Users Guide
• You can configure multiple FCF-trusted interfaces in a VLAN.
• When you disable FIP snooping:
• ACLs are not installed, FIP and FCoE traffic is not blocked, and FIP packets are not processed.
• The existing per-VLAN and FIP snooping configuration is stored. The configuration is re-applied
the next time you enable the FIP snooping feature.
•
To support FIP-Snooping and set CAM-ACL, usecam-acl l2acl 4 ipv4acl 4 ipv6acl 0 ipv4qos 2
l2qos 1 l2pt 0 ipmacacl 0 vman-qos 0 ecfmacl 0 fcoeacl 2 command.
CAM ACL Table
-- Chassis Cam ACL --
Current Settings(in block sizes)
1 block = 128 entries
L2Acl : 4
Ipv4Acl : 4
Ipv6Acl : 0
Ipv4Qos : 2
L2Qos : 1
L2PT : 0
IpMacAcl : 0
VmanQos : 0
VmanDualQos : 0
EcfmAcl : 0
FcoeAcl : 2
iscsiOptAcl : 0
ipv4pbr : 0
vrfv4Acl : 0
Openflow : 0
fedgovacl : 0
nlbclusteracl: 0
st-sjc-s5000-29#
Enabling the FCoE Transit Feature
The following sections describe how to enable FCoE transit.
NOTE: FCoE transit is disabled by default. To enable this feature, you must follow the
Configuring FIP Snooping.
As soon as you enable the FCoE transit feature on a switch-bridge, existing VLAN-specific and FIP snooping
configurations are applied. The FCoE database is populated when the switch connects to a converged
network adapter (CNA) or FCF port and compatible DCB configurations are synchronized. By default, all FCoE
and FIP frames are dropped unless specifically permitted by existing FIP snooping-generated ACLs. You can
reconfigure any of the FIP snooping settings.
If you disable FCoE transit, FIP and FCoE traffic are handled as normal Ethernet frames and no FIP snooping
ACLs are generated. The VLAN-specific and FIP snooping configuration is disabled and stored until you re-
enable FCoE transit and the configurations are re-applied.
FCoE Transit 396