Configure virtual IP (VIP) LIFs

Download PDF of this page

Some next-generation data centers use Network-Layer-3 mechanisms that require LIFs to be failed over across subnets. VIP data LIFs and the associated routing protocol, border gateway protocol (BGP), are supported, which enable ONTAP to participate in these next- generation networks.

About this task

A VIP data LIF is a LIF that is not part of any subnet and is reachable from all ports that host a BGP LIF in the same IPspace. A VIP data LIF eliminates the dependency of a host on individual network interfaces. Because multiple physical adapters carry the data traffic, the entire load is not concentrated on a single adapter and the associated subnet. The existence of a VIP data LIF is advertised to peer routers through the routing protocol, Border Gateway Protocol (BGP).

VIP data LIFs provide the following advantages:

  • LIF portability beyond a broadcast domain or subnet: VIP data LIFs can fail over to any subnet in the network by announcing the current location of each VIP data LIF to routers through BGP.

  • Aggregate throughput: VIP data LIFs can support aggregate throughput that exceeds the bandwidth of any individual port because the VIP LIFs can send or receive data from multiple subnets or ports simultaneously.

Set up border gateway protocol (BGP)

Before creating VIP LIFs, you must set up BGP, which is the routing protocol used for announcing the existence of a VIP LIF to peer routers.

Before you begin

The peer router must be configured to accept a BGP connection from the BGP LIF for the configured autonomous system number (ASN).

ONTAP does not process any incoming route announcements from the router; therefore, you should configure the peer router for not sending any route updates to the cluster.

About this task

Setting up BGP involves optionally creating a BGP configuration, creating a BGP LIF, and creating a BGP peer group. ONTAP automatically creates a default BGP configuration with default values when the first BGP peer group is created on a given node. A BGP LIF is used to establish BGP TCP sessions with peer routers. For a peer router, a BGP LIF is the next hop to reach a VIP LIF. Failover is disabled for the BGP LIF. A BGP peer group advertises the VIP routes for all the SVMs in the peer group’s IPspace.

These fields have been added to the network bgp peer-group command.

  • -asn-prepend-type

  • -asn-prepend-count

  • -community

These BGP attributes allows you to configure the AS Path and community attributes for the BGP peer group. For more information, see Network features by release.

Steps

  1. Log in to the advanced privilege level:

    set -privilege advanced

  2. Optional: Create a BGP configuration or modify the default BGP configuration of the cluster by performing one of the following actions:

    1. Create a BGP configuration:

      network bgp config create -node {node_name | local} -asn asn_integer -holdtime
      hold_time -routerid local_router_IP_address
      
      network bgp config create -node node1 -asn 65502 -holdtime 180 -routerid 1.1.1.1
    2. Modify the default BGP configuration:

      network bgp defaults modify -asn asn_integer -holdtime hold_time
      network bgp defaults modify -asn 65502
      • asn_integer specifies the ASN. ASN for BGP is a non-negative 16-bit integer. The default ASN is 65501.

      • hold_time specifies the hold time in seconds. The default value is 180s.

  3. Create a BGP LIF for the system SVM:

    network interface create -vserver system_svm -lif lif_name -service-policy net-route- announce -home-node home_node -home-port home_port -address ip_address -netmask netmask

    You can use the net-route-announce service policy for the BGP LIF.

    network interface create -vserver cluster1 -lif bgp1 -service-policy net-route-announce -home-node cluster1-01 -home-port e0c -address 10.10.10.100 -netmask 255.255.255.0
  4. Create a BGP peer group that is used to establish BGP sessions with the remote peer routers and configure the VIP route information that is advertised to the peer routers:

    network bgp peer-group create -peer-group group_name -ipspace ipspace_name -local-lif
    bgp_lif -peer-address peer-router_ip_address -peer-asn 65502 -route-preference integer
    -asn-prepend-type ASN_prepend_type> -asn-prepend-count integer -community BGP community list <0-65535>:<0-65535>
    network bgp peer-group create -peer-group group1 -ipspace Default -local-lif bgp1 -peer-address 10.10.10.1 -peer-asn 65502 -route-preference 100 -asn-prepend-type local-asn -asn-prepend-count 2 -community 9000:900,8000:800

Create a virtual IP (VIP) data LIF

You can create a VIP data LIF. The existence of a VIP data LIF is advertised to peer routers through the routing protocol, Border Gateway Protocol (BGP).

Before you begin

  • The BGP peer group must be set up and the BGP session for the SVM on which the LIF is to be created must be active.

  • A static route to the BGP router or any other router in the BGP LIF’s subnet must be created for any outgoing VIP traffic for the SVM.

  • You should turn on multipath routing so that the outgoing VIP traffic can utilize all the available routes.

    If multipath routing is not enabled, all the outgoing VIP traffic goes from a single interface.

Steps

  1. Create a VIP data LIF:

    network interface create -vserver svm_name -lif lif_name -role data -data-protocol
    {nfs|cifs|iscsi|fcache|none|fc-nvme} -home-node home_node -address ip_address -is-vip true

    A VIP port is automatically selected if you do not specify the home port with the network interface create command.

    By default, the VIP data LIF belongs to the system-created broadcast domain named 'Vip', for each IPspace. You cannot modify the VIP broadcast domain.

    A VIP data LIF is reachable simultaneously on all ports hosting a BGP LIF of an IPspace. If there is no active BGP session for the VIP’s SVM on the local node, the VIP data LIF fails over to the next VIP port on the node that has a BGP session established for that SVM.

  2. Verify that the BGP session is in the up status for the SVM of the VIP data LIF:

    network bgp vserver-status show
    
    Node        Vserver  bgp status
    	    ----------  -------- ---------
    	    node1       vs1      up

    If the BGP status is down for the SVM on a node, the VIP data LIF fails over to a different node where the BGP status is up for the SVM. If BGP status is down on all the nodes, the VIP data LIF cannot be hosted anywhere, and has LIF status as down.

Commands for managing the BGP

You use the network bgp commands to manage the BGP sessions in ONTAP.

Manage BGP configuration

If you want to…​ Use this command…​

Create a BGP configuration

network bgp config create

Modify BGP configuration

network bgp config modify

Delete BGP configuration

network bgp config delete

Display BGP configuration

network bgp config show

Displays the BGP status for the SVM of the VIP LIF

network bgp vserver-status show

Manage BGP default values

If you want to…​ Use this command…​

Modify BGP default values

network bgp defaults modify

Display BGP default values

network bgp defaults show

Manage BGP peer groups

If you want to…​ Use this command…​

Create a BGP peer group

network bgp peer-group create

Modify a BGP peer group

network bgp peer-group modify

Delete a BGP peer group

network bgp peer-group delete

Display BGP peer groups information

network bgp peer-group show

Rename a BGP peer group

network bgp peer-group rename

Related information: ONTAP 9 commands