FCoE Initialization Protocol Snooping
Global FIP Snooping Settings
FIP Snooping for Specific Ports
FIPS Trunk Support on Server Ports
268
CN4093 Application Guide for N/OS 8.2
FCoE Initialization Protocol (FIP) snooping is an FCoE feature. In order to enforce
point‐to‐point links for FCoE traffic outside the regular Fibre Channel topology,
Ethernet ports used in FCoE can be automatically and dynamically configured
with Access Control Lists (ACLs).
Using FIP snooping, the CN4093 examines the FIP frames normally exchanged
between the FCF and ENodes to determine information about connected FCoE
devices. This information is used to create narrowly tailored ACLs that permit
expected FCoE traffic to and from confirmed Fibre Channel nodes, and deny all
other undesirable FCoE or FIP traffic.
By default, the FIP snooping feature is turned off for the CN4093. The following
commands are used to turn the feature on or off:
CN4093(config)# [no] fcoe fips enable
Note: FIP snooping requires CEE to be turned on (see
page
265).
When FIP snooping is on, port participation may be configured on a port‐by‐port
basis (see below).
When FIP snooping is off, all FCoE‐related ACLs generated by the feature are
removed from all switch ports.
When FIP snooping is globally turned on (see above), ports may be individually
configured for participation in FIP snooping and automatic ACL generation. By
default, FIP snooping is enabled for each port. To change the setting for any
specific port, use the following CLI commands:
CN4093(config)# [no] fcoe fips port <port number, alias, list, or range> enable
When FIP snooping is enabled on a port, FCoE‐related ACLs will be automatically
configured.
When FIP snooping is disabled on a port, all FCoE‐related ACLs on the port are
removed, and the switch will enforce no FCoE‐related rules for traffic on the port.
Note: FIP Snooping and IPv6 ACLs are not support simultaneously on the same
ports. To use FIP snooping, remove IPv6 ACLs from the port.
FIPS Trunk Support allows FCoE and Ethernet traffic to co‐exist within the same
trunk (ports). By default, FCoE servers (CNA/HBA) do not support trunk, while
Ethernet (NIC/CNA) are trunk capable. Due to this incompatibility on FCoE
capable servers, the FCoE traffic is generated on separate (exclusive) ports
whenever Ethernet adapters need to be consolidated into a trunk.
"Turning CEE On or Off" on