Skip to main content

Creating a LIF

A LIF is an IP address associated with a physical or logical port. If there is a component failure, a LIF can fail over to or be migrated to a different physical port, thereby continuing to communicate with the network.

Before you begin

  • The underlying physical or logical network port must have been configured to the administrative up status.

  • If you are planning to use a subnet name to allocate the IP address and network mask value for a LIF, the subnet must already exist.

    Subnets contain a pool of IP addresses that belong to the same layer 3 subnet. They are created using the network subnet create command.

  • The mechanism for specifying the type of traffic handled by a LIF has changed. For ONTAP 9.5 and earlier, LIFs used roles to specify the type of traffic it would handle. Starting in ONTAP 9.6, LIFs use service policies to specify the type of traffic it would handle.

About this task

  • You cannot assign NAS and SAN protocols to the same LIF.

    The supported protocols are CIFS, NFS, FlexCache, iSCSI, and FC; iSCSI and FC cannot be combined with other protocols. However, NAS and Ethernet-based SAN protocols like iSCSI can be present on the same physical port.

  • You can create both IPv4 and IPv6 LIFs on the same network port.

  • All the name mapping and host-name resolution services used by an SVM, such as DNS, NIS, LDAP, and Active Directory, must be reachable from at least one LIF handling data traffic of the SVM.

  • A LIF handling intracluster traffic between nodes should not be on the same subnet as a LIF handling management traffic or a LIF handling data traffic.

  • Creating a LIF that does not have a valid failover target results in a warning message.

  • If you have a large number of LIFs in your cluster, you can verify the LIF capacity supported on the cluster by using the network interface capacity show command and the LIF capacity supported on each node by using the network interface capacity details show command (at the advanced privilege level).

Beginning in ONTAP 9.4, FC-NVMe is supported. If you are creating an FC-NVMe LIF you should be aware of the following:

  • The NVMe protocol must be supported by the FC adapter on which the LIF is created.

  • FC-NVMe can be the only data protocol on data LIFs.

  • One LIF handling management traffic must be configured for every storage virtual machine (SVM) supporting SAN.

  • NVMe LIFs and namespaces must be hosted on the same node.

  1. Create a LIF: network interface create -vserver vserver_name -lif lif_name -role lif_role -data-protocol {nfs|cifs|iscsi|fcp|fcache|none} -home-node node_name -home-port port_name {-address IP_address -netmask IP_address | -subnet-name subnet_name} -firewall-policy policy -auto-revert {true|false} -service-policy service_policy_name
    OptionDescription
    ONTAP 9.5 and earliernetwork interface create -vserver vserver_name -lif lif_name -role lif_role -data-protocol {nfs|cifs|iscsi|fcp|fcache|none} -home-node node_name -home-port port_name {-address IP_address -netmask IP_address | -subnet-name subnet_name} -firewall-policy policy -auto-revert {true|false}
    ONTAP 9.6 and laternetwork interface create -vserver vserver_name -lif lif_name -service-policy service_policy_name -home-node node_name -home-port port_name {-address IP_address -netmask IP_address | -subnet-name subnet_name} -firewall-policy policy -auto-revert {true|false}

    • The -data-protocol parameter must be specified when the LIF is created, and cannot be modified later without destroying and re-creating the data LIF.

      The -data-protocol parameter is not required when creating a LIF using a service policy (starting with ONTAP 9.6).

    • -home-node is the node to which the LIF returns when the network interface revert command is run on the LIF.

      You can also specify whether the LIF should automatically revert to the home-node and home-port with the -auto-revert option.

    • -home-port is the physical or logical port to which the LIF returns when the network interface revert command is run on the LIF.

    • You can specify an IP address with the -address and -netmask options, or you enable allocation from a subnet with the -subnet_name option.

    • When using a subnet to supply the IP address and network mask, if the subnet was defined with a gateway, a default route to that gateway is added automatically to the SVM when a LIF is created using that subnet.

    • If you assign IP addresses manually (without using a subnet), you might need to configure a default route to a gateway if there are clients or domain controllers on a different IP subnet. The network route create man page contains information about creating a static route within an SVM.

    • -auto-revert allows you to specify whether a data LIF is automatically reverted to its home node under circumstances such as startup, changes to the status of the management database, or when the network connection is made. The default setting is false , but you can set it to false depending on network management policies in your environment.

    • Starting with ONTAP 9.5, you can assign a service policy for the LIF with the -service-policy option.

      When a service policy is specified for a LIF, the policy is used to construct a default role, failover policy, and data protocol list for the LIF. In ONTAP 9.5, service policies are supported only for intercluster and BGP peer services. In ONTAP 9.6, you can create service policies for several data and management services.

  2. Optional: If you want to assign an IPv6 address in the -address option:
    1. Use the network ndp prefix show command to view the list of RA prefixes learned on various interfaces.

      The network ndp prefix show command is available at the advanced privilege level.
    2. Use the format prefix :: id to construct the IPv6 address manually.

      prefix is the prefix learned on various interfaces.

      For deriving the id , choose a random 64-bit hexadecimal number.
  3. Verify that the LIF was created successfully by using the network interface show command.
  4. Verify that the configured IP address is reachable:
    To verify an...Use...
    IPv4 addressnetwork ping
    IPv6 addressnetwork ping6

Examples

The following command creates a LIF and specifies the IP address and network mask values using the -address and -netmask parameters:

cluster-1::> network interface create -vserver vs1.example.com -lif datalif1 -role data -data-protocol cifs,
nfs -home-node node-4 -home-port e1c -address 192.0.2.145 -netmask 255.255.255.0 -firewall-policy data -auto-revert true

The following command creates a LIF and assigns IP address and network mask values from the specified subnet (named client1_sub):

cluster-1::> network interface create -vserver vs3.example.com -lif datalif3 -role data -data-protocol cifs,
nfs -home-node node-3 -home-port e1c -subnet-name client1_sub -firewall-policy data -auto-revert true

The following command shows all the LIFs in cluster-1. Data LIFs datalif1 and datalif3 are configured with IPv4 addresses, and datalif4 is configured with an IPv6 address:

cluster-1::> network interface show

            Logical    Status     Network          Current      Current Is
Vserver     Interface  Admin/Oper Address/Mask     Node         Port    Home
----------- ---------- ---------- ---------------- ------------ ------- ----
cluster-1
            cluster_mgmt up/up    192.0.2.3/24     node-1       e1a     true
node-1
            clus1        up/up    192.0.2.12/24    node-1       e0a     true
            clus2        up/up    192.0.2.13/24    node-1       e0b     true
            mgmt1        up/up    192.0.2.68/24    node-1       e1a     true
node-2
            clus1        up/up    192.0.2.14/24    node-2       e0a     true
            clus2        up/up    192.0.2.15/24    node-2       e0b     true
            mgmt1        up/up    192.0.2.69/24    node-2       e1a     true
vs1.example.com
            datalif1     up/down  192.0.2.145/30   node-1       e1c     true
vs3.example.com
            datalif3     up/up    192.0.2.146/30   node-2       e0c     true
            datalif4     up/up    2001::2/64       node-2       e0c     true
5 entries were displayed.

The following command shows how to create a NAS data LIF that is assigned with the default-data-files service policy:

network interface create -vserver vs1 -lif lif2 -home-node node2 -homeport e0d -service-policy 
default-data-files -subnet-name ipspace1