Home » HP Manuals » Servers » HP 6120G/XG » Manual Viewer

HP 6120G/XG HP ProCurve Series 6120 Blade Switches Advanced Traffic Management - Page 270

FIP Snooping

Add to My Manuals
Save this manual to your list of manuals

Page 270 highlights

Converged Enhanced Ethernet on the HP ProCurve 6120XG Switch FIP Snooping FIP Snooping With the introduction of CEE support on ProCurve switches, end nodes connected to ProCurve switches are able to communicate storage traffic with Fibre Channel fabric(s) using the Fibre Channel over Ethernet (FCoE) protocol. In a conventional Fibre Channel fabric all end nodes are directly connected to a Fibre Channel switch through point-to-point links. The Fibre Channel switch has complete control over which node is permitted to communicate with the fabric and the address the node will use to communicate, thus ensuring a degree of robustness of the FC fabric. In an FCoE configuration, end nodes are not directly physically connected to the FC switches, therefore the FC fabric cannot rely on physical connectivity to realize the same degree of robustness as a conventional FC fabric. This is where FIP (FCoE Initialization Protocol) Snooping comes in. The FC standard recommends intermediate CEE switches implement a packet snooping and ACL-based method to ensure only authenticated end nodes are permitted to communicate and the end nodes use only the FC switch assigned address for such communication. This method is generally referred to as FIP Snooping and is specified in Annex C of the FC-BB-5 Specification at www.t11.org/ftp/t11/pub/fc/bb-5/09-056v5.pdf. Figure 6-1 represents a FIP Snooping implementation. Each Converged Network Adapter (CNA) can communicate with single or multiple Fibre Channel Forwarders (FCFs) through the ProCurve switch. The switch and the FCFs can be connected through a single link or multiple links aggregated [as trunks or static LACP] respectively. All FCoE traffic is carried on a single VLAN common among all the FCFs and the CNAs. The switch does not permit any FCoE traffic until the participating VN_Port has successfully logged into the FC fabric. The switch also ensures that Enodes use no other MAC address but fabric provided MAC addresses exclusively for FCoE traffic. It also prevents a non-FCF port from masquerading as an FCF. 6-21

Section	Page
HP ProCurve 6120G/XG Switch 6120XG Switch	2
Getting Started	18
Contents	18
Introduction	19
Conventions	19
Command Syntax Statements	19
Command Prompts	20
Screen Simulations	20
Configuration and Operation Examples	20
Keys	20
Sources for More Information	21
Getting Documentation From the Web	23
Online Help	23
Menu Interface	23
Command Line Interface	24
Web Browser Interface	24
Need Only a Quick Start?	25
IP Addressing	25
To Set Up and Install the Switch in Your Network	26
Physical Installation	26
Static Virtual LANs (VLANs)	27
Contents	27
Overview	29
Introduction	30
General VLAN Operation	30
Types of Static VLANs Available in the Switch	31
Port-Based VLANs	31
Protocol-Based VLANs	31
Designated VLANs	31
Terminology	32
Static VLAN Operation	33
VLAN Environments	34
VLAN Operation	35
Overlapping (Tagged) VLANs	36
Per-Port Static VLAN Configuration Options	38
VLAN Operating Rules	39
General Steps for Using VLANs	42
Multiple VLAN Considerations	43
Single Forwarding Database Operation	43
Example of an Unsupported Configuration and How To Correct It	45
Multiple Forwarding Database Operation	46
Configuring VLANs	47
Menu: Configuring Port-Based VLAN Parameters	47
To Change VLAN Support Settings	48
Adding or Editing VLAN Names	49
Adding or Changing a VLAN Port Assignment	51
CLI: Configuring Port-Based and Protocol-Based VLAN Parameters	53
Web: Viewing and Configuring VLAN Parameters	67
802.1Q VLAN Tagging	68
Special VLAN Types	73
VLAN Support and the Default VLAN	73
The Primary VLAN	73
The Secure Management VLAN	74
Preparation	76
Configuration	77
Using DHCP to Obtain an IP Address	78
Deleting the Management VLAN	81
Operating Notes for Management VLANs	81
Voice VLANs	82
Operating Rules for Voice VLANs	82
Components of Voice VLAN Operation	83
Voice VLAN Access Security	83
Effect of VLANs on Other Switch Features	83
Spanning Tree Operation with VLANs	83
IP Interfaces	84
VLAN MAC Address	84
Port Trunks	84
Port Monitoring	84
Jumbo Packet Support	85
VLAN Restrictions	85
GVRP	86
Overview	87
Introduction	88
General Operation	89
Per-Port Options for Handling GVRP “Unknown VLANs”	92
Per-Port Options for Dynamic VLAN Advertising and Joining	94
GVRP and VLAN Access Control	96
Advertisements and Dynamic Joins	96
Port-Leave From a Dynamic VLAN	96
Planning for GVRP Operation	97
Configuring GVRP On a Switch	98
Menu: Viewing and Configuring GVRP	98
CLI: Viewing and Configuring GVRP	99
Web: Viewing and Configuring GVRP	103
GVRP Operating Notes	103
Multiple Instance Spanning-Tree Operation	105
Contents	105
Overview	107
802.1s Multiple Spanning Tree Protocol (MSTP)	110
MSTP Structure	111
How MSTP Operates	113
MST Regions	113
Regions, Legacy STP and RSTP Switches, and the Common Spanning Tree (CST)	115
MSTP Operation with 802.1Q VLANs	116
Terminology	117
Operating Rules	119
MSTP Compatibility with RSTP or STP	120
Configuring MSTP	121
Planning an MSTP Application	121
MSTP Configuration Overview	123
Configuring MSTP Operation Mode and Global Settings	125
Configuring MSTP Per-Port Parameters	130
Configuring Per Port Parameters	130
Configuring BPDU Filtering	134
Configuring BPDU Protection	135
Configuring MST Instance Parameters	139
Configuring MST Instance Per-Port Parameters	141
Enabling or Disabling Spanning Tree Operation	144
Enabling an Entire MST Region at Once or Exchanging One Region Configuration for Another	144
MSTP VLAN Configuration Enhancement	146
PreConfiguring VLANs in an MST Instance	147
Configuring MSTP Instances with the VLAN Range Option	148
Operating Notes for the VLAN Configuration Enhancement	150
How to Save Your Current Configuration	151
Displaying MSTP Statistics and Configuration	153
Displaying Global MSTP Status	154
Displaying Detailed Port Information	156
Displaying Status for a Specific MST Instance	157
Displaying the MSTP Configuration	158
Troubleshooting an MSTP Configuration	162
Displaying the Change History of Root Bridges	162
Displaying Debug Counters for All MST Instances	165
Displaying Debug Counters for One MST Instance	166
Displaying Debug Counters for Ports in an MST Instance	168
Field Descriptions in MSTP Debug Command Output	170
Troubleshooting MSTP Operation	173
Loop Protection	174
Configuring Loop Protection	175
Viewing Loop Protection Status	176
Quality of Service (QoS): Managing Bandwidth More Effectively	177
Contents	177
Introduction	179
Terminology	182
Overview	183
Classifiers for Prioritizing Outbound Packets	186
Packet Classifiers and Evaluation Order	186
Preparation for Configuring QoS	187
Preserving 802.1p Priority	187
Steps for Configuring QoS on the Switch	187
Using QoS Classifiers To Configure Quality of Service for Outbound Traffic	189
Viewing the QoS Configuration	189
No Override	190
QoS UDP/TCP Priority	191
Assigning an 802.1p Priority Based on TCP or UDP Port Number	192
Operating Notes on Using TCP/UDP Port Ranges	194
Assigning a DSCP Policy Based on TCP or UDP Port Number	195
QoS IP-Device Priority	198
Assigning a Priority Based on IP Address	199
Assigning a DSCP Policy Based on IP Address	200
QoS IP Type-of-Service (ToS) Policy and Priority	202
Assigning an 802.1p Priority to IPv4 Packets on the Basis of the ToS Precedence Bits	203
Assigning an 802.1p Priority to IPv4 Packets on the Basis of Incoming DSCP	204
Assigning a DSCP Policy on the Basis of the DSCP in IPv4 Packets Received from Upstream Devices	209
Details of QoS IP Type-of-Service	212
Assigning a Priority Based on Layer-3 Protocol	214
QoS VLAN-ID (VID) Priority	217
Assigning a Priority Based on VLAN-ID	217
Assigning a DSCP Policy Based on VLAN-ID (VID)	219
QoS Source-Port Priority	222
Assigning a Priority Based on Source-Port	222
Assigning a DSCP Policy Based on the Source-Port	224
Differentiated Services Codepoint (DSCP) Mapping	227
Configuring DSCP Policies for Codepoints	229
Steps for Configuring Codepoints	230
Default Priority Settings for Selected Codepoints	231
Quickly Listing Non-Default Codepoint Settings	232
Note On Changing a Priority Setting	233
Example of Changing the Priority Setting on a Policy When One or More Classifiers Are Currently Using the Policy	234
IP Multicast (IGMP) Interaction with QoS	237
QoS Messages in the CLI	238
QoS Queue Configuration	239
Configuring Traffic Templates	241
Overview	241
Displaying Traffic Template Information	241
Creating a Traffic Template	242
Configuring Traffic Groups Within a Traffic Template	244
Moving a Priority From One Traffic Group to Another	244
Applying a Traffic Template	246
Changing the Number of QoS Queues	247
Displaying the QoS Queue Configuration	247
QoS Operating Notes and Restrictions	248
Converged Enhanced Ethernet on the HP ProCurve 6120XG Switch	250
Contents	250
Introduction	252
Terminology	253
CEE Network Example	254
Getting Started	256
Installing and Verifying the CEE License	256
Configuring Traffic Templates	257
Applying the Traffic Template	258
Data Center Bridging Exchange	260
Enabling DCBX	261
Displaying DCBX Status Information	262
DCBX Log Messages	264
Minor Errors	264
Serious Errors	265
Configuring Priority Flow Control (PFC)	266
Operating Notes for PFC	266
Configuring PFC	266
Notes on the Behavior of Priority Flow Control	267
Displaying the Status of Flow Control	267
Troubleshooting	269
DCBX Troubleshooting	269
FIP Snooping	270
Getting Started	271
1. Configure CEE on the switch.	271
2. Configure the FC-MAP	271
fip-snooping show command	272
3. Configure the FCF Port	273
4. Enable/disable FIP Snooping	274
fip-snooping sessions show command	275
fip-snooping FCF show command	275
fip-snooping show Enode command	275
fip-snooping show statistics command	276
Troubleshooting	277
FIP Snooping Implications on Trunk Configuration	279
Numerics	280
A	280
B	280
C	280
D	280
E	281
F	281
G	281
H	281
I	281
J	282
L	282
M	282
N	282
O	282
P	282
Q	283
R	283
S	283
T	285
U	286
V	286

Match case Limit results 1 per page

6-21

Converged Enhanced Ethernet on the HP ProCurve 6120XG Switch

FIP Snooping

With the introduction of CEE support on ProCurve switches, end nodes

connected to ProCurve switches are able to communicate storage traffic with

Fibre Channel fabric(s) using the Fibre Channel over Ethernet (FCoE) proto-

col.

In a conventional Fibre Channel fabric all end nodes are directly connected

to a Fibre Channel switch through point-to-point links. The Fibre Channel

switch has complete control over which node is permitted to communicate

with the fabric and the address the node will use to communicate, thus

ensuring a degree of robustness of the FC fabric.

In an FCoE configuration, end nodes are not directly physically connected to

the FC switches, therefore the FC fabric cannot rely on physical connectivity

to realize the same degree of robustness as a conventional FC fabric.

This is where FIP (FCoE Initialization Protocol) Snooping comes in. The FC

standard recommends intermediate CEE switches implement a packet snoop-

ing and ACL-based method to ensure only authenticated end nodes are per-

mitted to communicate and the end nodes use only the FC switch assigned

address for such communication. This method is generally referred to as FIP

Snooping and is specified in Annex C of the FC-BB-5 Specification at

www.t11.org/ftp/t11/pub/fc/bb-5/09-056v5.pdf

Figure 6-1 represents a FIP Snooping implementation.

Each Converged Network Adapter (CNA) can communicate with single or

multiple Fibre Channel Forwarders (FCFs) through the ProCurve switch. The

switch and the FCFs can be connected through a single link or multiple links

aggregated [as trunks or static LACP] respectively. All FCoE traffic is carried

on a single VLAN common among all the FCFs and the CNAs.

The switch does not permit any FCoE traffic until the participating VN_Port

has successfully logged into the FC fabric. The switch also ensures that

Enodes use no other MAC address but fabric provided MAC addresses exclu-

sively for FCoE traffic. It also prevents a non-FCF port from masquerading as

an FCF.