Congestion Notification Domain Defense

A congestion notification domain defense provides a means of defending a congestion notification domain against incoming frames from outside of the domain. Domain defense assumes:

Domain defense protects the boundaries of a congestion notification domain by preventing frames not in a congestion controlled flow from entering congestion point controlled queues. Domain defense takes advantage of the ability to change the priority value based upon whether or not the port‘s neighbor is also configured with the same CNPV. If a frame with the same priority as the CNPV is not in the congestion controlled flow, the frame priority is changed to the configured alternate priority for that CNPV.

A default domain defense mode is configured at each congestion point port.

There are four possible domain defense modes depending upon whether the CNPV is configured for the congestion point, whether a given congestion point knows the congestion notification state of its neighbor, and where the congestion point port is located in the congestion notification domain:

Congestion Notification Domain Defense Mode Overview provides a dynamic domain defense mode configuration overview.

Click to expand in new window
Congestion Notification Domain Defense Mode Overview
Graphics/Congestion_Notification_Domain_Defense.png
1 Non-CN configured port 2 Edge defense port 3 Interior ready defense port

In Congestion Notification Domain Defense Mode Overview, there are two packet flow sources. One of the flow sources is a reaction point configured for CNPV 6 and mapped to queue 6 (Server 1). The second flow source is not configured for congestion notification (Server 2).

There are two paths between the two packet flow sources and the destination. The first path is from the two flow sources to the destination through switches A and B. The second path is from the flow sources to the destination through switches A and C, an IP network cloud, and switch B.

There are three flow discussions that can be derived from Congestion Notification Domain Defense Mode Overview.

Port defaults for domain defense are determined by priority choice. See Priority Choice for details.

Defaults for domain defense can be administratively configured by priority on a port or for all priorities on a port. A default domain defense can be globally configured per CNPV for all ports using the set dcb cn priority defense command. A default domain defense can be set on a port basis for all CNPVs on that port using the set dcb cn port-priority defense command.