A SERVICE OF

logo

Open as PDF
next previous
17
FCoE Transit
The Fibre Channel over Ethernet (FCoE) Transit feature is supported on the MXL 10/40GbE switch. When
you enable the switch for FCoE transit, the switch functions as a FIP snooping bridge.
NOTE: FCoE transit is not supported on Fibre Channel interfaces.
Fibre Channel over Ethernet
FCoE provides a converged Ethernet network that allows the combination of storage-area network (SAN)
and LAN traffic on a Layer 2 link by encapsulating Fibre Channel data into Ethernet frames.
FCoE works with the Ethernet enhancements provided in data center bridging (DCB) to support lossless
(no-drop) SAN and LAN traffic. In addition, DCB provides flexible bandwidth sharing for different traffic
types, such as LAN and SAN, according to 802.1p priority classes of service. For more information, refer
to the Data Center Bridging (DCB) chapter.
Ensure Robustness in a Converged Ethernet Network
Fibre Channel networks used for SAN traffic employ switches that operate as trusted devices. To
communicate with other end devices attached to the Fibre Channel network, end devices log into the
switch to which they are attached.
Because Fibre Channel links are point-to-point, a Fibre Channel switch controls all storage traffic that an
end device sends and receives over the network. As a result, the switch can enforce zoning
configurations, ensure that end devices use their assigned addresses, and secure the network from
unauthorized access and denial-of-service (DoS) attacks.
To ensure similar Fibre Channel robustness and security with FCoE in an Ethernet cloud network, FIP
establishes virtual point-to-point links between FCoE end-devices (server ENodes and target storage
devices) and FCoE forwarders (FCFs) over transit FCoE-enabled bridges.
Ethernet bridges commonly provide ACLs that can emulate a point-to-point link by providing the traffic
enforcement required to create a Fibre Channel-level of robustness. You can configure ACLs to emulate
point-to-point links, providing control over the traffic received or transmitted into the switch. To
automatically generate ACLs, use FIP snooping. In addition, FIP serves as a Layer 2 protocol to:
Operate between FCoE end-devices and FCFs over intermediate Ethernet bridges to prevent
unauthorized access to the network and achieve the required security.
Allow transit Ethernet bridges to efficiently monitor FIP frames passing between FCoE end-devices
and an FCF. To dynamically configure ACLs on the bridge to only permit traffic authorized by the FCF,
use the FIP snooping data.
FCoE Transit
349