Solved: FIP and Native VLAN

ataranen · ‎02-05-2014

Hello,

according to documentation, FIP uses native vlan for FCoE VLAN discovery. Is it necessary to trunk native VLAN on the CNA port of a switch facing a server? For example if e1/1 is connected to a host and I'm using VLAN10 for data and VLAN100 for storage, and my native vlan is VLAN1, should the configuration be:

interface Ethernet1/1

switchport mode trunk

switchport trunk native vlan 1

switchport trunk allowed vlan 1,10,100

spanning-tree port type edge trunk

OR is it sufficient to have:

interface Ethernet1/1

switchport mode trunk

switchport trunk allowed vlan 10,100

spanning-tree port type edge trunk

Another alternative, which takes into account that host may not tag it's data traffic:

interface Ethernet1/1

switchport mode trunk

switchport trunk native vlan 10

switchport trunk allowed vlan 10,100

spanning-tree port type edge trunk

Is it really a must to trunk native VLAN? In my lab it works either way.

Amit Singh · ‎02-07-2014

You can use either option 1 or 3. The best practice config would be option 1. You have the make sure that your native vlan is carried across all the trunk ports.

Note : A fcoe vlan cannot the native vlan. i.e the VSAN's mapped to VLAN's to carry storage
traffuc cannot be a ntive vlan.

The native VLAN is the default VLAN on a trunk. Any untagged frames
transit the trunk as native VLAN traffic. You cannot use a fcoe vlan for
a native vlan because of this. FCoE Initialization Protocol (FIP) uses
the native VLAN and therefore all FCoE links should be trunked to carry
the FCoE VLAN as well as the native VLAN

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/trouble
shooting/guide/n5K_ts_fcoe.html#wp1026165

Hope this helps.

Cheers,

-amit singh

View solution in original post

Walter Dey · ‎02-06-2014

FIP VLAN Discovery

FIP VLAN discovery discovers the FCoE VLAN that will be used by all other FIP protocols as well as by the FCoE encapsulation for Fibre Channel payloads on the established virtual link. One of the goals of FC-BB-5 was to be as nonintrusive as possible on initiators and targets, and therefore FIP VLAN discovery occurs in the native VLAN used by the initiator or target to exchange Ethernet traffic. The FIP VLAN discovery protocol is the only FIP protocol running on the native VLAN; all other FIP protocols run on the discovered FCoE VLANs.

The ENode sends a FIP VLAN discovery request to a multicast MAC address called All-FCF-MACs, which is a multicast MAC address to which all FCFs listen. All FCFs that can be reached in the native VLAN of the ENode are expected to respond on the same VLAN with a response that lists one or more FCoE VLANs that are available for the ENode's VN_Port login. This protocol has the sole purpose of allowing the ENode to discover all the available FCoE VLANs, and it does not cause the ENode to select an FCF.

ataranen · ‎02-06-2014

wdey, I red the documentation. What does it mean for the configuration. Do we have to enable trunking for native VLAN, or not? If we don't what are the concesquences? In my environment, I don't enable native VLAN on the trunk and it works like a charm, but is it right. Should I be concerned about not trunking native VLAN. In the example I gave above, is it option 1, 2 or 3 for the best practice configuration?

Amit Singh · ‎02-07-2014

You can use either option 1 or 3. The best practice config would be option 1. You have the make sure that your native vlan is carried across all the trunk ports.

Note : A fcoe vlan cannot the native vlan. i.e the VSAN's mapped to VLAN's to carry storage
traffuc cannot be a ntive vlan.

The native VLAN is the default VLAN on a trunk. Any untagged frames
transit the trunk as native VLAN traffic. You cannot use a fcoe vlan for
a native vlan because of this. FCoE Initialization Protocol (FIP) uses
the native VLAN and therefore all FCoE links should be trunked to carry
the FCoE VLAN as well as the native VLAN

http://www.cisco.com/en/US/docs/switches/datacenter/nexus5000/sw/trouble
shooting/guide/n5K_ts_fcoe.html#wp1026165

Hope this helps.

Cheers,

-amit singh

ataranen · ‎02-07-2014

Amit, thank you for the explanaition and the TS link, it makes sence.

Amit Singh · ‎02-07-2014

Glad it helped. Please continue to use supportforums for any further help.

Appreciate the rating as well. Have a good weekend ahead.

Cheers,

-amit singh

ataranen · ‎09-08-2014

I discovered interesting behaviour on nexus 5k FCoE VF ports (towards servers) and the FIP protocol; that prompted me to re-open this discussion. I hope someone with FIP expertise can shed some light as Cisco documentation of FIP is very scarce.

First off, FCoE vlan discovery always works regardless of whether we allow native vlan trunking or not. This is in conflict with Cisco documentation which says we should allow trunking for native VLAN in order for FIP to work.

Second and more interesting, even if we shutdown all LAN traffic on a port towards CNA as shown below, the FCoE still works.

interface Ethernet1/10
switchport mode trunk
switchport trunk allowed vlan 10
spanning-tree port type edge trunk
shutdown lan

n5k(config-if)# show int vfc10
vfc10 is trunking
Bound interface is Ethernet1/10
.......
Port mode is TF
Port vsan is 10
Trunk vsans (admin allowed and active) (10)
Trunk vsans (up) (10)

It appears FIP completely ignores VLAN permissions on a link. Perhaps it works similar to CDP, which doesn't take into account vlan permissions.