IBM Flex System V7000 Expansion Enclosure 4939H29 User Manual
Product codes
4939H29
8068ch11-SAN Config.fm
Draft Document for Review January 29, 2013 12:52 pm
446
IBM Flex System V7000 Storage Node Introduction and Implementation Guide
Figure 11-11 Port type between Compute nodes and IBM Flex System Enterprise Chassis switches
FCoE Initialization Protocol and snooping bridges
In a traditional FC network, with point-to-point links between an end device and an FC switch,
the end device logs in to the fabric. The device exchanges information with the switch by
using well-known addresses over its direct link to the switch. In an FCoE network, with
potentially intermediate Ethernet links and possibly switches, these login functions become
more complicated. They are handled by a protocol called the
the end device logs in to the fabric. The device exchanges information with the switch by
using well-known addresses over its direct link to the switch. In an FCoE network, with
potentially intermediate Ethernet links and possibly switches, these login functions become
more complicated. They are handled by a protocol called the
FCoE Initialization Protocol
(FIP).
FIP allows the end device (for example, a compute node with a CNA) to discover FCFs and
the VLANs with which to connect to them. Then FIP allows the device to establish those
connections, which are the VN_Port to VF_Port virtual links as shown in Figure 11-11.
the VLANs with which to connect to them. Then FIP allows the device to establish those
connections, which are the VN_Port to VF_Port virtual links as shown in Figure 11-11.
FIP entails the following high-level steps:
1. The end device or compute node broadcasts a FIP VLAN request to the CN4093 and any
other FCF in the Ethernet network.
2. FCFs that have VF_Ports reply with a VLAN Notification frame that lists VLANs that the
end device or compute node can use.
3. The compute node discovers FCFs that it can log into by broadcasting a Discovery
Solicitation frame in the discovered VLAN.
4. FCFs respond with Discovery Advertisement frames. These frames contain such
information as an FCF priority and the identifier of the fabric to which the FCF connects.
5. The end device determines which FCF it wants to connect to for fabric login and sends a
FIP Fabric Login (FLOGI) request to the FCF to log in to the fabric.
6. The FCF replies with a FLOGI Accept frame, and then the login is complete. The VN_Port
to VF_Port link is now established. The Accept frame also provides a mechanism for the
FCF to indicate to the end device the MAC address to use for its VN_Port.
FCF to indicate to the end device the MAC address to use for its VN_Port.
These virtual links can be established over an arbitrary Ethernet network, they must now be
given security that is equivalent to the security in a point-to-point FC network. This security is
accomplished by having the intermediate DCB-capable CN4093 switch “snoop” the FIP
frames that they forward. By using the information that the switch sees during the FIP login
sequence, the switch can determine which devices are connected by using a virtual link. Then
the switch dynamically creates narrowly tailored access control lists (ACLs) that permit
expected FCoE traffic to be exchanged between the appropriate devices and deny all other
given security that is equivalent to the security in a point-to-point FC network. This security is
accomplished by having the intermediate DCB-capable CN4093 switch “snoop” the FIP
frames that they forward. By using the information that the switch sees during the FIP login
sequence, the switch can determine which devices are connected by using a virtual link. Then
the switch dynamically creates narrowly tailored access control lists (ACLs) that permit
expected FCoE traffic to be exchanged between the appropriate devices and deny all other