Skip to main content

network interface create

Contributors
Suggest changes

Create a logical interface

Availability: This command is available to cluster administrators at the admin privilege level.

Description

The network interface create command creates a logical interface (LIF).

Note A logical interface is an IP address associated with a physical network port. For logical interfaces using NAS data protocols, the interface can fail over or be migrated to a different physical port in the event of component failures, thereby continuing to provide network access despite the component failure.
Note On some cloud platforms, this operation might perform changes to the external route tables.

Parameters

-vserver <vserver> - Vserver Name

Use this parameter to specify the Vserver on which the LIF is created.

-lif <lif-name> - Logical Interface Name

Use this parameter to specify the name of the LIF that is created. For iSCSI and FC LIFs, the name cannot be more than 254 characters.

[-service-policy <text>] - Service Policy

Use this parameter to specify a service policy for the LIF. If no policy is specified, a default policy will be assigned automatically. Use the network interface service-policy show command to review available service policies.

[-role {undef|cluster|data|node-mgmt|intercluster|cluster-mgmt}] - (DEPRECATED)-Role
Note This parameter has been deprecated and may be removed in a future version of ONTAP. Use the -service-policy parameter instead.

Use this parameter to specify the role of the LIF. LIFs can have one of five roles:

  • Cluster LIFs, which provide communication among the nodes in a cluster

  • Intercluster LIFs, which provide communication among peered clusters

  • Data LIFs, which provide data access to NAS and SAN clients

  • Node-management LIFs, which provide access to cluster management functionality

  • Cluster-management LIFs, which provide access to cluster management functionality

LIFs with the cluster-management role behave as LIFs with the node-management role except that cluster-management LIFs can failover between nodes.

[-data-protocol {nfs|cifs|iscsi|fcp|fcache|none|fc-nvme|s3|nvme-tcp}] - Data Protocol

Use this parameter to specify the list of data protocols that can be served by the LIF. The supported protocols are NFS, CIFS, iSCSI, FCP, and FC-NVMe. NFS and CIFS are available by default when you create a LIF. If you specify "none", the LIF does not support any data protocols. Also, none, iscsi, fcp or fc-nvme cannot be combined with any other protocols.

Note The data-protocol field must be specified when the LIF is created and cannot be modified later.
Note The NFS protocol relies on firewall services included in the built-in "data" and "mgmt-nfs" firewall policies. Assigning a different firewall policy might disrupt some NFS client implementations.
-address <IP Address> - Network Address

Use this parameter to specify the LIF's IP address.

Note A cluster LIF cannot be on the same subnet as a management or data LIF.
{ -netmask <IP Address> - Netmask

Use this parameter to specify the LIF's netmask.

| -netmask-length <integer> - Bits in the Netmask

Use this parameter to specify the length (in bits) of the LIF's netmask.

| -is-vip <true> - Is VIP LIF

Use this parameter to display only logical interfaces matching a specify "is-vip" flag. Specifying "true" matches only LIFs to implement a Virtual IP; "false" matches only LIFs that do not.

{ [-auto <true>] - Allocate Link Local IPv4 Address

Use this parameter to specify whether IPv4 link local addressing is enabled for this LIF.

| [-subnet-name <subnet name>] - Subnet Name }

Use this parameter to allocate the interface address from a subnet. If needed, a default route will be created for this subnet.

[-home-node <nodename>] - Home Node

Use this parameter to specify the LIF's home node. The home node is the node to which the LIF returns when the network interface revert command is run on the LIF.

[-home-port {<netport>|<ifgrp>}] - Home Port

Use this parameter to specify the LIF's home port or interface group. The home port is the port or interface group to which the LIF returns when the network interface revert command is run on the LIF.

[-status-admin {up|down}] - Administrative Status

Use this parameter to specify whether the initial administrative status of the LIF is up or down. The default setting is up . The administrative status can differ from the operational status For example, if you specify the status as up but a network problem prevents the interface from functioning, the operational status remains as down.

[-failover-policy {system-defined|local-only|sfo-partner-only|disabled|broadcast-domain-wide}] - Failover Policy

Use this parameter to specify the failover policy for the LIF.

  • system-defined - The system determines appropriate failover targets for the LIF. The default behavior is that failover targets are chosen from the LIF's current hosting node and also from one other non-partner node when possible.

  • local-only - The LIF fails over to a port on the local or home node of the LIF.

  • sfo-partner-only - The LIF fails over to a port on the home node or SFO partner only.

  • broadcast-domain-wide - The LIF fails over to a port in the same broadcast domain as the home port.

  • disabled - Failover is disabled for the LIF.

The failover policy for cluster logical interfaces is local-only and cannot be changed. The default failover policy for data logical interfaces is system-defined. This value can be changed.

[-firewall-policy <policy>] - (DEPRECATED)-Firewall Policy
Note This parameter has been deprecated and may be removed in a future version of ONTAP. Use the -service-policy parameter instead.

Use this parameter to specify the firewall policy for the LIF. A LIF can use a default firewall policy that corresponds to its role (management, cluster, intercluster, or data) or a custom firewall policy created by an administrator. View and modify existing firewall policies using the system services firewall policy show and system services firewall policy modify commands, respectively.

Note The NFS data protocol relies on firewall services included in the built-in "data" and "mgmt-nfs" firewall policies. Assigning a different firewall policy might disrupt some NFS client implementations.
[-auto-revert {true|false}] - Auto Revert

Use this parameter to specify whether a data LIF is automatically reverted to its home port under certain circumstances. These circumstances include startup, when the status of the management database changes to either master or secondary, or when the network connection is made.

[-dns-zone {<zone-name>|none}] - Fully Qualified DNS Zone Name

Use this parameter to specify a unique, fully qualified domain name of a DNS zone to which this data LIF is added. You can associate a data LIF with a single DNS zone. All data LIFs included in a zone must be on the same Vserver. If a LIF is not added to a DNS zone the data LIF is created with the value none .

[-listen-for-dns-query {true|false}] - DNS Query Listen Enable

Use this parameter to specify if the LIF has to listen for DNS queries. The default value for this parameter is true.

[-allow-lb-migrate {true|false}] - (DEPRECATED)-Load Balancing Migrate Allowed (privilege: advanced)
Note This parameter has been deprecated and may be removed in a future version of ONTAP.

Use this parameter to specify whether load balancing migration is activated for this data LIF. The default value of this parameter is false . If you set the value of this parameter to true , automatic revert capability for this data LIF is disabled (the -auto-revert parameter is set to false ). Also, data LIFs that migrate as a result of load balancing adhere to network interface failover rules.

Note During times when a LIF is hosting active NFSv4, CIFS, or NRV connections, load balancing based LIF migrations between nodes will be temporarily disabled.
[-lb-weight {load|0..100}] - Load Balanced Weight (privilege: advanced)

Use this parameter to specify a load balancing weight for a data LIF. A valid numeric load balancing weight is any integer between 0 and 100. When you specify the same load balancing weight for all data LIFs in a DNS zone, client requests are uniformly distributed, similar to round-robin DNS. A data LIF with a low load balancing weight is made available for client requests less frequently than one that has a high load balancing weight. "load" is the default value of this parameter. If set to "load", node utilization statistics are used to dynamically assign the load balancing weight.

[-failover-group <failover-group>] - Failover Group Name

Use this parameter to specify the name of the failover group to associate with the LIF. Manage failover groups by using the network interface failover-groups command. Each broadcast domain has a default failover group which is created by the system automatically and has the same name as the broadcast domain. The failover group associated with the broadcast domain includes all ports in the broadcast domain. A logical interface's failover group is set to the failover group of the home port's broadcast domain by default, but this value can be modified.

[-comment <text>] - Comment

Use this parameter to specify the comment to associate with the LIF.

[-force-subnet-association <true>] - Force the LIF's Subnet Association

This command will fail if the IP address falls within the address range of a named subnet. Set this to true to acquire the address from the named subnet and assign the subnet to the LIF.

[-is-dns-update-enabled {true|false}] - Is Dynamic DNS Update Enabled?

If this parameter is set to true , then dynamic DNS update is sent to the DNS server for the particular LIF entry if dynamic DNS updates are enabled for the corresponding Vserver. This field is set to true by default for both IPv4 and IPv6 LIFs. DNS Update is not supported on LIFs not configured with either the NFS or CIFS protocol.

[-probe-port <integer>] - Probe-port for Cloud Load Balancer

Use this parameter to specify a probe-port for the LIF in the Azure environment. It is a required field in the Azure environment. If no probe-port is specified, an error would be returned.

[-broadcast-domain <text>] - Broadcast Domain

Use this parameter to display the broadcast domain that contains the home port of the logical interface.

[-rdma-protocols <roce>,…​] - Required RDMA offload protocols

Defines RDMA offload protocols required by the LIF. A non-empty list will ensure that this LIF can only be moved to network ports that support the specified RDMA offload protocols.

Examples

The following example creates an IPv4 LIF named datalif1 and an IPv6 LIF named datalif2 on a Vserver named vs0. Their home node is node0 and home port is e0c. The failover policy broadcast-domain-wide is assigned to both LIFs. The service policy is default-data-files and the LIFs are automatically reverted to their home node at startup and under other circumstances. The datalif1 has the IP address 192.0.2.130 and netmask 255.255.255.128, and datalif2 has the IP address 3ffe:1::aaaa and netmask length of 64.

cluster1::> network interface create -vserver vs0 -lif datalif1 -home-node node0 -home-port e0c -address 192.0.2.130 -netmask 255.255.255.128 -failover-policy broadcast-domain-wide -service-policy default-data--files -auto-revert true
cluster1::> network interface create -vserver vs0 -lif datalif2 -home-node node0 -home-port e0c -address 3ffe:1::aaaa -netmask-length 64 -failover-policy broadcast-domain-wide -service-policy default-data-files -auto-revert true