LIFs and service policies in ONTAP 9.6 and later
Starting with ONTAP 9.6, you can assign service policies (instead of LIF roles) to LIFs that determine the kind of traffic that is supported for the LIFs. Service policies define a collection of network services supported by a LIF. ONTAP provides a set of built-in service policies that can be associated with a LIF.
ONTAP supports service policies starting with ONTAP 9.5; however, service policies can only be used to configure a limited number of services. Starting with ONTAP 9.6, LIF roles are deprecated and service policies are supported for all types of services.
Service policies for system SVMs in ONTAP 9.6
| Policy | Included services | Equivalent role | Description |
|---|---|---|---|
| default-intercluster | intercluster-core | intercluster | Used by LIFs carrying intercluster traffic. Note Available from ONTAP 9.5 with the name |
| default-route-announce | management-bgp | - | Used by LIFs carrying BGP peer connections Note Available from ONTAP 9.5 with the name |
| default-management | management-core, management-ssh, management-https, management-autosupport | node-mgmt, or cluster-mgmt | Used by LIFs handling management requests |
The following table lists the services that can be used on a system SVM along with any restrictions each service imposes on a LIF's failover-policy:
| Service | Failover limitations | Description |
|---|---|---|
| intercluster-core | home-node-only | Core intercluster services |
| management-core | - | Core management services |
| management-ssh | - | Services for SSH management access |
| management-https | - | Services for HTTPS management access |
| management-autosupport | - | Services related to posting AutoSupport payloads |
| management-bgp | home-port-only | Services related to BGP peer interactions |
Service policies for data SVMs in ONTAP 9.6
All data SVMs contain service policies that can be used by LIFs in that SVM. The following table lists the built-in policies for LIFs in data SVMs:
| Policy | Included services | Equivalent data protocol | Description |
|---|---|---|---|
| default-management | management-ssh, management-https | none | Used by LIFs handling management requests |
| default-data-blocks | data-iscsi | iscsi | Used by LIFs carrying block-oriented SAN data traffic |
| default-data-files | data-nfs, data-cifs, data-flexcache | nfs, cifs, fcache | Used by LIFs carrying file-oriented NAS data traffic |
The following table lists the services that can be used on a data SVM along with any restrictions each service imposes on a LIF's failover-policy:
| Service | Failover limitations | SVM limitations | Description |
|---|---|---|---|
| management-ssh | - | - | Services for SSH management access |
| management-https | - | - | Services for HTTPS management access |
| data-core | - | data-only | Core data services |
| data-nfs | - | data-only | Protocols related to NFS data service |
| data-cifs | - | data-only | Protocols related to CIFS data service |
| data-flexcache | - | data-only | Protocols related to FlexCache data service |
| data-iscsi | home-port-only | data-only | Protocols related to iSCSI data service |
You should be aware of how the service policies are assigned to the LIFs in data SVMs:
If a data SVM is created with a list of data services, the built-in default-data-files and default-data-blocks service policies in that SVM are created using the specified services.
If a data SVM is created without specifying a list of data services, the built-in default-data-files and default-data-blocks service policies in that SVM are created using a default list of data services.
The default data services list includes the iSCSI, NFS, CIFS, and FlexCache services.
When a LIF is created with a list of data protocols, a service policy equivalent to the specified data protocols is assigned to the LIF.
If an equivalent service policy does not exist, a custom service policy is created.
When a LIF is created without a list of data protocols, the default-data-files service policy is assigned to the LIF by default.