on the switch.
2. Enable FIP snooping globally on all Virtual Local Area Networks (VLANs) or individual VLANs on a FIP snooping bridge.
3. Congure the FC-Map value applied globally by the switch on all VLANs or an individual VLAN. The FC-MAP value checks the
rst 24 bits in the MAC address in incoming FCoE frames.
4. Congure the maximum number of FIP-snooping sessions supported ont eh switch for an ENode MAC address.
5. Congure FCF mode for a FIP snooping bridge-to-FCF link.
NOTE: The FCoE-Trusted Port mode used to connect to another FIP snooping bridge (bridge-bridge link) is not
supported on the S5000 switch.
For a sample FIP snooping conguration, refer to FCoE Transit Conguration Example.
Enable the FCoE Transit Feature
The following sections describe how to enable FCoE transit.
NOTE: FCoE transit is disabled by default. To enable FCoE transit and congure FIP snooping, follow the steps in
Conguring FIP Snooping.
When you enable FCoE transit, the switch snoops FIP packets on VLANs enabled for FIP snooping and allows legitimate sessions.
FCoE and FIP packets are dropped on VLANs disabled for FIP snooping. When you disable FCoE transit, the S5000 operates as a
pure Layer 2 switch that switches FCoE and FIP packets.
As soon as you enable the FCoE transit feature on a switch-bridge, existing VLAN-specic and FIP snooping congurations are
applied. The FCoE database is populated when the switch connects to a converged network adapter (CNA) or FCF port and
compatible DCB congurations are synchronized. By default, all FCoE and FIP frames are dropped unless specically permitted by
existing FIP snooping-generated ACLs. You can recongure any of the FIP snooping settings.
If you disable FCoE transit, FIP and FCoE trac are handled as normal Ethernet frames and no FIP snooping ACLs are generated.
The VLAN-specic and FIP snooping conguration is disabled and stored until you re-enable FCoE transit and the congurations are
re-applied.
NOTE: When you congure the S5000 switch as an NPIV proxy gateway and enable Fibre Channel capability (the
feature fc command), FIP snooping is automatically enabled on all VLANs on the switch using the default FIP
snooping settings.
318
FCoE Transit