In an attempt to clarify my future posts I will begin categorizing a bit. The following post will be part of a Technical Deep Dive series.
Fibre Channel over Ethernet (FCoE) is a protocol designed to move native Fibre Channel over 10 Gigabit Ethernet and above links, I’ve described the protocol in a previous post (http://www.definethecloud.net/?p=80.) In order for FCoE to work we need a mechanism to carry the base Fibre Channel port / device login mechanisms over Ethernet. These are the processes for a port to login and obtain a routable Fibre Channel Address. Let’s start with some background and definitions:
| DCB | Data Center Bridging |
| FC | Native Fibre Channel Protocol |
| FCF | Fibre Channel Forwarder (an Ethernet switch capable of handling Encapsulation/De-encapsulation of FCoE frames and some or all FC services) |
| FCID | Fibre Channel ID (24 Bit Routable address) |
| FCoE | Fibre Channel over Ethernet |
| FC-MAP | A 24-Bit value identifying an individual fabric |
| FIP | FCoE Initialization Protocol |
| FLOGI | FC Fabric Login |
| FPMA | Fabric Provided MAC Address |
| PLOGI | FC Port Login |
| PRLI | Process Login |
| SAN | Storage Area Network (switching infrastructure) |
| SCSI | Small Computer Systems Interface |
When a node comes online it’s port is considered an N_port. When an N_port connects to the SAN it will connect to a switch port defined as a Fabric Port F_Port (this assumes your using a switched fabric.) All N_ports operate the same way when they are brought online:
- FLOGI – Used to obtain a routable FCID for use in FC frame exchange. The switch will provide the FCID during a FLOGI exchange.
- PLOGI – Used to register the N_Port with the FC name server
At this point a targets (disk or storage array) job is done, they can now sit and wait for requests. An initiator (server) on the other hand needs to perform a few more tasks to discover available targets:
- Query – Request available targets from the FC name server, zoning will dictate which targets are available.
- PLOGI – A 2nd port Login, this time into the target port.
- PRLI – Process login to exchange supported upper layer protocols (ULP) typically SCSI-3.
Once this process has been completed the initiator can exchange frames with the target, i.e. the server can write to disk.
FIP:
The reason the FC login process is key to understanding FIP is that this is the process that FIP is handling for FCoE networks. FIP allows an Ethernet attached FC node (Enode) to discover existing FCFs and supports the FC login procedure over 10+GE networks. Rather than just providing an FCID, FIP will provide an FPMA which is a MAC address comprised of two parts: FC-MAP and FCID.
48 bit FCMAP (Mac Address)
FIP
So FIP provides an Ethernet MAC address used by FCoE to traverse the Ethernet network which contains the FCID required to be routed on the FC network. FIP also passes the query and query response from the FC name server. FIP uses a separate Ethertype from FCoE and its frames are standard Ethernet size (1518 Byte 802.1q frame) whereas FCoE frames are 2242 Byte Jumbo Frames.
FIP Snooping:
FIP snooping is used in multi-hop FCoE environments. FIP snooping is a frame inspection method that can be used by FIP snooping capable DCB devices to monitor FIP frames and apply policies based on the information in those frames. This allows for:
- Enhanced FCoE security (Prevents FCoE MAC spoofing.)
- Creates FC point-to-point links within the Ethernet LAN
- Allows auto-configuration of ACLs based on name server information read in the FIP frames
FIP Snooping
Summary:
FIP snooping uses dynamic Access Control Lists to enforce Fibre Channel rules within the DCB Ethernet network. This prevents Enodes from seeing or communicating with other Enodes without first traversing an FCF.
Feedback, corrections, updates, questions?
In FC, a device performs a FLOGI by sending a request to a well-known FC address of 0xFFFFFE, and a name server log-in to a well-known address of 0xFFFFFC. How does an FCoE Enode where to send it’s FIP request? Is it a broadcast?
Perhaps this excerpt can help:
“FIP FCF Discovery
“FIP FCF discovery is the protocol used by ENodes to discover FCFs that can accept logins. FCFs periodically send FIP FCF discovery advertisement messages on each configured FCoE VLAN; these messages are destined for the multicast MAC address All-ENode-MACs, a multicast MAC address to which all ENodes listen. The FIP FCF discovery advertisement is used by the FCF to inform any potential ENode in the VLAN that FCF VF_Ports are available for virtual link establishment with ENodes’ VN_Ports. The advertisement includes the MAC address of the FCF as well as other parameters useful for tuning the characteristics of the virtual link (FIP timeout values, FCF priority, etc.).
“Given the periodic nature of the advertisements, new ENodes joining the network will typically not want to wait to collect multicast FIP FCF discovery advertisements from all FCFs, and therefore FC-BB-5 allows ENodes to solicit unicast advertisements by sending a FIP FCF discovery solicitation to the All-FCF-MACs multicast MAC address. FCFs receiving the solicitation can generate a unicast FIP FCF discovery advertisement addressed to the requesting ENode. Upon collection of these advertisements, the ENode can make the final decision as to which FCF to contact for the establishment of a virtual link with its VN_Port.
“FIP FLOGI and FDISC
“After the ENode has discovered all FCFs and selected one for login, the last step is to inform the selected FCF of the intention to create a virtual link with its VF_Port. After this step, Fibre Channel payloads (encapsulated in FCoE frames) can start being exchanged on the new virtual link just established. On any native Fibre Channel link between an N_Port and an F_Port, the first protocol exchange performed as part of activating the data-link layer is the fabric login, or FLOGI, which results in the assignment of an FC_ID to the N_Port. In designing FIP, the T11 committee decided to merge the logical step of FCF selection by an ENode in FIP with the native Fibre Channel fabric login exchange. The result of this optimization is a single FIP exchange that serves both purposes of FCF selection, as well as fabric login and FC_ID allocation. This optimization is not only convenient; it is a requirement for obtaining an appropriate FPMA for the ENode to use in the subsequent FCoE encapsulated frames.
“FIP FLOGI and FDISC are unicast frames almost identical to the native Fibre Channel FLOGI and FDISC frames they replace. The VN_Port sends an FLOGI or an FDISC request, followed by the corresponding FLOGI or FDISC accept payload from the FCF. Completion of this exchange terminates the FIP virtual link establishment phase.”
http://bit.ly/oVD6I8
Thanks J, that’s great!
Thanks a lot. 🙂 I’m someone who makes these protocols work and I thoroughly enjoyed your crisp intro
Siddharth,
Thanks for reading, I’m quite glad you enjoyed the article.
Joe
jan15Ben Hello,Ca change ! Beaucoup meame, mais c est e7a qu est sympa et s il faurda un peu de temps pour s y faire, e7a a le me9rite d eatre original Par contre un grooooooooos point noir, en tout cas pour ma fae7on de naviguer ! Impossible d utiliser le ctrl+clic pour ouvrir un article dans un nouvel onglet. Quand on proce8de de cette fae7on, l article s ouvre sur la page ET dans un nouvel onglet donc gale8re. En faisant clic droit e7a fonctionne, mais beaucoup moins pratiquePour info, j ai configure9 un bouton de ma souris pour faire le ctrl, et sur un site, je charge en onglet tous les articles qui m inte9ressent et je les lis ensuite.
Thanks for the article Joe! This is quite helpful for someone who has just started to work on FCoE.