Brocade Communications Systems 53-1002163-02 User Manual

Download

Page 1

DRAFT: BROCADE CONFIDENTIAL

53-1002163-02 30 June 2011

Converged Enhanced Ethernet

Administrator’s Guide

Supporting Fabric OS v7.0.0

Page 2

DRAFT: BROCADE CONFIDENTIAL

Brocade, the B-wing symbol, BigIron, DCX, Fabric OS, FastIron, IronPoint, IronShield, IronView, IronWare, JetCore, NetIron, SecureIron, ServerIron, StorageX, and TurboIron are registered trademarks, and DCFM, Extraordinary Networks, and SAN Health are trademarks of Brocade Communications Systems, Inc., in the United States and/or in other countries. All other brands, products, or service names are or may be trademarks or service marks of, and are used to identify, products or services of their respective owners.

Notice: This document is for informational purposes only and does not set forth any warranty, expressed or implied, concerning any equipment, equipment feature, or service offered or to be offered by Brocade. Brocade reserves the right to make changes to this document at any time, without notice, and assumes no responsibility for its use. This informational document describes features that may not be currently available. Contact a Brocade sales office for information on feature and product availability. Export of technical data contained in this document may require an export license from the United States government.

The authors and Brocade Communications Systems, Inc. shall have no liability or responsibility to any person or entity with respect to any loss, cost, liability, or damages arising from the information contained in this book or the computer programs that accompany it.

The product described by this document may contain “open source” software covered by the GNU General Public License or other open source license agreements. To find out which open source software is included in Brocade products, view the licensing terms applicable to the open source software, and obtain a copy of the programming source code, please visit http://www.brocade.com/support/oscd.

Brocade Communications Systems, Incorporated

Corporate and Latin American Headquarters Brocade Communications Systems, Inc. 130 Holger Way San Jose, CA 95134 Tel: 1-408-333-8000 Fax: 1-408-333-8101 E-mail: info@brocade.com

European Headquarters Brocade Communications Switzerland Sàrl Centre Swissair Tour B - 4ème étage 29, Route de l'Aéroport Case Postale 105 CH-1215 Genève 15 Switzerland Tel: +41 22 799 5640 Fax: +41 22 799 5641 E-mail: emea-info@brocade.com

Asia-Pacific Headquarters Brocade Communications Systems China HK, Ltd. No. 1 Guanghua Road Chao Yang District Units 2718 and 2818 Beijing 100020, China Tel: +8610 6588 8888 Fax: +8610 6588 9999 E-mail: china-info@brocade.com

Asia-Pacific Headquarters Brocade Communications Systems Co., Ltd. (Shenzhen WFOE) Citic Plaza No. 233 Tian He Road North Unit 1308 – 13th Floor Guangzhou, China Tel: +8620 3891 2000 Fax +8620 3891 2111 E-mail: china-info@brocade.com

Document History

Title Publication number Summary of changes Date

Converged Enhanced Ethernet Administrator’s Guide

53-1001258-01 New document March 2009

53-1001336-02 Updated for Fabric OS

v6.3.0. Added new chapters for standard configurations and port authentication

November 2009

Page 3

DRAFT: BROCADE CONFIDENTIAL

Title Publication number Summary of changes Date

Converged Enhanced Ethernet Administrator’s Guide

53-1001761-01 Updated for Fabric OS

v7.0.0. Added chapter for IGMP.

53-1002061-01 Updated to support iSCSI

TLV configuration.

53-1002163-01 Updated for Fabric OS v7.0.0 April 2011

53-1002163-02 Updated Appendix A,

Brocade 8000 Replacement.

March 2010

October 2010

June 2011

Converged Enhanced Ethernet Administrator’s Guide iii 53-1002163-02

Page 4

DRAFT: BROCADE CONFIDENTIAL

iv Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 5

DRAFT: BROCADE CONFIDENTIAL

About This Document

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvii

How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . .xvii

Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . xviii

What’s new in this document. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii

Document conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Text formatting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Command syntax conventions . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Notes, cautions, and warnings . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Key terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx

Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xx

Additional information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xx

Brocade resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi

Other industry resources. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi

Getting technical help. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi

Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .xxii

Chapter 1 Introducing FCoE

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

FCoE terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

FCoE overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

FCoE hardware. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2

Layer 2 Ethernet overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Layer 2 forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

VLAN tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Loop-free network environment . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Frame classification (incoming) . . . . . . . . . . . . . . . . . . . . . . . . . . 5

Congestion control and queuing. . . . . . . . . . . . . . . . . . . . . . . . . . 5

Access control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7

Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

Converged Enhanced Ethernet Administrator’s Guide v 53-1002163-02

Page 6

DRAFT: BROCADE CONFIDENTIAL

FCoE Initialization Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

FIP discovery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

FIP login . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

FIP logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

FCoE login. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10

FCoE logout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

Logincfg . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10

Name server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11

FC zoning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .11

Registered State Change Notification (RSCN) . . . . . . . . . . . . . .11

FCoE queuing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .12

Upgrade and downgrade considerations for FCoE . . . . . . . . . . . . . .12

Chapter 2 Using the CEE CLI

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13

Management Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .13

CEE Command Line Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Saving your configuration changes. . . . . . . . . . . . . . . . . . . . . . . 14

CEE CLI RBAC permissions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Accessing the CEE CLI through the console or Telnet . . . . . . . 14

Accessing the CEE CLI from the Fabric OS shell . . . . . . . . . . . . 15

CEE CLI command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .15

CEE CLI keyboard shortcuts . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Using the do command as a shortcut . . . . . . . . . . . . . . . . . . . .18

Displaying CEE CLI commands and command syntax . . . . . . . 18

CEE CLI command completion . . . . . . . . . . . . . . . . . . . . . . . . . .19

CEE CLI command output modifiers. . . . . . . . . . . . . . . . . . . . . .19

Chapter 3 Configuration management

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .21

Configuration management tasks . . . . . . . . . . . . . . . . . . . . . . . . . . .21

CEE configuration guidelines and restrictions . . . . . . . . . . . . . . 21

Display the running configuration file. . . . . . . . . . . . . . . . . . . . . 22

Saving the running configuration file . . . . . . . . . . . . . . . . . . . . .22

Loading the startup configuration file . . . . . . . . . . . . . . . . . . . .22

Erasing the startup configuration file. . . . . . . . . . . . . . . . . . . . .22

Archiving the running configuration file . . . . . . . . . . . . . . . . . . .22

Restore an archived running configuration file . . . . . . . . . . . . .22

Archiving the startup configuration file . . . . . . . . . . . . . . . . . . . 23

Restore an archived startup configuration file . . . . . . . . . . . . . 23

Flash file management commands . . . . . . . . . . . . . . . . . . . . . . . . . .23

Debugging and logging commands . . . . . . . . . . . . . . . . . . . . . . . . . .23

Chapter 4 FCoE Configuration Management

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

vi Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 7

DRAFT: BROCADE CONFIDENTIAL

Managing the FCoE configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

FCoE configuration guidelines and restrictions . . . . . . . . . . . . .25

Clearing logins . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .26

Displaying FCoE configuration-related information . . . . . . . . . . 26

Configuring the FCoE login information. . . . . . . . . . . . . . . . . . . . . . .26

Enabling or disabling login configuration management . . . . . . 26

Managing the current configuration transaction. . . . . . . . . . . . 27

Cleaning up login groups and VN_port mappings . . . . . . . . . . . 27

Displaying the FCoE login configuration. . . . . . . . . . . . . . . . . . .27

Saving the current FCoE configuration. . . . . . . . . . . . . . . . . . . .28

Creating an FCoE login group. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .28

Modifying the FCoE login group device list. . . . . . . . . . . . . . . . .29

Deleting an FCoE login group . . . . . . . . . . . . . . . . . . . . . . . . . . .29

Renaming an FCoE login group. . . . . . . . . . . . . . . . . . . . . . . . . . 29

Chapter 5 Initial FCoE and CEE Configuration

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

End to End FCoE using FC ISLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . .31

FCoE Logical Port Numbering . . . . . . . . . . . . . . . . . . . . . . . . . . .32

FCoE port-to-front end TenGigabit port mapping . . . . . . . . . . . . 32

High availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

Hot plug . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

Control Processor failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .33

High availability reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .34

Configuring the FCoE interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . .35

Configuring the FCoE VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .35

Assigning an FCoE map onto an interface . . . . . . . . . . . . . . . . .36

Configuring DCBX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

Configuring Spanning Tree Protocol. . . . . . . . . . . . . . . . . . . . . . . . . .38

Configuring VLAN membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . .38

CEE map configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .39

Defining a Priority Group Table map. . . . . . . . . . . . . . . . . . . . . .40

Defining a Priority-Table map . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

Applying a CEE provisioning map to an interface . . . . . . . . . . . 41

Verifying the CEE maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41

CEE audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .42

Chapter 6 Configuring VLANs

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

VLAN overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

Ingress VLAN filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .45

VLAN configuration guidelines and restrictions . . . . . . . . . . . . . . . .47

Default VLAN configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Converged Enhanced Ethernet Administrator’s Guide vii 53-1002163-02

Page 8

DRAFT: BROCADE CONFIDENTIAL

VLAN configuration and management. . . . . . . . . . . . . . . . . . . . . . . . 48

Enabling and disabling an interface port . . . . . . . . . . . . . . . . . . 48

Configuring the MTU on an interface port . . . . . . . . . . . . . . . . .48

Creating a VLAN interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .48

Enabling STP on a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

Disabling STP on a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

Configuring a VLAN interface to forward FCoE traffic . . . . . . . .49

Configuring an interface port as a Layer 2 switch port . . . . . . . 50

Configuring an interface port as an access interface . . . . . . . .50

Configuring an interface port as a trunk interface . . . . . . . . . .50

Disabling a VLAN on a trunk interface . . . . . . . . . . . . . . . . . . . . 51

Configuring an interface port as a converged interface . . . . . . 51

Disabling a VLAN on a converged interface . . . . . . . . . . . . . . . .52

Configuring protocol-based VLAN classifier rules . . . . . . . . . . . . . . .52

Configuring a VLAN classifier rule. . . . . . . . . . . . . . . . . . . . . . . .53

Configuring MAC address-based VLAN classifier rules . . . . . . .53

Deleting a VLAN classifier rule . . . . . . . . . . . . . . . . . . . . . . . . . .53

Creating a VLAN classifier group and adding rules . . . . . . . . . .53

Activating a VLAN classifier group with an interface port . . . . .54

Clearing VLAN counter statistics. . . . . . . . . . . . . . . . . . . . . . . . .54

Displaying VLAN information. . . . . . . . . . . . . . . . . . . . . . . . . . . .54

Configuring the MAC address table . . . . . . . . . . . . . . . . . . . . . . . . . .54

Specifying or disabling the aging time for MAC addresses. . . . 55

Adding static addresses to the MAC address table. . . . . . . . . .55

Chapter 7 Configuring STP, RSTP, and MSTP

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57

STP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

Configuring STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .58

RSTP overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .59

MSTP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

Configuring MSTP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

STP, RSTP, and MSTP configuration guidelines and restrictions . . . 63

Default STP, RSTP, and MSTP configuration . . . . . . . . . . . . . . . . . . .63

viii Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 9

DRAFT: BROCADE CONFIDENTIAL

STP, RSTP, and MSTP configuration and management . . . . . . . . . .64

Enabling STP, RSTP, or MSTP . . . . . . . . . . . . . . . . . . . . . . . . . . .64

Disabling STP, RSTP, or MSTP . . . . . . . . . . . . . . . . . . . . . . . . . . .65

Shutting down STP, RSTP, or MSTP globally . . . . . . . . . . . . . . . .65

Specifying the bridge priority. . . . . . . . . . . . . . . . . . . . . . . . . . . .65

Specifying the bridge forward delay . . . . . . . . . . . . . . . . . . . . . .66

Specifying the bridge maximum aging time. . . . . . . . . . . . . . . .66

Enabling the error disable timeout timer . . . . . . . . . . . . . . . . . .67

Specifying the error disable timeout interval. . . . . . . . . . . . . . .67

Specifying the port-channel path cost . . . . . . . . . . . . . . . . . . . . 67

Specifying the bridge hello time (STP and RSTP). . . . . . . . . . . .68

Specifying the transmit hold count (RSTP and MSTP). . . . . . . .68

Enabling Cisco interoperability (MSTP). . . . . . . . . . . . . . . . . . . .69

Disabling Cisco interoperability (MSTP) . . . . . . . . . . . . . . . . . . . 69

Mapping a VLAN to an MSTP instance . . . . . . . . . . . . . . . . . . . .69

Specifying the maximum number of hops

for a BPDU (MSTP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .70

Specifying a name for an MSTP region. . . . . . . . . . . . . . . . . . . .70

Specifying a revision number for an MSTP configuration . . . . .70

Flushing MAC addresses (RSTP and MSTP). . . . . . . . . . . . . . . . 71

Clearing spanning tree counters. . . . . . . . . . . . . . . . . . . . . . . . . 71

Clearing spanning tree-detected protocols . . . . . . . . . . . . . . . . 71

Displaying STP, RSTP, and MSTP-related information . . . . . . . .72

Configuring STP, RSTP, or MSTP on CEE interface ports . . . . . . . . .72

Enabling automatic edge detection . . . . . . . . . . . . . . . . . . . . . .72

Configuring the path cost . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .72

Enabling a port (interface) as an edge port . . . . . . . . . . . . . . . . 73

Enabling the guard root. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73

Specifying the MSTP hello time. . . . . . . . . . . . . . . . . . . . . . . . . . 74

Specifying restrictions for an MSTP instance . . . . . . . . . . . . . . 74

Specifying a link type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Enabling port fast (STP). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .75

Specifying the port priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75

Restricting the port from becoming a root port . . . . . . . . . . . . . 76

Restricting the topology change notification . . . . . . . . . . . . . . . 76

Enabling spanning tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76

Disabling spanning tree. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77

Chapter 8 Configuring Link Aggregation

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79

Link aggregation overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .79

Link Aggregation Group configuration . . . . . . . . . . . . . . . . . . . .79

Link Aggregation Control Protocol. . . . . . . . . . . . . . . . . . . . . . . .82

Dynamic link aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82

Static link aggregation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .82

Brocade-proprietary aggregation . . . . . . . . . . . . . . . . . . . . . . . .82

LAG distribution process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

LACP configuration guidelines and restrictions . . . . . . . . . . . . . . . . 83

Default LACP configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .83

Converged Enhanced Ethernet Administrator’s Guide ix 53-1002163-02

Page 10

DRAFT: BROCADE CONFIDENTIAL

LACP configuration and management. . . . . . . . . . . . . . . . . . . . . . . .83

Enabling LACP on an CEE interface . . . . . . . . . . . . . . . . . . . . . .83

Enabling LACP on an interface in Layer 2 mode . . . . . . . . . . . .84

Configuring the LACP system priority . . . . . . . . . . . . . . . . . . . . .84

Configuring the LACP timeout period on a CEE interface . . . . . 84

Clearing LACP counter statistics on a LAG . . . . . . . . . . . . . . . . .85

Clearing LACP counter statistics on all LAG groups . . . . . . . . . . 85

Displaying LACP information . . . . . . . . . . . . . . . . . . . . . . . . . . . .85

LACP troubleshooting tips. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85

Chapter 9 Configuring LLDP

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .87

LLDP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87

Layer 2 topology mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88

DCBX overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .89

Enhanced Transmission Selection (ETS) . . . . . . . . . . . . . . . . . .90

Priority Flow Control (PFC) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .90

DCBX interaction with other vendor devices . . . . . . . . . . . . . . . . . . . 91

LLDP configuration guidelines and restrictions . . . . . . . . . . . . . . . . 91

Default LLDP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

LLDP configuration and management. . . . . . . . . . . . . . . . . . . . . . . .92

Enabling LLDP globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .92

Disabling and resetting LLDP globally . . . . . . . . . . . . . . . . . . . .92

Configuring LLDP global command options. . . . . . . . . . . . . . . .92

Configuring LLDP interface-level command options . . . . . . . . .98

Clearing LLDP-related information . . . . . . . . . . . . . . . . . . . . . . .98

Displaying LLDP-related information . . . . . . . . . . . . . . . . . . . . .98

Chapter 10 Configuring ACLs

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

ACL overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .101

Default ACL configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .102

ACL configuration guidelines and restrictions. . . . . . . . . . . . . . . . .102

ACL configuration and management . . . . . . . . . . . . . . . . . . . . . . . .102

Creating a standard MAC ACL and adding rules . . . . . . . . . . .102

Creating an extended MAC ACL and adding rules . . . . . . . . . .103

Modifying MAC ACL rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .103

Removing a MAC ACL. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .104

Reordering the sequence numbers in a MAC ACL. . . . . . . . . .104

Applying a MAC ACL to a CEE interface . . . . . . . . . . . . . . . . . .105

Applying a MAC ACL to a VLAN interface . . . . . . . . . . . . . . . . .105

Chapter 11 Configuring QoS

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

x Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 11

DRAFT: BROCADE CONFIDENTIAL

QoS overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .107

Rewriting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

Queueing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

User-priority mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .108

Traffic class mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .111

Congestion control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113

Tail drop . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113

Ethernet pause. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114

Ethernet Priority Flow Control . . . . . . . . . . . . . . . . . . . . . . . . . .115

Multicast rate limiting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116

Scheduling. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117

Strict priority scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .117

Deficit weighted round robin scheduling . . . . . . . . . . . . . . . . .117

Traffic class scheduling policy. . . . . . . . . . . . . . . . . . . . . . . . . .118

Multicast queue scheduling . . . . . . . . . . . . . . . . . . . . . . . . . . .119

CEE map configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .119

Chapter 12 Configuring 802.1x Port Authentication

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123

802.1x protocol overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .123

802.1x configuration guidelines and restrictions. . . . . . . . . . . . . .123

802.1x authentication configuration tasks. . . . . . . . . . . . . . . . . . .124

Configure authentication

between the switch and CNA or NIC. . . . . . . . . . . . . . . . . . . . .124

Interface-specific administrative tasks for 802.1x . . . . . . . . . . . . .124

Configuring 802.1x on specific interface ports . . . . . . . . . . . .124

Configuring 802.1x timeouts on specific interface ports . . . .125

Configuring 802.1x re-authentication

on specific interface ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . .125

Disabling 802.1x on specific interface ports . . . . . . . . . . . . . .125

Chapter 13 Configuring IGMP

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

About IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Active IGMP snooping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .127

Multicast routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128

Configuring IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .128

Configuring IGMP snooping querier. . . . . . . . . . . . . . . . . . . . . . . . .129

Configuring IGMP snooping mrouter . . . . . . . . . . . . . . . . . . . . . . . .129

Monitoring IGMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .130

Chapter 14 Configuring RMON

In this chapter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131

Converged Enhanced Ethernet Administrator’s Guide xi 53-1002163-02

Page 12

DRAFT: BROCADE CONFIDENTIAL

RMON overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .131

RMON configuration and management. . . . . . . . . . . . . . . . . . . . . .131

Default RMON configuration . . . . . . . . . . . . . . . . . . . . . . . . . . .131

Configuring RMON group statistics collection . . . . . . . . . . . . .131

Configuring RMON settings . . . . . . . . . . . . . . . . . . . . . . . . . . . .132

Configuring RMON events . . . . . . . . . . . . . . . . . . . . . . . . . . . . .132

Configuring RMON history collection . . . . . . . . . . . . . . . . . . . .133

Appendix A Brocade 8000 Replacement

Index

xii Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 13

Figures

DRAFT: BROCADE CONFIDENTIAL

Figure 1 Multiple switch fabric configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

Figure 2 CEE CLI command mode hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Figure 3 Deploying FCoE across multiple hops of FC ISLs . . . . . . . . . . . . . . . . . . . . . . . . 32

Figure 4 Ingress VLAN filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

Figure 5 Configuring LAGs for a top-of-the-rack CEE switch—Example 1 . . . . . . . . . . . . . 81

Figure 6 Configuring LAGs for a top-of-the-rack CEE switch—Example 2 . . . . . . . . . . . . . 81

Figure 7 Queue depth . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

Figure 8 Strict priority schedule — two queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Figure 9 WRR schedule — two queues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117

Figure 10 Strict priority and Weighted Round Robin scheduler . . . . . . . . . . . . . . . . . . . . 118

Converged Enhanced Ethernet Administrator’s Guide xiii 53-1002163-02

Page 14

DRAFT: BROCADE CONFIDENTIAL

xiv Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 15

Tables

DRAFT: BROCADE CONFIDENTIAL

Tab l e 1 Command syntax conventions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

Tab l e 2 FCoE terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

Tab l e 3 CEE RBAC permissions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Tab l e 4 CEE CLI command modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Tab l e 5 CEE CLI keyboard shortcuts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17

Tab l e 6 CEE CLI command output modifiers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

Tab l e 7 CEE Flash memory file management commands. . . . . . . . . . . . . . . . . . . . . . . . . 23

Tab l e 8 Debugging and logging commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24

Tab l e 9 Protocol timeout values for non-disruptive failover . . . . . . . . . . . . . . . . . . . . . . . 33

Tab l e 10 State preservation during CP failover . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Tab l e 11 Default CEE Priority Group Table configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Tab l e 1 2 Default CEE priority table configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40

Tab l e 13 Format of the CEE audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Tab l e 14 Default VLAN configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

Tab l e 15 STP versus RSTP state comparison. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

Tab l e 16 Default STP, RSTP, and MSTP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63

Table 17 Default MSTP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64

Tab l e 18 Default 10-Gigabit Ethernet CEE interface-specific configuration . . . . . . . . . . . 64

Tab l e 19 Default LACP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83

Tab l e 2 0 ETS priority grouping of IPC, LAN, and SAN traffic . . . . . . . . . . . . . . . . . . . . . . . . 90

Tab l e 21 Default LLDP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91

Tab l e 2 2 Default MAC ACL configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 102

Tab l e 2 3 Default priority value of untrusted interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Tab l e 24 IEEE 802.1Q default priority mapping. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109

Tab l e 2 5 Default user priority for unicast traffic class mapping. . . . . . . . . . . . . . . . . . . . 111

Tab l e 2 6 Default user priority for multicast traffic class mapping . . . . . . . . . . . . . . . . . . 112

Tab l e 27 Supported scheduling configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118

Tab l e 2 8 Multicast traffic class equivalence mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . 119

Tab l e 2 9 Default CEE Priority Group Table configuration . . . . . . . . . . . . . . . . . . . . . . . . . 120

Tab l e 3 0 Default CEE priority table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121

Converged Enhanced Ethernet Administrator’s Guide xv 53-1002163-02

Page 16

DRAFT: BROCADE CONFIDENTIAL

xvi Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 17

About This Document

In this chapter

•How this document is organized . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xvii

•Supported hardware and software. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii

•What’s new in this document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xviii

•Document conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xix

•Notice to the reader . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx

•Additional information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xx

•Getting technical help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxi

•Document feedback . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . xxii

DRAFT: BROCADE CONFIDENTIAL

How this document is organized

This document is organized to help you find the information that you want as quickly and easily as possible.

The document contains the following components:

• Chapter 1, “Introducing FCoE,” provides an overview of Fibre Channel over Ethernet (FCoE) on

the Brocade FCoE hardware.

• Chapter 2, “Using the CEE CLI,” describes the Converged Enhanced Ethernet (CEE) CLI.

• Chapter 3, “Configuration management,” describes how to perform the administrative tasks

required by the Brocade FCoE hardware.

• Chapter 4, “FCoE Configuration Management,” describes how to configure FCoE using the

Fabric OS CLI.

• Chapter 5, “Initial FCoE and CEE Configuration,” describes some basic switch configurations

for command SAN and LAN environments.

• Chapter 6, “Configuring VLANs,” describes how to configure VLANs.

• Chapter 7, “Configuring STP, RSTP, and MSTP,” describes how to configure the Spanning Tree

Protocol (STP), Rapid STP (RSTP), and Multiple STP (MSTP).

• Chapter 8, “Configuring Link Aggregation,” describes how to configure Link Aggregation and

Link Aggregation Control Protocol (LACP).

• Chapter 9, “Configuring LLDP,” describes how to configure the Link Layer Discovery Protocol

(LLDP) and the Data Center Bridging (DCB) Capability Exchange Protocol (DCBX).

• Chapter 10, “Configuring ACLs,” describes how to configure Access Control Lists (ACLs).

• Chapter 11, “Configuring QoS,” describes how to configure Quality of Service (QoS).

Converged Enhanced Ethernet Administrator’s Guide xvii 53-1002163-02

Page 18

DRAFT: BROCADE CONFIDENTIAL

• Chapter 12, “Configuring 802.1x Port Authentication,”describes how to configure the 802.1x

Port Authentication protocol.

• Chapter 13, “Configuring IGMP,” describes how to configure IGMP snooping on the Brocade

FCoE hardware.

• Chapter 14, “Configuring RMON,” describes how to configure remote monitoring (RMON).

Supported hardware and software

This document includes updated information specific to Fabric OS v7.0.0. The following hardware platforms are supported in this release of the CEE Administrator’s Guide:

• Brocade 8000

The following blades are supported by this release of the CEE Administrator’s Guide:

• Brocade FCOE10-24 blade

Within this manual, any appearance of the term “Brocade FCoE hardware” is referring to:

• Brocade 8000

• Brocade FCOE10-24 port blade

Although many different software and hardware configurations are tested and supported by Brocade Communications Systems, Inc. for Fabric OS v7.0.0, documenting all possible configurations and scenarios is beyond the scope of this document.

To obtain information about an OS version other than Fabric OS v7.0.0, refer to the documentation specific to that OS version.

What’s new in this document

This document has been updated for Fabric OS v7.0.0.

The following information was added:

• New chapter on Internet Group Management Protocol, Chapter 13, “Configuring IGMP”.

• New appendix on replacing the Brocade 8000, Appendix A, “Brocade 8000 Replacement”.

For further information about new features and documentation updates for this release, refer to the release notes.

xviii Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 19

Document conventions

This section describes text formatting conventions and important notice formats used in this document.

Text formatting

The narrative-text formatting conventions that are used are as follows:

bold text Identifies command names

italic text Provides emphasis

DRAFT: BROCADE CONFIDENTIAL

Identifies the names of user-manipulated GUI elements Identifies keywords and operands Identifies text to enter at the GUI or CLI

Identifies variables Identifies paths and Internet addresses Identifies document titles

code text Identifies CLI output

Identifies command syntax examples

For readability, command names in the narrative portions of this guide are presented in mixed lettercase: for example, switchShow. In actual examples, command lettercase is often all lowercase. Otherwise, this manual specifically notes those cases in which a command is case sensitive.

Command syntax conventions

Command syntax in this manual follows these conventions:

TABLE 1 Command syntax conventions

Convention Description

[ ] Default responses to system prompts appear in square brackets.

{x | y | z} A choice of required keywords appears in braces separated by vertical

bars. You must select one.

screen font Examples of information displayed on the screen.

<> Nonprinting characters, for example passwords, appear in angle

brackets.

[ ] Keywords or arguments that appear within square brackets are

optional.

bold face font Commands and keywords.

italic Variables for which you supply values.

Notes, cautions, and warnings

The following notices and statements are used in this manual. They are listed below in order of increasing severity of potential hazards.

Converged Enhanced Ethernet Administrator’s Guide xix 53-1002163-02

Page 20

DRAFT: BROCADE CONFIDENTIAL

NOTE

ATTENTION

CAUTION

DANGER

A note provides a tip, guidance, or advice, emphasizes important information, or provides a reference to related information.

An Attention statement indicates potential damage to hardware or data.

A Caution statement alerts you to situations that can be potentially hazardous to you or cause damage to hardware, firmware, software, or data.

A Danger statement indicates conditions or situations that can be potentially lethal or extremely hazardous to you. Safety labels are also attached directly to products to warn of these conditions or situations.

Key terms

For definitions specific to Brocade and Fibre Channel, see the technical glossaries on MyBrocade. See “Brocade resources” on page xxi for instructions on accessing MyBrocade.

For terminology specific to this document, see “FCoE terminology” on page 1.

For definitions of SAN-specific terms, visit the Storage Networking Industry Association online dictionary at:

http://www.snia.org/education/dictionary

Notice to the reader

This document may contain references to the trademarks of the following corporations. These trademarks are the properties of their respective companies and corporations.

These references are made for informational purposes only.

Corporation Referenced Trademarks and Products

None Not applicable

Additional information

This section lists additional Brocade and industry-specific documentation that you might find helpful.

xx Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 21

DRAFT: BROCADE CONFIDENTIAL

Brocade resources

To get up-to-the-minute information, go to http://my.brocade.com and register at no cost for a user ID and password.

White papers, online demonstrations, and data sheets are available through the Brocade website at:

http://www.brocade.com/products-solutions/products/index.page

For additional Brocade documentation, visit the Brocade website:

http://www.brocade.com

Release notes are available on the MyBrocade website and are also bundled with the Fabric OS firmware.

Other industry resources

For additional resource information, visit the Technical Committee T11 website. This website provides interface standards for high-performance and mass storage applications for Fibre Channel, storage management, and other applications:

http://www.t11.org

For information about the Fibre Channel industry, visit the Fibre Channel Industry Association website:

http://www.fibrechannel.org

Getting technical help

Contact your switch support supplier for hardware, firmware, and software support, including product repairs and part ordering. To expedite your call, have the following information available:

1. General Information

• Switch model

• Switch operating system version

• Software name and software version, if applicable

• Error numbers and messages received

• supportSave command output

• Detailed description of the problem, including the switch or fabric behavior immediately

following the problem, and specific questions

• Description of any troubleshooting steps already performed and the results

• Serial console and Telnet session logs

• syslog message logs

Converged Enhanced Ethernet Administrator’s Guide xxi 53-1002163-02

Page 22

DRAFT: BROCADE CONFIDENTIAL

2. Switch Serial Number

The switch serial number and corresponding bar code are provided on the serial number label, as illustrated below:

*FT00X0054E9*

FT00X0054E9

The serial number label is located as follows:

• Brocade 8000 —On the switch ID pull-out tab located inside the chassis on the port side

on the left

3. World Wide Name (WWN)

Use the licenseIdShow command to display the WWN of the chassis.

If you cannot use the licenseIdShow command because the switch is inoperable, you can get the WWN from the same place as the serial number, except for the Brocade DCX. For the Brocade DCX, access the numbers on the WWN cards by removing the Brocade logo plate at the top of the nonport side of the chassis.

Document feedback

Quality is our first concern at Brocade and we have made every effort to ensure the accuracy and completeness of this document. However, if you find an error or an omission, or you think that a topic needs further development, we want to hear from you. Forward your feedback to:

documentation@brocade.com

Provide the title and version number of the document and as much detail as possible about your comment, including the topic heading and page number and your suggestions for improvement.

xxii Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 23

DRAFT: BROCADE CONFIDENTIAL

Chapter

Introducing FCoE

In this chapter

•FCoE terminology. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

•FCoE overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1

•Layer 2 Ethernet overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3

•FCoE Initialization Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8

•FCoE queuing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

•Upgrade and downgrade considerations for FCoE . . . . . . . . . . . . . . . . . . . . 12

FCoE terminology

Tab le 2 lists and describes the FCoE terminology used in this document.

TABLE 2 FCoE terminology

Term Description

FCoE Fibre Channel over Ethernet

CEE Converged Enhanced Ethernet

VN_port FCoE equivalent of an FC N_port

VF_port FCoE equivalent of an FC F_port

ENode An FCoE device that supports FCoE VN_ports

FCoE Forwarder (FCF) An FCoE link end point that provides FC fabric

FIP FCoE Initialization Protocol

FCoE overview

Fibre Channel over Ethernet (FCoE) enables you to transport FC protocols and frames over Converged Enhanced Ethernet (CEE) networks. CEE is an enhanced Ethernet that enables the convergence of various applications in data centers (LAN, SAN, and HPC) onto a single interconnect technology.

(servers and target devices)

services

Converged Enhanced Ethernet Administrator’s Guide 1 53-1002163-02

Page 24

NOTE

DRAFT: BROCADE CONFIDENTIAL

FCoE overview

FCoE provides a method of encapsulating the Fibre Channel (FC) traffic over a physical Ethernet link. FCoE frames use a unique EtherType that enables FCoE traffic and standard Ethernet traffic to be carried on the same link. FC frames are encapsulated in an Ethernet frame and sent from one FCoE-aware device across an Ethernet network to a second FCoE-aware device. The FCoE-aware devices may be FCoE end nodes (ENodes) such as servers, storage arrays, or tape drives on one end and FCoE Forwarders on the other end. FCoE Forwarders (FCFs) are switches providing FC fabric services and FCoE-to-FC bridging.

The motivation behind using CEE networks as a transport mechanism for FC arises from the desire to simplify host protocol stacks and consolidate network interfaces in data center environments. FC standards allow for building highly reliable, high-performance fabrics for shared storage, and these characteristics are what CEE brings to data centers. Therefore, it is logical to consider transporting FC protocols over a reliable CEE network in such a way that it is completely transparent to the applications. The underlying CEE fabric is highly reliable and high performing, the same as the FC SAN.

In FCoE, ENodes discover FCFs and initialize the FCoE connection through the FCoE Initialization Protocol (FIP). The FIP has a separate EtherType from FCoE. The FIP includes a discovery phase in which ENodes solicit FCFs, and FCFs respond to the solicitations with advertisements of their own. At this point, the ENodes know enough about the FCFs to log into them. The fabric login and fabric discovery (FLOGI/FDISC) for VN-to-VF port connections is also part of the FIP.

With pre-FIP implementations, as an alternative to FIP, directly connected devices can send an FCoE-encapsulated FLOGI to the connected FCF.

FCoE hardware

At a fundamental level, FCoE is designed to enable the transport of storage and networking traffic over the same physical link. Utilizing this technology, the Brocade 8000 switch and the Brocade FCOE10-24 port blade provide a unique platform that connects servers to both LAN and SAN environments.

Within this manual, any appearance of the term “Brocade FCoE hardware” is referring to the following hardware:

• Brocade 8000 switch

• Brocade FCOE10-24 port blade

The intermediate switching devices in the CEE network do not have to be FCoE-aware. They simply route the FCoE traffic to the FCoE device based on the Ethernet destination address in the FCoE frame.

2 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 25

DRAFT: BROCADE CONFIDENTIAL

Classic Layer 2 Ethernet switch

FC switch

Storage

Host 1 Host 2

Host 3

Brocade 8000

switch

CNA or

classic NIC

CNA or

classic NIC

Classic NIC

Layer 2 Ethernet overview

The Brocade FCoE hardware contain CEE ports that support FCoE forwarding. The CEE ports are also backwards compatible and support classic Layer 2 Ethernet networks (see Figure 1). In Layer 2 Ethernet operation, a host with a Converged Network Adapter (CNA) can be directly attached to a CEE port on the Brocade FCoE hardware. Another host with a classic 10-Gigabit Ethernet NIC can be either directly attached to a CEE port, or attached to a classic Layer 2 Ethernet network which is attached to the Brocade FCoE hardware.

FIGURE 1 Multiple switch fabric configuration

Layer 2 Ethernet overview

Layer 2 forwarding

Layer 2 Ethernet frames are forwarded on the CEE ports. 802.1Q VLAN support is used to tag incoming frames to specific VLANs, and 802.3ac VLAN tagging support is used to accept VLAN tagged frames from external devices. The 802.1D Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP) are used as the bridging protocols between Layer 2 switches.

The Brocade FCoE hardware handles Ethernet frames as follows:

• When the destination MAC address is not in the lookup table, the frame is flooded on all ports

except the ingress port.

• When the destination MAC address is present in the lookup table, the frame is switched only to

the correct egress port.

• When the destination MAC address is present in the lookup table, and the egress port is the

Converged Enhanced Ethernet Administrator’s Guide 3 53-1002163-02

same as the ingress port, the frame is dropped.

Page 26

Layer 2 Ethernet overview

NOTE

DRAFT: BROCADE CONFIDENTIAL

• If the Ethernet Frame Check Sequence (FCS) is incorrect, because the switch is in cut-through

mode, a correctly formatted Ethernet frame is sent out with an incorrect FCS.

• If the Ethernet frame is too short, the frame is discarded and the error counter is incremented.

• If the Ethernet frame is too long, the frame is discarded and the error counter is incremented.

• Frames sent to a broadcast destination MAC address are flooded on all ports except the

ingress port.

• When MAC address entries in the lookup table time out, they are removed. In this event, frame

forwarding changes from unicast to flood.

• An existing MAC address entry in the lookup table is discarded when a device is moved to a

new location. When a device is moved, the ingress frame from the new port causes the old lookup table entry to be discarded and the new entry inserted into the lookup table. Frame forwarding remains unicast to the new port.

• When the lookup table is full, new entries replace the oldest MAC addresses after the oldest

MAC addresses age and time out. MAC addresses that still have traffic running are not timed out.

New entries start replacing older entries when the lookup table reaches 90 percent of its 32k capacity.

VLAN tagging

The Brocade FCoE hardware handles VLAN tagging as follows:

• If the CEE port is configured to tag incoming frames with a single VLAN ID, then incoming

frames that are untagged are tagged with the VLAN ID.

• If the CEE port is configured to tag incoming frames with multiple VLAN IDs, then incoming

frames that are untagged are tagged with the correct VLAN ID based on the port setting.

• If the CEE port is configured to accept externally tagged frames, then incoming frames that are

tagged with a VLAN ID are passed through unchanged.

Only a single switch-wide VLAN is capable of forwarding FCoE traffic.

For detailed information on configuring VLANs, see “Configuring VLANs” on page 45.

Loop-free network environment

The Brocade FCoE hardware uses the following protocols to maintain a loop-free network environment:

• 802.1D Spanning Tree Protocol (STP)—STP is required to create a loop-free topology in the LAN.

• Rapid Spanning Tree Protocol (RSTP)—RSTP evolved from the 802.1D STP standard. RSTP

provides for a faster spanning tree convergence after a topology change.

• Multiple Spanning Tree Protocol (MSTP)—MSTP defines an extension to RSTP to further

develop the usefulness of VLANs. With per-VLAN MSTP, you can configure a separate spanning tree for each VLAN group. The protocol automatically blocks the links that are redundant in each spanning tree.

4 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 27

DRAFT: BROCADE CONFIDENTIAL

Layer 2 Ethernet overview

Using MSTP, you can create multiple loop-free active topologies on a single physical topology. These loop-free topologies are mapped to a set of configurable VLANs. This enables you to better utilize the physical resources present in the network and achieve better load balancing of VLAN traffic.

For detailed information on configuring these protocols, see “Configuring STP, RSTP, and MSTP” on page 57.

Frame classification (incoming)

The Brocade FCoE hardware is capable of classifying incoming Ethernet frames based on the following criteria:

• Port number

• Protocol

• MAC address

The classified frames can be tagged with a VLAN ID or with 802.1p Ethernet priority. The 802.1p Ethernet priority tagging is done using the Layer 2 Class of Service (CoS). The 802.1p Ethernet priority is used to tag frames in a VLAN with a Layer 2 CoS to prioritize traffic in the VLAN. The Brocade FCoE hardware also accepts frames that have been tagged by an external device.

Frame classification options are as follows:

• VLAN ID and Layer 2 CoS by physical port number—With this option, the port is set to classify

incoming frames to a preset VLAN ID and the Layer 2 CoS by the physical port number on the Brocade FCoE hardware.

• VLAN ID and Layer 2 CoS by LAG virtual port number—With this option, the port is set to classify

incoming frames to a preset VLAN ID and Layer 2 CoS by the Link Aggregation Group (LAG) virtual port number.

• Layer 2 CoS mutation—With this option, the port is set to change the Layer 2 CoS setting by

enabling the QoS mutation feature.

• Layer 2 CoS trust—With this option, the port is set to accept the Layer 2 CoS of incoming

frames by enabling the QoS trust feature.

For detailed information on configuring QoS, see “Configuring QoS” on page 107.

Congestion control and queuing

The Brocade FCoE hardware supports several congestion control and queuing strategies. As an output queue approaches congestion, Random Early Detection (RED) is used to selectively and proactively drop frames to maintain maximum link utilization. Incoming frames are classified into priority queues based on the Layer 2 CoS setting of the incoming frame, or the possible rewriting of the Layer 2 CoS field based on the settings of the CEE port or VLAN.

The Brocade FCoE hardware supports a combination of two scheduling strategies to queue frames to the egress ports; Priority queuing, which is also referred to as strict priority, and Deficit Weighted Round Robin (DWRR) queuing.

The scheduling algorithms work on the eight traffic classes as specified in 802.1Qaz Enhanced Transmission Selection (ETS).

Converged Enhanced Ethernet Administrator’s Guide 5 53-1002163-02

Page 28

Layer 2 Ethernet overview

DRAFT: BROCADE CONFIDENTIAL

Queuing features are described as follows:

• RED—RED increases link utilization. When multiple inbound traffic streams are switched to the

same outbound port, and some traffic streams send small frames while other traffic streams send large frames, link utilization will not be able to reach 100 percent. When RED is enabled, link utilization approaches 100 percent.

• Classification—Setting user priority.

- Inbound frames are tagged with the user priority set for the inbound port. The tag is visible

when examining the frames on the outbound port. By default, all frames are tagged to priority zero.

- Externally tagged Layer 2 frames—When the port is set to accept externally tagged Layer 2

frames, the user priority is set to the Layer 2 CoS of the inbound frames.

• Queuing

- Input queuing—Input queuing optimizes the traffic flow in the following way. Suppose a

CEE port has inbound traffic that is tagged with several priority values, and traffic from different priority settings is switched to different outbound ports. Some outbound ports are already congested with background traffic while others are uncongested. With input queuing, the traffic rate of the traffic streams switched to uncongested ports should remain high.

- Output queuing—Output queuing optimizes the traffic flow in the following way. Suppose

that several ports carry inbound traffic with different priority settings. Traffic from all ports is switched to the same outbound port. If the inbound ports have different traffic rates, some outbound priority groups will be congested while others can remain uncongested. With output queuing, the traffic rate of the traffic streams that are uncongested should remain high.

- Multicast rate limit—A typical multicast rate limiting example is where several ports carry

multicast inbound traffic that is tagged with several priority values. Traffic with different priority settings is switched to different outbound ports. The multicast rate limit is set so that the total multicast traffic rate on output ports is less than the specified set rate limit.

- Multicast input queuing—A typical multicast input queuing example is where several ports

carry multicast inbound traffic that is tagged with several priority values. Traffic with different priority settings is switched to different outbound ports. Some outbound ports are already congested with background traffic while others are uncongested. The traffic rate of the traffic streams switched to the uncongested ports should remain high. All outbound ports should carry some multicast frames from all inbound ports. This enables multicast traffic distribution relative to the set threshold values.

- Multicast output queuing—A typical multicast output queuing example is where several

ports carry multicast inbound traffic. Each port has a different priority setting. Traffic from all ports is switched to the same outbound port. If the inbound ports have varying traffic rates, some outbound priority groups will be congested while others remain uncongested. The traffic rate of the traffic streams that are uncongested remains high. The outbound ports should carry some multicast frames from all the inbound ports.

• Scheduling—A typical example of scheduling policy (using SP0 and SP1 modes) is where ports

0 through 7 carry inbound traffic, each port has a unique priority level, port 0 has priority 0, port 1 has priority 1, and so on. All traffic is switched to the same outbound port. In SP0 mode, all ports have DWRR scheduling; therefore, the frames-per-second (FPS) on all ports should correspond to the DWRR settings. In SP1 mode, priority 7 traffic uses SP; therefore, priority 7 can achieve a higher FPS. Frames from input ports with the same priority level should be scheduled in a round robin manner to the output port.

6 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 29

DRAFT: BROCADE CONFIDENTIAL

NOTE

Layer 2 Ethernet overview

When setting the scheduling policy, each priority group that is using DWRR scheduling can be set to use a percentage of the total bandwidth by setting the PG_Percentage parameter.

For detailed information on configuring QoS, see “Configuring QoS” on page 107.

Access control

Access Control Lists (ACLs) are used for Layer 2 switching security. Standard ACLs inspect the source address for the inbound ports. Extended ACLs provide filtering by source and destination addresses and protocol. ACLs can be applied to the CEE ports or to VLANs.

ACLs function as follows:

• A standard Ethernet ACL configured on a physical port is used to permit or deny frames based

on the source MAC address. The default is to permit all frames.

• An extended Ethernet ACL configured on a physical port is used to permit or deny frames

based on the source MAC address, destination MAC address, and EtherType. The default is to permit all frames.

• A standard Ethernet ACL configured on a LAG virtual port is used to permit or deny frames

based on the source MAC address. The default is to permit all frames. LAG ACLs apply to all ports in the LAG.

• An extended Ethernet ACL configured on a LAG virtual port is used to permit or deny frames

based on the source MAC address, destination MAC address, and EtherType. The default is to permit all frames. LAG ACLs apply to all ports in the LAG.

• A standard Ethernet ACL configured on a VLAN is used to permit or deny frames based on the

source MAC address. The default is to permit all frames. VLAN ACLs apply to the Switch Vertical Interface (SVI) for the VLAN.

• An extended Ethernet ACL configured on a VLAN is used to permit or deny frames based on the

source MAC address, destination MAC address, and EtherType. The default is to permit all frames. VLAN ACLs apply to the Switch Vertical Interface (SVI) for the VLAN.

For detailed information on configuring ACLs, see “Configuring ACLs” on page 101.

Trunking

The term “trunking” in an Ethernet network refers to the use of multiple network links (ports) in parallel to increase the link speed beyond the limits of any one single link or port, and to increase the redundancy for higher availability.

802.1ab Link Layer Discovery Protocol (LLDP) is used to detect links to connected switches or hosts. Trunks can then be configured between an adjacent switch or host and the Brocade FCoE hardware using the VLAN classifier commands. See “Configuring an interface port as a trunk

interface” on page 50.

The Data Center Bridging (DCB) Capability Exchange Protocol (DCBX) extension is used to identify a CEE-capable port on an adjacent switch or host. For detailed information on configuring LLDP and DCBX, see “Configuring LLDP” on page 87.

The 802.3ad Link Aggregation Control Protocol (LACP) is used to combine multiple links to create a trunk with the combined bandwidth of all the individual links. For detailed information on configuring LACP, see “Configuring Link Aggregation” on page 79.

Converged Enhanced Ethernet Administrator’s Guide 7 53-1002163-02

Page 30

FCoE Initialization Protocol

NOTE

DRAFT: BROCADE CONFIDENTIAL

The Brocade software supports a maximum 24 LAG interfaces.

Flow Control

802.3x Ethernet pause and Ethernet Priority-based Flow Control (PFC) are used to prevent dropped frames by slowing traffic at the source end of a link. When a port on a switch or host is not ready to receive more traffic from the source, perhaps due to congestion, it sends pause frames to the source to pause the traffic flow. When the congestion has been cleared, it stops requesting the source to pause traffic flow, and traffic resumes without any frame drop.

When Ethernet pause is enabled, pause frames are sent to the traffic source. Similarly, when PFC is enabled, there is no frame drop; pause frames are sent to the source switch.

For detailed information on configuring Ethernet pause and PFC, see “Configuring QoS” on page 107.

FCoE Initialization Protocol

The FCoE Initialization Protocol (FIP) discovers and initializes FCoE capable entities connected to an Ethernet cloud through a dedicated Ethertype, 0x8914, in the Ethernet frame.

FIP discovery

This software version supports the October 8, 2008 (REV 1.03) of the ANSI FC Backbone Specification with priority-tagged FIP VLAN discovery protocol and FIP version 0. This release supports FIP Keep Alive.

The Brocade FCoE hardware FIP discovery phase operates as follows:

• The Brocade FCoE hardware uses the FCoE Initialization Protocol (FIP). Enodes discover FCFs

and initialize the FCoE connection through the FIP.

• VF_port configuration—An FCoE port accepts Enode requests when it is configured as a

VF_port and enabled. An FCoE port does not accept ENode requests when disabled.

• Solicited advertisements—A typical scenario is where a Brocade FCoE hardware receives a FIP

solicitation from an ENode. Replies to the original FIP solicitation are sent to the MAC address embedded in the original FIP solicitation. After being accepted, the ENode is added to the VN_port table.

• Login group—When enabled, replies to solicitations are sent only by Brocade FCoE hardware

that have the ENode in the login group.

• FCF forwarding—The Brocade FCoE hardware forwards FIP frames only when the VLAN is set to

FCF forwarding mode.

• VLAN 1—The Brocade FCoE hardware should not forward FIP frames on VLAN 1 because it is

reserved for management traffic only.

• A fabric-provided MAC address is supported. A server-provided MAC-address is not supported

in the Fabric OS v7.0.0 release.

8 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 31

DRAFT: BROCADE CONFIDENTIAL

NOTE

FCoE Initialization Protocol

In the fabric-provided MAC address format, VN_port MAC addresses are based on a 24-bit fabric-supplied value. The first three bytes of this value is referred to as the FCMAP. The next three bytes are the FC ID, which is assigned by the switch when the ENode logs in to the switch.

FIP login

FIP login operates as follows:

• ENodes can log in to the Brocade FCoE hardware using FIP. Fabric login (FLOGI) and fabric

discovery (FDISC) are accepted. Brocade FCoE hardware in the fabric maintain the MAC address, World Wide Name (WWN), and PID mappings per login. Each ENode port should have a unique MAC address and WWN.

• FIP FLOGI—The Brocade FCoE hardware accepts the FIP FLOGI from the ENode. The FIP FLOGI

acceptance (ACC) is sent to the ENode if the ENode MAC address or WWN matches the VN_port table on the Brocade FCoE hardware. The FIP FLOGI request is rejected if the ENode MAC address or WWN does not match. The ENode login is added to the VN_port table. Fabric Provided MAC addressing (FPMA) is supported.

• FIP FDISC—The Brocade FCoE hardware accepts FIP FDISC from the ENode. FIP FDISC

acceptance (ACC) is sent to the ENode if the ENode MAC address or WWN matches the VN_port table on the Brocade FCoE hardware. The FIP FDISC request is rejected if the ENode MAC address or WWN does not match. The ENode login is added to the VN_port table. FPMA is supported.

• Maximum logins per VF_port—The Brocade FCoE hardware supports a maximum of 255 logins

per VF_port. The VF_port rejects further logins after the maximum is reached.

• Maximum logins per switch—The Brocade FCoE hardware accepts a maximum of 1024 logins

per switch. Note that the Brocade FCoE hardware rejects further logins after the maximum is reached.

FIP logout

FIP logout operates as follows:

• ENodes can log out from the Brocade FCoE hardware using FIP. The Brocade FCoE hardware in

the fabric updates the MAC address, WWN, and PID mappings upon logout. The Brocade FCoE hardware also handles scenarios of implicit logout where the ENode has left the fabric without explicitly logging out.

• FIP logout (LOGO)—The Brocade FCoE hardware accepts a FIP LOGO from the ENode. The FIP

LOGO ACC should be sent to the ENode if the ENode MAC address matches the VN_port table on the Brocade FCoE hardware. The LOGO is ignored (not rejected) if the ENode MAC address does not match. The ENode logout is updated in the VN_port table. FPMA is supported.

• Implicit logout—With the ENode directly connected to a CEE port, if the port that the ENode is

attached to goes offline, the Brocade FCoE hardware implicitly logs out that ENode. ENode logout is updated in the VN_port table. The Brocade FCoE hardware sends clear virtual link (CVL) on behalf of the ENode.

Converged Enhanced Ethernet Administrator’s Guide 9 53-1002163-02

Page 32

FCoE Initialization Protocol

NOTE

DRAFT: BROCADE CONFIDENTIAL

FCoE login

The Brocade FCoE hardware FCoE login operates as follows:

• ENodes can log in to the Brocade FCoE hardware using FCoE encapsulated, FC Extended Link

Service (ELS) frames. FLOGI and FDISC are accepted. Brocade FCoE hardware in the fabric maintains the MAC address to WWN/PID mappings per login. Class 2 FLOGI is not supported.

• FCoE FLOGI—The Brocade FCoE hardware accepts FCoE FLOGI from the ENode. FCoE FLOGI

ACC is sent to the ENode if the FCMAP matches the VN_port table on the Brocade FCoE hardware. Requests are ignored if the FCMAP does not match. The ENode login is added to the VN_port table.

• FCoE FDISC—The Brocade FCoE hardware accepts FCoE FDISC from the ENode. FCoE FDISC

ACC is sent to the ENode if the FCMAP matches the VN_port table on the Brocade FCoE hardware. The FCoE FDISC request is ignored if the FCMAP does not match. The ENode login is added to the VN_port table.

• FCMAP—The Brocade FCoE hardware accepts FCoE FLOGI from the ENode. The FCMAP

determines which FCoE VLAN is accepted for the FCoE session.

Only one FCoE VLAN is supported in the Fabric OS v7.0.0 release.

FCoE logout

The Brocade FCoE hardware FCoE logout operates as follows:

• ENodes can log out from the Brocade FCoE hardware using the FCoE encapsulated, FC ELS

frame. Brocade FCoE hardware in the fabric updates the MAC address to WWN/PID mappings upon logout. The Brocade FCoE hardware also handles scenarios of implicit logout where the ENode has left the fabric without explicitly logging out.

• FCoE LOGO—The Brocade FCoE hardware accepts the FCoE LOGO from the ENode. The FCoE

LOGO ACC is sent to the ENode if the ENode MAC address matches the VN_port table on the Brocade FCoE hardware. The LOGO is ignored (not rejected) if the ENode MAC address does not match. The ENode logout is updated in the VN_port table.

Logincfg

The Brocade FCoE hardware logincfg mechanism operates as follows:

• The logincfg is the mechanism for controlling ENode logins per Brocade FCoE hardware. Each

unit of Brocade FCoE hardware maintains its own logincfg.

• Login configuration management is optional—when login management is disabled, the default

behavior is to accept logins from any ENode.

• Logingroup creation and deletion—The Brocade FCoE hardware accepts valid logingroup

names and member WWNs. The Brocade FCoE hardware rejects invalid entries. The Brocade FCoE hardware allows the deletion of logingroups that are defined and committed. You can display defined and committed logingroups. The logingroup capability is disabled by default.

• Member add and remove—You can add valid member WWNs. Invalid WWNs are rejected.

Duplicate WWNs are uniquely resolved. You can display the current view of defined logingroups when changes are made to the configuration.

10 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 33

DRAFT: BROCADE CONFIDENTIAL

FCoE Initialization Protocol

• Commit and abort—Defined logingroup changes can be aborted with no effect on existing

sessions. The Brocade FCoE hardware does not apply the configurations to new sessions until the changes are committed. Once defined, logingroups are committed. The Brocade FCoE hardware immediately uses the new configuration.

• No traffic disruption—Changing the logingroup without committing the changes does not affect

existing sessions. After committing the changes, ENodes that were already logged in continue to function even when that member is removed from the logingroup. New logins from the former member are rejected.

Name server

The Brocade FCoE hardware name server function operates as follows:

• ENode login and logout to and from the Brocade FCoE hardware updates the name server in

the FC fabric. The Brocade FCoE hardware maintains the MAC address to WWN/PID mappings.

• ENode login and logout—When an ENode login occurs through any means (FIP FLOGI, FIP

FDISC, FCoE FLOGI, or FCoE FDISC), an entry is added to the name server. When an ENode logout occurs through any means (FIP LOGO, FCoE LOGO, or implicit logout), the entry is removed from the name server.

• ENode data—The Brocade FCoE hardware maintains a VN_port table. The table tracks the

ENode MAC address, FIP login parameters for each login from the same ENode, and WWN/PID mappings on the FC side. You can display the VN_port table with the fcoe -loginshow port command.

FC zoning

The Brocade FCoE hardware FC zoning operates as follows:

• The virtual devices created by the Brocade FCoE hardware on behalf of the ENodes are subject

to FC zoning. An ENode is only allowed to access devices in the same zones. Administrative Domains (ADs) are not supported in the Fabric OS v7.0.0 release.

• ENodes can access FC devices in the same zones— FC devices that are not in the same zones

cannot be accessed. Zone members can overlap in multiple zones (that is, overlapping zones). Zoning changes are immediately enabled by hardware enforced zoning.

• ENodes can access all FC devices with no zoning—ENodes can access all FC devices in the

fabric when cfgdisable is issued and Default Zone is set to All Access Mode.

• Field replacement—When a Brocade FCoE hardware is replaced in the field, you can perform a

configdownload on a previously saved configuration. No zoning change is required.

Registered State Change Notification (RSCN)

The Brocade FCoE hardware RSCN function operates as follows:

• RSCN events generated in the FC fabric are forwarded to the ENodes. RSCN events generated

on the FCoE side are forwarded to the FC devices. CEE is not aware of RSCN events.

• Device RSCN—An RSCN is generated to all registered and affected members when an ENode

either logs in or logs out of an FCF through any means. An RSCN is generated when an FC N_port device either logs in or logs out of the FC fabric.

Converged Enhanced Ethernet Administrator’s Guide 11 53-1002163-02

Page 34

FCoE queuing

NOTE

• VF_port RSCN—An RSCN is generated to all registered members when a VF_port goes online or

• Domain RSCN—An RSCN is generated to all registered and affected members when an FC

• Zoning RSCN—An RSCN is generated to all registered and affected members when a zoning

FCoE queuing

The QOS configuration controls the FCoE traffic distribution. Note that changing these settings requires changes on both the Brocade FCoE hardware and the CNA; therefore, the link must be taken offline and back online after a change is made. Traffic scheduler configuration changes affect FCoE traffic distribution as follows:

DRAFT: BROCADE CONFIDENTIAL

When transmitting an RSCN, zoning rules still apply for FCoE devices as the devices are treated as regular FC N_ports.

offline, causing ENode or FC devices to be added or removed.

switch port goes online or offline, causing ENode or FC devices to be added or removed. An RSCN is generated when two FC switches merge or segment, causing ENode or FC devices to be added or removed. When FC switches merge or segment, an RSCN is propagated to ENodes.

exchange occurs in the FC fabric.

• Changing the priority group for a port causes the FCoE traffic distribution to update. The priority

group and bandwidth are updated.

• Changing the priority table for a port causes the FCoE traffic distribution to be updated. The

COS-to-priority group mapping is updated.

• Changing the class map for a port causes the FCoE traffic distribution to be updated.

• Changing the policy map for a port causes FCoE traffic distribution to be updated.

• Changing the CEE map for a port causes the FCoE traffic distribution to be updated.

• The FCMAP to VLAN mapping determines the FCoE VLAN allowed for the FCoE session.

Modifying this mapping causes the existing sessions to terminate.

Only one FCoE VLAN is supported in the Fabric OS v7.0.0 release.

Upgrade and downgrade considerations for FCoE

Firmware upgrades from Fabric OS v6.3.x or v6.4.0 to Fabric OS v7.0.0 are disruptive for FCoE traffic. When you upgrade, FCoE provisioning creates the default FCoE VLAN 1002 and the default CEE map with priority 3 with PFC enabled for FCoE traffic. No DCE ports are allowed to carry FCoE traffic by default. You are expected to enable FCoE on a DCE port using the fcoeport command. Once this is done, the CNA will login. See “Assigning an FCoE map onto an

interface” on page 36.

Firmware downgrades from Fabric OS v7.0.0 to Fabric OS v6.3.x or v6.4.0 cause all of the FCoE provisioning configurations to be lost. To cause th CNAs to login again, you must recreate the FCoE configurations afresh using the Fabric OS v6.3.x or v6.4.0 CLIs.

12 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 35

DRAFT: BROCADE CONFIDENTIAL

Chapter

Using the CEE CLI

In this chapter

•Management Tools . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

•CEE Command Line Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Management Tools

The Brocade FCoE hardware runs traditional Fabric OS software and can be managed using the same tools traditionally used for SAN management. Using the Fabric OS Command Line Interface (CLI), administrators have access to all commands and utilities common to other Brocade switches. In addition, the Fabric OS software enables Brocade Web Tools to support the following features for configuring and managing a Converged Ethernet Network:

• CEE interface display and configuration

• FCoE trunk display and configuration

• CEE configuration including link aggregation (LACP), Virtual LANs (VLANs), Quality of Service

(QoS), and LLDP (Link Layer Discovery Protocol)/ DCBX protocol (Data Center Bridging eXchange)

• FCoE login groups

CEE Command Line Interface

The Brocade CEE CLI is designed to support the management of CEE and Layer 2 Ethernet switching functionality. The CEE CLI uses an industry-standard hierarchical shell familiar to Ethernet/IP networking administrators.

All conventional port-related Fabric OS CLI commands are only applicable to Fibre Channel. These commands have no knowledge of the Ethernet ports. The CEE features and CEE ports can only be configured through the CEE CLI interface which is accessed by entering the cmsh command from the Fabric OS shell.

The system starts up with the default Fabric OS configuration and the CEE startup configuration. After logging in you are in the Fabric OS shell. For information on accessing the CEE commands from the Fabric OS shell, see “Accessing the CEE CLI from the Fabric OS shell” on page 15.

Some Fabric OS commands are available in the CEE shell. Enter the Fabric OS ? command at the CEE CLI privileged EXEC mode command prompt to view the available Fabric OS commands. The traditional Fabric OS command help found in the Fabric OS shell is not available through the CEE shell.

Converged Enhanced Ethernet Administrator’s Guide 13 53-1002163-02

Page 36

CEE Command Line Interface

NOTE

The CEE configuration is not affected by configUpload and configDownload commands entered in the Fabric OS shell.

Saving your configuration changes

Any configuration changes made to the switch are written into the running-config file. This is a dynamic file that is lost when the switch reboots. During the boot sequence, the switch resets all configuration settings to the values in the startup-config file.

To make your changes permanent, you must use either the write memory command or the copy command to commit the running-config file to the startup-config file.

Saving configuration changes with the copy command

Perform this task from privileged EXEC mode.

Enter the copy command to save the running-config file to the startup-config file.

DRAFT: BROCADE CONFIDENTIAL

switch#copy running-config startup-config

Saving configuration changes with the write memory command

Perform this task from privileged EXEC mode.

Enter the write memory command to save the running-config file to the startup-config file.

switch# write memory Overwrite the startup config file (y/n): y Building configuration...

CEE CLI RBAC permissions

Role-Based Action Control (RBAC) defines the capabilities that a user account has based on the role the account has been assigned. Table 3 displays the permissions matrix for CEE. Permissions are specifically defined as follows:

• OM—When you enter the cmsh command, you are put directly into privileged EXEC mode.

• O—When you enter the cmsh command, you are limited to EXEC mode.

• N—You are not allowed access to the CEE CLI.

TABLE 3 CEE RBAC permissions

Root Factory Admin User Operator SwitchAdmin FabricAdmin ZoneAdmin BasicSwitchAdmin SecurityAdmin

OM OM OM O N O OM N N O

O = observe, OM = observe and modify, N = access not allowed

Accessing the CEE CLI through the console or Telnet

The procedure to access the CEE CLI is the same through either the console interface or through a Telnet session; both access methods bring you to the login prompt.

14 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 37

DRAFT: BROCADE CONFIDENTIAL

NOTE

Protocol configurationInterface configuration

Port-channel

10-Gigabit Ethernet

VLAN

CEE CLI features

CEE map

ACLs

Console and VTY (line)

configuration

Console

Virtual terminal

Global configuration

EXEC

Privileged EXEC

LLDP

Spanning-tree

CEE Command Line Interface

While this example uses the admin role to log in to the switch, any role listed in the “CEE CLI RBAC

permissions” section can be used.

switch login: admin Password: switch:admin> cmsh switch#

To return to the Fabric OS CLI, enter the following command.

switch#exit switch:admin>

Multiple users can use Telnet and issue commands using EXEC mode and privileged EXEC mode.

Accessing the CEE CLI from the Fabric OS shell

To enter the CEE CLI from the Fabric OS shell, enter the following command.

switch:admin> cmsh switch#

To return to the Fabric OS shell, enter the following command.

switch#exit switch:admin>

CEE CLI command modes

Figure 2 displays the CEE CLI command mode hierarchy.

FIGURE 2 CEE CLI command mode hierarchy

Tab le 4 lists the CEE CLI command modes and describes how to access them.

Converged Enhanced Ethernet Administrator’s Guide 15 53-1002163-02

Page 38

CEE Command Line Interface

NOTE

At system startup, if you try to enter privileged EXEC mode before the system has fully booted, the following message is displayed:

%Info: Please wait. System configuration is being loaded.

After the system has fully booted, a RASlog message indicates that the CEE CLI is ready to accept configuration commands.

TABLE 4 CEE CLI command modes

DRAFT: BROCADE CONFIDENTIAL

Command mode

EXEC switch> Enter the cmsh command at the

Privileged EXEC

Global configuration

Interface configuration

Prompt How to access the command mode Description

Fabric OS prompt after you have logged in as an appropriate user.

switch# From the EXEC mode, enter the

enable command.

switch(config)# From the EXEC mode, enter the

configure terminal EXEC command.

Port-channel:

switch(conf-if-po-63)#

10-Gigabit Ethernet (CEE port):

switch(conf-if-te-0/1)#

From the global configuration mode, specify an interface by entering one of the following commands:

• interface port-channel

• inter face tengigabitethernet

• interface vlan

VLAN:

switch(conf-if-vl-1)#

Protocol configuration

LLDP:

switch(conf-lldp)#

Spanning-tree:

switch(conf-mstp)# switch(conf-rstp)# switch(conf-stp)#

From the global configuration mode, specify a protocol by entering one of the following commands:

• protocol lldp

• protocol spanning-tree mstp

• protocol spanning-tree rstp

• protocol spanning-tree stp

Display running system information and set terminal line parameters.

Display and change system parameters. Note that this is the administrative mode and also includes EXEC mode commands.

Configure features that affect the entire switch.

Access and configure individual interfaces.

Access and configure protocols.

16 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 39

DRAFT: BROCADE CONFIDENTIAL

NOTE

TABLE 4 CEE CLI command modes (Continued)

Command mode

Feature configuration

Console and VTY (line) configuration

Prompt How to access the command mode Description

CEE map:

switch(config-ceemap)#

Standard ACL:

switch(conf-macl-std)#

Extended ACL:

switch(conf-macl-ext)#

switch(config-line)# From the global configuration mode,

CEE Command Line Interface

From the global configuration mode, specify a CEE feature by entering one of the following commands:

• cee-map

• mac access-list

configure a terminal connected through the console port by entering the line console command. Configure a terminal connected through a Telnet session by entering the line vty command.

Access and configure CEE features.

Identify traffic based on the MAC addresses, such as VLAN IDs and different encapsulations.

Standard Access Control Lists filter the traffic on a source address and block traffic close to a destination.

Extended Access Control Lists block traffic based on any given packet attribute.

Configure a terminal connected through the console port or a terminal connected through a Telnet session. After you apply the access list to an interface, a Virtual Teletype (VTY), or through a command using the access list keyword, it becomes effective.

Pressing Ctrl+Z or entering the end command in any mode returns you to privileged EXEC mode. Entering exit in any mode returns you to the previous mode.

CEE CLI keyboard shortcuts

Tab le 5 lists CEE CLI keyboard shortcuts.

TABLE 5 CEE CLI keyboard shortcuts

Keystroke Description

Ctrl+B or the left arrow key Moves the cursor back one character.

Ctrl+F or the right arrow key Moves the cursor forward one character.

Ctrl+A Moves the cursor to the beginning of the command line.

Ctrl+E Moves the cursor to the end of the command line.

Esc B Moves the cursor back one word.

Esc F Moves the cursor forward one word.

Ctrl+Z Returns to privileged EXEC mode.

Ctrl+P or the up arrow key Displays commands in the history buffer with the most recent command

displayed first.

Ctrl+N or the down arrow key Displays commands in the history buffer with the most recent command

displayed last.

Converged Enhanced Ethernet Administrator’s Guide 17 53-1002163-02

Page 40

CEE Command Line Interface

NOTE

In EXEC and privileged EXEC modes, use the show history command to list the commands most recently entered. The switch retains the history of the last 1000 commands entered.

Using the do command as a shortcut

You can use the do command to save time when you are working in any configuration mode and you want to run a command in EXEC or privileged EXEC mode.

For example, if you are configuring an LLDP and you want to execute a privileged EXEC mode command, such as the dir command, you would first have to exit the LLDP configuration mode. However, by using the do command with the dir command, you can ignore the need to change configuration modes, as shown in the following example.

switch(conf-lldp)#do dir Contents of flash://

-rw-r----- 1276 Wed Feb 4 07:08:49 2009 startup_rmon_config

-rw-r----- 1276 Wed Feb 4 07:10:30 2009 rmon_config

-rw-r----- 1276 Wed Feb 4 07:12:33 2009 rmon_configuration

-rw-r----- 1276 Wed Feb 4 10:48:59 2009 starup-config

DRAFT: BROCADE CONFIDENTIAL

Displaying CEE CLI commands and command syntax

Enter a question mark (?) in any command mode to display the list of commands available in that mode.

switch>? Exec commands: enable Turn on privileged mode command exit End current mode and down to previous mode help Description of the interactive help system logout Exit from the EXEC quit Exit current mode and down to previous mode show Show running system information terminal Set terminal line parameters

To display a list of commands that start with the same characters, type the characters followed by the question mark (?).

switch>e? enable Turn on privileged mode command exit End current mode and down to previous mode

To display the keywords and arguments associated with a command, enter the keyword followed by the question mark (?).

switch#terminal ? length Set number of lines on a screen no Negate a command or set its defaults

If the question mark (?) is typed within an incomplete keyword, and the keyword is the only keyword starting with those characters, the CLI displays help for that keyword only.

switch#show d? dot1x IEEE 802.1X Port-Based Access Control <cr>

18 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 41

DRAFT: BROCADE CONFIDENTIAL

CEE Command Line Interface

If the question mark (?) is typed within an incomplete keyword but the keyword matches several keywords, the CLI displays help for all the matching keywords.

switch#show i? interface Interface status and configuration ip Internet Protocol (IP)

The CEE CLI accepts abbreviations for commands. The following example is the abbreviation for the show qos interface all command.

switch#sh q i a

If the switch does not recognize a command after Enter is pressed, an error message displays.

switch#hookup

% Invalid input detected at '^' marker.

If an incomplete command is entered, an error message displays.

switch#show % Incomplete command.

CEE CLI command completion

To automatically complete the spelling of commands or keywords, begin typing the command or keyword and then press Tab. For example, at the CLI command prompt, type te and press Tab:

switch#te

The CLI displays:

switch#terminal

If there is more than one command or keyword associated with the characters typed, the CEE CLI displays all choices. For example, at the CLI command prompt, type show l and press Tab:

switch#show l

The CLI displays:

switch#show l lacp line lldp

CEE CLI command output modifiers

You can filter the output of the CEE CLI show commands using the output modifiers described in

Tab le 6.

TABLE 6 CEE CLI command output modifiers

Output modifier Description

append Appends the output to a file.

redirect Redirects the command output to the specified file.

include Displays the command output that includes the specified expression.

exclude Displays the command output that excludes the specified expression.

append Appends the command output to the specified file.

begin Displays the command output that begins with the specified expression.

Converged Enhanced Ethernet Administrator’s Guide 19 53-1002163-02

Page 42

CEE Command Line Interface

TABLE 6 CEE CLI command output modifiers (Continued)

Output modifier Description

last Displays only the last few lines of the command output.

tee Redirects the command output to the specified file. Note that this modifier also

FLASH Redirects the output to flash memory.

DRAFT: BROCADE CONFIDENTIAL

displays the command output.

20 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 43

DRAFT: BROCADE CONFIDENTIAL

Chapter

Configuration management

In this chapter

•Configuration management tasks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21

•Flash file management commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

•Debugging and logging commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Configuration management tasks

This chapter describes the typical configuration management tasks you may encounter.

The current configuration on the switch is referred to as the running configuration (running-config). The running-config file can be written to non-volatile memory to save configuration changes. Additionally, the running-config file can be saved as the startup configuration (startup-config) file. When the switch is booted, the system reads the contents of the startup-config file and applies it to the running-config.

Typical configuration management tasks are as follows:

• Saving the startup-config and running-config files to Flash.

• Uploading the startup-config and running-config files to a remote location.

• Uploading any configuration file saved and stored in Flash to a remote location.

• Downloading a configuration file from a remote location to the switch to serve as the

startup-config file or the running-config file.

• Downloading a configuration file from a remote location to the switch Flash.

CEE configuration guidelines and restrictions

Follow these guidelines and restrictions when performing any CEE configuration management tasks.

• The CEE configuration database is maintained in a file separate from the Fabric OS

configuration database. Note that Fabric OS configuration management remains unchanged.

• The CEE configuration is not affected by configUpload and configDownload commands entered

in the Fabric OS shell.

• The configuration must be manually saved using the write or copy commands.

Converged Enhanced Ethernet Administrator’s Guide 21 53-1002163-02

Page 44

Configuration management tasks

NOTE

Display the running configuration file

To display the running configuration, perform the following task from EXEC or privileged EXEC mode.

Enter the show running-config command.

switch#show running-config

Saving the running configuration file

This tasks causes the running configuration to become the default configuration. To save the running configuration, perform the following task from privileged EXEC mode.

Enter the copy command to copy the currently running configuration to the startup configuration.

switch#copy running-config startup-config

Loading the startup configuration file

DRAFT: BROCADE CONFIDENTIAL

If you wish to reverse the changes to the running configuration, this task reloads the default startup configuration, overwriting the running configuration.

To load the default configuration, perform the following command from privileged EXEC mode.

switch#copy startup-config running-config

Erasing the startup configuration file.

This task does not affect the running configuration file.

To erase the startup configuration, perform the following command from privileged EXEC mode.

switch#write erase

Archiving the running configuration file

This tasks allows you to archive the running configuration to an archive folder on an FTP site, so that it can be stored without changing the startup configuration. To archive the running configuration file, perform the following task from privileged EXEC mode.

Enter the copy command to archive the running configuration file.

switch#copy running-config ftp://jsmith:password@10.24.48.51/archive/config_file]

Restore an archived running configuration file

To restore the running configuration, perform the following task from privileged EXEC mode.

Enter the copy command to restore the running configuration file.

switch#copy running-config ftp://jsmith:password@10.24.48.51/archive/config_file]

22 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 45

DRAFT: BROCADE CONFIDENTIAL

NOTE

Archiving the startup configuration file

This tasks allows you to archive the startup configuration to an archive folder on an FTP site. To archive the startup configuration, perform the following task from privileged EXEC mode.

Enter the copy command to archive the startup configuration file.

switch#copy startup-config ftp://jsmith:password@10.24.48.51/archive/config_file]

Restore an archived startup configuration file

To restore the startup configuration, perform the following task from privileged EXEC mode.

Enter the copy command to restore the startup configuration file.

switch#copy startup-config ftp://jsmith:password@10.24.48.51/archive/config_file]

Flash file management commands

Tab le 7 describes the common tasks used to manage Flash files. The Converged Enhanced

Ethernet Command Reference contains complete information on all available CLI commands.

Use of the flash:// prefix is optional.

The tasks listed in Table 7 are performed from privileged EXEC mode.

TABLE 7 CEE Flash memory file management commands

Task Command

List the files in the Flash memory directory. switch#dir

Delete a file from the Flash memory directory. switch#delete flash://example_filename

Erase all the files in the Flash memory directory.

NOTE: This command erases all the files in the

Flash directory except the default startup configuration file which is programmed as a manufacturing default.

Rename a file in the Flash. switch#rename filename new_filename

Display the contents of a file in the Flash memory directory.

switch#erase flash % Warning: Erasing flash filesystem will remove all files in flash://. Continue to erase?(y/n):y

switch#show file flash://example_filename

Debugging and logging commands

Tab le 8 describes the tasks related to debugging and logging commands. The Converged

Enhanced Ethernet Command Reference contains complete information on all available CLI

commands.

Converged Enhanced Ethernet Administrator’s Guide 23 53-1002163-02

Page 46

Debugging and logging commands

The tasks listed in Table 8 are performed from privileged EXEC mode.

TABLE 8 Debugging and logging commands

Task Command

DRAFT: BROCADE CONFIDENTIAL

Display debugging information for CEE components.

Display logging information for CEE components. switch#show logging

Display the collection of information needed for technical support.

NOTE: The supportsave command in Fabric OS includes the debugging data provided by the above commands.

switch#show debug

switch#show tech-support

24 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 47

DRAFT: BROCADE CONFIDENTIAL

NOTE

Chapter

FCoE Configuration Management

In this chapter

•Managing the FCoE configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

•Configuring the FCoE login information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

•Creating an FCoE login group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28

Managing the FCoE configuration

FCoE technology bridges the boundary between the SAN and LAN sections of your network. FCoE configuration tasks require mostly configuration of the interface ports on the switch.

This chapter discusses the tasks for managing your FCoE configuration, login groups, and VN_port mappings.

To assist you in configuring FCoE, see “FCoE Initialization Protocol” on page 8.

FCoE configuration guidelines and restrictions

Follow these FCoE configuration guidelines and restrictions when configuring FCoE:

• The CEE configuration database is maintained in a file separate from the Fabric OS

configuration database. Fabric OS configuration management procedures remain unchanged.

• FCoE to FCoE traffic across two FCOE10-24 blades can only reach 68% line rate using a

port-based routing policy. Using an exchange based routing policy can avoid the performance drop.

Only the WWN zoning of FCoE VF ports is supported. Port-based zoning of the FCoE VF port is not supported. Additionally, inclusion of FCoE VF ports in a zone which has port-based zone members (such as zone members specified by their respective domain and index) is not supported. However there are no restrictions enforced that block you from enabling the port-based zoning. If you configure port-based zoning on a VF port, it converts all the other ports in the FCoE port group to “session based” zoning. The only way to recover the VF port from this scenario is to set all the VF ports in the FCoE port group offline, change the zoning config of VF ports to WWN-based zoning and bring them back to online.

Converged Enhanced Ethernet Administrator’s Guide 25 53-1002163-02

Page 48

Configuring the FCoE login information

Clearing logins

Perform the following task to clear logins.

Task Command

DRAFT: BROCADE CONFIDENTIAL

Clear the logins that occurred through a front-end port or from a device specified by the ENode's VN_port WWN. Syntax is as follows:

• -teport slot/port—Specifies the slot or port

number.

• -device wwn—Specifies the device WWN.

Displaying FCoE configuration-related information

Perform the following tasks to display FCoE-related configuration information.

Task Command

Display the embedded FCoE port configuration. Configurations of all the ports are displayed if you do not specify a specific port.

Display information about devices logged in to a specific FCoE F_port.

Display FIP configurations. switch:admin> fcoe --fipcfgshow

Configuring the FCoE login information

Another important task in administrating FCoE is configuring the FCoE login information.

switch:admin> fcoe --resetlogin -teport slot/port |

-device wwn

switch:admin> fcoe --cfgshow [slot/port]

switch:admin> fcoe --loginshow [slot/port]

Enabling or disabling login configuration management

The fcoelogincfg command allows only configured ENode VN_ports to log in. Use the fcoelogingroup command to configure allowed ENode VN_ports. The default is disabled.

Disabling the fcoelogincfg command allows unrestricted login on ENode VN_ports.

Perform one of the following tasks to toggle the availability of FCoE login configuration management.

Task Command

Enable the FCoE login configuration management on the switch (this is a switch-based command, not port-based).

Disable the FCoE login configuration management on the switch.

26 Converged Enhanced Ethernet Administrator’s Guide

switch:admin> fcoelogincfg --enable

switch:admin> fcoelogincfg --disable

53-1002163-02

Page 49

DRAFT: BROCADE CONFIDENTIAL

NOTE

Configuring the FCoE login information

Managing the current configuration transaction

The configuration changes created using the fcoelogingroup command are kept in a transaction buffer until you save the buffer using the fabric-wide fcoelogincfg--save command. The login configuration is saved as a transaction, and to apply it you need to specifically save it.

Perform one of the following tasks to either display or abort the current configuration transaction.

Task Command

Display the current configuration transaction. switch:admin> fcoelogincfg --transshow

Abort the current configuration transaction. switch:admin> fcoelogincfg --transabort

Cleaning up login groups and VN_port mappings

Perform the following tasks to clean up login groups and VN_port mappings.

Task Command

Perform a cleanup of all conflicting login groups and VN_port mappings from the effective configuration. This purges not only the conflicting login groups but also the non-existing switches.

Perform a cleanup of all conflicting login groups and conflicting VN_port mappings from the effective configuration.

Perform a cleanup of all login groups for non-existing switches from the effective configuration.

switch:admin> fcoelogincfg --purge -conflicting

-nonexisting

switch:admin> fcoelogincfg --purge -conflicting

switch:admin> fcoelogincfg --purge -nonexisting

Displaying the FCoE login configuration

Perform the following tasks to display the FCoE login configuration.

Task Command

Display the FCoE login configuration. Syntax is as follows:

• -switch swwn—Displays all of the login

groups for the specified switch.

• -logingroup lgname—Displays the login group

configuration for the specified login group.

• -saved—Displays only the effective

configuration.

Display the status of the last configuration merge during the last fabric merge. This operand also displays conflicting login groups and login groups for non-existing switches.

Converged Enhanced Ethernet Administrator’s Guide 27 53-1002163-02

switch:admin> fcoelogincfg --show [-switch swwn |

-logingroup lgname] [-saved]

switch:admin> fcoelogincfg --show [-mergestatus]

Page 50

Creating an FCoE login group

Saving the current FCoE configuration

Perform the following task to save the current FCoE configuration.

Task Command

DRAFT: BROCADE CONFIDENTIAL

Save the current FCoE login configuration as the effective configuration fabric-wide.

Creating an FCoE login group

The FCoE login group enables you to configure login policies.

Perform the following task to create an FCoE login group.

Task Command

Syntax is as follows:

• --create—Create a login group.

• lgname—Specify the name of the login group

for this switch. The maximum length is a 64-byte string.

• -switch swwn—Specify the WWN of the

switch for which the login group is being created.

• -self—Specify the WWN of the current switch.

• -allowall—Allow all VN_port devices to log in

to the switch.

• member—Identify the WWN of the VN_port.

The WWN must be specified in hex as xx:xx:xx:xx:xx:xx:xx:xx. Only specified members are allowed to log in to the switch.

switch:admin> fcoelogincfg --save

switch:admin> fcoelogingroup --create lgname -switch swwn | -self [-allowall | “member; member;…”]

28 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 51

DRAFT: BROCADE CONFIDENTIAL

Creating an FCoE login group

Modifying the FCoE login group device list

Perform the following tasks to add or remove VN_port devices from the FCoE login group.

Task Command

Add VN_port devices to the FCoE login group. Syntax is as follows:

• lgname—Specify the name of the login group

to which VN_port devices are to be added.

• member—Identify the WWN of the VN_port.

The WWN must be specified in hex as xx:xx:xx:xx:xx:xx:xx:xx. Only specified members are allowed to log in to the switch.

Remove VN_port devices from the FCoE login group. Syntax is as follows:

• lgname—Specify the name of the login group

from which VN_port devices are to be removed.

• member—Identify the WWN of the VN_port.

The WWN must be specified in hex as xx:xx:xx:xx:xx:xx:xx:xx. Only specified members are allowed to log in to the switch.

switch:admin> fcoelogingroup --add lgname member;

member; ....

switch:admin> fcoelogingroup --remove lgname member; member;…

Deleting an FCoE login group

Perform the following task to delete an FCoE login group.

Task Command

Delete an FCoE login group. Syntax is as follows:

switch:admin> fcoelogingroup --delete lgname

• lgname—Specify the name of the login

group.

Renaming an FCoE login group

Perform the following task to rename an FCoE login group.

Task Command

Rename an FCoE login group. Syntax is as follows:

• lgname—Specify the name of the login group

from which VN_port devices are to be removed.

switch:admin> fcoelogingroup --rename lgname

newlgname

Converged Enhanced Ethernet Administrator’s Guide 29 53-1002163-02

Page 52

Creating an FCoE login group

DRAFT: BROCADE CONFIDENTIAL

30 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 53

DRAFT: BROCADE CONFIDENTIAL

Chapter

Initial FCoE and CEE Configuration

In this chapter

•Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

•End to End FCoE using FC ISLs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

•High availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

•Configuring the FCoE interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

•Configuring the FCoE VLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35

•Configuring DCBX . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37

•Configuring Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

•Configuring VLAN membership. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

•CEE map configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

•CEE audit logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 42

Overview

This chapter describes how to configure Fibre Channel over Ethernet (FCoE) and Converged Enhanced Ethernet (CEE) properties on the switch using CLI commands. For detailed information about all the CEE CLI commands, refer to the Converged Enhanced Ethernet Command Reference Supporting Fabric OS v6.4.0 (53-1001762-01).

All of the CLI commands are entered using the Telnet or console interface on the Brocade FCoE hardware.

End to End FCoE using FC ISLs

Support for end-to-end FCoE is achieved through FC ISLs, allowing FCoE traffic to be carried across multiple FC ISL hops, eventually terminating in FC or FCoE storage.

Converged Enhanced Ethernet Administrator’s Guide 31 53-1002163-02

Page 54

End to End FCoE using FC ISLs

NOTE

Fibre Channel

FCoE

Storage

FCoE,

Storage

Arrays

DCX FC Core

DCX FC Edge

DCX/DCX-4s

FCoE Edge

Aggregation

Switch/Router

SAN

Tape

Libraries

Data Center Bridging Ethernet

The following diagram shows a deployment scenario where FCoE initiators are connected to FCoE and FC targets across multiple hops of FC ISLs.

DRAFT: BROCADE CONFIDENTIAL

32 Converged Enhanced Ethernet Administrator’s Guide

FIGURE 3 Deploying FCoE across multiple hops of FC ISLs

FCoE Logical Port Numbering

A total of 24 FCoE logical ports on FCOE10-24 belong to 6 FCoE port groups. The port number range is 0 through 23 and these belong to 6 FCoE port groups ranging from 0 through 3, 4 through 7, 8 through 11, 12 through 15, 16 through 19, and 20 through 23. For example, the FCoE ports on a 24 port blade in the 4th slot is 4/0 through 4/23.

This grouping is relevant only for bridging bandwidth considerations. A group of four ports that is arranged in a bank has 10Gb of bridging bandwidth.

FCoE port-to-front end TenGigabit port mapping

Each of the FCoE logical ports in VF port mode is mapped to a corresponding front end TenGigabit port such that the FCoE FLOGI received through the TenGigabit port is mapped and handled at the corresponding FCoE logical port.

53-1002163-02

Page 55

DRAFT: BROCADE CONFIDENTIAL

ATTENTION

On an FCOE10-24 this mapping is as follows, assuming that the FCOE10-24 blade is in slot 4:

• FCoE port 4/0 maps to TE port 4/0

• FCoE port 4/1 maps to TE port 4/1

• FCoE port 4/23 maps to TE port 4/23

High availability

Fabric OS v7.0.0 ensures high availability of FCoE storage traffic going through FCOE10-24 blades on the DCX and DCX-4S platforms. If the Control Processors (CPs) on the DCX or DCX-4S are in a redundant state and the active CP fails, the standby CP takes over the control of the system. Failover from the active CP to the standby CP is non-disruptive to both FC and FCoE traffic.

Hot plug

The procedure for hot-plugging an FCOE10-24 is similar to any other blade supported on a DCX or DCX-4S. When diagnostics are running on a blade, a slotpoweroff operation is not allowed. This behavior is similar to what has been supported in the previous FOS releases.

High availability

When a core blade on a DCX or DCX-4S is removed, the traffic flowing through the ASICs in that blade is re-routed to use the ASICs in the other core blade in the chassis. This increases the congestion, but the switch continues to operate in an over-subscribed mode. When both the core blades are removed, then all the blades in the chassis are disabled.

Control Processor failover

When the active CP in a DCX or DCX-4S fails over, the FCoE storage traffic going through the FCOE10- 24 blades are not disrupted. Critical protocol components are brought online quickly to ensure that PDUs are transmitted to the adjacent switches so that the associated protocol sessions are not declared dead.

Upgrading your firmware from Fabric OS v6.3.x, v6.4.0, or v6.4.1 does not cause FC traffic disruption but does cause FCoE traffic disruption.

Brocade recommends that the protocol timeout values in Table 9 be configured both on the local Brocade switches, as well as neighboring switches, to ensure non-disruptive HA failover.

TABLE 9 Protocol timeout values for non-disruptive failover

Protocol type Time interval

LACP Long timeout = 90 seconds (default value)

FIP Hello Interval = 8 seconds (default value)

RSTP 3 Second Hello (9 second session timeout)

MSTP 3 Second Hello (9 second session timeout)

Full recovery of all services can take up to a minute. No new configuration is allowed for that period. Configuration manager generates a RASLOG message to indicate the availability of the standby CP after recovery to accept new configuration CLIs.

Converged Enhanced Ethernet Administrator’s Guide 33 53-1002163-02

Page 56

High availability

DRAFT: BROCADE CONFIDENTIAL

Every configuration is either fully committed or not, but never “half-complete.” If you had started executing the copy startup running command, it will be resumed after failover before any new CLI is allowed to be executed.

High availability reference

This section contains reference tables for high availability.

TABLE 10 State preservation during CP failover

Operation, data, or state Expected behavior

CLIs that are being executed when the HA failover occurs.

Running and Startup configurations The running and startup configuration is preserved.

L2 forwarding table This item is preserved during failover.

VLAN table and state This item is preserved during failover.

Static Multicast MAC DA This item is preserved during failover.

Dynamic Multicast MAC DA (learned via IGMP snooping)

MAC learning process MAC learning entries that are in the ASIC queue but yet to be processed by

MAC ageing timer The timer is restarted after the failover.

Station moves during failover Station moves are not detected.

Interface state Preserved as long as the interfaces are either in a shut or no-shut state. Any

Interface counters This item is preserved during failover.

Interface counters related to CoS, Flow control, RED Alarms and other configuration

xSTP Port STP state This item is preserved as long as the ports are in a steady state, otherwise

IGMP snooping – Dynamically learned groups

Static, Dynamic Standard, and Brocade LAGs

ACL policies This item is preserved during failover, however the ACL counters are not

LLDP, neighbor information, profiles, or DCBX state machine

QoS policies This item is preserved during failover.

Port authentication state Preserved during failover, as long as the ports are in a steady state,

SNMP sessions Reset during failover. SNMP manager must reconnect after the failover.

All telnet/ssh sessions are disconnected and need to be reestablished after failover.

Any CLI operation under progress will either be fully committed if its execution had started on active CP or not executed completely. The vty timeout configuration is preserved across failover.

All other configuration files are preserved.

This item is preserved during failover.

software is flushed.

interface which is not fully initialized is reset.

This item is preserved during failover, however since interface counters are not preserved, the alarms are restarted upon HA failover.

the port state machine is reset.

This item is preserved during failover.

preserved.

This item is preserved during failover.

otherwise the port state machine are reset.

34 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 57

DRAFT: BROCADE CONFIDENTIAL

TABLE 10 State preservation during CP failover (Continued)

Operation, data, or state Expected behavior

RMON – Alarms and other configuration

MIB objects and tables This item is preserved during failover.

FCoE Initiator entries in FC login database Name server

Configuring the FCoE interfaces

FCoE maps are used to configure FCoE properties on interfaces. An FCoE map is a placeholder for an FCoE VLAN and a CEE map. You can assign FCoE maps on to physical interfaces using the fcoeport command. Once the FCoE map is assigned onto an interface:

• The corresponding FCoE VLAN is applied to the interface.

• The corresponding CEE map is applied to the interface.

• The FCoE/FIP vlan classifiers are applied to the interface.

In short, the interface becomes capable of carrying FCoE traffic. The FCoE map can be applied on an interface only if the FCoE map is complete in all aspects. That is, it should have an FCoE VLAN and a CEE map associated with it.

Configuring the FCoE interfaces

This item is preserved during failover. However, alarms timers are restarted upon HA failover.

This item is preserved during failover.

Only a single FCoE map is allowed, which is created automatically with the name “default.” You are not able to delete or rename this map. By default, if there are no other conflicting configurations, the FCoE VLAN associated to the FCoE map is FCoE VLAN (1002) and the CEE map associated is the default CEE map (also called “default”).

Configuring the FCoE VLAN

The contents of the default running-configuration file are displayed with the show running-config command:

switch#show running-config no protocol spanning-tree cee-map default priority-group-table 1 weight 40 pfc priority-group-table 2 weight 60 priority-table 2 2 2 1 2 2 2 2 ! fcoe-map default fcoe-vlan 1002 ! interface vlan 1

If the system already contains an FCoE VLAN 1002, it continues to be used as the FCoE VLAN by creating a default fcoe-map with fcoe-vlan 1002. If the pre-existing FCoE VLAN is set to something other than 1002, that VLAN is configured as a standard VLAN and new FCoE VLAN 1002 is created with the default fcoe-map.

Converged Enhanced Ethernet Administrator’s Guide 35 53-1002163-02

Page 58

Configuring the FCoE VLAN

DRAFT: BROCADE CONFIDENTIAL

VLAN 1002 is reserved for FCoE VLAN. If VLAN 1002 is already assigned as a LAN VLAN, it is automatically recreated as the FCoE VLAN while creating the default fcoe-map.

The FCoE VLAN can be created in the FCoE map configuration mode as well. The fcoe-vlan command creates the FCoE VLAN if the corresponding VLAN does not exist in the system. If a VLAN already exists with the same VLAN ID, then the command fails.

The FCoE VLANs can be seen using the show vlan fcoe command. Alternatively, the show vlan brief command can be used, in which FCoE VLANs are marked with an “(F)”.

No VLAN classifiers (including FIP and FCoE classifiers) are allowed to be configured for the FCoE VLAN.

To configure the FCoE VLAN, perform the following steps in global configuration mode.

1. Activate the FCoE map configuration mode.

switch(config)#fcoe-map default switch(conf-fcoe-map)#

2. Use the fcoe-vlan command to specify a new VLAN ID.

Only one FCoE VLAN can be active at a time, and this command will be successful only if the new VLAN ID can be created and the old VLAN ID can be deleted. The FCoE VLAN cannot be changed if the fcoeport profile is already applied to an interface.

switch(conf-fcoe-map)#fcoe-vlan 5

3. Use the do show vlan fcoe command to confirm the VLAN ID change.

switch(conf-fcoe-map)#do show vlan fcoe VLAN Name State Ports (F)-FCoE (u)-Untagged, (t)-Tagged ======= ================ ======= =============================== 5(F) VLAN0005 ACTIVE

4. Use the do show fcoe-map command to confirm the current status of the FCoE map.

The following example shows that the FCoE VLAN has been assigned the ID of 5, but the map has not been assigned to any interfaces.

switch(conf-fcoe-map)#do show fcoe-map fcoe-map default cee-map : default fcoe-vlan : 5 interface(s) :

Assigning an FCoE map onto an interface

The FCoE map cannot be edited if it is associated with any interfaces.

The FCoE map can be applied, irrespective of whether or not the interface is in ‘switchport’ mode. But the FCoE map cannot be applied on an interface if the same interface already has a CEE map assigned to it.

To assign the FCoE map onto an interface, perform the following steps in global configuration mode.

1. Activate the interface configuration mode for the interface you wish to modify.

The following example activates the mode for the 10 Gigabit Ethernet interface in slot 0/port 0.

switch(config)#interface tengigabitethernet 0/0

36 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 59

DRAFT: BROCADE CONFIDENTIAL

Configuring DCBX

2. Apply the current FCoE profile map to the interface using the fcoeport command.

switch(conf-if-te-0/0)# fcoeport

3. Return to the privileged EXEC mode using the end command.

switch(conf-if-te-0/0)#end

4. Confirm the changes to the interface with the show running-config command.

switch#show running-config interface tengigabitethernet 0/0 interface TenGigabitEthernet 0/0 fcoeport shutdown

5. Use the show fcoe-map command to confirm the current status of the FCoE map.

The following example shows that the FCoE VLAN has been assigned the ID of 5, and the map has been assigned to the interface.

switch# show fcoe-map fcoe-map default cee-map : default fcoe-vlan : 5 interface(s) : te0/0

6. Repeat this procedure for any additional interfaces.

Configuring DCBX

Data Center Bridging eXchange Protocol (DCBX) runs on CEE links and is an extension of the Link Layer Discovery Protocol (LLDP). The primary goal of DCBX is to allow the discovery of CEE-capable hosts and switches and allow CEE-specific parameters—such as those for Enhanced Transmission Selection (ETS) and Priority Flow Control (PFC)—to be sent before the link is shared. DCBX parameters use a type-length-value (TLV) format. By default, DCBX is turned on and the two TLVs are enabled. The available TLVS are:

• dcbx-fcoe-app-tlv—IEEE Data Center Bridging eXchange FCoE Application TLV.

• dcbx-fcoe-logical-link-tlv—IEEE Data Center Bridging eXchange FCoE Logical Link TLV. The

presence of this TLV declares that the FCoE part of the converged link is UP.

To configure the TLVs for DCBX, perform the following steps in global configuration mode.

1. Set the protocol type to LLDP.

switch(config)#protocol lldp

2. Activate the protocol.

switch(conf-lldp)#no disable

3. Activate the TLV formats using the advertise command in LLDP configuration mode.

switch(conf-lldp)#advertise dcbx-fcoe-app-tlv switch(conf-lldp)#advertise dcbx-fcoe-logical-link-tlv

4. Enter the copy command to save the running-config file to the startup-config file.

switch(conf-lldp)#do copy running-config startup-config

Converged Enhanced Ethernet Administrator’s Guide 37 53-1002163-02

Page 60

DRAFT: BROCADE CONFIDENTIAL

NOTE

Configuring Spanning Tree Protocol

Spanning Tree Protocol (STP) is a mechanism to detect and avoid loops in Ethernet networks by establishing a fixed path between all the switches in a LAN. The Brocade FCoE hardware supports three spanning tree variations: standard Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP).

Configuring Spanning Tree on a port enabled for FCoE is not recommended, as it can cause login issues while the port transitions from the blocked state to the forwarding state. Either STP should be disabled, or configured in edge mode. However, Brocade strongly recommends that STP be disabled.

It is a best practice that an access layer switch does not become the root switch. Changing the bridge or STP priority helps to ensure that this does not occur. The following example performed from the CEE CLI configures the switch for RSTP and sets the bridge priority to the highest value, ensuring it will not become the root switch in an existing LAN.

To configure RSTP, perform the following steps in global configuration mode.

1. Configure the switch for RSTP.

switch(config)#protocol spanning-tree rstp

2. Set the bridge priority to the highest value so it does not become the root switch in an existing LAN.

switch(conf-rstp)#bridge-priority 61440

3. Enter the copy command to save the running-config file to the startup-config file.

switch(conf-rstp)#do copy running-config startup-config

Configuring VLAN membership

IEEE 802.1q Virtual LANs (VLANs) provide the capability to overlay the physical network with multiple virtual networks. VLANs allow network traffic isolation into separate virtual networks, reducing the size of administrative and broadcast domains.

A VLAN contains end stations that have a common set of requirements which can be in independent physical locations. You can group end stations in a VLAN even if they are not physically located in the same LAN segment. VLANs are typically associated with IP subnets and all the end stations in a particular IP subnet belong to the same VLAN.

In addition to creating a special VLAN for FCoE traffic, VLAN classifiers are applied to incoming EtherTypes for FCoE Initialization Protocol (FIP) and FCoE. VLAN classifiers are rules used to dynamically classify Ethernet frames on an untagged interface to VLANs.

FIP and FCoE cannot be manually configured in VLAN classifier rules. They are part of the fcoeport interface configuration and are applied automatically when an interface is configured as an fcoeport.

38 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 61

DRAFT: BROCADE CONFIDENTIAL

NOTE

To configure VLAN membership, perform the following steps in global configuration mode.

1. Create the VLAN interfaces on the Brocade FCoE hardware using the CEE CLI. For details, see

“Creating a VLAN interface”.

The following example creates two VLAN interfaces and assigns each one to a server group.

switch(config)#interface vlan 10 switch-cmsh(conf-if-vl-10)#description server group 1 switch(config)#interface vlan 20 switch-cmsh(conf-if-vl-20)#description server group 2 switch(config)#interface vlan 100 switch-cmsh(conf-if-vl-100)#description server group 3

2. (Optional) Apply the VLAN classifier group to any CEE interface. For details, see “Activating a

VLAN classifier group with an interface port”.

3. Enter the copy command to save the running-config file to the startup-config file.

switch(config)#do copy running-config startup-config

CEE map configuration

The CEE Quality of Service (QoS) covers frame classification, priority and traffic class (queue) mapping, congestion control, and scheduling. Under the CEE Provisioning model all of these features are configured utilizing two configuration tables, the Priority Group Table and the Priority Tab le.

The CEE Priority Group Table defines each Priority Group ID (PGID) and its scheduling policy (Strict Priority versus Deficit Weighted Round-Robin (DWRR), DWRR weight, relative priority), and partially defines the congestion Priority Flow Control (PFC) configuration. There are 16 rows in the CEE Priority Group Table. Table 11 presents the default CEE Priority Group Table configuration.

Only a single Class-of-Service (CoS) can be mapped to a PFC-enabled priority queue. The CoS number must be identical to the priority queue number. If your configuration violates this restriction, an error message displays and the Priority Group Table is set back to the default values.

When the CEE map is applied, and the interface is connected to the CNA, only one Strict Priority PGID (PGID 15.0 to PGID 15.7) is allowed.

TABLE 11 Default CEE Priority Group Table configuration

PGID Bandwidth% PFC

15.0 — N

15.1 — N

15.2 — N

15.3 — N

15.4 — N

15.5 — N

15.6 — N

15.7 — N

Converged Enhanced Ethernet Administrator’s Guide 39 53-1002163-02

Page 62

CEE map configuration

DRAFT: BROCADE CONFIDENTIAL

TABLE 11 Default CEE Priority Group Table configuration (Continued)

PGID Bandwidth% PFC

00N

10N

20N

30N

40N

50N

60N

70N

Strict Priority versus DWRR is derived directly from the PGID value. All PGIDs with prefix 15 receive the Strict Priority scheduling policy and all PGIDs in the range 0 through 7 receive the DWRR scheduling policy. Relative priority between PGIDs is exactly the ordering of entries listed in the table, with PGID 15.0 being the highest priority and PGID 0 being the lowest priority. Congestion control configuration is partially specified by toggling the PFC column On or Off. This provides only partial configuration of congestion control because the set of priorities mapped to the PGID is not known.

The CEE Priority Table defines each CoS mapping to a PGID, and completes the PFC configuration. There are eight rows in the CEE Priority Table. Table 12 details the default CEE Priority Table configuration.

TABLE 12 Default CEE priority table configuration

CoS PGID

015.6

115.7

215.5

315.4

415.3

515.2

615.1

715.0

Defining a Priority Group Table map

To define a priority group table map, perform the following steps from privileged EXEC mode.

1. Enter global configuration mode.

switch#configure terminal

2. Activate the CEE map mode.

switch(config)#cee-map default

3. Define the CEE map for PGID 0.

switch(config-ceemap)#priority-group-table 0 weight 50 pfc

40 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 63

DRAFT: BROCADE CONFIDENTIAL

CEE map configuration

4. Define the CEE map for PGID 1.

switch(config-ceemap)#priority-group-table 1 weight 50

5. Enter the copy command to save the running-config file to the startup-config file.

switch(config)#do copy running-config startup-config

Defining a Priority-Table map

To define a Priority Table map, perform the following steps in privileged EXEC mode.

1. Enter global configuration mode.

switch#configure terminal

2. Activate the CEE map mode.

switch(config)#cee-map default

3. Define the map.

switch(config)#priority-table 2 2 2 1 2 2 2 2

4. Enter the copy command to save the running-config file to the startup-config file.

switch(config)#do copy running-config startup-config

Applying a CEE provisioning map to an interface

To apply a CEE provisioning map, perform the following steps from privileged EXEC mode.

1. Enter global configuration mode.

switch#configure terminal

2. Specify the 10 Gigabit Ethernet interface. In this example, 0/2 is used.

switch(config)#interface tengigabitethernet 0/2

3. Apply the CEE map on the interface.

switch(conf-if-te-0/1)#cee-map default

4. Return to privileged EXEC mode.

switch(conf-if-te-0/1)#exit

5. Enter the copy command to save the running-config file to the startup-config file.

switch(config)#do copy running-config startup-config

Verifying the CEE maps

To verify the CEE map, perform the following steps from privileged EXEC mode.

1. Enter global configuration mode.

switch#configure terminal

2. Verify the CEE map provisioning for a specified name.

switch(config)#show cee maps default

Converged Enhanced Ethernet Administrator’s Guide 41 53-1002163-02

Page 64

CEE audit logs

The CEE audit logs record all changes made by authorized users. This information is always present, irrespective of the configuring entity. Because redundant configuration is not recorded, only configuration changes that have resulted in some change in the running-config file on the system are logged.

In addition to configuration commands, the copy and clear commands, which alter the system state, are logged. On the local system, the logs are maintained in a circular buffer with a capacity of 256 entries. The audit log infrastructure of the Fabric OS is used here and the capacity of 256 entries is shared between the Fabric OS and CEE audit logs.

Table 3 shows the components of the CEE audit logs.

TABLE 13 Format of the CEE audit logs

Name Example Description

Timestamp 2009/05/12-21:25:57 Date and time at which the log was

User Root User’s login name

Role Root User’s RBAC role

IP 10.2.2.47 IP address of the user’s computer

Session telnet The virtual console from which the

Hostname EL34 Host name of the switch

Mode Config The configuration mode in which the

Command rmon event 15 The CLI command that altered the

DRAFT: BROCADE CONFIDENTIAL

generated

user executed the command

command was executed

configuration

To configure CEE audit logs, perform these steps from the Fabric OS command shell.

1. CEE audit logging is disabled by default. It must be enabled explicitly by using the auditcfg command from the Fabric OS shell. See the Fabric OS Command Reference Manual Supporting Fabric OS v6.4.0 for details.

switch>auditcfg –-enable

2. The CEE audit logs belong to the CONFIGURATION class of audit logs. The filter for this class must be enabled by using the auditcfg command from the Fabric OS shell. See the Fabric OS Command Reference Manual Supporting Fabric OS v6.4.0 for details.

switch>auditcfg –-class 3

3. Activate privileged EXEC mode.

switch>cmsh switch#enable switch#

42 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 65

DRAFT: BROCADE CONFIDENTIAL

CEE audit logs

4. Review the DCE audit logs using the show accounting logs command.

switch#show accounting logs 2009/06/24-02:15:54(UTC),root/root/NONE/console/CLI/EL34,config;rmon event 12 2009/06/24-02:21:13(UTC),root/root/NONE/console/CLI/EL34,config;rmon event 7 2009/06/24-02:21:29(UTC),root/root/NONE/console/CLI/EL34,conf-if-te-0/0;rmon collection stats 100

Converged Enhanced Ethernet Administrator’s Guide 43 53-1002163-02

Page 66

DRAFT: BROCADE CONFIDENTIAL

CEE audit logs

44 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 67

DRAFT: BROCADE CONFIDENTIAL

NOTE

Chapter

Configuring VLANs

In this chapter

•VLAN overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

•Ingress VLAN filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45

•VLAN configuration guidelines and restrictions . . . . . . . . . . . . . . . . . . . . . . 47

•Default VLAN configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47

•VLAN configuration and management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48

•Configuring protocol-based VLAN classifier rules . . . . . . . . . . . . . . . . . . . . . 52

•Configuring the MAC address table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54

VLAN overview

IEEE 802.1Q Virtual LANs (VLANs) provide the capability to overlay the physical network with multiple virtual networks. VLANs allow you to isolate network traffic between virtual networks and reduce the size of administrative and broadcast domains.

A VLAN contains end stations that have a common set of requirements that are independent of physical location. You can group end stations in a VLAN even if they are not physically located in the same LAN segment. VLANs are typically associated with IP subnetworks and all the end stations in a particular IP subnet belong to the same VLAN. Traffic between VLANs must be routed. VLAN membership is configurable on a per interface basis.

The VLAN used for carrying FCoE traffic needs to be explicitly designated as the FCoE VLAN. FCoE VLANs are configured through the CEE CLI (see “Configuring a VLAN interface to forward FCoE

traffic” on page 49).

Currently only one VLAN can be configured as the FCoE VLAN.

Ingress VLAN filtering

A frame arriving at Brocade FCoE hardware is either associated with a specific port or with a VLAN, based on whether the frame is tagged or untagged:

• Admit tagged frames only—The port the frame came in on is assigned to a single VLAN or to

multiple VLANs depending on the VLAN ID in the frame’s VLAN tag. This is called trunk mode.

• Admit untagged frames only—These frames are assigned the port VLAN ID (PVID) assigned to

the port the frame came in on. This is called access mode.

Converged Enhanced Ethernet Administrator’s Guide 45 53-1002163-02

Page 68

Ingress VLAN filtering

NOTE

Is the port

a trunk?

Assign the

frame to the

classified VLAN

Assign the

frame to the

configured PVID

Drop frame

Is the VLAN ID

an allowed VLAN?

Assign the frame to the

VLAN present in the VLAN ID

field of the Ethernet header

Incoming frame

on an interface

Ye s

Is the port an

access interface?

Ye s

Does the frame match any

of the configured VLAN classifiers

(MAC address based and

protocol based)?

DRAFT: BROCADE CONFIDENTIAL

• Admit VLAN tagged and untagged frames—All tagged and untagged frames would be

processed as follows:

- All untagged frames are classified into native VLANs.

- All frames egressing are untagged for the native VLANs.

- Any tagged frames coming with a VLAN tag equal to the configured native VLAN are

processed.

- For ingress and egress, non-native VLAN tagged frames are processed according to the

allowed VLAN user specifications. This is called converged mode.

Ingress VLAN filtering is enabled by default on all Layer 2 interfaces. This ensures that VLANs are filtered on the incoming port (depending on the user configuration).

Figure 4 displays the frame processing logic for an incoming frame.

FIGURE 4 Ingress VLAN filtering

46 Converged Enhanced Ethernet Administrator’s Guide

There are important facts you should know about Ingress VLAN filtering:

• Ingress VLAN filtering is based on port VLAN membership.

• Port VLAN membership is configured through the CEE CLI.

• Dynamic VLAN registration is not supported.

• The Brocade FCoE hardware does VLAN filtering at both the ingress and egress ports.

• The VLAN filtering behavior on logical Layer 2 interfaces such as LAG interfaces is the same as

• The VLAN filtering database (FDB) determines the forwarding of an incoming frame.

on port interfaces.

53-1002163-02

Page 69

DRAFT: BROCADE CONFIDENTIAL

NOTE

VLAN configuration guidelines and restrictions

Additionally, there are important facts you should know about the VLAN FDB:

• The VLAN FDB contains information that helps determine the forwarding of an arriving frame

based on MAC address and VLAN ID data. The FDB contains both statically configured data and dynamic data that is learned by the switch.

• The dynamic updating of FDB entries using learning is supported (if the port state permits).

• Dynamic FDB entries are not created for multicast group addresses.

• Dynamic FDB entries are aged out based on the aging time configured per Brocade FCoE

hardware. The aging time is between 10 and 100000 seconds. The default is 300 seconds.

• You can add static MAC address entries specifying a VLAN ID. Static entries are not aged out.

• A static FDB entry does not overwrite a new or pre-existing dynamic entry.

• Static entries do not disable the learning of dynamic entries.

For more information on frame handling for Brocade FCoE hardware, see “Layer 2 Ethernet

overview” on page 3.

VLAN configuration guidelines and restrictions

Follow these VLAN configuration guidelines and restrictions when configuring VLANs.

• In an active topology, MAC addresses can be learned, per VLAN, using Independent VLAN

Learning (IVL) only.

• A MAC address ACL always overrides a static MAC address entry. In this case, the MAC address

is the forwarding address and the forwarding entry can be overwritten by the ACL.

• The Brocade CEE switch supports Ethernet DIX frames and 802.2 LLC SNAP encapsulated

frames only.

Default VLAN configuration

Tab le 14 lists the default VLAN configuration.

TABLE 14 Default VLAN configuration

Parameter Default setting

Default VLAN VLAN 1

Interface VLAN assignment All interfaces assigned to VLAN 1

VLAN state Active

MTU size 2500 bytes

Converged Enhanced Ethernet Administrator’s Guide 47 53-1002163-02

Page 70

DRAFT: BROCADE CONFIDENTIAL

NOTE

VLAN configuration and management

You need to enter either the copy running-config startup-config command or the write memory command to save your configuration changes to Flash so that they are not lost if there is a system reload or power outage.

Enabling and disabling an interface port

CEE interfaces do not support auto-negotiation of Ethernet link speeds. The CEE interfaces only support 10-Gigabit Ethernet. CEE interfaces are disabled by default.

To enable and disable an interface port, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the shutdown command to toggle the availability of the interface.

To enable the CEE interface:

switch(conf-if-te-0/1)#no shutdown

To disable the CEE interface:

switch(conf-if-te-0/1)#shutdown

Configuring the MTU on an interface port

To configure the maximum transmission unit (MTU) on an interface port, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the interface port type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the interface port.

4. Enter the mtu command to specify the MTU value on the interface port.

The range of valid values is from 1522 through 9208, and the default size is 2500.

switch(conf-if-te-0/1)#mtu 4200

Creating a VLAN interface

On Brocade FCoE hardware, VLANs are treated as interfaces from a configuration point of view.

By default all the CEE ports are assigned to VLAN 1 (VLAN ID equals 1). The vlan_ID value can be 1 through 3583. VLAN IDs 3584 through 4094 are internally-reserved VLAN IDs.

48 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 71

DRAFT: BROCADE CONFIDENTIAL

VLAN configuration and management

To create a VLAN interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface vlan command to assign the VLAN interface number.

switch(config)#interface vlan 100

Enabling STP on a VLAN

Once all of the interface ports have been configured for a VLAN, you can enable spanning tree protocol (STP) for all members of the VLAN with a single command. Whichever protocol is currently selected is used by the VLAN. Only one type of STP can be active at a time.

A physical interface port can be a member of multiple VLANs. For example, a physical port can be a member of VLAN 100 and VLAN 55 simultaneously. In addition, VLAN 100 can have STP enabled and VLAN 55 can have STP disabled simultaneously.

To enable STP for a VLAN, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol spanning tree command to select the type of STP for the VLAN.

switch(config)#protocol spanning tree mstp

3. Enter the interface command to select the VLAN interface number.

switch(config)#interface vlan 100

4. Enter the no spanning-tree shutdown command to enable spanning tree on VLAN 100.

STP is active by default, but enter the command to ensure activation.

switch(conf-if-vl-100)#no spanning-tree shutdown

Disabling STP on a VLAN

Once all of the interface ports have been configured for a VLAN, you can disable STP for all members of the VLAN with a single command.

To disable STP for a VLAN, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to select the VLAN interface number.

switch(config)#interface vlan 55

3. Enter the spanning-tree shutdown command to disable spanning tree on VLAN 55.

switch(conf-if-vl-55)#spanning-tree shutdown

Configuring a VLAN interface to forward FCoE traffic

An FCoE Forwarder (FCF) is an FCoE device that supports FCoE VF_ports. It is the equivalent of an FC switch. A VLAN can be made FCF-capable. Only FCF-capable VLANs can carry FCoE traffic.

To configure a VLAN interface to forward FCoE traffic, see “Configuring the FCoE VLAN” on page 35.

Converged Enhanced Ethernet Administrator’s Guide 49 53-1002163-02

Page 72

VLAN configuration and management

Configuring an interface port as a Layer 2 switch port

To configure the interface as a Layer 2 switch port, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the switchport command to configure the interface as a Layer 2 switch port.

5. Enter the do show command to confirm the status of the CEE interface. For example

switch(conf-if-te-0/1)#do show interface tengigabitethernet 0/1

6. Enter the do show command to confirm the status of the CEE interface running configuration.

switch(conf-if-te-0/1)#do show running-config interface tengigabitethernet 0/1

DRAFT: BROCADE CONFIDENTIAL

Configuring an interface port as an access interface

Each CEE interface port supports admission policies based on whether the frames are untagged or tagged. Access mode admits only untagged and priority-tagged frames.

To configure the interface as an access interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the switchport access command to configure the CEE interface as a Layer 2 switch port.

switch(conf-if-te-0/1)#switchport access vlan 20

5. Enter the switchport mode command to set the mode of the interface to access.

switch(conf-if-te-0/1)#switchport mode access

Configuring an interface port as a trunk interface

Each CEE interface port supports admission policies based on whether the frames are untagged or tagged. Trunk mode admits only VLAN-tagged frames.

To configure the interface as a trunk interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/19

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the switchport mode trunk command to place the CEE interface into trunk mode.

50 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 73

DRAFT: BROCADE CONFIDENTIAL

VLAN configuration and management

switch(conf-if-te-0/19)#switchport mode trunk

5. Specify whether all, one, or none of the VLAN interfaces are allowed to transmit and receive through the CEE interface. Enter the following command that is appropriate for your needs.

• This example allows the VLAN numbered as 30 to transmit/receive through the CEE

interface:

switch(conf-if-te-0/19)#switchport trunk allowed vlan add 30

• To allow all VLANs to transmit/receive through the CEE interface:

switch(conf-if-te-0/19)#switchport trunk allowed vlan all

• This example allows all except VLAN 11 to transmit/receive through the CEE interface:

switch(conf-if-te-0/19)#switchport trunk allowed vlan except 11

• To allow none of the VLANs to transmit/receive through the CEE interface:

switch(conf-if-te-0/19)#switchport trunk allowed vlan none

Disabling a VLAN on a trunk interface

To disable a VLAN on a trunk interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/10

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the switchport command to place the CEE interface into trunk mode.

switch(conf-if-te-0/10)#switchport mode trunk none

5. Enter the switchport trunk allowed vlan remove vlan_id command to disable a vlan on a trunk interface.

switch(conf-if-te-0/10)#switchport trunk allowed vlan remove 100

Configuring an interface port as a converged interface

Each CEE interface port supports admission policies based on whether the frames are untagged or tagged. Converged mode admits both tagged and untagged frames. Frames egressing are tagged automatically.

To configure the interface as converged interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the switchport command to set the tagged VLAN on the interface to 100.

switch(conf-if-te-0/1)#switchport converged allowed vlan add 100

5. Enter the switchport mode converged command to configure the interface as converged port.

switch(conf-if-te-0/1)#switchport mode converged

Converged Enhanced Ethernet Administrator’s Guide 51 53-1002163-02

Page 74

DRAFT: BROCADE CONFIDENTIAL

NOTE

Configuring protocol-based VLAN classifier rules

6. Enter the switchport converged allowed vlan add vlan_id command to give access to individual VLANs.

switch(conf-if-te-0/1)#switchport converged allowed vlan add 200 switch(conf-if-te-0/1)#switchport converged allowed vlan add 300 switch(conf-if-te-0/1)#switchport converged allowed vlan add 400

Disabling a VLAN on a converged interface

To disable a VLAN on a converged interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/10

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the switchport command to place the CEE interface into converged mode.

switch(conf-if-te-0/10)#switchport mode converged none

5. Enter the switchport trunk allowed vlan remove vlan_id command to disable a VLAN on a converged interface.

switch(conf-if-te-0/10)#switchport trunk allowed vlan remove 300

Configuring protocol-based VLAN classifier rules

You can configure VLAN classifier rules to define specific rules for classifying frames to selected VLANs based on protocol and MAC addresses. Sets of rules can be grouped into VLAN classifier groups (see “Creating a VLAN classifier group and adding rules” on page 53).

VLAN classifier rules (1 through 256) are a set of configurable rules that reside in one of these categories:

• 802.1Q protocol-based classifier rules

• Source MAC address-based classifier rules

• Encapsulated Ethernet classifier rules

Multiple VLAN classifier rules can be applied per interface provided the resulting VLAN IDs are unique for the different rules.

802.1Q protocol-based VLANs apply only to untagged frames, or frames with priority tagging.

With both Ethernet-II and 802.2 SNAP encapsulated frames, the following protocol types are supported:

• Ethernet hexadecimal (0x0000 through 0xffff)

• Address Resolution Protocol (ARP)

• IP version 6 (IPv6)

52 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 75

DRAFT: BROCADE CONFIDENTIAL

NOTE

Configuring protocol-based VLAN classifier rules

FCoE Initialization Protocol (FIP) and FCoE cannot be manually configured in VLAN classifier rules. They are part of the fcoeport interface configuration and are applied automatically when an interface is configured as fcoeport.

For complete information on all available VLAN classifier rule options, see the Converged Enhanced Ethernet Command Reference.

Configuring a VLAN classifier rule

To configure a protocol-based VLAN classifier rule, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the vlan classifier rule command to configure a protocol-based VLAN classifier rule.

switch(config)#vlan classifier rule 1 proto ip encap ethv2

Configuring MAC address-based VLAN classifier rules

To configure a MAC address-based VLAN classifier rule, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the vlan classifier rule command to configure a MAC address-based VLAN classifier rule.

switch(config)#vlan classifier rule 5 mac 0008.744c.7fid

Deleting a VLAN classifier rule

VLAN classifier groups (1 through 16) can contain any number of VLAN classifier rules.

To configure a VLAN classifier group and remove a VLAN classifier rule, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Specify a VLAN classifier group and delete a rule.

switch(config)#no vlan classifier rule 1

Creating a VLAN classifier group and adding rules

VLAN classifier groups (1 through 16) can contain any number of VLAN classifier rules.

To configure a VLAN classifier group and add a VLAN classifier rule, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Create a VLAN classifier group and add a rule.

switch(config)#vlan classifier group 1 add rule 1

Converged Enhanced Ethernet Administrator’s Guide 53 53-1002163-02

Page 76

Configuring the MAC address table

NOTE

Activating a VLAN classifier group with an interface port

To associate a VLAN classifier group with an interface port, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/10

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the vlan classifier command to activate and associate it with a VLAN interface (group 1 and VLAN 2 are used in this example).

switch(conf-if-te-0/10)#vlan classifier activate group 1 vlan 2

This example assumes that VLAN 2 was already created.

Clearing VLAN counter statistics

DRAFT: BROCADE CONFIDENTIAL

To clear VLAN counter statistics, perform the following steps from privileged EXEC mode.

1. Enter the clear command to clear the VLAN counter statistics for the specified VLAN. The vlan_ID value can be 1 through 3583. For example, to clear the counter for VLAN 20:

switch#clear counter interface vlan 20

Displaying VLAN information

To display VLAN information, perform the following steps from privileged EXEC mode.

1. Enter the show interface command to display the configuration and status of the specified interface.

switch#show interface tengigabitethernet 0/10 switchport

2. Enter the show vlan command to display the specified VLAN information. For example, this syntax displays the status of VLAN 20 for all interfaces, including static and dynamic:

switch#show vlan 20

Configuring the MAC address table

Each CEE port has a MAC address table. The MAC address table stores a number of unicast and multicast address entries without flooding any frames. Brocade FCoE hardware has a configurable aging timer. If a MAC address remains inactive for a specified number of seconds, it is removed from the address table. For detailed information on how the switch handles MAC addresses in a Layer 2 Ethernet environment, see “Layer 2 Ethernet overview” on page 3.

54 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 77

DRAFT: BROCADE CONFIDENTIAL

NOTE

Configuring the MAC address table

Specifying or disabling the aging time for MAC addresses

You can set the length of time that a dynamic entry remains in the MAC address table after the entry is used or updated. Static address entries are never aged or removed from the table. You can also disable the aging time. The default is 300 seconds.

To disable the aging time for MAC addresses, enter an aging time value of 0.

To specify an aging time or disable the aging time for MAC addresses, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the appropriate command based on whether you want to specify an aging time or disable the aging time for MAC addresses:

switch(config)#mac-address-table aging-time 600

Adding static addresses to the MAC address table

To add a static address to the MAC address table, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Add the static address 0011.2222.3333 to the MAC address table with a packet received on VLAN 100:

switch(config)#mac-address-table static 0011.2222.3333 forward tengigabitethernet 0/1 vlan 100

Converged Enhanced Ethernet Administrator’s Guide 55 53-1002163-02

Page 78

Configuring the MAC address table

DRAFT: BROCADE CONFIDENTIAL

56 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 79

DRAFT: BROCADE CONFIDENTIAL

Chapter

Configuring STP, RSTP, and MSTP

In this chapter

•STP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

•RSTP overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59

•MSTP overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61

•STP, RSTP, and MSTP configuration guidelines and restrictions . . . . . . . . . 63

•Default STP, RSTP, and MSTP configuration . . . . . . . . . . . . . . . . . . . . . . . . . 63

•STP, RSTP, and MSTP configuration and management . . . . . . . . . . . . . . . . 64

•Configuring STP, RSTP, or MSTP on CEE interface ports. . . . . . . . . . . . . . . . 72

STP overview

The IEEE 802.1D Spanning Tree Protocol (STP) runs on bridges and switches that are

802.1D-compliant. STP prevents loops in the network by providing redundant links. If a primary link

fails, the backup link is activated and network traffic is not affected. Without STP running on the switch or bridge, a link failure can result in a loop.

When the spanning tree algorithm is run, the network switches transform the real network topology into a spanning tree topology in which any LAN in the network can be reached from any other LAN through a unique path. The network switches recalculate a new spanning tree topology whenever there is a change to the network topology.

For each LAN, the switches that attach to the LAN choose a designated switch that is the closest switch to the root switch. This designated switch is responsible for forwarding all traffic to and from the LAN. The port on the designated switch that connects to the LAN is called the designated port.

The switches decide which of their ports will be part of the spanning tree. A port is included in the spanning tree if it is a root port or a designated port.

With STP, data traffic is allowed only on those ports that are part of the spanning tree topology. Ports that are not part of the spanning tree topology are automatically changed to a blocking (inactive) state. They are kept in the blocking state until there is a break in the spanning tree topology, at which time they are automatically activated to provide a new path.

The STP interface states for every Layer 2 interface running STP are as follows:

• Blocking—The interface does not forward frames.

• Listening—The interface is identified by the spanning tree as one that should participate in

frame forwarding. This is a transitional state after the blocking state.

• Learning—The interface prepares to participate in frame forwarding.

• Forwarding—The interface forwards frames.

Converged Enhanced Ethernet Administrator’s Guide 57 53-1002163-02

Page 80

NOTE

DRAFT: BROCADE CONFIDENTIAL

STP overview

• Disabled—The interface is not participating in spanning tree because of a shutdown port, no

link on the port, or no spanning tree instance running on the port.

A port participating in spanning tree moves through these states:

• From initialization to blocking state.

• From blocking to listening or disabled state.

• From listening to learning, blocking, or disabled state.

• From learning to forwarding, blocking, or disabled state.

• From forwarding to blocking or disabled state.

The following STP features are considered optional features although you might use them in your STP configuration:

• Root guard—For detailed information, see “Enabling the guard root” on page 73.

• PortFast BPDU guard and BPDU filter—For detailed information, see “Enabling port fast (STP)”

on page 75.

Configuring STP

To configure STP, perform the following steps from global configuration mode.

1. Enable RSTP using the global protocol spanning-tree command. For details, see “Enabling STP,

RSTP, or MSTP” on page 64.

switch(config)#protocol spanning-tree stp

2. Designate the root switch using the bridge-priority command. For details, see “Specifying the

bridge priority” on page 65. The range is 0 through 61440 and the priority values can be set

only in increments of 4096.

switch(conf-stp)#bridge-priority 28672

3. Enable PortFast on switch ports using the spanning-tree portfast command. For details, see

“Enabling port fast (STP)” on page 75. Note that this step is optional.

PortFast only needs to be enabled on ports that connect to workstations or PCs. Repeat these commands for every port connected to workstations or PCs. Do not enable PortFast on ports that connect to other switches.

switch(config)#interface tengigabitethernet 0/10 switch(conf-if-te-0/10)#spanning-tree portfast switch(conf-if-te-0/10)#exit switch(config)#interface tengigabitethernet 0/11 switch(conf-if-te-0/11)#spanning-tree portfast switch(conf-if-te-0/11)#exit

Repeat these commands for every port connected to workstations or PCs.

4. Optional: Enable the guard root feature with the spanning-tree guard root command.

The guard root feature provides a way to enforce the root bridge placement in the network. For detailed information, refer to“Enabling the guard root” on page 73.

All other switch ports connect to other switches and bridges are automatically placed in blocking mode.

58 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 81

DRAFT: BROCADE CONFIDENTIAL

NOTE

5. Enter the copy command to save the running-config file to the startup-config file.

When the spanning tree topology is completed, the network switches send and receive data only on the ports that are part of the spanning tree. Ports that receive superior BPDUs are automatically place in blocking mode.

Brocade recommends leaving other STP variables at their default values.

For more information on STP, see “STP, RSTP, and MSTP configuration and management” on page 64.

RSTP overview

RSTP is designed to be compatible and interoperate with STP. However, the advantages of the RSTP fast reconvergence are lost when it interoperates with switches running STP.

RSTP overview

This does not apply to ports connected to workstations or PCs; these ports remain in the forwarding state.

The IEEE 802.1w Rapid Spanning Tree Protocol (RSTP) standard is an evolution of the 802.1D STP standard. It provides rapid reconvergence following the failure of a switch, a switch port, or a LAN. It provides rapid reconvergence of edge ports, new root ports, and ports connected through point-to-point links.

The RSTP interface states for every Layer 2 interface running RSTP are as follows:

• Learning—The interface prepares to participate in frame forwarding.

• Forwarding—The interface forwards frames.

• Discarding—The interface discards frames. Note that the 802.1D disabled, blocking, and

listening states are merged into the RSTP discarding state. Ports in the discarding state do not take part in the active topology and do not learn MAC addresses.

Tab le 15 lists the interface state changes between STP and RSTP.

TABLE 15 STP versus RSTP state comparison

STP interface state RSTP interface state Is the interface included in the

active topology?

Disabled Discarding No No

Blocking Discarding No No

Listening Discarding Yes No

Learning Learning Yes Yes

Forwarding Forwarding Yes Yes

Is the interface learning MAC addresses?

Converged Enhanced Ethernet Administrator’s Guide 59 53-1002163-02

Page 82

DRAFT: BROCADE CONFIDENTIAL

RSTP overview

With RSTP, the port roles for the new interface states are also different. RSTP differentiates explicitly between the state of the port and the role it plays in the topology. RSTP uses the root port and designated port roles defined by STP, but splits the blocked port role into backup port and alternate port roles:

• Backup port—Provides a backup for the designated port and can only exist where two or more

ports of the switch are connected to the same LAN; the LAN where the bridge serves as a designated switch.

• Alternate port—Serves as an alternate port for the root port providing a redundant path towards

the root bridge.

Only the root port and the designated ports are part of the active topology; the alternate and backup ports do not participate in it.

When the network is stable, the root and the designated ports are in the forwarding state, while the the alternate and backup ports are in the discarding state. When there is a topology change, the new RSTP port roles allow a faster transition of an alternate port into the forwarding state.

For more information on RSTP, see “STP, RSTP, and MSTP configuration and management” on page 64.

Configuring RSTP

To configure RSTP, perform the following steps from global configuration mode.

1. Enable RSTP using the global protocol spanning-tree command. For details, see “Enabling STP,

RSTP, or MSTP” on page 64.

switch(config)#protocol spanning-tree rstp

2. Designate the root switch using the bridge-priority command. For details, see “Specifying the

bridge priority” on page 65. The range is 0 through 61440 and the priority values can be set

only in increments of 4096.

switch(conf-rstp)#bridge-priority 28672

3. Configure the bridge forward delay value. For details, see “Specifying the bridge forward delay” on page 66.

switch(conf-rstp)#forward-delay 20

4. Configure the bridge maximum aging time value. For details, see “Specifying the bridge

maximum aging time” on page 66.

switch(conf-rstp)#max-age 25

5. Enable the error disable timeout timer value. For details, see “Enabling the error disable

timeout timer” on page 67.

switch(conf-rstp)#error-disable-timeout enable

6. Configure the error-disable-timeout interval value. For details, see “Specifying the error disable

timeout interval” on page 67.

7. switch(conf-rstp)#error-disable-timeout interval 60

8. Configure the port-channel path cost method. For details, see “Specifying the port-channel

path cost” on page 67.

switch(conf-rstp)#port-channel path-cost custom

9. Configure the bridge hello time value. For details, see “Specifying the bridge hello time (STP

and RSTP)” on page 68.

60 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 83

DRAFT: BROCADE CONFIDENTIAL

NOTE

MSTP overview

switch(conf-rstp)#hello-time 5

10. Set the method for flushing mac-addresses in FDB, either according to the IEEE standard or the propriety standard. For details, see “Flushing MAC addresses (RSTP and MSTP)” on page 71.

switch(config)#spanning-tree tc-flush-standard

11. Enable PortFast on switch ports using the spanning-tree edgeport command. For details, see

“Enabling port fast (STP)” on page 75. Note that this step is optional.

Edgeport only needs to be enabled on ports that connect to workstations or PCs. Repeat these commands for every port connected to workstations or PCs. Do not enable edgeport on ports that connect to other switches.

switch(config)#interface tengigabitethernet 0/10 switch(conf-if-te-0/10)#spanning-tree edgeport switch(conf-if-te-0/10)#exit switch(config)#interface tengigabitethernet 0/11 switch(conf-if-te-0/11)#spanning-tree edgeport switch(conf-if-te-0/11)#exit

Repeat these commands for every port connected to workstations or PCs.

12. Enable the guard root feature with the spanning-tree guard root command. The guard root

13. Enter the copy command to save the running-config file to the startup-config file.

MSTP overview

The IEEE 802.1s Multiple STP (MSTP) helps create multiple loop-free active topologies on a single physical topology. MSTP enables multiple VLANs to be mapped to the same spanning tree instance (forwarding path), which reduces the number of spanning tree instances needed to support a large number of VLANs. Each MSTP instance has a spanning tree topology independent of other spanning tree instances. With MSTP you can have multiple forwarding paths for data traffic. A failure in one instance does not affect other instances. With MSTP, you are able to more effectively utilize the physical resources present in the network and achieve better load balancing of VLAN traffic.

feature provides a way to enforce the root bridge placement in the network. For detailed information, refer to“Enabling the guard root” on page 73. Note that this step is optional.

Switch ports that recieve superior BPDUs are automatically placed in blocking mode.

This does not apply to ports connected to workstations or PCs; these ports remain in the forwarding state.

switch(conf-if-te-0/1)#do copy running-config startup-config

In MSTP mode, RSTP is automatically enabled to provide rapid convergence.

Multiple switches must be configured consistently with the same MSTP configuration to participate in multiple spanning tree instances. A group of interconnected switches that have the same MSTP configuration is called an MSTP region.

Converged Enhanced Ethernet Administrator’s Guide 61 53-1002163-02

Page 84

MSTP overview

NOTE

DRAFT: BROCADE CONFIDENTIAL

Brocade supports 15 MSTP instances and one MSTP region.

MSTP introduces a hierarchical way of managing switch domains using regions. Switches that share common MSTP configuration attributes belong to a region. The MSTP configuration determines the MSTP region where each switch resides. The common MSTP configuration attributes are as follows:

• Alphanumeric configuration name (32 bytes)

• Configuration revision number (2 bytes)

• 4096-element table that maps each of the VLANs to an MSTP instance

Region boundaries are determined based on the above attributes. A multiple spanning tree instance is an RSTP instance that operates inside an MSTP region and determines the active topology for the set of VLANs mapping to that instance. Every region has a common internal spanning tree (CIST) that forms a single spanning tree instance that includes all the switches in the region. The difference between the CIST instance and the MSTP instance is that the CIST instance operates across the MSTP region and forms a loop-free topology across regions, while the MSTP instance operates only within a region. The CIST instance can operate using RSTP if all the switches across the regions support RSTP. However, if any of the switches operate using 802.1D STP, the CIST instance reverts to 802.1D. Each region is viewed logically as a single STP/RSTP bridge to other regions.

Configuring MSTP

To configure MSTP, perform the following steps from global configuration mode.

1. Enable MSTP using the global protocol spanning-tree command. For more details see

“Enabling STP, RSTP, or MSTP” on page 64.

switch(config)#protocol spanning-tree mstp

2. Specify the region name using the region region_name command. For more details see

“Specifying a name for an MSTP region” on page 70.

switch(conf-mstp)#region brocade1

3. Specify the revision number using the revision command. For more details see “Specifying a

revision number for an MSTP configuration” on page 70.

switch(conf-mstp)#revision 1

4. Map a VLAN to an MSTP instance using the instance command. For more details see “Mapping

a VLAN to an MSTP instance” on page 69.

switch(conf-mstp)#instance 1 vlan 2, 3 switch(conf-mstp)#instance 2 vlan 4-6 switch(conf-mstp)#instance 1 priority 4096

5. Specify the maximum hops for a BPDU to prevent the messages from looping indefinitely on the interface using the max-hops hop_count command. For more details see “Specifying the

maximum number of hops for a BPDU (MSTP)” on page 70.

switch(conf-mstp)#max-hops 25

6. Enter the copy command to save the running-config file to the startup-config file.

switch(conf-mstp)#do copy running-config startup-config

62 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 85

DRAFT: BROCADE CONFIDENTIAL

STP, RSTP, and MSTP configuration guidelines and restrictions

For more information on MSTP, see “STP, RSTP, and MSTP configuration and management” on page 64.

STP, RSTP, and MSTP configuration guidelines and restrictions

Follow these configuration guidelines and restrictions when configuring STP, RSTP, and MSTP:

• You have to disable one form of xSTP before enabling another.

• Packet drops or packet flooding may occur if you do not enable xSTP on all devices connected

on both sides of parallel links.

• LAGs are treated as normal links and by default are enabled for STP.

• You can have 15 MSTP instances and one MSTP region.

• Create VLANs before mapping them to MSTP instances.

• The MSTP force-version option is not supported.

• For load balancing across redundant paths in the network to work, all VLAN-to-instance

mapping assignments must match; otherwise, all traffic flows on a single link.

• When you enable MSTP by using the global protocol spanning-tree mstp command, RSTP is

automatically enabled.

• For two or more switches to be in the same MSTP region, they must have the same

VLAN-to-instance map, the same configuration revision number, and the same name.

• Spanning Tree topologies must not be enabled on any direct server connections to the

front-end Ten Gigabit Ethernet ports that may run FCoE traffic. This may result in lost or dropped FCoE logins.

Default STP, RSTP, and MSTP configuration

Tab le 16 lists the default STP, RSTP, and MSTP configuration.

TABLE 16 Default STP, RSTP, and MSTP configuration

Parameter Default setting

Spanning-tree mode By default, STP, RSTP, and MSTP are disabled

Bridge priority 32768

Bridge forward delay 15 seconds

Bridge maximum aging time 20 seconds

Error disable timeout timer Disabled

Error disable timeout interval 300 seconds

Port-channel path cost Standard

Bridge hello time 2 seconds

Flush MAC addresses from the VLAN FDB Enabled

Converged Enhanced Ethernet Administrator’s Guide 63 53-1002163-02

Page 86

DRAFT: BROCADE CONFIDENTIAL

NOTE

STP, RSTP, and MSTP configuration and management

Tab le 17 lists the switch defaults that apply only to MSTP configurations.

TABLE 17 Default MSTP configuration

Parameter Default setting

Cisco interoperability Disabled

Switch priority (when mapping a VLAN to an MSTP instance)

Maximum hops 20 hops

Revision number 0

Tab le 18 lists the switch defaults for the 10-Gigabit Ethernet CEE interface-specific configuration.

TABLE 18 Default 10-Gigabit Ethernet CEE interface-specific configuration

Parameter Default setting

Spanning tree Disabled on the interface

Automatic edge detection Disabled

Path cost 2000

Edge port Disabled

Guard root Disabled

Hello time 2 seconds

Link type Point-to-point

Port fast Disabled

Port priority 128

CEE interface root port Allow the CEE interface to become a root port.

CEE interface BPDU restriction Restriction is disabled

32768

STP, RSTP, and MSTP configuration and management

Enabling STP, RSTP, or MSTP

You enable STP to detect or avoid loops. STP is not required in a loop-free topology. You must turn off one form of STP before turning on another form. By default, STP, RSTP, and MSTP are not enabled.

To enable xSTP, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable STP, RSTP, or MSTP.

64 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 87

DRAFT: BROCADE CONFIDENTIAL

NOTE

STP, RSTP, and MSTP configuration and management

switch(config)#protocol spanning-tree rstp

Disabling STP, RSTP, or MSTP

Using the no protocol spanning-tree command deletes the context and all the configurations defined within the context or protocol for the interface, unless the spanning treeis explicity shutdown on the interface by the spanning-tree shutdown command.

To disable STP, RSTP, or MSTP, perform the following steps from privileged EXEC mode. By default, STP, RSTP, and MSTP are not enabled.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to disable STP, RSTP, or MSTP.

switch(config)#no protocol spanning-tree

Shutting down STP, RSTP, or MSTP globally

To shut down STP, RSTP, or MSTP globally, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the shutdown command to globally shutdown STP, RSTP, or MSTP. The shutdown command below works in all three modes.

switch(conf-mstp)#shutdown

Specifying the bridge priority

In any mode (STP, RSTP, or MSTP), use this command to specify the priority of the switch. After you decide on the root switch, set the appropriate values to designate the switch as the root switch. If a switch has a bridge priority that is lower than all the other switches, the other switches automatically select the switch as the root switch.

The root switch should be centrally located and not in a “disruptive” location. Backbone switches typically serve as the root switch because they often do not connect to end stations. All other decisions in the network, such as which port to block and which port to put in forwarding mode, are made from the perspective of the root switch.

Bridge protocol data units (BPDUs) carry the information exchanged between switches. When all the switches in the network are powered up, they start the process of selecting the root switch. Each switch transmits a BPDU to directly connected switches. Each switch compares the received BPDU to the BPDU that the switch sent. In the root switch selection process, if switch 1 advertises a root ID that is a lower number than the root ID that switch 2 advertises, switch 2 stops the advertisement of its root ID, and accepts the root ID of switch 1. The switch with the lowest bridge priority becomes the root switch.

Because each VLAN is in a separate broadcast domain, each VLAN must have its own root switch.

To specify the bridge priority, perform the following steps from privileged EXEC mode.

Converged Enhanced Ethernet Administrator’s Guide 65 53-1002163-02

Page 88

DRAFT: BROCADE CONFIDENTIAL

STP, RSTP, and MSTP configuration and management

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable STP, RSTP, or MSTP.

switch(config)#protocol spanning-tree rstp

3. Specify the bridge priority. The range is 0 through 61440 and the priority values can be set only in increments of 4096. The default priority is 32678.

switch(conf-stp)#bridge-priority 20480

Specifying the bridge forward delay

In any mode (STP, RSTP, or MSTP), use this command to specify how long an interface remains in the listening and learning states before the interface begins forwarding all spanning tree instances.

The range is 4 through 30 seconds. The default is 15 seconds. The following relationship should be kept:

2*(forward_delay - 1)>=max_age>=2*(hello_time + 1)

To specify the bridge forward delay, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable STP, RSTP, or MSTP.

switch(config)#protocol spanning-tree stp

3. Specify the bridge forward delay.

switch(conf-stp)#forward-delay 20

Specifying the bridge maximum aging time

In any mode (STP, RSTP, or MSTP), use this command to control the maximum length of time that passes before an interface saves its Bridge Protocol Data Unit (BPDU) configuration information.

When configuring the maximum aging time, the max-age setting must be greater than the hello-time setting. The range is 6 through 40 seconds. The default is 20 seconds. The following relationship should be kept:

2*(forward_delay - 1)>=max_age>=2*(hello_time + 1)

66 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 89

DRAFT: BROCADE CONFIDENTIAL

STP, RSTP, and MSTP configuration and management

To specify the bridge maximum aging time, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable STP, RSTP, or MSTP.

switch(config)#protocol spanning-tree stp

3. Specify the bridge maximum aging time.

switch(conf-stp)##max-age 25

Enabling the error disable timeout timer

In any mode (STP, RSTP, or MSTP), use this command to specify the time in seconds required for the timer to expire. When the STP BPDU guard disables a port, the port remains in the disabled state unless the port is enabled manually. This command allows you to enable the port from the disabled state. For details on configuring the error disable timeout interval, see “Specifying the

error disable timeout interval” on page 67. By default, the timeout feature is disabled.

To enable the error disable timeout timer, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable STP, RSTP, or MSTP.

switch(config)#protocol spanning-tree stp

3. Enable the error disable timeout timer.

switch(conf-stp)#error-disable-timeout enable

Specifying the error disable timeout interval

In any mode (STP, RSTP, or MSTP), use this command to specify the time in seconds it takes for an interface to time out. The range is 10 through 1000000 seconds. The default is 300 seconds. By default, the timeout feature is disabled.

To specify the time in seconds it takes for an interface to time out, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable STP, RSTP, or MSTP.

switch(config)#protocol spanning-tree stp

3. Specify the time in seconds it takes for an interface to time out.

switch(conf-stp)#error-disable-timeout interval 60

Specifying the port-channel path cost

In any mode (STP, RSTP, or MSTP), use this command to specify the port-channel path cost. The default port cost is standard. The path cost options are:

• custom—Specifies that the path cost changes according to the port-channel’s bandwidth.

• standard—Specifies that the path cost does not change according to the port-channel’s

bandwidth.

Converged Enhanced Ethernet Administrator’s Guide 67 53-1002163-02

Page 90

DRAFT: BROCADE CONFIDENTIAL

NOTE

STP, RSTP, and MSTP configuration and management

For the chosen path-cost method to be activated, it should either be configured prior to creation of all port-channels or the existing port-channels must be disabled or enabled.

To specify the port-channel path cost, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable STP, RSTP, or MSTP.

switch(config)#protocol spanning-tree stp

3. Specify the port-channel path cost.

switch(conf-stp)#port-channel path-cost custom

Specifying the bridge hello time (STP and RSTP)

In STP or RSTP mode, use this command to configure the bridge hello time. The hello time determines how often the switch interface broadcasts hello Bridge Protocol Data Units (BPDUs) to other devices.The range is 1 through 10 seconds. The default is 2 seconds.

When configuring the hello-time, the max-age setting must be greater than the hello-time setting. The following relationship should be kept:

2*(forward_delay - 1)>=max_age>=2*(hello_time + 1)

To specify the bridge hello time, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable STP, RSTP, or MSTP.

switch(config)#protocol spanning-tree stp

3. Specify the time range in seconds for the interval between the hello BPDUs sent on an interface.

switch(conf-stp)#hello-time 5

Specifying the transmit hold count (RSTP and MSTP)

In RSTP and MSTP mode, use this command to configure the BPDU burst size by specifying the transmit hold count value. The command configures the maximum number of BPDUs transmitted per second for RSTP and MSTP before pausing for 1 second. The range is 1 through 10. The default is 6 seconds.

To specify the transmit hold count, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Specify the transmit hold count.

switch(conf-rstp)#transmit-holdcount 5

68 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 91

DRAFT: BROCADE CONFIDENTIAL

NOTE

STP, RSTP, and MSTP configuration and management

Enabling Cisco interoperability (MSTP)

In MSTP mode, use this command to enable or disable the ability of the Brocade FCoE hardware to interoperate with certain legacy Cisco switches. If Cisco interoperability is required on any switch in the network, then all switches in the network must be compatible, and therefore enabled using this command. The default is Cisco interoperability is disabled.

This command is necessary because the “version 3 length” field in the MSTP BPDU on some legacy Cisco switches does not conform to current standards.

To enable Brocade FCoE hardware to interoperate with certain legacy Cisco switches, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable MSTP.

switch(config)#protocol spanning-tree mstp

3. Enable the ability of Brocade FCoE hardware to interoperate with certain legacy Cisco switches.

switch(conf-mstp)#cisco-interoperability enable

Disabling Cisco interoperability (MSTP)

To disable Cisco interopreability, perform the following steps from global configuration mode.

1. Enter the protocol command to enable MSTP.

switch(config)#protocol spanning-tree mstp

2. Disable the ability of Brocade FCoE hardware to interoperate with certain legacy Cisco switches.

switch(conf-mstp)#cisco-interoperability disable

Mapping a VLAN to an MSTP instance

In MSTP mode, use this command to map a VLAN to an MTSP instance. You can group a set of VLANs to an instance. This command can be used only after the VLAN is created. VLAN instance mapping is removed from the configuration if the underlying VLANs are deleted.

To map a VLAN to an MSTP instance, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable MSTP.

switch(config)#protocol spanning-tree mstp

3. Map a VLAN to an MSTP instance. The range of valid VLAN instances is from 1 through 3583 (excluding VLAN 1002).

switch(conf-mstp)#instance 5 vlan 300

Converged Enhanced Ethernet Administrator’s Guide 69 53-1002163-02

Page 92

DRAFT: BROCADE CONFIDENTIAL

STP, RSTP, and MSTP configuration and management

Specifying the maximum number of hops for a BPDU (MSTP)

In MSTP mode, use this command to configure the maximum number of hops for a BPDU in an MSTP region. Specifying the maximum hops for a BPDU prevents the messages from looping indefinitely on the interface. When you change the number of hops, it affects all spanning tree instances. The range is 1 through 40. The default is 20 hops.

To configure the maximum number of hops for a BPDU in an MSTP region, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable MSTP.

switch(config)#protocol spanning-tree mstp

3. Enter the max-hops command to configure the maximum number of hops for a BPDU in an MSTP region.

switch(conf-mstp)#max-hops hop_count

Specifying a name for an MSTP region

In MSTP mode, use this command to assign a name to an MSTP region. The region name has a maximum length of 32 characters and is case-sensitive.

To assign a name to an MSTP region, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable MSTP.

switch(config)#protocol spanning-tree mstp

3. Enter the region command to assign a name to an MSTP region.

switch(conf-mstp)#region sydney

Specifying a revision number for an MSTP configuration

In MSTP mode, use this command to specify a revision number for an MSTP configuration. The range is 0 through 255. The default is 0.

To specify a revision number for an MSTP configuration, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the protocol command to enable MSTP.

switch(config)#protocol spanning-tree mstp

3. Enter the revision command to specify a revision number for an MSTP configuration.

switch(conf-mstp)#revision 17

70 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 93

DRAFT: BROCADE CONFIDENTIAL

STP, RSTP, and MSTP configuration and management

Flushing MAC addresses (RSTP and MSTP)

For RSTP and MSTP, use this command to flush the MAC addresses from the VLAN filtering database (FDB). The VLAN FDB determines the forwarding of an incoming frame. The VLAN FDB contains information that helps determine the forwarding of an arriving frame based on MAC address and VLAN ID data (see “VLAN configuration guidelines and restrictions” on page 47).

There are two ways to flush the MAC addresses:

• Standard method—When one port receives a BPDU frame with a topology change flag, it

flushes the FDB for the other ports in the switch. If a BPDU frame with the topology change flag is received continuously, the switch continues to flush the FDB. This behavior is the default behavior.

• Brocade method—With this method, the FDB is only flushed for the first and last BPDU with a

topology change flag.

Both methods flush the FDB when the switch receives BPDUs with a topology change flag, but the Brocade method causes less flushing.

To flush the MAC addresses from the VLAN FDB, perform the following steps.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the appropriate form of the spanning-tree command based on how you want to flush the address:

• To flush the MAC address using the standard method:

switch(config)#spanning-tree tc-flush-standard

• To flush the MAC addresses from the VLAN FDB using the Brocade method:

switch(config)#no spanning-tree tc-flush-standard

Clearing spanning tree counters

In privileged EXEC mode, use this command to clear spanning tree counters on all interfaces or on the specified interface.

To clear spanning tree counters, perform the following steps from privileged EXEC mode.

1. Enter the appropriate form of the clear command based on what you want to clear:

• To clear all spanning tree counters on all interfaces:

switch#clear spanning-tree counter

• To clear the spanning tree counters associated with a specific port-channel or CEE port

interface:

switch#clear spanning-tree counter interface tengigabitethernet 0/1

Clearing spanning tree-detected protocols

In privileged EXEC mode, restart the protocol migration process (force the renegotiation with neighboring switches) on all interfaces or on the specified interface.

Converged Enhanced Ethernet Administrator’s Guide 71 53-1002163-02

Page 94

DRAFT: BROCADE CONFIDENTIAL

Configuring STP, RSTP, or MSTP on CEE interface ports

To restart the protocol migration process, perform the following tasks from privileged EXEC mode.

1. Enter the appropriate form of the clear command based on what you want to clear:

• To clear all spanning tree counters on all interfaces:

switch#clear spanning-tree detected-protocols

• To clear the spanning tree counters associated with a specific port-channel or CEE port

interface:

switch#clear spanning-tree detected-protocols interface tengigabitethernet 0/1

Displaying STP, RSTP, and MSTP-related information

To display STP, RSTP, and MSTP-related information, perform the following task from privileged EXEC mode.

Enter the show spanning tree command to display all STP, RSTP, and MSTP-related information.

switch#show spanning-tree brief

Configuring STP, RSTP, or MSTP on CEE interface ports

This section details the commands for enabling and configuring STP, RSTP, or MSTP on individual 10-Gigabit Ethernet CEE interface ports on Brocade FCoE hardware.

Enabling automatic edge detection

From the CEE interface, use this command to automatically identify the edge port. The port can become an edge port if no BPDU is received. By default, automatic edge detection is disabled.

To enable automatic edge detection on the CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to enable automatic edge detection on the CEE interface.

switch(conf-if-te-0/1)#spanning-tree autoedge

Configuring the path cost

From the CEE interface, use this command to configure the path cost for spanning tree calculations. The lower the path cost means there is a greater chance of the interface becoming the root. The range is 1 through 200000000. The default path cost is 2000.

72 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 95

DRAFT: BROCADE CONFIDENTIAL

Configuring STP, RSTP, or MSTP on CEE interface ports

To configure the path cost for spanning tree calculations on the CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to configure the path cost for spanning tree calculations on the CEE interface.

switch(conf-if-te-0/1)#spanning-tree cost cost 2190

Enabling a port (interface) as an edge port

From the CEE interface, use this command to enable the port as an edge port to allow the port to quickly transition to the forwarding state. To configure a port as an edge port, follow these guidelines:

• A port can become an edge port if no BPDU is received.

• When an edge port receives a BPDU, it becomes a normal spanning tree port and is no longer

an edge port.

• Because ports that are directly connected to end stations cannot create bridging loops in the

network, edge ports transition directly to the forwarding state and skip the listening and learning states.

• This command is only for RSTP and MSTP. Use the spanning-tree portfast command for STP

(see “Enabling port fast (STP)” on page 75).

To enable the CEE interface as an edge port, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to enable the CEE interface as an edge port.

switch(conf-if-te-0/1)#spanning-tree edgeport

Enabling the guard root

From the CEE interface, use this command to enable the guard root on the switch. The guard root feature provides a way to enforce the root bridge placement in the network. With the guard root enabled on an interface, the switch is able to restrict which interface is allowed to be the spanning tree root port or the path to the root for the switch. The root port provides the best path from the switch to the root switch. By default, guard root is disabled.

Converged Enhanced Ethernet Administrator’s Guide 73 53-1002163-02

Page 96

DRAFT: BROCADE CONFIDENTIAL

Configuring STP, RSTP, or MSTP on CEE interface ports

Guard root protects the root bridge from malicious attacks and unintentional misconfigurations where a bridge device that is not intended to be the root bridge becomes the root bridge. This causes severe bottlenecks in the data path. Guard root ensures that the port on which it is enabled is a designated port. If the guard root-enabled port receives a superior BPDU, it goes to a discarding state.

To enable the guard root on a CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to enable the guard root on a CEE interface.

switch(conf-if-te-0/1)#spanning-tree guard root

Specifying the MSTP hello time

From the CEE interface, use this command to set the time interval between BPDUs sent by the root switch. Changing the hello-time affects all spanning tree instances.

The max-age setting must be greater than the hello-time setting (see “Specifying the bridge

maximum aging time” on page 66). The range is 1 through 10 seconds. The default is 2 seconds.

To specify the MSTP hello time on a CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to specify the hello time on a CEE interface.

switch(conf-if-te-0/1)#spanning-tree hello-time 5

Specifying restrictions for an MSTP instance

From the CEE interface, use this command to specify restrictions on the interface for an MSTP instance.

To specify restrictions for an MSTP instance on a CEE interface, perform the following steps.

1. Enter the configure terminal command to access global configuration mode from privileged EXEC mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

74 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 97

DRAFT: BROCADE CONFIDENTIAL

NOTE

Configuring STP, RSTP, or MSTP on CEE interface ports

4. Enter the spanning-tree command to specify the restrictions for an MSTP instance on a CEE interface.

switch(conf-if-te-0/1)#spanning-tree instance 1 restricted-role switch(conf-if-te-0/1)#spanning-tree instance 1 restricted-tcn

Specifying a link type

From the CEE interface, use this command to specify a link type. Specifying the point-to-point keyword enables rapid spanning tree transitions to the forwarding state. Specifying the shared keyword disables spanning tree rapid transitions. The default setting is point-to-point.

To specify a link type on a CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to specify the link type on the CEE interface.

switch(conf-if-te-0/1)#spanning-tree link-type shared

Enabling port fast (STP)

From the CEE interface, use this command to enable port fast on an interface to allow the interface to quickly transition to the forwarding state. Port fast immediately puts the interface into the forwarding state without having to wait for the standard forward time.

If you enable the portfast bpdu-guard option on an interface and the interface receives a BPDU, the software disables the interface and puts the interface in the ERR_DISABLE state.

Use the spanning-tree edgeport command for MSTP and RSTP (see “Enabling a port (interface) as

an edge port” on page 73).

To enable port fast on the CEE interface for STP, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to enable port fast on the CEE interface.

switch(conf-if-te-0/1)#spanning-tree portfast

Specifying the port priority

From the CEE interface, use this command to specify the port priority. The range is 0 through 240 in increments of 16. The default is 128.

Converged Enhanced Ethernet Administrator’s Guide 75 53-1002163-02

Page 98

DRAFT: BROCADE CONFIDENTIAL

Configuring STP, RSTP, or MSTP on CEE interface ports

To specify the port priority on the CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to specify the port priority on the CEE interface.

switch(conf-if-te-0/1)#spanning-tree priority 32

Restricting the port from becoming a root port

From the CEE interface, use this command to restrict a port from becoming a root port. The default is to allow the CEE interface to become a root port.

To restrict the CEE interface from becoming a root port, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to restrict the CEE interface from becoming a root port.

switch(conf-if-te-0/1)#spanning-tree restricted-role

Restricting the topology change notification

From the CEE interface, use this command to restrict the topology change notification BPDUs sent on the interface. By default, the restriction is disabled.

To restrict the topology change notification BPDUs sent on the CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to restrict the topology change notification BPDUs sent on the CEE interface.

switch(conf-if-te-0/1)#spanning-tree restricted-tcn

Enabling spanning tree

By default, spanning tree is enabled on all switch ports when spanning tree is enabled globally. If it is shutdown previously on a particular interface, it is saved across all modes of spanning-tree (STP/RSTP/MSTP).

76 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Page 99

DRAFT: BROCADE CONFIDENTIAL

Configuring STP, RSTP, or MSTP on CEE interface ports

To enable spanning tree on the CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to enable spanning tree on the CEE interface.

switch(conf-if-te-0/1)#no spanning-tree shutdown

Disabling spanning tree

By default, spanning tree is enabled on all switch ports when spanning tree is enabled globally.

To enable spanning tree on the CEE interface, perform the following steps from privileged EXEC mode.

1. Enter the configure terminal command to access global configuration mode.

2. Enter the interface command to specify the CEE interface type and slot/port number.

switch(config)#interface tengigabitethernet 0/1

3. Enter the no shutdown command to enable the CEE interface.

4. Enter the spanning-tree command to disable spanning tree on the CEE interface.

switch(conf-if-te-0/1)#spanning-tree shutdown

Converged Enhanced Ethernet Administrator’s Guide 77 53-1002163-02

Page 100

DRAFT: BROCADE CONFIDENTIAL

Configuring STP, RSTP, or MSTP on CEE interface ports

78 Converged Enhanced Ethernet Administrator’s Guide

53-1002163-02

Brocade Communications Systems 53-1002163-02 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

Figures

Tables

About This Document

In this chapter

How this document is organized

Supported hardware and software

What’s new in this document

Document conventions

Text formatting

Command syntax conventions

Notes, cautions, and warnings

Key terms

Notice to the reader

Additional information

Brocade resources

Other industry resources

Getting technical help

Document feedback

Introducing FCoE

In this chapter

FCoE terminology

FCoE overview

FCoE hardware

Layer 2 Ethernet overview

Layer 2 forwarding

VLAN tagging

Loop-free network environment

Frame classification (incoming)

Congestion control and queuing

Access control

Trunking

FCoE Initialization Protocol

Flow Control

FIP discovery

FIP login

FIP logout

FCoE login

FCoE logout

Logincfg

Name server

FC zoning

Registered State Change Notification (RSCN)

FCoE queuing

Upgrade and downgrade considerations for FCoE

Using the CEE CLI

In this chapter

Management Tools

CEE Command Line Interface

Saving your configuration changes

CEE CLI RBAC permissions

Accessing the CEE CLI through the console or Telnet

Accessing the CEE CLI from the Fabric OS shell

CEE CLI command modes

CEE CLI keyboard shortcuts

Using the do command as a shortcut

Displaying CEE CLI commands and command syntax

CEE CLI command completion

CEE CLI command output modifiers

Configuration management

In this chapter

Configuration management tasks

CEE configuration guidelines and restrictions

Display the running configuration file

Saving the running configuration file

Loading the startup configuration file

Erasing the startup configuration file.

Archiving the running configuration file

Restore an archived running configuration file

Archiving the startup configuration file

Restore an archived startup configuration file

Flash file management commands

Debugging and logging commands

FCoE Configuration Management

In this chapter

Managing the FCoE configuration