Fip snooping, Fibre channel over ethernet, 6 fip snooping – Dell PowerEdge FX2/FX2s User Manual

6

FIP Snooping

FIP snooping is auto-configured on an Aggregator in standalone mode. You can display information on
FIP snooping operation and statistics by entering show commands.
This chapter describes about the FIP snooping concepts and configuration procedures.

Fibre Channel over Ethernet

Fibre Channel over Ethernet (FCoE) provides a converged Ethernet network that allows the combination

of storage-area network (SAN) and LAN traffic on a Layer 2 link by encapsulating Fibre Channel data into

Ethernet frames.
FCoE works with Ethernet enhancements provided in data center bridging (DCB) to support lossless (no-
drop) SAN and LAN traffic. In addition, DCB provides flexible bandwidth sharing for different traffic types,
such as LAN and SAN, according to 802.1p priority classes of service. For more information, refer to the
Data Center Bridging (DCB) chapter.

Ensuring Robustness in a Converged Ethernet Network

Fibre Channel networks used for SAN traffic employ switches that operate as trusted devices. End devices

log into the switch to which they are attached in order to communicate with the other end devices

attached to the Fibre Channel network. Because Fibre Channel links are point-to-point, a Fibre Channel

switch controls all storage traffic that an end device sends and receives over the network. As a result, the

switch can enforce zoning configurations, ensure that end devices use their assigned addresses, and

secure the network from unauthorized access and denial-of-service attacks.
To ensure similar Fibre Channel robustness and security with FCoE in an Ethernet cloud network, the
Fibre Channel over Ethernet initialization protocol (FIP) establishes virtual point-to-point links between
FCoE end-devices (server ENodes and target storage devices) and FCoE forwarders (FCFs) over transit
FCoE-enabled bridges.

Ethernet bridges commonly provide access control list (ACLs) that can emulate a point-to-point link by
providing the traffic enforcement required to create a Fibre Channel-level of robustness. In addition, FIP
serves as a Layer 2 protocol to:

• Operate between FCoE end-devices and FCFs over intermediate Ethernet bridges to prevent

unauthorized access to the network and achieve the required security.

• Allow transit Ethernet bridges to efficiently monitor FIP frames passing between FCoE end-devices

and an FCF, and use the FIP snooping data to dynamically configure ACLs on the bridge to only

permit traffic authorized by the FCF.

FIP enables FCoE devices to discover one another, initialize and maintain virtual links over an Ethernet
network, and access storage devices in a storage area network. FIP satisfies the Fibre Channel
requirement for point-to-point connections by creating a unique virtual link for each connection
between an FCoE end-device and an FCF via a transit switch.

FIP Snooping

69