Fip snooping on vlans, Fc-map value, Bridge-to-fcf links – Dell PowerEdge FX2/FX2s User Manual

FIP Snooping on VLANs

FIP snooping is enabled globally on an Aggregator on all VLANs:

• FIP frames are allowed to pass through the switch on the enabled VLANs and are processed to

generate FIP snooping ACLs.

• FCoE traffic is allowed on VLANs only after a successful virtual-link initialization (fabric login FLOGI)

between an ENode and an FCF. All other FCoE traffic is dropped.

• Atleast one interface is auto-configured for FCF (FIP snooping bridge — FCF) mode on a FIP

snooping-enabled VLAN. Multiple FCF trusted interfaces are auto-configured in a VLAN.

• A maximum of eight VLANs are supported for FIP snooping on an Aggregator. FIP snooping processes

FIP packets in traffic only from the first eight incoming VLANs.

FC-MAP Value

The FC-MAP value that is applied globally by the Aggregator on all FCoE VLANs to authorize FCoE traffic

is auto-configured.
The FC-MAP value is used to check the FC-MAP value for the MAC address assigned to ENodes in
incoming FCoE frames. If the FC-MAP values does not match, FCoE frames are dropped. A session
between an ENode and an FCF is established by the switch —bridge only when the FC-MAP value on the
FCF matches the FC-MAP value on the FIP snooping bridge.

Bridge-to-FCF Links

A port directly connected to an FCF is auto-configured in FCF mode. Initially, all FCoE traffic is blocked;

only FIP frames are allowed to pass.
FCoE traffic is allowed on the port only after a successful FLOGI request/response and confirmed use of
the configured FC-MAP value for the VLAN.

Impact on other Software Features

FIP snooping affects other software features on an Aggregator as follows:

• MAC address learning: MAC address learning is not performed on FIP and FCoE frames, which are

denied by ACLs dynamically created by FIP snooping in server-facing ports in ENode mode.

• MTU auto-configuration: MTU size is set to mini-jumbo (2500 bytes) when a port is in Switchport

mode, the FIP snooping feature is enabled on the switch, and the FIP snooping is enabled on all or

individual VLANs.

• Link aggregation group (LAG): FIP snooping is supported on port channels on ports on which PFC

mode is on (PFC is operationally up).

FIP Snooping Prerequisites

On an Aggregator, FIP snooping requires the following conditions:

• A FIP snooping bridge requires DCBX and PFC to be enabled on the switch for lossless Ethernet

connections (refer to Data Center Bridging (DCB)). Dell recommends that you also enable ETS; ETS is

recommended but not required. DCBX and PFC mode are auto-configured on Aggregator ports and

FIP snooping is operational on the port. If the PFC parameters in a DCBX exchange with a peer are not

synchronized, FIP and FCoE frames are dropped on the port.

• VLAN membership:

– The Aggregator auto-configures the VLANs which handle FCoE traffic. You can reconfigure VLAN

membership on a port (vlan tagged command).

FIP Snooping

73