network interface service-policy create

Create a new service policy

Availability: This command is available to cluster administrators at the advanced privilege level.

Description

The network interface service-policy create command creates a new service policy with a list of included services. LIFs can reference this policy to control the list of services that they are able to transport on their network. Services can represent applications accessed by a LIF as well as applications served by this cluster.

Parameters

-vserver <vserver name> - Vserver: Use this parameter to specify the name of the Vserver on which the service policy will be created.
-policy <text> - Policy Name: Use this parameter to specify the name of service policy to be created.
[-services <LIF Service Name>, ...] - Included Services: Use this parameter to specify a list of services that should be included in this policy.
[-allowed-addresses <IP Address/Mask>, ...] - Allowed Addresses: Use this parameter to specify a list of subnet masks for addresses that are allowed to access the services in this policy. Use the value 0.0.0.0/0 to represent the wildcard IPv4 address and ::/0 to represent the wildcard IPv6 address.

Examples

The following example shows the creation of a service policy with no initial services.

cluster1::> network interface service-policy create -vserver cluster1 -policy empty

cluster1::> network interface service-policy show
Vserver   Policy                 Service: Allowed Addresses
--------- ---------------------- ------------------------------------------
cluster1
          empty                  -

          net-intercluster       intercluster-core: 0.0.0.0/0

2 entries were displayed.

The following example shows the creation of a new service policy with a specified service list.

cluster1::> network interface service-policy create -vserver cluster1 -policy metrocluster -services repl-mcc-nvlog,repl-mcc-storage

cluster1::> network interface service-policy show
Vserver   Policy                 Service: Allowed Addresses
--------- ---------------------- ------------------------------------------
cluster1
          empty                  -

          metrocluster           repl-mcc-nvlog: 0.0.0.0/0
                                 repl-mcc-storage: 0.0.0.0/0

          net-intercluster       intercluster-core: 0.0.0.0/0

3 entries were displayed.