Release notes
LIF security
Suggest changes
-
PDF of this doc site
-
Cluster administration
-
Volume administration
-
Logical storage management with the CLI
-
-
NAS storage management
-
Configure NFS with the CLI
-
Manage NFS with the CLI
-
Manage SMB with the CLI
-
Manage file access using SMB
-
-
-
Security and data encryption
-
Data protection and disaster recovery
-
Collection of separate PDF docs
Creating your file...
A LIF is an IP address or worldwide port name (WWPN) with associated characteristics, such as a role, a home port, a home node, a list of ports to fail over to, and a firewall policy. You can configure LIFs on ports over which the cluster sends and receives communications over the network. It is critical to understand the security characteristics of each LIF role.
LIF roles
LIF roles can be the following:
-
Data LIF: A LIF associated with an SVM and used for communicating with clients.
-
Cluster LIF: A LIF used to carry intracluster traffic between nodes in a cluster.
-
Node management LIF: A LIF that provides a dedicated IP address for managing a particular node in a cluster.
-
Cluster management LIF: A LIF that provides a single management interface for the entire cluster.
-
Intercluster LIF: A LIF used for cross-cluster communication, backup, and replication.
Security characteristics of each LIF role
| Data LIF | Cluster LIF | Node management LIF | Cluster Management LIF | Intercluster LIF | |
|---|---|---|---|---|---|
Requires private IP subnet? |
No |
Yes |
No |
No |
No |
Requires secure network? |
No |
Yes |
No |
No |
Yes |
Default firewall policy |
Very restrictive |
Completely open |
Medium |
Medium |
Very restrictive |
Is the firewall customizable? |
Yes |
No |
Yes |
Yes |
Yes |
|
|
Learn more about securing LIFs, see the Configure firewall policies for LIFs.