Users Guide

Port-based ACLs These ACLs are applied on all three port modes: on ports directly connected to an FCF, server-facing ENode

ports, and bridge-to-bridge links. Port-based ACLs take precedence over global ACLs.

FCoE-generated

ACLs

These take precedence over user-configured ACLs. A user-configured ACL entry cannot deny FCoE and FIP

snooping frames.

The following illustration shows a switch used as a FIP snooping bridge in a converged Ethernet network. The top-of-rack (ToR) switch

operates as an FCF for FCoE traffic. Converged LAN and SAN traffic is transmitted between the ToR switch and an S4048–ON

switch.The switch operates as a lossless FIP snooping bridge to transparently forward FCoE frames between the ENode servers and the

FCF switch.

Figure 39. FIP Snooping on a Dell Networking Switch

The following sections describe how to configure the FIP snooping feature on a switch:

• Allocate CAM resources for FCoE.

• Perform FIP snooping (allowing and parsing FIP frames) globally on all VLANs or on a per-VLAN basis.

• To assign a MAC address to an FCoE end-device (server ENode or storage device) after a server successfully logs in, set the FCoE

MAC address prefix (FC-MAP) value an FCF uses. The FC-MAP value is used in the ACLs installed in bridge-to-bridge links on the

switch.

• To provide more port security on ports that are directly connected to an FCF and have links to other FIP snooping bridges, set the

FCF or Bridge-to-Bridge Port modes.

FIP Snooping

275