Method and System for Traffic Isolation in a Network

1. A method for facilitating traffic isolation in a switch, the method comprising: configuring one or more ports of the switch as members of first a traffic isolation zone, wherein a traffic isolation zone is a subset of ports in the switch and precludes a data flow not belonging to the traffic isolation zone from reaching a port within the traffic isolation zone; identifying that a data flow belongs to the first traffic isolation zone based on the subset of ports belonging to the first traffic isolation zone; in response to a port of the first traffic isolation zone being available, associating the data flow with the port as an output port; in response to the port not being available, determining whether a failover option for the first traffic isolation zone is enabled; and in response to the failover option being enabled, associating the data flow with a second port as an output port, wherein the second port is a member of a second traffic isolation zone, and wherein the second traffic isolation zone is distinct from the first traffic isolation zone.

2. The method of claim 1 , further comprising: using the first traffic isolation zone to enforce one or more Quality-of-Service (QoS) parameters for a QoS class.

3. The method of claim 1 , wherein configuring the ports as members of the first traffic isolation zone comprises: propagating the configuration of the first traffic isolation zone across one or more switches; determining whether a local switch is part of the first traffic isolation zone; and updating a local forwarding table with the configuration of the first traffic isolation zone.

4. The method of claim 1 , wherein the method further comprises associating the data flow with the second port as an output port in response to a next-hop port within the first traffic isolation zone for the data flow not being available, wherein a next-hop port within the second traffic isolation zone for the data flow is available.

5. The method of claim 1 , wherein the method further comprises dropping the data flow belonging to the first traffic isolation zone in response to the failover option not being enabled.

6. The method of claim 1 , wherein the ports configured as members of the first traffic isolation zone are Fibre Channel ports and comprise one or more of N_Ports, E_Ports, and EX_Ports.

7. The method of claim 6 , wherein the first traffic isolation zone comprises a set of inter-switch links (ISLs) coupling adjacent E_Ports that form an end-to-end path.

8. The method of claim 6 , wherein the first traffic isolation zone comprises one or more EX_Ports and is configurable to traverse Fibre Channel routers (FCRs) and FCR-coupled fabrics.

9. A non-transitory computer-readable medium storing instructions which when executed by a computer cause the computer to perform a method for facilitating traffic isolation in a network, the method comprising: configuring one or more ports of a switch as members of a first logical group, wherein a logical group is a subset of ports in the switch and precludes a data flow not belonging to the logical group from reaching a port within the logical group; identifying that a packet belongs to the first logical group based on the subset of ports belonging to the first traffic isolation zone; in response to a port of the first logical group being available, associating the packet with the port as an output port; in response to the port not being available, determining whether a failover option for the first logical group is enabled; and in response to the failover option being enabled, associating the packet with a second port as an output port, wherein the second port is a member of a second logical group, and wherein the second logical group is distinct from the first logical group.

10. The computer-readable medium of claim 9 , wherein the method further comprises using the first logical group to enforce one or more Quality-of-Service (QoS) parameters for a QoS class.

11. The computer-readable medium of claim 9 , wherein configuring the ports as members of the first logical group comprises: propagating the configuration of the first logical group across one or more switches; determining whether a local switch is part of the first logical group; and updating a local forwarding table with the configuration of the first logical group.

12. The computer-readable medium of claim 9 , wherein the method further comprises associating the packet with the second port as an output port in response to a next-hop port within the first logical group for the packet not being available, wherein a next-hop port within the second logical group for the data flow is available.

13. The computer-readable medium of claim 9 , wherein the method further comprises dropping the packet belonging to the first logical group in response to the failover option not being enabled.

14. The computer-readable medium of claim 9 , wherein the ports configured as members of the first logical group are Fibre Channel ports and comprise one or more of N_Ports, E_Ports, and EX_Ports.

15. The computer-readable medium of claim 14 , wherein the first logical group comprises a set of inter-switch links (ISLs) coupling adjacent E_Ports that form an end-to-end path.

16. The computer-readable medium of claim 14 , wherein the first logical group comprises one or more EX_Ports and is configurable to traverse Fibre Channel routers (FCRs) and FCR-coupled fabrics.

17. A switch for facilitating traffic isolation in a network, the switch comprising: a set of ports operable as members of a first logical group, wherein a logical group is a subset of ports in the switch and precludes a data flow not belonging to the logical group from reaching a port within the logical group; a logical-group mapping module adapted to: identify that a packet belongs to the first logical group based on the subset of ports belonging to the first logical group; and determine whether a failover option for the first logical group is enabled in response to a port of the first logical group not being available; and a forwarding module adapted to: associate the packet with the port as an output port in response to the port being available; and associate the packet with a second port as an output port in response to the failover option being enabled, wherein the second port is a member of a second logical group, and wherein the second logical group is distinct from the first logical group.

18. The switch of claim 17 , further comprising a Quality-of-Service (QoS) enforcement module adapted to enforce one or more QoS parameters for a QoS class based on the first logical group.

19. The switch of claim 17 , further comprising a logical-group configuration module adapted to: propagate the configuration of the first logical group across one or more switches; determine whether a local switch domain is part of the logical group; and update a local forwarding table with the configuration of the first logical group.

20. The switch of claim 17 , wherein the forwarding module is further adapted to associate the packet with the second port as an output port in response to a next-hop port within the first logical group for the packet not being available, wherein a next-hop port within the second logical group for the data flow is available.

21. The switch of claim 17 , wherein the forwarding module is further operable to drop the packet belonging to the first logical group port in response to the failover option not being enabled.

22. The switch of claim 21 , wherein the ports are adapted to operate as members of the first logical group are Fibre Channel ports and comprise one or more of N_Ports, E_Ports, and EX_Ports.

23. The switch of claim 21 , wherein the first logical group comprises a set of inter-switch links (ISLs) coupling adjacent E_Ports that form an end-to-end path.

24. The switch of claim 21 , wherein the first logical group comprises one or more EX_Ports and is operable to traverse Fibre Channel routers (FCRs) and FCR-coupled fabrics.