配置 LIF
建议更改
PDF
您必须确定用于在节点和备份应用程序之间建立数据连接和控制连接的 LIF 。确定 LIF 后,您必须验证是否为 LIF 设置了防火墙和故障转移策略。
|
从ONTAP 9.10.1开始、防火墙策略已弃用、并完全替换为LIF服务策略。有关详细信息,请参见 "管理支持的流量"。 |
-
使用命令和
-service-policy`参数确定节点上托管的集群间LIF `network interface show。network interface show -service-policy default-intercluster -
确保集群间LIF包含此 `backup-ndmp-control`服务:
network interface service-policy show -
确保已为集群间 LIF 正确设置故障转移策略:
-
验证集群间CIFs的故障转移策略是否设置为
local-only使用network interface show -failover命令:cluster1::> network interface show -failover Logical Home Failover Failover Vserver Interface Node:Port Policy Group -------- --------------- ----------------- ------------ -------- cluster1 IC1 cluster1-1:e0a local-only Default Failover Targets: ....... IC2 cluster1-2:e0b local-only Default Failover Targets: ....... cluster1-1 cluster1-1_mgmt1 cluster1-1:e0m local-only Default Failover Targets: ....... -
如果未正确设置故障转移策略、请使用修改此故障转移策略
network interface modify命令-failover-policy参数。cluster1::> network interface modify -vserver cluster1 -lif IC1 -failover-policy local-only
-
-
使用确定节点上托管的集群间LIF
network interface show命令-role参数。cluster1::> network interface show -role intercluster Logical Status Network Current Current Is Vserver Interface Admin/Oper Address/Mask Node Port Home ----------- ---------- ---------- ------------------ ------------- ------- ---- cluster1 IC1 up/up 192.0.2.65/24 cluster1-1 e0a true cluster1 IC2 up/up 192.0.2.68/24 cluster1-2 e0b true -
确保已为集群间 LIF 上的 NDMP 启用防火墙策略:
-
使用验证是否已为NDMP启用防火墙策略
system services firewall policy show命令:以下命令显示集群间 LIF 的防火墙策略:
cluster1::> system services firewall policy show -policy intercluster Vserver Policy Service Allowed ------- ------------ ---------- ------------------- cluster1 intercluster dns - http - https - ndmp 0.0.0.0/0, ::/0 ndmps - ntp - rsh - ssh - telnet - 9 entries were displayed. -
如果未启用防火墙策略、请使用启用防火墙策略
system services firewall policy modify命令-service参数。以下命令将为集群间 LIF 启用防火墙策略:
cluster1::> system services firewall policy modify -vserver cluster1 -policy intercluster -service ndmp 0.0.0.0/0
-
-
确保已为集群间 LIF 正确设置故障转移策略:
-
验证集群间CIFs的故障转移策略是否设置为
local-only使用network interface show -failover命令:cluster1::> network interface show -failover Logical Home Failover Failover Vserver Interface Node:Port Policy Group -------- --------------- ----------------- ------------ -------- cluster1 IC1 cluster1-1:e0a local-only Default Failover Targets: ....... IC2 cluster1-2:e0b local-only Default Failover Targets: ....... cluster1-1 cluster1-1_mgmt1 cluster1-1:e0m local-only Default Failover Targets: ....... -
如果未正确设置故障转移策略、请使用修改此故障转移策略
network interface modify命令-failover-policy参数。cluster1::> network interface modify -vserver cluster1 -lif IC1 -failover-policy local-only
-