Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch

351

352

353

354

355

356

357

358

359

360

● You must apply the CAM-ACL space for the FCoE region before enabling the FIP-Snooping feature. If you do not apply

CAM-ACL space the following error message is displayed:

Dell(conf)#feature fip-snooping

% Error: Cannot enable fip snooping. CAM Region not allocated for Fcoe.

Dell(conf)#

NOTE: You must manually add the CAM-ACL space to the FCoE region, as it is not applied by default.

Enabling the FCoE Transit Feature

The following sections describe how to enable FCoE transit.

NOTE: FCoE transit is disabled by default. To enable this feature, you must follow the Configure FIP Snooping.

As soon as you enable the FCoE transit feature on a switch-bridge, existing VLAN-specific and FIP snooping configurations are

applied. The FCoE database is populated when the switch connects to a converged network adapter (CNA) or FCF port and

compatible DCB configurations are synchronized. By default, all FCoE and FIP frames are dropped unless specifically permitted

by existing FIP snooping-generated ACLs. You can reconfigure any of the FIP snooping settings.

If you disable FCoE transit, FIP and FCoE traffic are handled as normal Ethernet frames and no FIP snooping ACLs are

generated. The VLAN-specific and FIP snooping configuration is disabled and stored until you re-enable FCoE transit and the

configurations are re-applied.

Enable FIP Snooping on VLANs

You can enable FIP snooping globally on a switch on all VLANs or on a specified VLAN.

When you enable FIP snooping on VLANs:

● FIP frames are allowed to pass through the switch on the enabled VLANs and are processed to generate FIP snooping ACLs.

● FCoE traffic is allowed on VLANs only after a successful virtual-link initialization (fabric login FLOGI) between an ENode and

an FCF. All other FCoE traffic is dropped.

● You must configure at least one interface for FCF (FIP snooping bridge-bridge) mode on a FIP snooping-enabled VLAN. You

can configure multiple FCF trusted interfaces in a VLAN.

● A maximum of eight VLANS are supported for FIP snooping on the switch. When enabled globally, FIP snooping processes

FIP packets in traffic only from the first eight incoming VLANs. When enabled on a per-VLAN basis, FIP snooping is

supported on up to eight VLANs.

Configure the FC-MAP Value

You can configure the FC-MAP value to be applied globally by the switch on all or individual FCoE VLANs to authorize FCoE

traffic.

The configured FC-MAP value is used to check the FC-MAP value for the MAC address assigned to ENodes in incoming FCoE

frames. If the FC-MAP value does not match, FCoE frames are dropped. A session between an ENode and an FCF is established

by the switch-bridge only when the FC-MAP value on the FCF matches the FC-MAP value on the FIP snooping bridge.

Configure a Port for a Bridge-to-Bridge Link

If a switch port is connected to another FIP snooping bridge, configure the FCoE-Trusted Port mode for bridge-bridge links.

Initially, all FCoE traffic is blocked. Only FIP frames with the ALL_FCF_MAC and ALL_ENODE_MAC values in their headers are

allowed to pass. After the switch learns the MAC address of a connected FCF, it allows FIP frames destined to or received from

the FCF MAC address.

FCoE traffic is allowed on the port only after the switch learns the FC-MAP value associated with the specified FCF MAC

address and verifies that it matches the configured FC-MAP value for the FCoE VLAN.

FCoE Transit

357