LIF roles in ONTAP 9.5 and earlier

Contributors netapp-barbe Download PDF of this page

LIFs with different roles have different characteristics. A LIF role determines the kind of traffic that is supported over the interface, along with the failover rules that apply, the firewall restrictions that are in place, the security, the load balancing, and the routing behavior for each LIF. A LIF can have any one of the following roles: cluster, cluster management, data, intercluster, node management, and undef (undefined). The undef role is used for BGP LIFs.

Starting with ONTAP 9.6, LIF roles are deprecated. You should specify service policies for LIFs instead of a role. It is not necessary to specify a LIF role when creating a LIF with a service policy.

LIF security

Data LIF Cluster LIF Node management LIF Cluster management LIF Intercluster LIF

Require private IP subnet?

No

Yes

No

No

No

Require secure network?

No

Yes

No

No

Yes

Default firewall policy

Very restrictive

Completely open

Medium

Medium

Very restrictive

Is firewall customizable?

Yes

No

Yes

Yes

Yes

LIF failover

Data LIF Cluster LIF Node management LIF Cluster management LIF Intercluster LIF

Default behavior

Only those ports in the same failover group that are on the LIF’s home node and on a non-SFO partner node

Only those ports in the same failover group that are on the LIF’s home node

Only those ports in the same failover group that are on the LIF’s home node

Any port in the same failover group

Only those ports in the same failover group that are on the LIF’s home node

Is customizable?

Yes

No

Yes

Yes

Yes

LIF routing

Data LIF Cluster LIF Node management LIF Cluster management LIF Intercluster LIF

When is a default route needed?

When clients or domain controller are on different IP subnet

Never

When any of the primary traffic types require access to a different IP subnet

When administrator is connecting from another IP subnet

When other intercluster LIFs are on a different IP subnet

When is a static route to a specific IP subnet needed?

Rare

Never

Rare

Rare

When nodes of another cluster have their intercluster LIFs in different IP subnets

When is a static host route to a specific server needed?

To have one of the traffic types listed under node management LIF, go through a data LIF rather than a node management LIF. This requires a corresponding firewall change.

Never

Rare

Rare

Rare

LIF rebalancing

Data LIF Cluster LIF Node management LIF Cluster management LIF Intercluster LIF

DNS: use as DNS server?

Yes

No

No

No

No

DNS: export as zone?

Yes

No

No

No

No