Home » Dell Manuals » Servers » Dell PowerEdge FX2 » Manual Viewer

Dell PowerEdge FX2 Dell PowerEdge FN I/O Aggregator Configuration Guide 9.6(0 - Page 69

FIP Snooping, Fibre Channel over Ethernet, Ensuring Robustness in a Converged Ethernet Network

Add to My Manuals
Save this manual to your list of manuals

Page 69 highlights

6 FIP Snooping FIP snooping is auto-configured on an Aggregator in standalone mode. You can display information on FIP snooping operation and statistics by entering show commands. This chapter describes about the FIP snooping concepts and configuration procedures. Fibre Channel over Ethernet Fibre Channel over Ethernet (FCoE) provides a converged Ethernet network that allows the combination of storage-area network (SAN) and LAN traffic on a Layer 2 link by encapsulating Fibre Channel data into Ethernet frames. FCoE works with Ethernet enhancements provided in data center bridging (DCB) to support lossless (nodrop) SAN and LAN traffic. In addition, DCB provides flexible bandwidth sharing for different traffic types, such as LAN and SAN, according to 802.1p priority classes of service. For more information, refer to the Data Center Bridging (DCB) chapter. Ensuring Robustness in a Converged Ethernet Network Fibre Channel networks used for SAN traffic employ switches that operate as trusted devices. End devices log into the switch to which they are attached in order to communicate with the other end devices attached to the Fibre Channel network. Because Fibre Channel links are point-to-point, a Fibre Channel switch controls all storage traffic that an end device sends and receives over the network. As a result, the switch can enforce zoning configurations, ensure that end devices use their assigned addresses, and secure the network from unauthorized access and denial-of-service attacks. To ensure similar Fibre Channel robustness and security with FCoE in an Ethernet cloud network, the Fibre Channel over Ethernet initialization protocol (FIP) establishes virtual point-to-point links between FCoE end-devices (server ENodes and target storage devices) and FCoE forwarders (FCFs) over transit FCoE-enabled bridges. Ethernet bridges commonly provide access control list (ACLs) that can emulate a point-to-point link by providing the traffic enforcement required to create a Fibre Channel-level of robustness. In addition, FIP serves as a Layer 2 protocol to: • Operate between FCoE end-devices and FCFs over intermediate Ethernet bridges to prevent unauthorized access to the network and achieve the required security. • Allow transit Ethernet bridges to efficiently monitor FIP frames passing between FCoE end-devices and an FCF, and use the FIP snooping data to dynamically configure ACLs on the bridge to only permit traffic authorized by the FCF. FIP enables FCoE devices to discover one another, initialize and maintain virtual links over an Ethernet network, and access storage devices in a storage area network. FIP satisfies the Fibre Channel requirement for point-to-point connections by creating a unique virtual link for each connection between an FCoE end-device and an FCF via a transit switch. FIP Snooping 69

Section	Page
Dell PowerEdge FN I/O Aggregator Configuration Guide 9.6(0.0)	3
About this Guide	13
Audience	13
Conventions	13
Information Symbols	14
Related Documents	14
Before You Start	15
IOA Operational Modes	15
Standalone mode	15
VLT mode	15
Programmable MUX mode	15
Stacking mode	16
Default Settings	16
Other Auto-Configured Settings	16
Data Center Bridging Support	17
FCoE Connectivity and FIP Snooping	17
iSCSI Operation	18
Link Aggregation	18
Link Tracking	18
Configuring VLANs	18
Uplink LAG	19
Server-Facing LAGs	19
Where to Go From Here	19
Configuration Fundamentals	20
Accessing the Command Line	20
CLI Modes	20
Navigating CLI Modes	21
The do Command	22
Undoing Commands	23
Obtaining Help	23
Entering and Editing Commands	24
Command History	25
Filtering show Command Outputs	25
Multiple Users in Configuration Mode	26
Data Center Bridging (DCB)	27
Ethernet Enhancements in Data Center Bridging	27
Priority-Based Flow Control	28
Configuring Priority-Based Flow Control	29
Enhanced Transmission Selection	31
Configuring Enhanced Transmission Selection	33
Data Center Bridging Exchange Protocol (DCBx)	33
Data Center Bridging in a Traffic Flow	34
Data Center Bridging: Auto-DCB-Enable Mode	34
QoS dot1p Traffic Classification and Queue Assignment	36
How Priority-Based Flow Control is Implemented	37
How Enhanced Transmission Selection is Implemented	38
ETS Operation with DCBx	39
Bandwidth Allocation for DCBX CIN	39
DCBX Operation	39
DCBx Operation	40
DCBx Port Roles	40
DCB Configuration Exchange	41
Configuration Source Election	42
Propagation of DCB Information	42
Auto-Detection of the DCBx Version	43
DCBX Example	43
DCBX Prerequisites and Restrictions	44
DCBX Error Messages	45
Debugging DCBX on an Interface	45
Verifying the DCB Configuration	46
Hierarchical Scheduling in ETS Output Policies	56
Troubleshooting PFC, ETS, and DCBx Operation	56
Dynamic Host Configuration Protocol (DHCP)	59
Assigning an IP Address using DHCP	59
Debugging DHCP Client Operation	61
DHCP Client	63
How DHCP Client is Implemented	63
DHCP Client on a Management Interface	64
DHCP Client on a VLAN	64
DHCP Packet Format and Options	65
Option 82	66
Releasing and Renewing DHCP-based IP Addresses	67
Viewing DHCP Statistics and Lease Information	67
FIP Snooping	69
Fibre Channel over Ethernet	69
Ensuring Robustness in a Converged Ethernet Network	69
FIP Snooping on Ethernet Bridges	70
How FIP Snooping is Implemented	72
FIP Snooping on VLANs	73
FC-MAP Value	73
Bridge-to-FCF Links	73
Impact on other Software Features	73
FIP Snooping Prerequisites	73
FIP Snooping Restrictions	74
Configuring FIP Snooping	74
Displaying FIP Snooping Information	75
FIP Snooping Example	81
Debugging FIP Snooping	82
IGMP Overview	83
Internet Group Management Protocol (IGMP)	83
IGMP Version 2	83
Joining a Multicast Group	84
Leaving a Multicast Group	84
IGMP Version 3	84
Joining and Filtering Groups and Sources	85
Leaving and Staying in Groups	86
IGMP Snooping	87
How IGMP Snooping is Implemented on an Aggregator	87
Displaying IGMP Information	87
Interfaces	90
Basic Interface Configuration	90
Advanced Interface Configuration	90
Interface Auto-Configuration	90
Interface Types	91
Viewing Interface Information	91
Disabling and Re-enabling a Physical Interface	93
Layer 2 Mode	93
Management Interfaces	94
Accessing an Aggregator	94
Configuring a Management Interface	94
Configuring a Static Route for a Management Interface	95
VLAN Membership	96
Default VLAN	96
Port-Based VLANs	96
VLANs and Port Tagging	96
Configuring VLAN Membership	97
Displaying VLAN Membership	98
Adding an Interface to a Tagged VLAN	98
Adding an Interface to an Untagged VLAN	99
Port Channel Interfaces	99
Port Channel Definitions and Standards	100
Port Channel Benefits	100
Port Channel Implementation	100
10GbE Interface in Port Channels	101
Uplink Port Channel: VLAN Membership	101
Server-Facing Port Channel: VLAN Membership	101
Displaying Port Channel Information	101
Interface Range	102
Bulk Configuration Examples	103
Monitor and Maintain Interfaces	104
Flow Control Using Ethernet Pause Frames	105
MTU Size	106
Auto-Negotiation on Ethernet Interfaces	107
Setting Auto-Negotiation Options	108
Viewing Interface Information	109
Clearing Interface Counters	110
Fibre Channel Interface	111
Configuring Fibre Channel Interfaces	111
Enabling Fibre Channel Capability	111
Configuring Fibre Channel Interfaces	111
iSCSI Optimization	112
iSCSI Optimization Overview	112
Monitoring iSCSI Traffic Flows	113
Information Monitored in iSCSI Traffic Flows	114
Synchronizing iSCSI Sessions Learned on VLT-Lags with VLT-Peer	114
iSCSI Optimization: Operation	114
Configuring iSCSI Optimization	115
Displaying iSCSI Optimization Information	117
Link Aggregation	119
How the LACP is Implemented on an Aggregator	119
Uplink LAG	119
Server-Facing LAGs	119
LACP Modes	120
Auto-Configured LACP Timeout	120
Link Aggregation Control Protocol (LACP)	120
Configuration Tasks for Port Channel Interfaces	120
Creating a Port Channel	121
Adding a Physical Interface to a Port Channel	121
Reassigning an Interface to a New Port Channel	123
Configuring the Minimum Oper Up Links in a Port Channel	124
Configuring VLAN Tags for Member Interfaces	124
Deleting or Disabling a Port Channel	125
Configuring Auto LAG	125
Configuring the Minimum Number of Links to be Up for Uplink LAGs to be Active	127
Optimizing Traffic Disruption Over LAG Interfaces On IOA Switches in VLT Mode	128
Preserving LAG and Port Channel Settings in Nonvolatile Storage	129
Enabling the Verification of Member Links Utilization in a LAG Bundle	129
Monitoring the Member Links of a LAG Bundle	129
Verifying LACP Operation and LAG Configuration	130
Layer 2	133
Managing the MAC Address Table	133
Clearing the MAC Address Entries	133
Displaying the MAC Address Table	134
Network Interface Controller (NIC) Teaming	134
MAC Address Station Move	135
MAC Move Optimization	136
Link Layer Discovery Protocol (LLDP)	137
Protocol Data Units	137
Optional TLVs	138
Management TLVs	139
Organizationally Specific TLVs	139
IEEE Organizationally Specific TLVs	139
LLDP-MED Capabilities TLV	141
LLDP-MED Network Policies TLV	142
Extended Power via MDI TLV	143
LLDP Operation	144
Viewing the LLDP Configuration	144
Viewing Information Advertised by Adjacent LLDP Agents	145
Clearing LLDP Counters	146
Debugging LLDP	146
Relevant Management Objects	147
Port Monitoring	153
Configuring Port Monitoring	153
Important Points to Remember	154
Port Monitoring	155
Security	157
Understanding Banner Settings	157
Accessing the I/O Aggregator Using the CMC Console Only	157
AAA Accounting	158
Configuration Task List for AAA Accounting	158
AAA Authentication	160
Configuration Task List for AAA Authentication	160
RADIUS	163
RADIUS Authentication	163
Configuration Task List for RADIUS	164
TACACS+	167
Configuration Task List for TACACS+	167
TACACS+ Remote Authentication	168
Enabling SCP and SSH	170
Using SCP with SSH to Copy a Software Image	171
Secure Shell Authentication	171
Troubleshooting SSH	174
Telnet	174
VTY Line and Access-Class Configuration	175
VTY Line Local Authentication and Authorization	175
VTY Line Remote Authentication and Authorization	176
VTY MAC-SA Filter Support	176
Simple Network Management Protocol (SNMP)	178
Implementation Information	178
Configuring the Simple Network Management Protocol	178
Important Points to Remember	178
Setting up SNMP	179
Creating a Community	179
Reading Managed Object Values	179
Displaying the Ports in a VLAN using SNMP	180
Fetching Dynamic MAC Entries using SNMP	182
Deriving Interface Indices	183
Monitor Port-Channels	184
Entity MIBS	185
Example of Sample Entity MIBS outputs	185
SNMP Traps for Link Status	186
Standard VLAN MIB	186
Enhancements	186
Fetching the Switchport Configuration and the Logical Interface Configuration	187
Stacking	188
Configuring a Switch Stack	188
Stacking Prerequisites	188
Master Selection Criteria	188
Configuring Priority and stack-group	189
Cabling the Switch Stack	190
Accessing the CLI	190
Configuring and Bringing Up a Stack	190
Adding a Stack Unit	191
Resetting a Unit on a Stack	192
Removing an Aggregator from a Stack and Restoring Quad Mode	192
Merging Two Operational Stacks	193
Verifying a Stack Configuration	193
Using Show Commands	193
Troubleshooting a Switch Stack	194
Failure Scenarios	194
Upgrading a Switch Stack	196
Upgrading a Single Stack Unit	197
Broadcast Storm Control	199
Disabling Broadcast Storm Control	199
Displaying Broadcast-Storm Control Status	199
Configuring Storm Control	199
System Time and Date	200
Setting the Time for the Software Clock	200
Setting the Timezone	200
Setting Daylight Savings Time	201
Setting Daylight Saving Time Once	201
Setting Recurring Daylight Saving Time	202
Uplink Failure Detection (UFD)	204
Feature Description	204
How Uplink Failure Detection Works	205
UFD and NIC Teaming	207
Important Points to Remember	207
Uplink Failure Detection (SMUX mode)	208
Configuring Uplink Failure Detection (PMUX mode)	208
Clearing a UFD-Disabled Interface (in PMUX mode)	210
Displaying Uplink Failure Detection	212
Sample Configuration: Uplink Failure Detection	214
PMUX Mode of the IO Aggregator	216
Link Aggregation	216
Multiple Uplink LAGs with 10G Member Ports	216
Link Layer Discovery Protocol (LLDP)	217
Configure LLDP	218
CONFIGURATION versus INTERFACE Configurations	218
Enabling LLDP	219
Advertising TLVs	219
Viewing the LLDP Configuration	220
Viewing Information Advertised by Adjacent LLDP Agents	221
Configuring LLDPDU Intervals	222
Configuring a Time to Live	223
Debugging LLDP	223
Security	224
RADIUS	224
TACACS+	228
Configuring Storm Control	231
System Time and Date	231
Setting the Time for the Software Clock	231
Setting the Timezone	231
Setting Daylight Savings Time	232
VLAN Configuration on Physical Ports and Port-Channels	234
Virtual Link Trunking (VLT)	236
Overview	236
VLT Terminology	237
Configure Virtual Link Trunking	237
Verifying a VLT Configuration	242
VLT Sample Configurations	245
Troubleshooting VLT	247
NPIV Proxy Gateway	249
NPIV Proxy Gateway Configuration	249
NPIV Proxy Gateway Operations and Capabilities	249
Configuring an NPIV Proxy Gateway	253
Displaying NPIV Proxy Gateway Information	260
Upgrade Procedures	266
Get Help with Upgrades	266
Debugging and Diagnostics	267
Debugging Aggregator Operation	267
All interfaces on the Aggregator are operationally down	267
Broadcast, unknown multicast, and DLF packets switched at a very low rate	268
Flooded packets on all VLANs are received on a server	268
Software show Commands	269
Offline Diagnostics	270
Important Points to Remember	270
Running Offline Diagnostics	270
Trace Logs	271
Auto Save on Crash or Rollover	271
Using the Show Hardware Commands	272
Environmental Monitoring	273
Recognize an Over-Temperature Condition	274
Troubleshoot an Over-Temperature Condition	274
Recognize an Under-Voltage Condition	275
Troubleshoot an Under-Voltage Condition	275
Buffer Tuning	276
Deciding to Tune Buffers	278
Sample Buffer Profile Configuration	281
Troubleshooting Packet Loss	281
Displaying Drop Counters	282
Dataplane Statistics	283
Displaying Drop Counters	284
Restoring the Factory Default Settings	285
Important Points to Remember	285
Standards Compliance	287
IEEE Compliance	287
RFC and I-D Compliance	287
General Internet Protocols	288
General IPv4 Protocols	288
Network Management	289

Match case Limit results 1 per page

FIP Snooping

FIP snooping is auto-configured on an Aggregator in standalone mode. You can display information on

FIP snooping operation and statistics by entering

show

commands.

This chapter describes about the FIP snooping concepts and configuration procedures.

Fibre Channel over Ethernet

Fibre Channel over Ethernet (FCoE) provides a converged Ethernet network that allows the combination

of storage-area network (SAN) and LAN traffic on a Layer 2 link by encapsulating Fibre Channel data into

Ethernet frames.

FCoE works with Ethernet enhancements provided in data center bridging (DCB) to support lossless (no-

drop) SAN and LAN traffic. In addition, DCB provides flexible bandwidth sharing for different traffic types,

such as LAN and SAN, according to 802.1p priority classes of service. For more information, refer to the

Data Center Bridging (DCB) chapter.

Ensuring Robustness in a Converged Ethernet Network

Fibre Channel networks used for SAN traffic employ switches that operate as trusted devices. End devices

log into the switch to which they are attached in order to communicate with the other end devices

attached to the Fibre Channel network. Because Fibre Channel links are point-to-point, a Fibre Channel

switch controls all storage traffic that an end device sends and receives over the network. As a result, the

switch can enforce zoning configurations, ensure that end devices use their assigned addresses, and

secure the network from unauthorized access and denial-of-service attacks.

To ensure similar Fibre Channel robustness and security with FCoE in an Ethernet cloud network, the

Fibre Channel over Ethernet initialization protocol (FIP) establishes virtual point-to-point links between

FCoE end-devices (server ENodes and target storage devices) and FCoE forwarders (FCFs) over transit

FCoE-enabled bridges.

Ethernet bridges commonly provide access control list (ACLs) that can emulate a point-to-point link by

providing the traffic enforcement required to create a Fibre Channel-level of robustness. In addition, FIP

serves as a Layer 2 protocol to:

•

Operate between FCoE end-devices and FCFs over intermediate Ethernet bridges to prevent

unauthorized access to the network and achieve the required security.

•

Allow transit Ethernet bridges to efficiently monitor FIP frames passing between FCoE end-devices

and an FCF, and use the FIP snooping data to dynamically configure ACLs on the bridge to only

permit traffic authorized by the FCF.

FIP enables FCoE devices to discover one another, initialize and maintain virtual links over an Ethernet

network, and access storage devices in a storage area network. FIP satisfies the Fibre Channel

requirement for point-to-point connections by creating a unique virtual link for each connection

between an FCoE end-device and an FCF via a transit switch.

FIP Snooping