6 fip-snooping, 7 fip-snooping vlan – Fortinet 548B User Manual

- 142 -

7.2.16.6 fip-snooping

The FIP snooping function is disabled by default. Only after enabling it, are the FIP related CLIs under
VLAN and interface mode visible. The FIP-

snoop process also starts after the “fip-snooping” command

is enabled. Once the feature is enabled, the FIP-snoop packets and FCoE packets are dropped, unless
explicitly enabled on a per-VLAN basis. If FIP snooping is enabled, all the FIP frames are snooped and
security ACLs are added. FCoE traffic is blocked on all ports until the device re-initializes with FIP. If the
feature is disabled, snooping is removed and all programmed ACLs and internal data are cleaned up.

Syntax

fip-snooping
no fip-snooping

no - This command disables fip snooping function.

Default Setting

Disabled

Command Mode

Global Config

7.2.16.7 fip-snooping vlan

This command enables FIP snooping on a VLAN. VLAN must be configured before it can be used. Once
VLAN is enabled, the FIP packets will be snooped only on the configured VLANs. FIP snooping is
disabled on VLANs by default.

Syntax

fip-snooping vlan <vlan id>

no fip-snooping vlan <vlan id>

<1 - 3965> - VLAN ID.

no - This command disable snooping on a specific VLAN.

Default Setting

Disabled

Command Mode

Global Config