FIP Snooping
The Fibre Channel over Ethernet (FCoE) Transit feature is supported on Ethernet interfaces. When you enable the switch for FCoE transit,
the switch functions as a FIP snooping bridge.
NOTE:
FIP snooping is not supported on Fibre Channel interfaces or in a switch stack.
Topics:
•
•
Ensure Robustness in a Converged Ethernet Network
•
FIP Snooping on Ethernet Bridges
•
FIP Snooping in a Switch Stack
•
•
Displaying FIP Snooping Information
•
FCoE Transit Configuration Example
Fibre Channel over Ethernet
FCoE provides a converged Ethernet network that allows the combination of storage-area network (SAN) and LAN traffic on a Layer 2 link
by encapsulating Fibre Channel data into Ethernet frames.
FCoE works with the Ethernet enhancements provided in data center bridging (DCB) to support lossless (no-drop) SAN and LAN traffic. In
addition, DCB provides flexible bandwidth sharing for different traffic types, such as LAN and SAN, according to 802.1p priority classes of
service. DCBx should be enabled on the system before the FIP snooping feature is enabled. For more information, refer to the
chapter.
Ensure Robustness in a Converged Ethernet Network
Fibre Channel networks used for SAN traffic employ switches that operate as trusted devices. To communicate with other end devices
attached to the Fibre Channel network, end devices log into the switch to which they are attached.
Because Fibre Channel links are point-to-point, a Fibre Channel switch controls all storage traffic that an end device sends and receives
over the network. As a result, the switch can enforce zoning configurations, ensure that end devices use their assigned addresses, and
secure the network from unauthorized access and denial-of-service (DoS) attacks.
To ensure similar Fibre Channel robustness and security with FCoE in an Ethernet cloud network, FIP establishes virtual point-to-point links
between FCoE end-devices (server ENodes and target storage devices) and FCoE forwarders (FCFs) over transit FCoE-enabled bridges.
Ethernet bridges commonly provide ACLs that can emulate a point-to-point link by providing the traffic enforcement required to create a
Fibre Channel-level of robustness. You can configure ACLs to emulate point-to-point links, providing control over the traffic received or
transmitted into the switch. To automatically generate ACLs, use FIP snooping. In addition, FIP serves as a Layer 2 protocol to:
•
Operate between FCoE end-devices and FCFs over intermediate Ethernet bridges to prevent unauthorized access to the network and
achieve the required security.
•
Allow transit Ethernet bridges to efficiently monitor FIP frames passing between FCoE end-devices and an FCF. To dynamically
configure ACLs on the bridge to only permit traffic authorized by the FCF, use the FIP snooping data.
15
322
FIP Snooping
Summary of Contents for S4048T-ON
Page 1: ...Dell Configuration Guide for the S4048 ON System 9 11 2 1 ...
Page 148: ...Figure 10 BFD Three Way Handshake State Changes 148 Bidirectional Forwarding Detection BFD ...
Page 251: ...Dell Control Plane Policing CoPP 251 ...
Page 363: ... RPM Synchronization GARP VLAN Registration Protocol GVRP 363 ...
Page 511: ...Figure 64 Inspecting the LAG Configuration Link Aggregation Control Protocol LACP 511 ...
Page 558: ...Figure 84 Configuring Interfaces for MSDP 558 Multicast Source Discovery Protocol MSDP ...
Page 559: ...Figure 85 Configuring OSPF and BGP for MSDP Multicast Source Discovery Protocol MSDP 559 ...
Page 564: ...Figure 88 MSDP Default Peer Scenario 2 564 Multicast Source Discovery Protocol MSDP ...
Page 565: ...Figure 89 MSDP Default Peer Scenario 3 Multicast Source Discovery Protocol MSDP 565 ...
Page 841: ...Figure 115 Single and Double Tag TPID Match Service Provider Bridging 841 ...
Page 842: ...Figure 116 Single and Double Tag First byte TPID Match 842 Service Provider Bridging ...