Blade ICE G8124-E Personal Computer User Manual


 
BLADEOS 6.5.2 Application Guide
190 Chapter 14: FCoE and CEE BMD00220, October 2010
In Figure 22 on page 189, the Fibre Channel network is connected to the FCoE network through an
FCoE Forwarder (FCF). The FCF acts as a Fibre Channel gateway to and from the FCoE network.
For the FCoE portion of the network, the FCF is connected to the FCoE-enabled G8124, which is
connected to a server (running Fibre Channel applications) through an FCoE-enabled Converged
Network Adapter (CNA) known in Fibre Channel as Ethernet Nodes (ENodes).
BLADEOS 6.5 does not support port trunking for FCoE connections. Optionally, multiple ports can
be used to connect the FCF to the G8124. However, if such a topology is used, the ports should not
be configured as a trunk on the G8124. The FCF is responsible for handling the multiple port
topology.
Note – The figure also shows a non-FCoE LAN server connected to the G8124 using a CNA. This
allows the LAN server to take advantage of some CEE features that are useful even outside of an
FCoE environment.
In order to block undesired or unvalidated traffic on FCoE links that exists outside the regular Fibre
Channel topology, Ethernet ports used in FCoE are configured with Access Control Lists (ACLs)
that are narrowly tailored to permit expected FCoE traffic to and from confirmed FCFs and ENodes,
and deny all other FCoE or FIP traffic. This ensures that all FCoE traffic to an from the ENode
passes through the FCF.
Because manual ACL configuration is an administratively complex task, the G8124 can
automatically and dynamically configure the ACLs required for use with FCoE. Using FCoE
Initialization Protocol (FIP) snooping (see “FCoE Initialization Protocol Snooping” on page 195),
the G8124 examines the FIP frames normally exchanged between the FCF and ENodes to determine
information about connected FCoE devices. This information is used to automatically determine the
appropriate ACLs required to block certain types of undesired or unvalidated FCoE traffic.
Automatic FCoE-related ACLs are independent from ACLs used for typical Ethernet purposes.