> > Hannes Reinecke wrote: > > Ahmed A wrote: > >> Hello, > >> > >> I am trying to setup a Linux system to snoop FCoE frames. The Linux RedHat > 5.4 system has a dual port 10G QLogic CNA(hba), that are configure as regular > NICs. I configured a bridge between the these two 10G ports, using the built > in bridge code in the kernel, and using bridge-utils package. I then > connected one of the bridge ports to an 10G FCoE Initiator in another Linux > server and the other 10G bridge port to a Nexus switch. For some reason the > FCoE Initiator is not logging into the Nexus switch, which it does if directly > connected. Am I missing something basic? Is there any handshake/negotiation > that happens below the ethernet level between the Initiator port and Nexus > port? > >> > >> Using the same setup, I am able to snoop iSCSI packets between an iSCSI > Initiator and iSCSI Target. So, the bridging and snooping (using ethereal) > does work. > >> > >> > >> > >> Linux RedHat 5.4 > >> (Dual port 10G CNA, configured part of a > bridge). > >> | | > | | > >> FCoE Initiator ______| |______Nexus Switch > >> > > You have to make sure not to strip off any VLAN tags. > > Normally a NIC port on the switch is set to 'access' mode, which will strip > off any VLAN tags. > > You'll have to move that to 'trunk' mode and configure the bridge on the > linux side to > > also leave all VLAN tags alone. > > > > Oh, and tell me how you've configured the linux bridge. > > I only know the theory, not the actual steps for doing so :-) > > > > Cheers, > > > > Hannes > > As Chris Leech pointed out, it may be a DCBX issue. Bridges are not supposed > to forward LLDP frames (which DCBX uses). > > Are you using DCBX on the initiator to negotiate pause parameters with the > switch? > Those negotiations are hop-by-hop, so your Linux bridge may not be forwarding > them. > You may need to tell the initiator not to use DCBX. Then you'll possibly have > issues with frame loss unless you use link pause in both directions on both > links. > > Depending on your initiator, that may be the problem. Other issues may be > forwarding of multicast FIP frames if you use FIP. Are you seeing anything at > all on the trace? > > Another way to capture frames is to use a monitor session on the Nexus 5000, > which can send a copy of what is sent and received on one port out of another > port which you can then capture on your Linux box. One drawback of that is > that you won't see the VLAN tags. > > To do that you would connect the initiator directly to the switch, and connect > the snooping host to another port. The syntax is something like > > config t > # set the destination interface in monitor mode > interface eth1/38 > switchport monitor > # set up a monitor session > monitor session 1 > source interface Ethernet1/5 both > destination interface Ethernet1/38 > no shut > > You can also have the source be a VSAN or VLAN. > > > Joe > > _______________________________________________ > devel mailing list > [email protected] > http://www.open-fcoe.org/mailman/listinfo/devel
I have a linux bridge setup this way and it works fine for me for FCoE w/ FIP. I believe it's dcbx negotiation issue on your initiator side as Joe and Chris pointed out. Just have the intiator side configured dcb using dcbtool to be willing/enabled on both the initiator port and the bridge port, and using the same user priority for FCoE that you have configured to use on the other bridge port that goes to the FCF. This worked for me before when VLAN was not required, but now w/ VLAN, you just need to create vlan interfaces on your bridge box, and have brctl create the bridge over these two vlans. Then you are good to go. I still have vlan stripping on in my bridge nic driver, which is Intel 82598, I don't know if this is going to work for your CNA since not sure how CNA is able to do the dcbx exchange on side of the bridge going to the initiator, like both Willing/Enabled/Advertised on the same priority. yi _______________________________________________ devel mailing list [email protected] http://www.open-fcoe.org/mailman/listinfo/devel
