Data ONTAP 7G Cook Book v4 - 1

Data ONTAP 7G Cook Book
Data ONTAP 7G Cook Book v4.0
Revision: 4.1 May 2012
https://communities.netapp.com/docs/DOC-8121 A compilation of step-by-step instructions for performing common tasks in Data ONTAP 7G. Most of the content is based on Data ONTAP 7.2. Features exclusive to Data ONTAP 7.3 are indicated by [7.3] See the Data ONTAP 8.x 7-Mode Cookbook for ONTAP 8 commands and procedures. Table of Contents Best Practices for Installation and Maintenance ................................................................................ 7 1 Aggregates and FlexVols ............................................................................................................ 8 1.1 Creating Aggregates ...................................................................................................................... 8 1.1.1. Software Disk Ownership ......................................................................................................... 8 1.1.1.1 1.1.1.2 Modifying disk ownership ..................................................................................................8 Associated Key OPTIONS .................................................................................................9
1.1.2 Aggregates ................................................................................................................................. 9 1.1.2.1 1.1.2.2 1.1.2.3 Add disks to Aggregates ....................................................................................................9 Disk right-size and max disk per aggregate matrix ........................................................ 10 Key aggregate OPTIONS ............................................................................................... 10
1.1.3 Modifying RAID groups............................................................................................................. 11 1.1.4 Create Flexible Volumes (FlexVols) ......................................................................................... 11 1.1.4.1 Root volume minimum size recommendations ............................................................... 11
1.1.5 Manage Flexible Volumes (FlexVols) ....................................................................................... 12 1.1.5.1 1.1.5.2 1.1.5.3 1.1.5.4 General management commands .................................................................................. 12 Resize a FlexVol ............................................................................................................. 13 Prioritize volume I/O with FlexShare .............................................................................. 13 Key Volume command Options ...................................................................................... 14
1.1.6 SnapLock volumes ................................................................................................................... 14 1.1.6.1 Associated Key OPTIONS .............................................................................................. 15
1.1.7 Create Qtrees ........................................................................................................................... 15 2 NAS Implementation .................................................................................................................. 16 2.1 NFS exports ................................................................................................................................. 16 2.1.1 Support NFSv4 clients .............................................................................................................. 17 2.1.2 Associated Key NFS OPTIONS ............................................................................................... 17 2.2 CIFS shares ................................................................................................................................. 18 2.2.1 Associated Key CIFS Shares OPTIONS .................................................................................. 19 2.3 Using Quotas ............................................................................................................................... 20 2.3.1 Guidelines for using quotas ...................................................................................................... 20
Data ONTAP 7G Cook Book v4_1.doc 1 May 2012
Page 1 NetApp
SAN Implementation .................................................................................................................. 21 3.1 Fiber Channel SAN ...................................................................................................................... 21 3.1.1 Enable the Fibre Channel Protocol .......................................................................................... 21 3.1.2 Configure FCP ports ................................................................................................................. 22 3.1.3 Create WWPN aliases [7.3] ...................................................................................................... 22 3.1.4 Change cfmode of an active-active cluster .............................................................................. 22 3.1.5 Create a LUN ............................................................................................................................ 23 3.1.6 Access LUNs on a Solaris Host ............................................................................................... 23 3.1.7 Multipathing Software for Solaris .............................................................................................. 25 3.1.8 Access LUNs on a Windows Host ............................................................................................ 25 3.1.9 Obtain HBA information ............................................................................................................ 26 3.1.10 Resolving FCP Partner Path Misconfigured messages ....................................................... 26 3.2 iSCSI SAN ................................................................................................................................... 26 3.2.1 Enable the iSCSI Protocol ........................................................................................................ 26 3.2.2 Install iSCSI Initiator and SnapDrive for Windows ................................................................... 27 3.2.3 Connect Windows to a LUN with iSCSI.................................................................................... 27 3.2.4 Create an iSCSI LUN using SnapDrive for Windows ............................................................... 27 3.3 Resize a LUN ............................................................................................................................... 28 3.4 Clone a LUN ................................................................................................................................ 28 3.5 [7.3] FlexClone a LUN.................................................................................................................. 29 3.6 Delete a LUN ............................................................................................................................... 29 3.7 Access a LUN with NFS/CIFS protocols...................................................................................... 30
Networking and Appliance Access .......................................................................................... 31 4.1 Configure Network Interfaces ...................................................................................................... 31 4.2 Setting Time and Date ................................................................................................................. 31 4.2.1 Synchronize with a time server ................................................................................................ 31 4.3 Creating VLANS ........................................................................................................................... 32 4.4 Managing Virtual Interfaces (VIF) ................................................................................................ 32 4.4.1 Create a VIF ............................................................................................................................. 32 4.4.2 Delete a VIF interface or VIF .................................................................................................... 33 4.5 IP version 6 [7.3.1] ....................................................................................................................... 33 4.5.1 Associated Key OPTIONS ....................................................................................................... 33 4.6 Baseboard Management Controller (BMC) ................................................................................. 33
Page 2 NetApp
4.6.1 Configure the BMC ................................................................................................................... 33 4.6.2 Using the BMC ......................................................................................................................... 34 4.6.3 Upgrade the BMC ..................................................................................................................... 34 4.7 Remote LAN Module (RLM) ........................................................................................................ 35 4.7.1 Configure the RLM ................................................................................................................... 35 4.7.2 Configure the Remote Support Agent (RSA) ........................................................................... 35 4.7.3 Use the RLM ............................................................................................................................. 36 4.7.4 Upgrade RLM firmware ............................................................................................................ 36 4.8 Service Processor (SP)................................................................................................................ 36 4.8.1 Configure the SP ...................................................................................................................... 36 4.8.2 Use the SP ............................................................................................................................... 37 4.8.3 Upgrade SP firmware ............................................................................................................... 37 4.9 Create Local User Accounts ........................................................................................................ 37 4.10 Key Network and FAS Security OPTIONS .................................................................................. 38 5 Space Management ................................................................................................................... 39 5.1 Managing Volume Free Space .................................................................................................... 39 5.1.1 Volume Space Management Settings ...................................................................................... 39 5.1.2 FPolicy ...................................................................................................................................... 39 5.1.3 Reallocate ................................................................................................................................. 40 5.1.4 Managing inodes ...................................................................................................................... 42 5.1.5 Automatic Space Preservation (vol_autogrow, snap autodelete) ............................................ 42 5.2 Deduplication ............................................................................................................................... 43 5.2.1 Maximum volume deduplication limits [7.3] .............................................................................. 44 5.2.2 Features not compatible with deduplication ............................................................................. 45 6 Data Replication, Migration and Recovery .............................................................................. 46 6.1 Network Data Management Protocol (NDMP) Copy ................................................................... 46 6.1.1 Enable NDMP ........................................................................................................................... 46 6.1.2 ndmpcopy ................................................................................................................................. 46 6.1.3 Associated Key OPTIONS ....................................................................................................... 46 6.2 Volume Copy ............................................................................................................................... 47 6.3 Snapshots .................................................................................................................................... 47 6.4 SnapRestore ................................................................................................................................ 48 6.5 Asynchronous SnapMirror ........................................................................................................... 48
Data ONTAP 7G Cook Book v4_1.doc 1 May 2012 Page 3 NetApp
6.5.1 Create an Asynchronous Volume SnapMirror Relationship ..................................................... 48 6.5.2 Convert a read-only SnapMirror Volume to read-write............................................................. 49 6.5.3 Resync a Broken Volume SnapMirror Relationship ................................................................. 49 6.5.4 Create an Asynchronous Qtree SnapMirror ............................................................................. 50 6.5.5 Convert read-only Qtree SnapMirrror destination to writeable ................................................. 50 6.5.6 Purging Asynchronous Mirrors ................................................................................................. 51 6.6 SnapVault .................................................................................................................................... 51 6.6.1 Perform a SnapVault restore .................................................................................................... 52 6.6.2 Turn SnapVault destination into SnapMirror destination. ......................................................... 52 6.6.3 Release a SnapVault relationship ............................................................................................ 53 6.7 Associated Key SnapMirror/Vault OPTIONS ............................................................................... 53 6.8 FlexClone ..................................................................................................................................... 54 6.8.1 Clone a flexible volume ............................................................................................................ 54 6.8.2 Split a FlexClone volume from the parent volume ................................................................... 54 6.8.3 FlexClone a file or LUN [7.3] .................................................................................................... 55 7 Security ....................................................................................................................................... 56 7.1 General Storage Controller Security ............................................................................................ 56 7.1.1 Managing SSH ......................................................................................................................... 56 7.1.2 Managing SSL .......................................................................................................................... 56 7.1.3 Associated Key Security OPTIONS ......................................................................................... 56 7.2 CIFS Security ............................................................................................................................... 57 7.2.1 Restricting CIFS access ........................................................................................................... 57 7.2.2 Monitoring CIFS Events............................................................................................................ 58 7.2.3 CIFS Network Security OPTIONS ............................................................................................ 58 7.3 AntiVirus ....................................................................................................................................... 59 8 System and Disk Maintenance ................................................................................................. 60 8.1 System Maintenance ................................................................................................................... 60 8.1.1 Associated Key OPTIONS ....................................................................................................... 60 8.2 Special Boot Menu and Maintenance Mode ................................................................................ 61 8.3 Disk Shelf Maintenance ............................................................................................................... 61 8.3.1 DS14 Shelves ........................................................................................................................... 61 8.3.2 [7.3]SAS Shelves (DS4243 & DS2246).................................................................................... 62
Page 4 NetApp
8.3.3 Associated Key Disk Shelf OPTIONS ...................................................................................... 62 8.4 Disk Maintenance ........................................................................................................................ 62 8.4.1 Drive zeroing time estimates .................................................................................................... 63 8.4.2 Update disk firmware and disk qualification file ....................................................................... 63 8.4.3 Associated Key OPTIONS ....................................................................................................... 64 8.5 Tape Device Maintenance ........................................................................................................... 64 8.5.1 Managing Tape Devices ........................................................................................................... 64 8.5.2 Associated Key Tape OPTIONS .............................................................................................. 64 9 Controller Failover Implementation ......................................................................................... 65 9.1 Enable controller failover functionality ......................................................................................... 65 9.1.1 Associated Key OPTIONS ....................................................................................................... 65 9.2 Setup network takeover interfaces .............................................................................................. 66 9.3 Perform cf takeover/giveback ...................................................................................................... 66 10 MultiStore (vfiler) Implementation ............................................................................................ 68
10.1 MultiStore (vfiler) Configuration ................................................................................................... 68 10.1.1 Changing system limits on vFilers .......................................................................................... 68 10.2 MultiStore (vfiler) Administration .................................................................................................. 69 10.2.1 Stop/Destroy a vfiler ............................................................................................................... 69 11 Configuration Files .................................................................................................................... 70
11.1 sample /etc/quota......................................................................................................................... 70 11.2 sample /etc/rc ............................................................................................................................... 71 11.3 sample /etc/hosts ......................................................................................................................... 71 11.4 sample /etc/resolv.conf ................................................................................................................ 71 11.5 sample /etc/exports ...................................................................................................................... 71 11.6 sample /etc/snapmirror.conf ........................................................................................................ 72 12 Troubleshooting Commands .................................................................................................... 73
12.1 General Troubleshooting ............................................................................................................. 73 12.2 NFS Troubleshooting ................................................................................................................... 74 12.3 CIFS Troubleshooting .................................................................................................................. 77 12.4 Network Troubleshooting ............................................................................................................. 77 12.5 NDMP Troubleshooting................................................................................................................ 78 12.6 SAN Troubleshooting ................................................................................................................... 78 12.6.1 FAS SAN Utilities.................................................................................................................... 78 12.6.2 Solaris SAN Utilities................................................................................................................ 78
12.6.3 Windows SAN Utilities ............................................................................................................ 79 12.6.4 Finding and fixing LUN alignment issues ............................................................................... 79 12.6.5 Configuring Cisco EtherChannels .......................................................................................... 79 12.6.6 Common Brocade SAN Switch Commands ........................................................................... 80 12.7 Test & Simulation Tools ............................................................................................................... 80
DISCLAIMER: This unofficial document is intended for NetApp and NetApp Authorized support personnel and experienced storage administrators who understand the concepts behind these procedures. It should never be used as the definitive source for carrying out administrative tasks. Always defer to Data ONTAP documentation, the NetApp Support website, and instructions from the Tech Support Center (8884NETAPP). Send any corrections to mcope@netapp.com Follow Best Practices by running WireGauge and generating an AutoSupport email before and after making changes to a production storage system. Community Forums: http://communities.netapp.com TechNet: http://tech.netapp.com Field Portal: http://fieldportal.netapp.com IBM Redbooks and Redpapers: http://www.redbooks.ibm.com/cgi-bin/searchsite.cgi?query=ONTAP
Page 6 NetApp
Best Practices for Installation and Maintenance

The most important consideration when working on a system in production is to always work from a known-good configuration. This will make troubleshooting problems easier because recent changes are most likely the cause. Follow these best practices to identify existing issues and prevent new ones. Log console output to a file. A console log is the best source of information concerning changes made to the system and any error or warning messages generated. Console logs are invaluable to technical support as supplement to AutoSupport emails. Run the WireGauge tool before and after performing any maintenance. Improper cabling is a primary source of system failures. Identify cabling issues before starting maintenance and verify no issues were created during the maintenance process. Perform a failover/giveback or system reboot before and after performing any maintenance . Oftentimes, we forget to update configuration files after make configuration changes from the command line. You want to discover and resolves any issues with system functionality prior to beginning maintenance. Logger command. The logger command allows manually inserting commends into the system log. Used in conjuction with manually created AutoSupport emails, the logger command helps break out the messages in the system log related to system maintenance. AutoSupport. AutoSupport emails are the cornerstone of proactive and reactive technical support. At least once a month, verify AutoSupport emails are being received by NetApp. Keep firmware up-to-date. The heart of a storage system is its disks and disk shelves. Keep them running optimally by applying the latest manufacturers firmware updates. Create and use checklists. Checklists ensure you dont miss a step and help make your work Consistent, Efficient, and Repeatable. Read Release Notes. Before upgrading to a new version of Data ONTAP, read the Release Notes to learn what is new and what has changed between the current running release and the new release. Search the Knowledge Base and Communities websites. These two websites are the primary source for customer or field engineer created articles related to the maintenance you will perform or issues you are experiencing.
Page 7 NetApp
Aggregates and FlexVols
1.1 Creating Aggregates

Refer to the Data ONTAP Storage Management Guide for more information.
1.1.1. Software Disk Ownership

NetApp storage controllers rely on ownership labels written to disk rather than physical connections to a shelf to determine ownership of a disk drive. This section describes how to assign and remove disk ownership. NOTE: Unowned disks cannot be used for data or as spares without being assigned ownership. Step 1 Command/Action *> disk upgrade_ownership Description Used in Maintenance Mode to convert hardware-based disk ownership systems to use software disk ownership Display all visible disks and whether they are owned or not Show all unowned disks Assigns the listed unowned disks to FAS1 Assigns all unowned disks connected to the 2a adapter interface to FAS1 Assign all unowned disks to current FAS controller Assign LUNs to a V-Series FAS controller
2 3 4 OR
FAS> disk show -v FAS> disk show -n FAS> disk assign 0b.43 0b.41 FAS> disk assign 2a.* FAS> disk assign all Warning: Use with caution. Not restricted by A and B loop in clusters V-FAS> disk assign <lun_id_list> -c {block | zoned}
OR -
1.1.1.1 Modifying disk ownership Step 1 OR 2 Command/Action FAS> disk assign 0b.43 0b.41 -s unowned [ -f ] FAS> priv set advanced FAS*> disk remove_ownership 0b.41 0b.43 FAS> disk show -n Verify disks are available for assignment. Description Change disks from owned to unowned
Alternative: reboot system and go into Maintenance Mode 1 *> storage release disk Used in Maintenance Mode to release disk reservations
Page 8 NetApp
*> disk reassign -s <old sysid> -d <new sysid> 2
Used in Maintenance Mode to reassign disk ownership of all disks owned by a single system to another system
1.1.1.2 Associated Key OPTIONS Option FAS> options disk.auto_assign Default on Description Specifies if disks are auto assigned to a controller. Occurs within 10 minutes of disk insertion.
1.1.2 Aggregates
Create an aggregate of physical disks to store Flexible Volumes. See the matrix below for the maximum number of disks an aggregate can use based on disk size and ONTAP version. Step 1 Command/Action FAS> aggr status -s Description View all available spare disks Create an aggregate called "aggr03" using raid_dp, a maximum raid size of 14 disks with an initial size of 9 disks Optional: Reduces aggregate snapshot reserve from 5% to 3%. Do not set to 0. View the options settings for the aggregate. Also lists all volumes contained in the aggregate.
FAS> aggr create aggr03 -t raid_dp -r 14 9
FAS> snap reserve -A aggr03 3
FAS> aggr status -v
1.1.2.1 Add disks to Aggregates Step 1 2 3 Command/Action FAS> aggr status -s FAS> aggr options aggr0 FAS> aggr status aggr0 -r FAS> aggr add aggr0 -d 7a.17 7a.26 FAS> aggr add aggr0 4@272 -f -g rg1 Description Display list of available spare disks and their disk IDs Verify the value of the raidsize option Check the RAID groups in the aggregate to see if there are any short RAID groups Add disks 7a.17 and 7a.26 to aggr0. They will be added to the last RAID group created (if it is incomplete) or will create a new RAID group Add four 300GB disks to aggr0 by adding them to RAID group number 1 Note: See disk size matrix below for size values
4 OR
Page 9 NetApp
FAS> snap delete -A -a aggr0
Delete aggregate snapshots to allow reallocate access to all data blocks Enable block reallocation OPTIONAL: Temporarily affects performance and may significantly increase snapshot consumption, but recommended when adding 3 or more disks Run reallocate -f on all volumes in the aggregate to redistribute them across the new drives Note: Avoid using reallocate on volumes with deduplication enabled
FAS> reallocate on
FAS> reallocate start -f vol01 ...
1.1.2.2 Disk right-size and max disk per aggregate matrix Use these values when creating an aggregate and when adding disks using n@size The max size numbers include the parity and diagonal-parity drives. Optimal RAID group sizes indicate what value to use for the raidsize option to use the least amount of parity drives, have the most data disks, and not harm performance by creating short raid groups (# of raid groups@raidsize value). Manufacturer size 72 GB FC 144 GB FC/SAS 300 GB FC/SAS 450 GB FC/SAS 600GB FC/SAS 250 GB SATA 300 & 320 GB SATA 500 GB SATA 750 GB SATA 1 TB SATA 2 TB SATA (8.0) Right-sized value 68 GB 136 GB 272 GB 408 GB 560 GB 212 GB 274 GB 423 GB 635 GB 847 GB 1,695 GB Max drives 7.2 241 120 59 39 Unsupported 76 61 39 26 15 Unsupported Optimal 7.2 RAID size 15@16 disks 8@15 disks 4@15 disks 2@19 disks Unsupported 6@13 disks 4@16 disks 3@13 disks 2@13 disks 1@15 disks Unsupported Max drives 7.3 282 141 69 46 33 86 71 45 30 23 11 Optimal 7.3 RAID size 15@19 disks 8@18 disks 4@18 disks 3@15 disks 2@17 disks 7@13 disks 5@15 disks 3@15 disks 2@15 disks 2@12 disks 1@11 disks
1.1.2.3 Key aggregate OPTIONS Option fas> aggr options raidsize** fas> aggr options raidtype fas> aggr options nosnap Default 16 (FC/SAS) 14 (SATA) raid_dp Off Description Maximum number of disks in each RAID group Set RAID parity type to raid4, raid_dp or raid0 When on, disables aggregate snapshots
Page 10 NetApp
options raid.disktype.enable options raid.rpm.ata.enable options raid.rpm.fcal.enable
Off On On
Enforces separations of disks by disk type Enforce separation of ATA drives by rotational speed (5400 and 7200 RPM) Enforces separation of FC drives by rotational speed (10k and 15k RPM)
1.1.3 Modifying RAID groups

Command/Action FAS> aggr options aggr_name raidtype raid_dp | raid4 ] [ Description switch RAID type in an aggregate or traditional volume to RAID-DP or RAID 4 Change the number of disks that compose a raid group in an aggregate or traditional volume. Note: Only affects last RAID group created (if not fully populated) and new RAID groups Uses Rapid RAID Recovery to copy data from a disk to a new spare. Useful when replacing a mismatched size disk.
FAS> aggr options aggr_name raidsize value**
FAS> disk replace start old_disk new_spare
1.1.4 Create Flexible Volumes (FlexVols)

Step 1 Command/Action FAS> df -A aggr05 OR FAS> aggr show_space -g aggr05 FAS> vol create vol01 aggr05 7g FAS> vol options vol01 create_ucode on FAS> vol options vol01 convert_ucode on Description Displays available free space in aggr05 Create a flexible volume called "vol01" on aggregate "aggr05" of size 7GB. Turn on Unicode for CIFS and SAN Turn on conversion to Unicode for any files copies into the volume The security style is inherited from the root volume. Change it if the new volume will use a different security style
2 3 4
FAS> qtree security vol01 unix
1.1.4.1 Root volume minimum size recommendations The Data ONTAP System Administration Guide recommends setting the root volume to 5x the amount of system memory. In practice, 2x is often enough or 20GB, whichever is larger. You must increase the size of the root volume for ONTAP 8. Therefore on ONTAP 7.3.x systems we recommend using the 8.0 settings on systems capable of running ONTAP 8 7-Mode.
Platform FAS3020 FAS3050 FAS3040 FAS3070 FAS2020 FAS2040 FAS2050 FAS3140 FAS3160 FAS3170 FAS3210 FAS3240 FAS3270 FAS6030/6040 FAS6070/6080
7.x size 12 GB 16 GB 16 GB 23 GB 10 GB 16 GB 12 GB 20 GB 24 GB 38 GB 10 GB 15 GB 30 GB 37 GB 69 GB
8.0 size Not Supported Not Supported 160 GB 230 GB Not Supported 160 GB Not Supported 160 GB 230 GB 250 GB 100 GB 150 GB 300 GB 250 GB 250 GB
1.1.5 Manage Flexible Volumes (FlexVols)

1.1.5.1 General management commands Command/Action FAS> vol options <vol_name> <option> FAS> vol rename flex1 vol1 FAS> vol container flex1 FAS> aggr status aggr05 -i FAS> df -[k | m | g] <vol_name> FAS> df -x <vol_name> FAS> vol restrict <vol_name> Description Change volume specific options Rename volume flex1 to vol1 NOTE: Do NOT change names of SnapMirror or SnapVault volumes Displays which aggregate the volume is contained within Lists all flexvols contained in aggr05 Display volume size and space usage in kilobytes, megabytes, or gigabytes. Suppress the display of the .snapshot output. May be combined with other command flags Make a flexvol read-only
Page 12 NetApp
1.1.5.2 Resize a FlexVol Step 1 Command/Action FAS> vol container vol4 FAS> df -A aggr07 OR FAS> aggr show_space -g aggr07 FAS> vol size vol4 150g FAS> vol size vol4 [+ | -] 30g Description Determine which aggregate vol4 resides in. Check size and available space in the containing aggregate named aggr07 Set the size of flexvol vol4 to 150GB Note: size includes snapshot reserve space Add or remove 30GB from flexvol vol4
Note: See chapter 5 of this guide for procedures to auto-manage volume growth. 1.1.5.3 Prioritize volume I/O with FlexShare FlexShare is built into ONTAP for prioritizing system resources for volumes. If you assign a priority to one volume, you should assign a priority to all volumes. Any volumes without a priority are assigned to the default queue where they share the same resources. This may degrade their performance. Step 1 Command/Action FAS1> priority on FAS2> priority on FAS> priority set volume dbvol level=VeryHigh system=30 Description Enables FlexShare. Both nodes of an HA cluster must enable FlexShare even if only one uses it dbvol is given the highest priority and system operations (e.g, SnapMirror) are selected over user operations 30% of the time Instruct ONTAP to retain data in the buffer cache from dbvol as long as possible Instruct ONTAP to quickly flush data in the buffer cache from db_logs Display the priority assigned to user_vol03 Temporarily disable priority on testvol1 and places it into the default queu Removes all priority settings on testvol1 and places it into the default queue
FAS> priority set volume dbvol cache=keep FAS> priority set volume db_logs cache=reuse FAS> priority show volume user_vol03 FAS> priority set volume testvol1 service=off FAS> priority delete volume testvol1
4 5 6 7
Page 13 NetApp
1.1.5.4 Key Volume command Options Since new volumes inherit many of their settings from the root volume, plan accordingly by setting the options on the root volume most likely to be used on the system. The Data ONTAP System Administration Guide contains a chapter dedicated to the root volume. Volume option convert_ucode create_ucode Default off off Description Turns UNICODE character set on/off. Should be on for SnapMirror and SnapVault volumes Force UNICODE character use on/off when files are created. Turn on for SnapMirror and SnapVault volumes Volume setting preallocates disk space for entire volume. File only allocates space for space reserved files and LUNs in the volume. None means no disk space is guaranteed When on, turns speculative file read-ahead OFF and may reduce performance. When on, prevents update of access time in inode when a file is read, possibly increasing performance. Use with caution. When on, disables automatic snapshots of the volume When on, disables the .snapshot directory for NFS Designates the volume as the root volume.
guarantee
volume
minra
off
no_atime_update nosnap nosnapdir root
off off off N/A
1.1.6 SnapLock volumes

SnapLock volumes are special volumes (WORM) which turn the files inside to read-only and cannot be edited or deleted until a user defined retention period has expired. Not all versions of Data ONTAP support SnapLock volumes. Read the SnapLock documentation before creating or altering SnapLock volumes. TR-3618 Understanding SnapLock Compliance Clock TR-3738 SnapLock Record Retention Date Implementation Strategy TR-3501 Configuring SnapLock with Symantec Enterprise Vault TR-3752 Hardware Upgrade of WORM Data KB 3011760: SnapLock FAQ (Internal only) Step 1 2 3 Command/Action FAS> aggr create aggr_name -L <compliance | enterprise> -t raid_dp [other aggr create options] FAS> aggr status FAS> date Description NOTE: ALL volumes in this aggregate will be SnapLock volumes by default and inherit the aggregates SnapLock attributes. Verify creation and SnapLock settings of new aggregate Verify the date and time on the system is accurate
Page 14 NetApp
4 5 6 7
FAS> date -c initialize FAS> date -c FAS> vol create lock_vol01 lock_aggr01 100g FAS> vol options lock_vol01 snaplock_minimum_period 6m FAS> vol options lock_vol01 snaplock_maximum_period 10y FAS> vol options lock_vol01 snaplock_default_period 7y
8 9
Runs a wizard to initiate the ComplianceClock View the ComplianceClock time Create a 100GB FlexVol named lock_vol01 inside the lock_aggr01 aggregate Sets the minimum retention period that can be assigned to WORM files in lock_vol01 to 6 months Sets the maximum retention period that can be assigned to WORM files in lock_vol01 to 10 years Sets the default retention period for WORM files in lock_vol01 to 7 years
1.1.6.1 Associated Key OPTIONS Option snaplock.compliance.write_verify snaplock.autocommit_period none | {count|h|d|m|y} Default Off Description An immediate verification occurs after every write to provide an additional level of data integrity. NOTE: effects performance and may affect data throughput. Only valid with a Compliance license When set, files not changed during the delay period are turned into WORM files
none
1.1.7 Create Qtrees

Step 1 2 3 Command/Action FAS> qtree status flex1 FAS> qtree create /vol/flex1/qt_alpha FAS> qtree security /vol/flex1/qt_alpha [ ntfs | unix ] Description Display lists of qtrees in the volume flex1 Create a Qtree called "qt_alpha" on flexible volume flex1 Configure the security style for the Qtree to be NTFS or Unix
Page 15 NetApp
NAS Implementation
This section describes procedures to access data using NFS or CIFS. Data can also be accessed using HTTP or FTP protocols, but will not be covered in this guide. Refer to the Data ONTAP File Access and Protocols Management Guide for more information.
2.1 NFS exports

Step 1. On FAS controller: Create new NFS export: Step 1 2 3 Command/Action FAS> license add <code> FAS> qtree security /vol/flex2 unix FAS> exportfs -i -o rw,root=adminhost /vol/flex2 Description Install license for NFS protocol Configure qtree security settings on volume to be exported. Only a concern on systems also licensed for CIFS Immediately create export. Make export persistent by adding to /etc/exports file. Note: By default, all newly created volumes are added to /etc/exports - even on CIFS only systems Activate all entries in edited /etc/exports file Displays the export options. This can be faster than using rdfile on systems with a long /etc/exports file Unexport /vol/flex1/qtree1 but leave its entry in the /etc/exports file Unexport /vol/flex1/qtree3 and disable the entry in /etc/exports
FAS> exportfs -p /vol/flex1
OR
Edit /etc/exports with a text editor FAS> exportfs -a FAS> exportfs -q /vol/flex1/qtree1
6 7
FAS> exportfs -u /vol/flex1/qtree1 FAS> exportfs -z /vol/flex1/qtree3
Note: The implementation of NFS in Data ONTAP performs reverse DNS lookups for all hosts trying to access NFS exports. Hosts without a reverse address in DNS will be denied access. Step 2. On UNIX/Linux Server: Create new mount point and mount export: Step 1 2 3 4 5 6 Command/Action # showmount -e FAS2 # mkdir /mnt/FAS2/unix_vol # mount FAS2:/vol/flex2 /mnt/NA-2/unix_vol # cd /mnt/FAS2/unix_vol # ls -al Add mount command and options to /etc/vfstab (Solaris) or /etc/fstab (HP-UX, Linux) Description Verify available mounts on FAS2 Create a mount point Mount the Unix export from FAS2. Change to new mount point Verify mount was successful Make mount persistent
Page 16 NetApp
Note: If you change the name of the exported volume or qtree you must update the /etc/fstab or /etc/vfstab file on the host. Data Ontap will automatically modify the /etc/exports entry.
2.1.1 Support NFSv4 clients

There are numerous limitations in Data ONTAPs support for NFSv4 so refer to the documentation before implementing NFSv4. Step 1 2 3 4 5 6 7 8 9 Command/Action FAS> options nfs.v4.enable on FAS> options nfs.v4.acl.enable on Set ACLs on a NFSv4 client using the setfacl command View ACLs on a file or directory on a NFSv4 client using the getfacl command FAS> options nfs.v4.read_delegation on FAS> options nfs.v4.write_delegation on FAS> options nfs.per_client_stats.enable on FAS> nfsstat -h FAS> options locking.grace_lease_seconds 70 Turn on read open delegations Turn on write open delegations Turn on client stats collection Show per-clients stats information for all clients Change the file lock grace period from the default of 45 seconds to 70 seconds Description Turn on NFSv4 support Enable NFSv4 Access Control Lists (ACL) Note: Files and sub-directories inherit the ACLs set on the parent directory
2.1.2 Associated Key NFS OPTIONS

Option [7.3] interface.nfs.blocked Default Null Description A comma-separated list of network ports for which NFS is blocked Controls whether access is granted in the event of a name service outage. A security setting that continues to allow client access, but may give clients more access than desired. Determines whether /etc/exports is automatically updated when volumes are created or destroyed NOTE: Works even when NFS is not licensed Transmit NFS requests over TCP rather than UDP Maximum packet transfer size for UDP requests Restrict NFS access to specific hosts or networks
nfs.export. allow_provisional_access
On
nfs.export.auto-update nfs.tcp.enable nfs.udp.xfersize nfs.access
On Off 32768 N/A
Page 17 NetApp
2.2 CIFS shares

Step 1. On storage controller: Create new CIFS share: Step 1 2 3 Command/Action FAS> license add <code> FAS> cifs setup FAS> cifs sessions Description Install license for CIFS protocol Run the CIFS setup wizard Verify CIFS has connected to CIFS domain or workgroup Compare with the Active Directory servers. Configure time synchronization using the steps in section 4.2.1 Configure qtree security settings. Only necessary on systems with NFS licensed Create a CIFS share called "cifs_share" Set access rights to provide the user or group named SysAdmins with full control rights to the share Removes access by the user or group named Cust_svc to the share Enables Access Based Enumeration (ABE) on the share for added security CIFS share security settings on the FAS apply broadly to the entire share. Specific settings should be managed in Windows.
FAS> date
5 6
FAS> qtree security /vol/flex_cifs ntfs FAS> cifs shares -add cifs_share /vol/flex_cifs comment 'New CIFS Share' FAS> cifs access cifs_share SysAdmins Full Control FAS> cifs access -delete cifs_share Cust_svc FAS> cifs shares -change Cust_svc accessbasedenum
8 9
Apply folder and file security using Windows administration server (e.g, AD or Domain server)
Step 2. On Windows Server: Step Command/Action * Log into Windows 2000 domain controller as Administrator * Start -> Programs -> Administrative Tools -> Active Directory Users and Computers. Click on "Action", select "New" then "User" * Create a new user to access the FAS. * Open Computer Management: Start -> Programs -> Administrative Tools -> Computer Management * Click on Action and select "Connect to another computer". Enter the name of the storage appliance * System Tools -> Shared Folders -> Shares Description
Create a new user in the Domain if applicable
View the available shares on the storage appliance
Page 18 NetApp
* At the Windows desktop, right click on My Network Places, select Map Network Drive * \\fbfiler2\cifs_share
Map the storage appliance's cifs_share folder to the server
Note: If you change the name of the shared volume or qtree the share will still be accessible because CIFS tracks an unique SSID rather than the pathname.
2.2.1 Associated Key CIFS Shares OPTIONS

Option cifs.audit.enable Default Off Description CIFS audit events may be generated during file access and/or during logon and logoff. Requires additional options be set in order to function Determines how ONTAP detects and terminates CIFS sessions that did not close when a client rebooted When turned off, prevents users from seeing directories they do not have permission to access When on, enables support for Active Directory Group Policy Objects Specifies how the name portion of the path to a user's home directory is determined Time in seconds before an idle session (no files open) is terminated Specifies the mode for Snapshot access from a Microsoft Shadow Copy client Deprecated in favor of /etc/cifs_nbalias.cfg When on, ACLs will not affect root access from NFS Allows clients to use opportunistic locks to cache data for better performance When turned On, gathers statistics on a per-client basis. Can cause significant performance degradation Affects how Windows clients access files with Unix security permissions When on, preserves Unix security permissions on files modified in Windows. Only works on Unix and mixedmode qtrees. Makes Unix qtrees appear to be NTFS When off, forces filenames to lower-case Specifies a list of domains that trust each other to search for a mapped account When off, all filenames with a period (.) as first character will be hidden When on, makes the ~snapshot directory visible
Page 19 NetApp
cifs.client.dup-detection cifs.enable_share_browsing cifs.gpo.enable cifs.home_dir_namestyle cifs.idle_timeout cifs.ms_snapshot_mode cifs.netbios_aliases cifs.nfs_root_ignore_ACL cifs.oplocks.enable cifs.per_client_stats.enable cifs.perm_check_use_gid
Name On Off Null 1800 XP Null Off On Off On
cifs.preserve_unix_security cifs.save_case cifs.search_domains cifs.show_dotfiles cifs.show_snapshot

off On Null On Off
cifs.signing.enable cifs.smb2.enable cifs.smb2.client.enable
Off Off Off
A security feature provided by CIFS to prevent manin-the middle attacks. Performance penalty when on. Enables support for the SMB 2.0 protocol Enables support for the FAS controller to communicate to Windows servers using SMB 2.0 When on, preserves disk space by sharing data blocks with active files and snapshots (unique to MS Office files). Small performance penalty when on A comma-seperated list of network interfaces for which CIFS is blocked
cifs.snapshot_file_folding.enable
Off
[7.3] interface.cifs.blocked
Null
2.3 Using Quotas

This section describes the commands uses to manage qtree and volume quotas. Step 1 2 3 4 5 Command/Action FAS> wrfile -a /etc/quotas <text> FAS> quota on /vol/vol2 FAS> quota off /vol/vol_db1 FAS> quota resize FAS> quota off /vol/user_vol FAS> quota on /vol/user_vol FAS> quota report Description Create/append to quota configuration file (See chapter 13 for sample /etc/quotas) Enables quotas if /etc/quotas exists or implement changes in /etc/quotas for vol2 Disables quotas applied to /vol/vol_db1 Implements updates made to /etc/quotas Reinitialize quotas after modifying a qtree or adding a new entry to /etc/quotas prints the current file and space consumption for each user or group with a quota and for each qtree.
2.3.1 Guidelines for using quotas

a. Update the /etc/quotas file after renaming a qtree b. Reinitialize quotas after changing the qtree security style. This process may take some time and quotas are not enforced until the process has completed. c. When using quotas with MultiStore, the quotas for a volume are deactivated when the volume moves to another vfiler. Quotas are linked to a vfiler and not to a volume.
d. The syntax of a quota entry in the quotas file is quota_target type[@/vol/dir/qtree_path] disk [files] [threshold] [soft_disk] [soft_files]. Fields are separated by space characters or tabs.
Refer to the example /etc/quotas file in chapter 11
Page 20 NetApp
SAN Implementation
This section provides a summary of the procedures to enable access to a LUN on the storage appliance using either the Fibre Channel Protocol or iSCSI protocol. It is highly recommended to use SnapDrive rather than the CLI, Filerview, or OnCommand System Manager. Refer to the Data ONTAP Block Access Management Guide for iSCSI and FC for more information.
3.1 Fiber Channel SAN

The following section describes how to access a LUN using the Fibre Channel Protocol.
3.1.1 Enable the Fibre Channel Protocol

Step 1. Enabling the Fibre Channel Protocol on a Storage Appliance Step 1 2 3 Command/Action FAS> license add <license_key> FAS> fcp start FAS> sysconfig -v Description Add FCP License Start the FCP service Locate Fibre Channel Target Host Adapter. Note FC Nodename and FC Portname for each. Display the Fibre Channel interface mode (partner, single_image, standby, mixed)
FAS> fcp show cfmode
Step 2. Enabling the Fibre Channel Protocol on a Solaris Server Step 1 2 3 Command/Action # /driver_directory/install # reboot -- -r # /opt/NTAP/SANToolkit/bin/sanlun fcp show adapter -v # /usr/sbin/lpfc/lputil Description Install the Fibre Channel Card driver application Restart the Solaris server to enable the new hardware device Show full details of the Fibre Channel card on the server Light Pulse Common Utility to get information regarding Emulux host adapters.
Step 3. Enabling the Fibre Channel Protocol on a Windows Server Step 1 Command/Action Locate the host adapter driver and install on the Windows server Description Install the Host Adapter driver
Page 21 NetApp
2 3
Start -> Shutdown -> Restart C:\WINNT\system32\lputilnt.exe
Restart the Windows Server Run Light Pulse Common Utility to gather information regarding the host adapter
3.1.2 Configure FCP ports

Changes the settings of onboard adapter ports to serve as target or initiators. NOTE: in most cases, expansion cards can not be disabled or configured Step 1 2 3 4 5 Command/Action FAS> fcadmin config FAS> storage disable adapter 0c OR FAS> fcadmin config -d 0c FAS> fcadmin config -t [ target ] initiator ] 0c FAS> reboot FAS> storage enable adapter 0c Description lists all available FC ports and their current settings disables adapter port 0c so it can be reconfigured. Changes the port to be a target or an initiator. The system must be rebooted for the changes to take effect Turn the port back on
3.1.3 Create WWPN aliases [7.3]

Data ONTAP 7.3 introduces user created 32-character long aliases for World Wide Port Names which can be referenced by the fcp and igroup commands. Command/Action FAS> fcp wwpn-alias set <alias> <wwpn> FAS> fcp wwpn-alias remove { -a <alias> | -w <wwwpn> } FAS> fcp wwpn-alias show Description Assign an alias to a WWPN Remove a given alias or all aliases from a specific WWPN Displays all WWPN aliases
3.1.4 Change cfmode of an active-active cluster

Changing the cfmode requires downtime and can seriously impact access to LUNs, multipathing, zoning, and switch configuration and cabling. Use with caution. Step 1 2 3 4 5 6 Command/Action FAS> fcp show cfmode FAS> lun config_check -S FAS> priv set advanced FAS*> fcp stop FAS> fcp set cfmode { single_image | partner | dual_fabric | standby | mixed } FAS*> fcp start Description Displays current cfmode of cluster node Identify and resolve LUN and igroup mapping conflicts Switch to advanced mode Turn off the FCP service Changes the cfmode. Return to step 2 to resolve any listed errors Turn the FCP service on
Page 22 NetApp
7 8 9
FAS*> fcp nodename FAS*> fcp config FAS*> priv set admin
Check the WWNNs of the cluster List WWPNs if switch rezoning is necessary Return to administrative mode
3.1.5 Create a LUN

Step Command/Action Create a LUN: * SnapDrive on client * lun setup * FilerView -> LUNs -> Wizard Enter LUN details during setup process: * LUN Path: /vol/flex1/QTUser/UserLun * LUN Size: 2g * Space-reserved: Yes * Protocol: Solaris * Description: User LUNa * iGroup Name: UserIG * iGroup Type: FCP * OS: Solaris * Add Initiator to iGroup: WWNN of Solaris host adapter * Add LUN ID for iGroup Initiator FAS> fcp show adapters FAS> fcp show initiators Description Create a LUN on the storage appliance via a CLI script or through FilerView. NOTE: ALWAYS use SnapDrive to create and manage LUNs on clients with SnapDrive installed Enter the appropriate details for the LUN
Note:
3.1.6 Access LUNs on a Solaris Host

Step 1 Command/Action # cd /opt/NTAPsanlun/bin or /opt/NTAP/SANToolkit/bin Description Change to the directory of the NetApp HBA Attach Kit Run the Perl script to locate the ports available on the FAS. Note: Do not reboot the server at the completion of the script. View the file to verify the bindings created.
# ./create_binding.pl -l root -n <FAS_ip>
# cat /kernel/drv/lpfc.conf | more
Page 23 NetApp
# /usr/sbin/lpfc/lputil - Select "5. Persistent Bindings" - Select "1. Display Current Bindings" # vi /kernel/drv/sd.conf Entry e.g: name="sd" parent="lpfc" target="0" lun=1; # reboot -- -r
View the persistent bindings
5 6
Update the sd.conf file with newly bound LUN target and LUN ID values.
Reboot the Solaris server. Verify the new LUN can be viewed from the Solaris server. Locate and record the controller, target, disk and slice information of the LUN. If the devices are not located, re-scan for devices. Check again for the LUN. If required, reboot the Solaris server. Run the Solaris format command to create Solaris file system on the new LUN.
# sanlun lun show
8 9
# devfsadm # sanlun lun show # reboot -- -r # format * Select the appropriate disk * Disk not labeled. Label it now? Y * format> partition * partition> modify * "1. All Free Hog" * Create the new partition? <CR> * Free Hog partition [6]? <CR> * Enter size of partition '0': 1c (1 Cylinder) * Enter size of partition '1': <CR> * Enter size of partition '7': <CR> * Okay to make this the current partition table [yes]? <CR> * Enter table name: "multiprotocol" * Ready to label disk, continue? Y * partition> print * partition> quit * format> quit # sanlun lun show
10
11
Display a list of available LUNs. Locate and record the controller, target, disk and slice information of the LUN. Construct a new file system on the new LUN. Create a mount directory for the LUN Mount the new LUN
Page 24 NetApp
12 13 14
# newfs /dev/rdsk/c1t1d0s6 # mkdir /mnt/slu2-luna # mount /dev/dsk/c1t1d0s6 /mnt/slu2-luna
15
# cd /mnt/slu2-luna
Change to the mount point and verify
3.1.7 Multipathing Software for Solaris

If the Solaris client uses volume management software like VERITAS then the LUN must be placed under the control of VERITAS Volume Manager Step 1 2 3 4 5 6 7 # format # vxdctl enable # /etc/vx/bin/bxdisksteup -I c0t1d3 # vxdg init diskgroup diskname=c0t1d3 # vxassist -g diskgroup make volname size # newfs /dev/vx/rdsk/diskgroup/volname # mount -F ufs /dev/vx/dsk/diskgroup/volname /mountpoint Command/Action Description Label the LUN. NOTE: Will destroy any data on the LUN enable all LUN paths for VERITAS Initialize the LUN at device address c0t1d3 Add the LUN to an existing disk group Create a volume Create a filesystem on the new volume Mount the new volume
3.1.8 Access LUNs on a Windows Host

Option 1: Use Computer Management to search for a pre-defined LUN. Step 1 2 3 Command/Action Open Computer Management: Start -> Programs -> Administrative Tools -> Computer Management Storage -> Disk Management Right click on Disk Management and select "Rescan Disks" Right click on the new disk and select Create Partition and format the new disk Description Use the Computer Management console to view available LUNs View current local disks Rescan for any new disks. The FAS's LUN should appear automatically in the list of available drives. Create a partition and format it.
Option 2: Use SnapDrive to create and attach to an FCP LUN. Step 1 Command/Action Open Computer Management: Start -> Programs -> Administrative Tools -> Computer Management Storage -> SnapDrive -> Disks Description Use the Computer Management console View the available disks via the SnapDrive manager
Page 25 NetApp
3 4
Right click on Disk and select "Create disk" Via the SnapDrive wizard, enter the details of the new LUN
Create a new LUN via SnapDrive Enter the details of the new LUN
3.1.9 Obtain HBA information

Step 1 Command/Action FAS> fcp nodename FAS> fcp show initiator 2
Portname 10:00:00:00:c9:39:4d:82 50:06:0b:00:00:11:35:62 Group sunhost_1 hphost
Description Display the WWNN of a target HBA display the port name and igroup name of initiator HBAs connected to target HBAs. Display the node name, port name, and link state of all target HBAs
FAS> fcp show adapter FAS> fcp show initiator
3.1.10 Resolving FCP Partner Path Misconfigured messages

One of the most common errors with FCP configurations is the use of a non-optimal path to LUN, generally going through the partner controller rather than the hosting controller. KB article 3010111 contains detailed information on resolving this issue. https://kb.netapp.com/support/index?page=content&id=3010111
3.2 iSCSI SAN

This section describes how to access a LUN on a storage appliance using the iSCSI Protocol.
3.2.1 Enable the iSCSI Protocol

Step 1 2 3 4 5 6 Command/Action FAS> license add <license_key> FAS> iscsi start FAS> ifconfig -a FAS> iscsi interface show FAS> iscsi initiator show [7.3] FAS> options iscsi.max_connections per session 24 Description Add iSCSI License Start the iSCSI service Determine the IP address that the appliance will be using for iSCSI Display iSCSI network interface information for the appliance Display iSCSI initiator information for the appliance Change maximum connections allowed per session from default of 32.
Page 26 NetApp
3.2.2 Install iSCSI Initiator and SnapDrive for Windows

This section provides instructions to install and use the SnapDrive snap-in for Microsoft Windows. Step 1 2 Command/Action Download the "Microsoft iSCSI Initiator" driver and install on the Windows server Install the "NetApp SnapDrive for Microsoft Windows" application on the Windows server Start -> Programs -> Administrative Tools -> Computer Management Computer Management (Local) -> Storage -> SnapDrive Description http://www.microsoft.com/downloads http://now.netapp.com/NOW/cgibin/software?product=SnapDrive&platfor m=Windows Load Computer Management Access SnapDrive
3 4
3.2.3 Connect Windows to a LUN with iSCSI

Step 1 Command/Action Start the "Microsoft iSCSI Initiator" application via the desktop shortcut. Target Portals panel: Click Add and enter: * Storage Appliance IP Address * Socket (3260) * Adapter (default) * Port (default) Available Targets panel: Storage Appliance target adapter should be listed. Click "Log On" to connect to the Storage Appliance Persistent Target panel: Storage Appliance target adapter should now be visible in the persistent targets list. Active Targets panel: Storage Appliance target adapter should now be visible in the persistent targets list and "Connected" to. FAS> iscsi show initiator Description MS iSCSI Initiator provides local server Initiator details and enables connections to remote Target adapters.
Configure Storage Appliance IP address and port details.
Connect to the Storage Appliance
Storage Appliance should now be a persistent connection Storage Appliance should now be an Active connection Windows host server initiator should now be available from the Storage Appliance
3.2.4 Create an iSCSI LUN using SnapDrive for Windows

Once the Windows server is connected to the FAS via iSCSI, use SnapDrive to create a new LUN. Step 1 Command/Action FAS> qtree create /vol/vol1/LunQTree Description Create a Qtree for the new Windows LUN
Page 27 NetApp
FAS> cifs shares -add LunQTree /vol/vol1/LunQTree Using SnapDrive, right click on "Disks" and select "Create Disk". Enter the following details: * Virtual Disk UNC Path: /vol/vol1/LunQTree * Virtual Disk (LUN) Name: Xluna * Virtual Disk Type: Dedicated * Disk Space to Accommodate Snapshot (Space-reserved): Yes * Lun Size: 2g * Driver Letter: <any> * Select initiator for Windows Host FAS> lun show -m Use Windows Explorer to verify the disk is available. If not, log off and then back on to the server again.
Create a CIFS share for the qtree
Create a LUN using SnapDrive
Verify the LUN wa created on the Storage Appliance Verify the drive is ready for use. Note: SnapDrive auto-formats the drive, no further management should be required.
3.3 Resize a LUN

Step 1 2 3 4 Command/Action FAS> df -k /vol/data FAS> lun offline /vol/data/qtree1/lun2 FAS> lun resize /vol/data/qtree1/lun2 15g On the host, rescan or rediscover the LUN Description Check free space available in the volume containing the LUN Offline the LUN named lun2 Changes the size of the LUN to 15 GB
3.4 Clone a LUN

LUN clones are only intended to be used for a short time because they lock SnapShots which prevents them from being deleted. Additionally, when splitting a LUN clone from its parent volume, the LUN consumes extra disk space. Step 1 2 Command/Action FAS> lun show -v FAS> snap create vol1 mysnap FAS> lun clone create /vol/vol1/LunQTree/Xluna.clone -b /vol/vol1/LunQTree/Xluna mysnap Description Display list of current LUNs Take a snapshot of the volume containing the LUN to be cloned Clone the existing LUN, entering the destination LUN name, source LUN name and most recent snapshot
Page 28 NetApp
4 5 6 7
FAS> lun clone split start /vol/vol1/LunQTree/Xluna.clone FAS> lun create status /vol/vol1/LunQTree/Xluna.clone FAS> snap delete vol1 mysnap Mount new LUN to host using commands in sections 3.1.6, 3.2.3, or 3.2.4 FAS> lun clone split start /vol/vol1/LunQtree/Xluna.clone FAS> lun clone split status parent_lun_path
Split the clone from the source Snapshot to make it permanent Verify LUN cloning progress Delete source snapshot Connect the LUN to client systems Optional: Split the LUN from the backing Snapshot to delete the Snapshot. Check status of the splitting operation.
3.5 [7.3] FlexClone a LUN

Using FlexClone to clone a LUN is ideal for creating long-term LUNs because they are independent of SnapShots (no splitting needed) and only consume space for changes (like a FlexClone volume.) Step 1 2 Command/Action FAS> license add <FlexClone code> FAS> clone start /vol/db_data/db_lun1 /vol/db_data/db_lun1_clone FAS> clone status <vol_name> FAS> clone clear <vol_name> <ID> Mount the new LUN to a host using commands in sections 3.1.6, 3.2.3, or 3.2.4 Create a clone of the LUN named db_lun1. You must create the clone inside the source volume. Reports status of running or failed clone operations Clears information about a failed clone operation Connect the LUN to client systems Description
3 4 3
3.6 Delete a LUN

Step 1 2 3 Command/Action FAS> lun show -m FAS> lun unmap /vol/vol1/lun1.lun FAS> lun destroy /vol/vol1/lun1.lun Description Show lun mapping information Unmap the LUN from any clients Delete the LUN file from vol1
Page 29 NetApp
3.7 Access a LUN with NFS/CIFS protocols

NOTE: By default the LUN will be read-only. The LUN must be unmapped from FCP/iSCSI targets and taken offline to be writeable. Step 1 Command/Action FAS> lun share /vol/data/lun2 [none|read|write|all] Description Makes the LUN named lun2 accessible by NFS or CIFS and assigns the designated permissions.
Page 30 NetApp
Networking and Appliance Access
4.1 Configure Network Interfaces

Network interfaces are generally configured during initial setup in the setup wizard. Changes made on the command line must be added to /etc/rc or will not persist across system reboots. Step 1 2 3 4 Command/Action FAS> ifconfig e3a netmask 255.255.252.0 192.168.17.58 FAS> ifconfig e3a partner 192.168.17.59 FAS> ifconfig e3a nfo FAS> ifconfig e3a mtusize 9000 Description Configure interface e3a with a netmask and IP address. Set the partner IP address for interface e3a to takeover during a cluster failover. Turn on Negotiated Failover monitor to initiate cluster failover if e3a fails. Enable jumbo frames on e3a by changing MTU size from 1500 to 9000.
4.2 Setting Time and Date

All network related services and protocols rely on accurate clock settings. Windows Active Directory requires synchronization of +/- 5 minutes to provide authentications services. Step 1 2 FAS> date FAS> date 200905031847 FAS> date 1753.26 3 4 FAS> timezone FAS> timezone America/Los_Angeles Command/Action Description Show current date and time Sets the date and time to 2009 May 3rd at 6:47 PM Set the clock to 5:53 PM and 26 seconds Show current time zone (/etc/zoneinfo holds available time zones)
4.2.1 Synchronize with a time server

Option timed.enable timed.servers timed.max_skew timed.proto Default Off Null 30m rtc Description Set to on to enable the timed daemon Add comma separated list of IP addresses or hostnames of NTP or rdate servers Set to 4m to ensure system never exceeds 5 minute synchronization requirements of Active Directory Set to ntp for most time servers
Page 31 NetApp
4.3 Creating VLANS

This section describes the process of spanning an interface across multiple networks or sub-domains with a VLAN. Refer to the Data ONTAP Network Management Guide for more information. NOTE: VLAN commands are NOT persistent across a reboot and must be added to the /etc/rc file to be permanently configured. See the example /etc/rc in chapter 11. Step 1 2 3 4 5 6 Command/Action FAS> ifconfig -a FAS> vlan create e4 10 20 30 FAS> vlan add e4 40 FAS> ifconfig e4-10 172.25.66.11 netmask 255.255.255.0 FAS> vlan delete e4 e4-40 FAS> vlan delete e4 Description show configuration of all network interfaces Create three VLAN identifiers on interface e4 Add fourth VLAN identifier to interface e4 Configure the VLAN interface e4-10 NOTE: Add to /etc/rc to make permanent Delete VLAN identifier e4-40 from interface e4 Delete all VLANs on interface e4
4.4 Managing Virtual Interfaces (VIF)

This section describes the process of trunking/bonding multiple network interfaces (link aggregation) into a virtual interface. NOTE: VIF commands are NOT persistent across a reboot and must be added to the /etc/rc file to be permanently configured. See the example /etc/rc in chapter 11.
4.4.1 Create a VIF

The commands in this section should be run from a console connection because they require downing network interfaces prior to aggregating them. Always verify VIF functionality by physically disconnecting network cables and observing how the VIF reacts. Step 1 2 Command/Action Ensure the network port switches are configured to support trunking FAS> ifconfig <interfaces> down FAS> vif create {single | multi} <vif_name> <interface_list> e.g.: 4 5 vif create multi MultiTrunk1 e0a e1a Description On a Cisco Catalyst switch use set port channel commands Down the network interfaces to trunk Create a VIF from the listed interfaces. single - only one interface active multi all interfaces are active Assign an IP address to the VIF Verify VIF is functioning
FAS> ifconfig MultiTrunk 172.25.66.10 FAS> vif status
Page 32 NetApp
6 7 8
FAS> vif favor e1a FAS> vif nofavor e1a FAS> vif stat <vif_name> <interval>
Set the interface e1 to be the primary/active VIF interface e1 became active when e0 failed. Now e0 is repaired and should be the primary. Display usage statistics of a VIF
4.4.2 Delete a VIF interface or VIF

Note: Remove or edit the VIF creation entries in /etc/rc to make these changes persistent Step 1 2 3 Command/Action FAS> ifconfig Trunk1 down FAS> vif delete Trunk1 e4 FAS> vif destroy Trunk1 Description Down the VIF named Trunk1 remove interface e4 from the VIF Trunk1 Delete the entire VIF
4.5 IP version 6 [7.3.1]

4.5.1 Associated Key OPTIONS
Option ip.v6.enable ip.v6.ra_enable cifs.ipv6.enable nfs.ipv6.enable Default Off off Off Off Description Turn on to enable support for IPv6 Turn on to enable router-advertised address autoconfiguration. Turn on to pass CIFS traffic over IPv6 Turn on to pass NFS traffic over IPv6
4.6 Baseboard Management Controller (BMC)

The FAS2000 series has a Baseboard Management Controller for remote management. Refer to the Data ONTAP System Administration Guide and KB 3101254 for more information
4.6.1 Configure the BMC

Step 1 2 3 4 5 Command/Action Obtain an IP address for the BMC and the gateway IP address. FAS> bmc setup FAS> bmc status FAS> bmc test autosupport FAS> bmc reboot Run the setup wizard Verify functionality Send a test ASUP to verify network settings Reboot the BMC and perform a self-test
Page 33 NetApp
Description
4.6.2 Using the BMC

Step 1 OR 2 3 4 5 6 7 Command/Action SSH to the BMC IP address and log in as user naroot Press Ctrl+G while in a console session bmc shell -> sensors show bmc shell -> events [ all | info | latest {N} ] bmc shell -> system console bmc shell -> system core bmc shell -> system reset {primary | backup | current} bmc shell -> system power { on | off | cycle } Get current values of system sensors Displays storage system events logged by the BMC Access the system console CLI Dump system core and reset the appliance Reset the system using the specified firmware image Turn power on, off, or off and back on (performs a dirty shutdown) Description The naroot user is a restricted account proving enhanced security
4.6.3 Upgrade the BMC

Step 1 2 3 Command/Action Description Download the Data ONTAP software from the NOW website and place in the /etc/software folder on the root volume FAS> version -b FAS1> software update 7311_setup_e.exe -d -r FAS1> priv set advanced FAS1> download -d FAS1> priv set For standalone systems: FAS1> halt For clustered systems: FAS2> cf takeover 6 LOADER> update_bmc LOADER> bye 7 For clustered systems: LOADER> bye FAS2> cf giveback FAS1> bmc status FAS1> version -b Display current firmware version info Extract the systems files but do not run the download or reboot commands Copy the system firmware executable image to the CompactFlash card. Halt the system to get the system prompt Takeover system from partner and press CTRL+C on FAS1 to get system prompt Install the new firmware Reset the hardware and boot the system into Data ONTAP Reset the system then perform a giveback to boot FAS1 into Data ONTAP. Repeat steps 2 7 on FAS2 Check status of BMC Verify new firmware has been installed
Page 34 NetApp
8 9
4.7 Remote LAN Module (RLM)

The RLM is a management interface on the FAS3000, FAS3100 and FAS6000 series. The RLM is better than a console connection because it remains available when the storage controller has crashed or is powered off. RLM firmware version 3.0 and newer includes the Remote Support Agent (RSA) which provides more information to Technical Support which can reduce case resolution times. Refer to the Data ONTAP System Administration Guide and KB 3011169 for more information.
4.7.1 Configure the RLM

Step 1 2 3 4 5 Command/Action Description
Obtain an IP address for the RLM, the gateway IP address, the mail server hostname and IP address. FAS> rlm setup FAS> rlm status FAS> rlm test autosupport FAS> rlm reboot Run the setup wizard Verify proper functioning Send a test ASUP to verify network settings Reset RLM and force self-test
4.7.2 Configure the Remote Support Agent (RSA)

Step 1 Command/Action In a web browser, go to: https://remotesupportagent.netapp.com:443/ For HTTP: FAS> options httpd.admin.enable on FAS> options httpd.autoindex.enable on 2 For HTTPS: FAS> options httpd.admin.ssl.enable on FAS> options httpd.autoindex.enable on 3 4 5 6 7 FAS> useradmin user add <username> -g Administrators % ssh naroot@<RLM IP address> RLM fas1> rsa setup RLM fas1> rsa show RLM fas1> rsa status Create an account for RSA to use Use SSH to connect to the RLM Configure the RSA feature View the configuration information Show the status of the RSA feature Description Verify Internet connectivity through the firewall to NetApp
Setup communication between RSA and NetApp.
Page 35 NetApp
4.7.3 Use the RLM

Use RLM to perform remote management of a problematic or down storage appliance. Step 1 2 3 4 5 6 Command/Action SSH to the RLM network port and log in as user naroot RLM FAS> rlm sensors -c RLM FAS> system console RLM FAS> system core RLM FAS> system reset {primary | backup | current} RLM FAS> system power { on | off | cycle } Description The RLM port is active as long as the system is plugged into a power outlet Get current values of environmental sensors Access the system console CLI Dump system core and reset the appliance Reset the system using the specified firmware image Turn power on, off, or off and back on (performs a dirty shutdown)
4.7.4 Upgrade RLM firmware

Step 1 2 3 4 Command/Action Description Download RLM_FW.zip from the NOW website and place in the /etc/software folder on the root volume FAS> software install RLM_FW.zip FAS> rlm update FAS> rlm status Extract the new firmware Install the new firmware and reboot the RLM when complete ( ~10 minutes) Verify new firmware has been installed
4.8 Service Processor (SP)

4.8.1 Configure the SP
The Service Processor allows you to access, monitor, and troubleshoot a storage system remotely. It is currently available on the FAS22xx, 32xx, and FAS62xx systems. It can also provide hardware-assisted takeover to reduce the time for a failure to trigger a cf failover. Refer to the Data ONTAP System Administration Guide and KB 3012997 for more information. Step 1 2 3 Command/Action Description
Obtain an IP address for the SP, the gateway IP address, the mail server hostname and IP address. FAS> sp setup FAS> sp status Run the setup wizard Verify proper functioning
Page 36 NetApp
4 5
FAS> rlm test autosupport FAS> sp reboot
Send a test ASUP to verify network settings Reset SP and force self-test
4.8.2 Use the SP

Step Command/Action SSH to the SP network port and log in as user naroot In a console session, press CTRL+G to enter the Service Processor. CTRL+D and Enter to exit SP fas1> events {all|info|newest number| oldest number|search keyword} SP fas1> system console SP fas1> system core SP fas1> system reset {primary | backup | current} SP fas1> system power { on | off | cycle } Display storage system events that are logged by the SP Access the system console CLI Dump system core and reset the storage system Reset the system using the specified firmware image Turn power on, off, or off and back on (performs a dirty shutdown) Description The SP port is active as long as the system is plugged into a power outlet
2 3 4 5 6
4.8.3 Upgrade SP firmware

Step 1 2 3 4 Command/Action Description Download the firmware from the NetApp Support website (select the image for installation from Data ONTAP prompt) and place it in the /etc/software folder on the root volume. Rename the file to SP_FW.zip FAS> software install SP_FW.zip FAS> sp update FAS> sp status Extract the new firmware Install the new firmware and reboot the SP when complete ( ~10 minutes) Verify new firmware has been installed
4.9 Create Local User Accounts

Step 1 2 3 4 Command/Action FAS> useradmin user list FAS> useradmin user add sc200 -g Administrators FAS> useradmin user delete ndmp FAS> passwd Description Display list of current user accounts Create a new user account named sc200 Remove the user account named ndmp Change a local user account password
Page 37 NetApp
4.10 Key Network and FAS Security OPTIONS

Refer to TR-3649 Best Practices for Secure Configuration Data ONTAP 7G for more options. Option ip.match_any_ifaddr Default on Description A FAS accepts any packet addressed to it even if it came in on the wrong interface. Turn off for enhanced security against spoof attacks. Turn on/off Internet Security Protocol support. Affects performance Specifies the maximum number of ICMP echo or ping packets system will accept per second. Any further packets within one second are dropped to prevent ping flood denial of service attacks Enable/Disable the Telnet service When on, telnet and console sessions share the same user environment and can view each others inputs/outputs Specifies up to 5 clients that will be allowed telnet, rsh and administrative FilerView access
ip.ipsec.enable
off
ip.ping_throtle.drop_level
150
telnet.enable telnet.distinct.enable
on on
trusted.hosts
N/A
Page 38 NetApp
Space Management
5.1 Managing Volume Free Space

Refer to the Data ONTAP System Management Guide for more information.
5.1.1 Volume Space Management Settings

Step 1 Command/Action FAS> vol options vm_luns guarantee volume Description Volume space guarantee is the default and ensures blocks are preallocated for the entire volume. FlexVols containing space-reserved LUNs and use the volume guarantee can set the fractional reserve to less than 100%. File guarantee only preallocates blocks for space-reserved files (i.e., LUN and database files). May lead to out-of-space errors in the containing aggregate. Turn on space-reservation for the LUN None allocates blocks as data is written and may lead to out-of-space errors. This is also known as Thin Provisioning. Refer to TR-3563 for more information:
AND
FAS> vol options vm_luns fractional_reserve 65
FAS> vol options oradb_vol guarantee file
AND
FAS> file reservation /vol/db02/lun1.lun enable
FAS> vol options log_vol guarantee none
Warning: When you take a FlexVol volume offline, it releases its allocation of free space in its containing aggregate. Other volumes can then use this space. On a nearly full aggregate, this may prevent the volume from coming back online since the aggregate can no longer honor the space guarantee.
5.1.2 FPolicy
FPolicy performs file screening which is like a firewall for files. FPolicy works with CIFS and NFS to restrict user-defined file types from being stored on the system. FPolicy can perform basic file blocking natively or work with third-party file screening software. Refer to the Data ONTAP File Access and Protocols Management Guide for more information. Note: Antivirus scans bypass FPolicy and can open and scan files that have been blocked. Note: FPolicy configuration information is maintained in the registry. Copying or recreating this information is extremely difficult. Therefore, it is highly recommended you keep updated documentation on the fpolicy settings applied to each volume. Step 1 2 Command/Action FAS> license add <CIFS code> FAS> license add <NFS code> FAS> options fpolicy.enable on Description FPolicy requires a CIFS license to operate, even in NFS environments Turn on the fpolicy engine
Page 39 NetApp
3 4 5
FAS> fpolicy create music_files screen FAS> fpolicy FAS> fpolicy extensions include add music_files mp3,ogg,mid
Create a policy named music_files and set it to a policy type of screen Display all policies and their status Adds files with these filename extensions to the policy, restricting them from being stored or modified Ignores .wav files during screening. Warning: Creating an exclude list causes all file types not excluded to be screened as if they were part of an include list Removes .mid files and the default ??? extension wildcard from the include list Show the list of file extensions on the include list Requires all files being accessed to be screened by the policy before access is granted. Note: If no third-party file screening server is available, screening reverts to native file blocking Instructs the policy to activate when files are created or renamed. This example will prevent files from being copied and then renamed to avoid file screening Activates the policy to begin file screening Apply music_files policy only to users_vol volume rather than all volumes Do not screen the rootvol volume. Warning: Creating an exclude list causes all volumes not excluded to be screened as if they were part of an include list Disable and delete the music_files policy
FAS> fpolicy extensions exclude add music_files wav FAS> fpolicy extensions include remove music_files mid,??? FAS> fpolicy extensions include show music_files
7 8
FAS> fpolicy options music_files required on
10
FAS> fpolicy monitor set music_files -p cifs,nfs create,rename FAS> fpolicy enable music_files FAS> fpolicy volume include add music_files users_vol FAS> fpolicy volume exclude add music_files rootvol FAS> fpolicy disable music_files FAS> fpolicy destroy music_files
11 12
13
14
5.1.3 Reallocate
Reallocation is like a filesystem defrag it optimizes the block layout of files, LUNs, and volumes to improve performance. You should define a reallocation scan when you first create the LUN, file, or volume. This ensures that the layout remains optimized as a result of regular reallocation scans. More info on reallocate and volume read_realloc is in the Data ONTAP System Administration Guide and TR-3929 Reallocate Best Practices Guide. NOTE: Snapshots created before the reallocate hold onto unoptimized blocks and consume space. In most cases, NetApp recommends deleting snapshots before initializing the reallocate process
Page 40 NetApp
Warning: Do not use reallocate or volume read_realloc on deduplicated volumes. Warning: Reallocate the SnapMirror source volume rather than the destination. Step 1 Command/Action FAS> reallocate on Description Turn on the reallocation process on the storage controller. Set the space guarantee to volume to ensure reallocate does no t create an overcommitment issue in the aggregate Snapshots lock blocks in place so delete unneeded snapshots for better results Enable reallocation on the oradb03 volume. now reallocate will run on the volume every day at midnight (see step 3) Run reallocate, but do not change logical layout so snapshots may be preserved. Warning: This will degrade performance when reading old, unoptimized snapshots (e.g,. SnapRestores and using cloned LUNs and volumes). Reallocate free space in aggr03. This will not move data blocks Run reallocate on the LUN every Saturday at 11 PM. Display status of reallocation jobs for entire system or specified pathname. Delete a reallocate job.
FAS> vol options oradb03 guarantee=volume
FAS> snap list oradb3
FAS> reallocate start /vol/oradb03
FAS> reallocate start -p /vol/oradb03
FAS> reallocate start -A -o aggr03 5 6 7 FAS> reallocate schedule -s "0 23 * 6" /vol/db/lun1 FAS> reallocate status [ pathname ] FAS> reallocate stop /vol/exchdb/lun2.lun
The read_realloc volume option is not part of the reallocation command but uses many of the same system processes to perform a similar function to defragment files read sequentially. Note: Files in a volume are identified as defragmented only after they have been read into memory once and determined to be fragmented. Not all files will be reallocated and volumes with small files and mostly random reads may not see any benefit. Step 1 Command/Action FAS> vol options testvol read_realloc on Description Turn on file read reallocation . Use on volumes with few snapshots because it may duplicate blocks and consume space Turn on file read reallocation but save space by not reallocating files in snapshots. This will reduce read performance when reading files in a snapshot (during file restore or using FlexClone volumes)
FAS> vol options VM_vol05 read_realloc space_optimized
Page 41 NetApp
5.1.4 Managing inodes

Inodes determine how many files a volume can hold. The default inode points to a 32KB chunk of data blocks to handle a typical mix of large and small files. Volumes with many small files and volumes larger than 1TB can run out of inodes before they run out of free space. Warning: Inodes consume disk space and some system memory. They can only be increased so make small changes. Aggregates can reference up to 2 billion inodes. For high file count environments refer to TR-3537 High File Count Environment Best Practices. Step 1 Command/Action FAS> df -i users_vol Description Display inode usage in the users_vol volume. Display current maximum number of files as well as number of files present in the volume. Increase the number of inodes (increase by number divisible by 4).
FAS> maxfiles users_vol
FAS> maxfiles users_vol <number>
5.1.5 Automatic Space Preservation (vol_autogrow, snap autodelete)

Data ONTAP can automatically make free space available when a FlexVol volume reaches 98% full by growing the volume and/or deleting snapshots. One or both options can be configured on a volume. Note: These options are not recommended on volumes smaller than 100GB because the volume may fill up before the triggers execute. Step Command/Action FAS> vol options vol17 try_first volume_grow 1 FAS> vol options vol17 try_first snap_delete Description When vol17 fills up ONTAP will try to grow the volume before deleting snapshots. This is the default. ONTAP will try to delete snapshots before growing the volume. Turn space preservation on using default settings. The volume will grow to 120% of original size in increments of 5% of the original volume size. Check size of volume then set maximum volume size to 50GB and grow by 500MB increments View the autogrow maximum size and increment settings View the autogrow maximum size and increment settings View current settings then enable snapshot autodelete
Page 42 NetApp
FAS> vol autosize vol17 on 2 FAS> vol size apps_vol FAS> vol autosize apps_vol -m 50g -i 500m on FAS> vol autosize apps_vol 3 [7.3] FAS> vol status -v apps_vol 4 FAS> snap autodelete vol17 show FAS> snap autodelete vol17 on
FAS> snap autodelete vol17 commitment try | disrupt ]
The default, try only permits snapshots not locked by data protection utilities (mirroring, NDMPcopy) AND data backing functionalities (volume and LUN clones) to be deleted. disrupt only permits snapshots not locked by data backing functionalities (volume and LUN clones) to be deleted. The default, volume triggers snapshot delete when the volume reaches 98% full AND the snap reserve is full. snap_reserve triggers snapshot delete when the snap reserve reaches 98%. Stop deleting snapshots when either volume or snap_reserve (determined by the trigger setting) reaches 10%. Default setting is 20%.
FAS> snap autodelete vol17 trigger volume 6 FAS> snap autodelete vol17 trigger snap_reserve FAS> snap autodelete vol17 target_free_space 10 FAS> snap autodelete vol17 delete order newest_first | oldest_first ] [
The default is to delete oldest snapshots first. By default, user_created (manual or script created snapshots - including SnapDrive, SnapMirror, and SnapVault) are deleted last. If set to scheduled then snapshots created by snap sched are deleted last.
FAS> snap autodelete vol17 defer_delete scheduled | user_created ]
5.2 Deduplication
Deduplication is a form of compression that looks for identical data blocks in a volume and deletes duplicates blocks by adding reference counters in the metadata of a few master blocks . Read TR-3505 NetApp Deduplication for FAS and V-Series Deployment and Implementation Guide for more information. Note: NDMP copies and backups, SnapVault and Qtree SnapMirror decompress or rehydrate the data which will consume space on the destination tape or disk system. Warning: Each storage controller model has a volume size limit and limit on how much non-duplicate and deduplicated data those volumes can hold. Check the matrix in TR-3505 for your systems limits. Data ONTAP 7.2 requires 1 - 6% free volume space to hold the deduplication metadata. Data ONTAP 7.3.x moves most of the metadata into the aggregate and requires 2% volume free space and 4% aggregate free space (if you have set aggregate snap reserve below 4%, you will want to increase it). Step 1 2 Command/Action FAS> license add <code> FAS> sis on /vol/group_vol Description Add licenses for A_SIS and Nearstore to use deduplication. Enable duplication on specified volume.
Page 43 NetApp
3 4
FAS> sis start -s /vol/group_vol FAS> sis config /vol/group_vol
Start a scan of the volume and then run every day at midnight. Display the schedules of SIS enabled volumes. Schedule deduplication scan every Wednesday and Saturday at 3 AM. Note: Stagger schedules because an HA cluster can only support 8 concurrent deduplication operations. No schedule. Run deduplication scans run when new or changed blocks changed since last scan exceed 35% of total deduplicated blocks. Without a number, the default for auto is 20% Display status of all SIS enabled volumes. Display space savings created by deduplication Abort the currently active SIS operation. This option reduces the duplication of blocks from temp files (which are a copyon-save process) in CIFS volumes. File folding compares blocks in the active file (temp file) with blocks in snapshot copies of the file and re-uses common blocks. There is a small trade-off between performance and space utilization. If the folding process begins to consume memory, it is suspended until later.
FAS> sis config -s /vol/group_vol wed, sat@03 5 FAS> sis config -s auto@35 /vol/vol01
6 7 8
FAS> sis status FAS> df -s FAS> sis stop /vol/temp_vol
FAS> options cifs.snapshot_file_folding.enable on
5.2.1 Maximum volume deduplication limits [7.3]

Model max vol size WITHOUT dedupe (TB) 7.3 max deduped size (TB) 7.3 Deduped data size (TB) 7.3
FAS2020 FAS2040 FAS2050 3020 3040 3050 3070 3140 3160

16 16 16 16 16 16 16 16 16
1 3 2 2 4 3 16 4 16
17 19 18 18 20 19 32 20 32
Page 44
NetApp
3170 32x0 60x0 R200
16 16 16 16
16 16 16 4
32 32 32 20
5.2.2 Features not compatible with deduplication

synchronous SnapMirror read reallocation (realloc) - NDMP backup to tape - DataFort encryption
(not recommended) VM swap files, pagefiles, user and system temp directories
Page 45 NetApp
Data Replication, Migration and Recovery
This chapter introduces some of the data backup and recovery applications. Refer to the Data ONTAP Data Protection Online Backup and Recovery Guide for more information.
6.1 Network Data Management Protocol (NDMP) Copy

NDMP is an open standard allowing backup applications to control native backup and recovery function in NetApp and other NDMP servers. Refer to the Data ONTAP Data Protection Online Backup and Recovery Guide for more information.
6.1.1 Enable NDMP

Step 1 Command/Action FAS> ndmpd on OR FAS> options ndmpd.enable on FAS> options ndmpd.connectlog.enable on FAS> options ndmpd.access host=10.20.20.16 Description Enable NDMP on the system Enables logging all NDMP connections to /etc/messages for security purposes List the hosts that may access the FAS via NDMP Configure the authorisation method for NDMP access (Challenge and/or plaintext)
2 3
FAS> options ndmpd.authtype
Note: Debugging NDMP connection: "ndmpd debug 50"
6.1.2 ndmpcopy
Copy volumes, qtrees or single files between multiples systems or within a single system. Note: Even for internal copying, ndmpcopy requires an active network connection. Data is sent through the loopback adapter so use a fast network connection (i.e., a Gb/e switch rather than a 100Mb/e hub). Step 1 2 Command/Action FAS1> ndmpcopy fas1:/vol/data/my_stuff fas2:/vol/users/ FAS1> backup status Description Copies the qtree my_stuff on FAS1 to the volume /vol/users on FAS2 display all active instances of backup jobs

Option ndmpd.ignore_ctime.enabled ndmpd.preferred_interface <interface> Default off disabled Description When on, allows users to exclude files with their ctime changed from inclusion in incremental dumps. When enabled, restricts NDMP traffic to specific network interfaces
Page 46 NetApp
6.2 Volume Copy

Volume copy is a block-level copy of a volume, and optionally its snapshots, to another volume of equal or greater size. The destination volume may be on the same system or on a remote system. Step 1 2 3 Command/Action FAS2> vol restrict destination_vol FAS2> options rsh.enable on Add an entry in /etc/hosts.equiv on both systems for the other system FAS1> vol copy start [-S] source_vol fas2:destination_vol FAS1> vol copy start [-S] source_vol destination_vol FAS1> vol copy status FAS1> options vol.copy.throttle [value] Description Restrict the destination volume Enable RSH on the destination FAS Create a trusted relationship between the systems Start copying the source volume (and its SnapShots with -S) to the destination volume on a remote system Start copying the source volume (and its SnapShots with -S) to the local destination volume Check on progress of vol copy operation Optional: Set the speed of the copy from 1 (10%) to 10 (100%) to reduce impact on network traffic Cancel one or more volume copy operations Make the new volume useable
OR 5 6
7 8
FAS1> vol copy abort [operation_number] FAS1> vol options destination_vol online
6.3 Snapshots
Step 1 Command/Action FAS> snap create vol1 mysnap Description Create a snapshot of volume vol1 Shedule snapshots of vol1 to retain 1 weekly, 6 nightly and 12 hourly snapshots. Take the snapshots at 0800, 1000, 1200, 1400, 1600 and 1800 set the snap reserve on vol1 to 12% List all snapshots for vol1 Show the amount of change between snapshots on vol1 (or between 2 snapshots) List amount of space freed if listed snapshot(s) were deleted
FAS> snap sched vol1 1 6 12@8,10,12.14,16,18
3 4 5
FAS> snap reserve vol1 12 FAS> snap list vol1 FAS> snap delta vol1 [snap1 snap2] FAS> snap reclaimable vol1 snap1 [snap2 ]
Page 47 NetApp
7 8 9
FAS> snap rename vol1 old_name new_name FAS> snap delete vol1 snap1 FAS> snap autodelete vol1
Rename a snapshot in vol1 Delete snapshot snap1 in vol1 set/change settings to automatically delete snapshots when volume and snap reserve are nearly full
6.4 SnapRestore
Warning: All file changes and snapshots created after the snapshot used for the SnapRestore will be permanently lost Step 1 2 3 Command/Action FAS> license add <code> FAS> snap restore -t file /vol/vol1/etc/rc FAS> snap restore -t vol -s weekly.1 vol1 Description Install license code for SnapRestore SnapRestore specific file from snapshot SnapRestore entire volume from a weekly Snapshot
Command syntax: snap restore [ -t file|vol] [-s snapshot_name] [ -r restore_as_path] vol_name
6.5 Asynchronous SnapMirror

SnapMirror is a replication function for maintaining up-to-date copies of data in another volume or another storage controller which may be thousands of kilometres away. Refer to the Data ONTAP Data Protection Online Backup and Recovery Guide and TR-3466 SnapMirror Async Best Practices for more information:
6.5.1 Create an Asynchronous Volume SnapMirror Relationship

This section describes the procedure to set up asynchronous Volume SnapMirror replication. Step 1 Command/Action FAS1> license add <snapmirror_code> FAS1> df -k vol1 FAS2> df -k vol1 FAS1> vol options vol1 convert_ucode on FAS1> vol status vol1 FAS2> vol create vol1 FAS2> vol restrict vol1 Description License snapmirror on the source and destination Storage Appliance (can be the same system for internal replication). Ensure destination volume is equal to or larger than source volume. FAS1 is the source and FAS2 is the destination. Set the source volume to Unicode ON for source volumes that support CIFS clients Verify volume status and unicode setting Create a volume of the same size or larger on the destination system Restrict the destination volume
3 4 5 6
Page 48 NetApp
7 8
FAS2> vol status vol1 FAS1> options snapmirror.access host=fas2 FAS2> options snapmirror.access host=fas1 FAS2> wrfile -a /etc/snapmirror.conf fas1:vol1 fas2:vol1 - * * * * or fas1:vol1 fas2:vol1 0-55/5 * * * (every 5 mins of every hour) FAS1> snapmirror on FAS2> snapmirror on FAS2> snapmirror initialize -S fas1:vol1 fas2:vol1 FAS2> snapmirror status -l
Verify volume is now restricted Allow snapmirror access by each storage controller to the other. Create a snapmirror schedule on the destination FAS defining when to synchronise (Min of Hr, Hr of Day, Day of Mth, Day of Wk) See section 11.6 for a sample snapmirror.conf file Enable snapmirror on both the source and destination systems. Initialize transfer of files from source to destination system and create a baseline from which to mirror. Verify status of transfer or of mirror
10 11
6.5.2 Convert a read-only SnapMirror Volume to read-write

Step 1 2 3 Command/Action FAS1> snapmirror status (if possible) FAS2> snapmirror status FAS2> snapmirror quiesce fas1_vol1 FAS2> snapmirror break fas1_vol1 Description Verify the status of the snapmirrors Finish writes to fas1_vol1 Break volume fas1_vol1 from the snapmirror relationship
6.5.3 Resync a Broken Volume SnapMirror Relationship

Step 1 2 3 4 Command/Action FAS2> rdfile /etc/snapmirror.conf FAS1> vol status vol1 FAS2> vol status fas1_vol1 FAS1> snapmirror on Ensure all applications and users activities to the volumes are halted FAS1> snapmirror resync -S fas2:fas1_vol1 vol1 Description Verify snapmirror schedule is still correct Verify both volumes are online and readwriteable. Turn on SnapMirror for both systems This is a recommendation to reduce the replication time and reduce changes From the original source, perform a resync of the data from the original destination system Update any changes since the baseline snapshot of the resync
FAS1> snapmirror update -S fas2:fas1_vol1 vol1
Page 49 NetApp
7a
FAS1> snapmirror break vol1 FAS1> snapmirror quiesce fas1:/vol/vol1/mytree FAS1> snapmirror break fas1:/vol/vol1/mytree FAS2> snapmirror resync -S fas1:vol1 fas1_vol1 FAS2> snapmirror resync -S fas1:/vol/vol1/mytree /vol/fas1_vol1/mymirror
Break the current snapmirror relationship so it can be reversed and set to its original direction. For Qtrees, the snapmirror must be first quiesced and then broken. Perform a second resync, setting FAS1 as the source again. Perform a second resync on a Qtree.
7b 8a 8b
6.5.4 Create an Asynchronous Qtree SnapMirror

Step 1 2 3 Command/Action FAS> license add <snapmirror_code> FAS1> options snapmirror.access host=fas2 FAS2> options snapmirror.access host=fas1 FAS1> snapmirror on FAS2> snapmirror on FAS2> snapmirror initialize -S fas1:/volvol1/mydata fas2:/vol/backup_vol/mydata_copy FAS2> snapmirror status -l FAS2> wrfile /etc/snapmirror.conf fas1:/volvol1/mydata fas2:/vol/backup_vol/mydata_copy - 10 * * * <ctrl+c> Description License snapmirror on the source and destination Storage Appliance. Allow snapmirror access by each storage controller to the other. Enable snapmirror on both the source and destination systems Initialize transfer of files from source to destination system and create a baseline from which to mirror. Verify status of transfer or of mirror Create a snapmirror schedule on the destination system defining when to synchronize (Minute of Hour, Hour of Day, Day of Month, Day of Week)
4 5
6.5.5 Convert read-only Qtree SnapMirrror destination to writeable

Step 1 2 3 Command/Action FAS2> snapmirror status FAS2> snapmirror quiesce /vol/vol0/mymirror FAS2> snapmirror break fas2:/vol/vol0/mymirror Description Verify the status of the snapmirrors. SnapMirror must be on. Finishes any write activity and then disables further updates Break the snapmirror relationship
Page 50 NetApp
6.5.6 Purging Asynchronous Mirrors

Step 1 2 3 4 5 6 Command/Action FAS2> wrfile /etc/snapmirror.conf FAS2> snapmirror quiesce <dst_qtree> FAS2> snapmirror break <dst_vol_or_qtree> FAS1> snapmirror destinations FAS1> snapmirror release <src_path> <dst_hostname>:<dst_path> FAS1> snap list <vol> FAS1> snap delete <vol> <snapshot> FAS> snapmirror off Description Remove redundant entries Quiesce any qtree snapmirrors and break SnapMirror relationships. Display any snapmirror destinations Release the source associated with snapmirror relationships. List and delete any snapshots that are for redundant snapmirror relationships. Disable snapmirror on source and destination if appropriate.
6.6 SnapVault
SnapVault performs backup (versus replication like SnapMirror) of qtrees and directories from a primary storage system (source) to a secondary storage system (destination). Step 1 2 3 4 5 Command/Action FAS1> license add <sv_primary_license> FAS2> license add <sv_secondary_license> FAS> ndmpd on FAS> options snapvault.enable on FAS1> options snapvault.access host=fas2 FAS2> options snapvault.access host=fas1,fas3 FAS2> snapvault start -S fas1:/vol/vol1/qtree1 /vol/sv_vol/na1_qtree1 FAS1> snapvault snap sched vol1 sv_weekly 1@sat@19 FAS1> snapvault snap sched vol1 sv_nightly 6@mon-fri@19 FAS1> snapvault snap sched vol1 sv_hourly 14@mon-fri@7-18 Description License SnapVault on the primary and secondary systems. Enable the NDMP service. Enable SnapVault. Allow host access from the SnapVault Secondary (destination) system. Allow host access from all the clients. Initialize the relationship between source qtree1 on FAS1 to a unique destination qtree in /vol/sv_vol Create a schedule of snapshots for SnapVault use on each client volume containing qtrees to backup. There are weekly, nightly and hourly snapshots. Specify number to retain, @what days to run, @what times to take snapshots
Page 51 NetApp
FAS2> snapvault snap sched -x vol1 sv_weekly 1@sat@19 FAS2> snapvault snap sched -x vol1 sv_nightly 6@mon-fri@19 FAS2> snapvault snap sched -x vol1 sv_hourly 14@mon-fri@7-18 FAS> snapvault status [-l] [-s]
Create a schedule of transfers from all clients containing qtrees in vol1. There are weekly, nightly and hourly snapshots. Specify number to retain, @what days to run, @what times to take snapshots Check on the status of SnapVault transfers
6.6.1 Perform a SnapVault restore

Step 1 Command/Action FAS1> snapvault restore -S fas2:/vol/sv_vol/fas1_qtree1 /vol/vol1/qtree1 FAS1> snapvault release fas2:/vol/sv_vol/fas1_qtree1 /vol/vol1/qtree1 FAS2> snapvault release /vol/sv_vol/fas1_qtree1 fas1:/vol/vol1/qtree1 FAS2> snapvault start -r -S fas1:/vol/vol1/qtree1 /vol/sv_vol/fas1_qtree1 Description Restores the data in qtree1 from FAS2 using the most recent common snapshot. Removes the reverse relationship created during the restore process. Restart the snapvault backup relationship with qtree1 on FAS1
6.6.2 Turn SnapVault destination into SnapMirror destination.

Convert a SnapVault destination qtree into a SnapMirror qtree so clients may access it or for disaster recovery purposes. Step 1 2 3 Command/Action FAS2> snapmirror off FAS2> options snapvault.enable off FAS2> priv set diag FAS2*> snapmirror convert /vol/sv_vol/fas1_qtree1 FAS2*> priv set FAS2> snapmirror on FAS2> snapmirror quiesce /vol/sv_vol/fas1_qtree1 FAS2> snapmirror break /vol/sv_vol/fas1_qtree1 Description Halt all SnapMirror operations on the secondary FAS Halt all SnapVault operations Warning: This enables an advanced set of commands. Consult Tech Support before using them. Converts the SnapVault qtree into a SnapMirror qtree Return to the standard command set Enable SnapMirror Ensure there are no SnapMirror operations on /vol/sv_vol/fas1_qtree1 Make the qtree writeable
4 5 6 7 8
Page 52 NetApp
6.6.3 Release a SnapVault relationship

Step 1 2 3 4 5 6 7 8 Command/Action FAS2> snapvault unsched sv_vol sv_hourly FAS2> snapvault unsched sv_vol sv_nightly FAS2> snapvault unsched sv_vol sv_weekly FAS2> snapvault stop fas2:/vol/sv_vol/q1 FAS2> snapvault status FAS2> qtree status sv_vol FAS1> snapvault unsched vol1 sv_hourly FAS1> snapvault unsched vol1 sv_nightly FAS1> snapvault unsched vol1 sv_weekly FAS1> snapvault destinations FAS1> snapvault release /vol/vol1/q1 fas2:/vol/sv_vol/q1 FAS1> snapvault status Description Remove all snapshot schedules for the volume sv_vol on the destination FAS
Stop the existing relationship Verify the relationship no longer exists Verify qtree q1 no longer exists Remove all snapshot schedules for the volume vol1 on the source FAS
List the existing relationships Release the relationship between /vol/vol1/q1 and the qtree on FAS2 Verify the relationship no longer exists
6.7
Associated Key SnapMirror/Vault OPTIONS

Option Default 0 Description Guarantees the specified number of qtree SnapMirrors or SnapVault source/destination transfers can always be run Enables global network throttling of SnapMirror and SnapVault transfers Specifies maximum bandwidth for all incoming (destination FAS) snapmirror/vault transfers. Requires replication.throttle.enable on Specifies maximum bandwidth for all outgoing (source FAS) snapmirror/vault transfers. Requires replication.throttle.enable on Guarantees specified number of volume SnapMirror source/destination transfers can always be run Enables IP address based verification of SnapMirror destination FASes by source FASes
[7.3] replication.logical.reserved_transfers replication.throttle.enable
off
replication.throttle.incoming.max_kbs
unlimited
replication.throttle.outgoing.max_kbs
unlimited
[7.3] replication.volume.reserved_transfers snapmirror.checkip.enable
off
Page 53 NetApp
6.8 FlexClone
This section describes how to create replicas of FlexVols using the licensed product FlexClone. A FlexClone volume saves space by using the blocks in a shared snapshot rather than duplicating the blocks. Only changes or additions to the data in the volume clone consume space.
6.8.1 Clone a flexible volume

Step 1 2 3 4 Command/Action FAS> license add <code> FAS> snap list vol1 FAS> vol clone create newvol -b vol1 nightly.1 FAS> vol status -v newvol Description Install license for FlexClone Display list of snapshots in vol1 Create a clone volume named newvol using the nightly.1 snapshot in vol1 verify newvol was created Look for snapshots listed as busy, vclone. These are shared with flexclones of vol1 and should not be deleted or the clone will grow to full size Display space consumed by new and changed data in the flexclone volume.
FAS> snap list vol1
FAS> df -m newvol
6.8.2 Split a FlexClone volume from the parent volume

Step 1 2 3 4 Command/Action FAS> vol clone split estimate newvol FAS> df -A <aggr name> FAS> vol clone split start newvol FAS> vol clone split status newvol Description Determine amount of space required to split newvol from its parent flexvol. Display space available in the aggregate containing the parent volume (vol1) Begin splitting newvol from its parent volume (vol1) Check the status of the splitting operation Halt split process. NOTE: All data copied to this point remains duplicated and snapshots of the FlexClone volume are deleted. Verify newvol has been split from its parent volume
FAS> vol clone split stop newvol
FAS> vol clone status -v newvol
Page 54 NetApp
6.8.3 FlexClone a file or LUN [7.3]

Rather than create a copy of a file or LUN, FlexClone can be used to make a space efficient clone and keep the clone inside the same FlexVol. Refer to the Data ONTAP Storage Efficiency Management Guide and TR-3742 Using FlexClone to Clone Files and LUNs Step 1 Command/Action FAS> license add <code> Obtain path of file or LUN from a CIFS or NFS client and translate to /vol/vol_name /filepath 2 Description Install license for FlexClone Data ONTAP has no means to view files inside a volume, but must use the /vol/vol_name/filename syntax for cloning so the systems and storage admins must translate between the two Create a clone of the file test_video.avi and call it test_video_clone.avi Clone a file inside a LUN by specifying the LBA addresses of the source and destination blocks Clone a file in a snapshot Check on the status of the clone operation Aborts a clone operation in progress Display space savings obtained by making a file clone Note: Clones are treated as being fullsized for quota calculations even though physical space has not been consumed
FAS> clone start /vol/raw_video/test_video.avi /vol/raw_video/test_video_clone.avi FAS> clone start <src_path> [dest_path] <-r <src_fbn>:<dest_fbn>:<fbn_cnt> ...> FAS> clone start <src_path> <dest_path> -s <snapshot_name> FAS> clone status <vol_name> FAS> clone stop <vol-name> <ID>
OR
OR 4 5
FAS> df -s raw_video
Page 55 NetApp
Security
7.1 General Storage Controller Security

Secure Admin is included in ONTAP 7G and provides for secure network connections to a storage appliance for the CLI and FilerView. Refer to TR-3649 Best Practices for Secure Configuration of Data ONTAP 7G for additional security configuration settings.
7.1.1 Managing SSH

Configure SSH to provide secure connections to the CLI. Step 1 2 3 Command/Action FAS> secureadmin setup ssh FAS> secureadmin enable {ssh1 | ssh2} FAS> secureadmin disable {ssh1 | ssh2} Description Configures the SSH protocol Turn on the SSH protocols Turn off the SSH protocols
7.1.2 Managing SSL

Configure SSL to provide secure HTTP connections to FilerView. Step 1 2 3 4 Command/Action FAS> secureadmin setup ssl FAS> secureadmin addcert ssl <directory_path> FAS> secureadmin enable ssl FAS> secureadmin disable ssl Description Configures the SSL protocol OPTIONAL: Install a certificate-authoritysigned certificate Turn on the SSL protocol Turn off the SSL protocol
7.1.3 Associated Key Security OPTIONS

Option [7.3] interface.blocked.nfs [7.3] interface.blocked.iscsi [7.3] interface.blocked.ftp [7.3] interface.blocked.snapmirror Default Off Off Off Off Description Set to a comma-separated list of interfaces or VIFs to prevent use by NFS Set to a comma-separated list of interfaces or VIFs to prevent use by iSCSI Set to a comma-separated list of interfaces or VIFs to prevent use by FTP Set to a comma-separated list of interfaces or VIFs to prevent use by SnapMirror
Page 56 NetApp
[7.3] interface.blocked.cifs ip.fastpath.enable rsh.enable security.passwd.rootaccess.enable ssh.pubkey_auth.enable telnet.enable trusted.hosts (ignored unless telnet.access is set to legacy)
Off
Set to a comma-separated list of interfaces or VIFs to prevent use by CIFS Turn off to reduce ARP spoofing and session hijacking attacks
On On Off On
Turn off to disable RSH access Turn off to disable root user access to the storage system Turn on to enable SSH public key authentication Turn off to disable Telnet access Set to a dash to disable all Telnet access, insert hostnames to restrict access, set to * to allow access to all hosts
7.2 CIFS Security

The majority of security features for CIFS require SMB2 which was first implemented in Windows Vista and Server 2008 and supported in Data ONTAP 7.3.
7.2.1 Restricting CIFS access

Data ONTAP supports features in addition to ACLs to further restrict access to CIFS data. Note: Group Policy Objects can be applied to the entire system by placing the system in a dedicated OU in Active Directory rather than placing it in the default OU=Computers. Command/Action Description Enable Access Based Enumeration (ABE) and prevent users from seeing shares, files, and folders they do not have access permissions to Enable ABE on the Legal CIFS share. users who do not have permission to access Legal or files inside it (whether through individual or group permission restrictions) are no longer visible in Windows Explorer Temporarily disable browsing of the IT_apps share
FAS> cifs.enable_share_browsing off
FAS> cifs shares -change Legal accessbasedenum
FAS> cifs shares -change IT_apps -nobrowse
Page 57 NetApp
7.2.2 Monitoring CIFS Events

Step 1 2 3 Command/Action FAS> options cifs.per_client_stats.enable on FAS> cifs top FAS> options cifs.per_client_stats.enable off Uses client stats to display highest users Client stats collection affects performance. This will turn it off and discard any existing per-client statistics Turn on/off auditing of all events. Auditing uses system resources and may affect performance. Refer to the documentation for more information on auditing. Description
FAS> cifs audit start | stop
7.2.3 CIFS Network Security OPTIONS

Option cifs.enable_share_browsing cifs.idle_timout <time> cifs.restrict_anonymous.enable Default On 30 0 Description Turn off to enable Access Based Enumeration (ABE) Specify how many minutes ONTAP will wait before disconnecting an idle CIFS session See below Controls the access restrictions of nonauthenticated sessions. Default is no access restrictions. Set to 1 disallows enumeration of users and shares. Set to 2 to fully restrict access. Turn on to enable SMB signing to prevent manin-the-middle intrusions by requiring each CIFS sessions use a security signatures. Imposes a performance penalty on the client and controller. Turn on support for clients using SMB2 Preserves open files when a client unexpectedly disconnects and later reconnects to a share Delay to allow a client to reconnect before closing their open files Turn on SMB2 Turn on SMB signing for the SMB2 protocol Blocks CIFS traffic from using the commaseparated list of Ethernet ports and/or VIFs.
[7.3] cifs.restrict_anonymous [ 0|1|2 ]

(replaces cifs.restrict_anonymous.enable)
cifs.signing.enable
Off
[7.3] cifs.smb2.client.enable [7.3] cifs.smb2.durable_handle.enable [7.3] cifs.smb2.durable_handle.timeout [7.3] cifs.smb2.enable [7.3] cifs.smb2.signing.required [7.3] interface.blocked.cifs [port | VIF ]
Off On 16m off off Null
Page 58 NetApp
7.3 AntiVirus
Data ONTAP is a memory-resident OS not vulnerable to viruses or other malware. The data stored on the system is not protected by Data ONTAP so external antivirus servers must screen files for viruses. Step 1 2 3 Command/Action Install and configure a Data ONTAP compliant virus scanner on a PC server(s) FAS> vscan scanners FAS> vscan scanners secondary_scanners <IP addresses> FAS> vscan on FAS> cifs shares -change cifs.homedir -vscan FAS> cifs shares -change App_logs -novscan Description Most major AV vendors have compliant versions of their software Scan the network for AV servers For multiple AV scanners, designate all but one as secondary scanners Enable virus scanning. By default, Data ONTAP sends every CIFS file a client accesses to the scanner(s) for scanning Turn on scanning of the home directories Disable virus scanning of the App_logs CIFS share Display status of vscanners, file extensions being scanned, and number of files scanned Change scanner timeout value from the default of 10 seconds to 1 45 seconds. The larger the timeout, the longer the delay until a user is given file access. The default is On which prevents file access if a scan can not be performed. Turn on to notify users an infected file has been found. Otherwise, users are only told file unavailable Enable virus scanning on a vFiler Stop virus scanning sessions for the specified scanner server ONTAP caches information about previously scanned files to avoid rescanning those files. When you load a new virus-scanning signature file, reset the cache to rescan files that were scanned using an old signature file.
4 5 6
FAS> vscan
FAS> vscan options timeout <value>
FAS> vscan options mandatory_scan off
10 11 12
FAS> vscan options client_msgbox on FAS> vscan options use_host_scanners on FAS> vscan scanners stop <IP address>
13
FAS> vscan reset
Page 59 NetApp
System and Disk Maintenance
8.1 System Maintenance

This section contains commands to manage the storage controller and diagnose problems. Refer to the Data ONTAP System Administration Guide for more information. Command/Action FAS> sysconfig -c FAS> config dump Install.cfg Description Check system for configuration errors Backup all configuration information to a backup file in /etc/configs Compare current system configuration with a backup configuration file to see differences Restores system settings to those saved in the backup configuration file display information about a FASs health print history of memory errors since boot display or change configurable global system options manually generate an AutoSupport Insert administrative/informational messages into the system log read and execute a text file containing ONTAP commands
FAS> config diff 25Apr2009.cfg
FAS> config restore 25Apr2009.cfg FAS> environment FAS> memerr FAS> options FAS> options autosupport.doit <subject> FAS> logger <free text message> FAS> source <filename>

Option autosupport.cifs.verbose autosupport.doit <subject> autosupport.support.transport autosupport.support.proxy Default Off N/A https N/A Description When on, includes CIFS session and share information in AutoSupport messages Triggers an immediate AutoSupport message Whether to use https, http or smtp to communicate with an email server Allows defining IP address of proxy server when transport is set to HTTP or HTTPS
Page 60 NetApp
8.2 Special Boot Menu and Maintenance Mode

The Special Boot Menu (Maintenance Mode in particular) allows you to work on a system before Data ONTAP loads. This mode loads from the flash boot device and can be run even without attached disk shelves. During a reboot/power cycle, press Ctrl+C when prompted for the Special Boot Menu. Menu Option 1. Normal Boot 2. Boot without /etc/rc Description Boots into Data ONTAP Boots into Data ONTAP but bypasses /etc/rc so networking is not configured. Used to diagnose /etc/rc issues Only way to change the root password if it is forgotten Reformats the disks and creates a sparse traditional volume. Install Data ONTAP after completing the Setup wizard. On software-based ownership systems, reformats the drives and creates a spares FlexVol root volume. Install Data ONTAP after completing the Setup wizard to populate the root volume A special run environment with a subset of commands for diagnosing hardware problems and manipulating disks and aggregates. No networking configured.
3. Change password
4. Initialize all disks
4a. Initialize all disks
5. Maintenance Mode
8.3 Disk Shelf Maintenance

8.3.1 DS14 Shelves
Step 1 2 Command/Action FAS> sysconfig -a FAS> fcadmin device_map Description Displays disks, shelf controllers, and shelves and their firmware levels Display all shelves and disks known to the system by FC port adapter address Interactive command to visually verify communications between disk shelves and the FAS by turning LEDs on and off. Shows all paths to every disk and disk shelf. With Multipath High-Availability (MPHA) cabling each disk should show an A and B path. Manually start installation of new shelf controller firmware written to /etc/shelf_fw folder on the root volume.
FAS> shelfchk
FAS> storage show disk -p
FAS> priv set advanced FAS*> storage download shelf FAS*> priv set
Page 61 NetApp
FAS> storage show adapter FAS> storage disable adapter 7b
Display all the FC disk adapters in the system and then disable adapter 7b in preparation to replace a shelf controller module connected to the 7b interface.
8.3.2 [7.3]SAS Shelves (DS4243 & DS2246)

Step 1 Command/Action FAS> sasadmin expander_map Description Verify all SAS shelves are visible to the system. Run on both nodes of a cluster. Displays a list of all shelves and their shelf IDs (or lists shelves on a specific adapter) Displays a pictorial representation of the drive population of all SAS shelves. SAS ports should come online when a QSFP cable is plugged in. Use this command if it does not. Turn on Alternate Control Path (ACP) functionality Verify the ACP cabling is correct
FAS> sasdmin shelf <adapter ID>
FAS> sasadmin shelf FAS> priv set advanced FAS> sasadmin adapter_online <adapter name> FAS> options acp.enabled on FAS> storage show acp
5 6
8.3.3 Associated Key Disk Shelf OPTIONS

Option shelf.atfcx.auto.reset.enable Default Auto Description Enables automatic shelf power-cycling for AT-FCX shelves with the required power supply and shelf firmware version 37 or higher. Enables automatic shelf power-cycling for ESH4 shelves with the required power supply and shelf firmware version. Set to on to install ACP cables on SAS shelves.
shelf.esh4.auto.reset.enable acp.enabled
Off Off
8.4 Disk Maintenance

Step 1 Command/Action FAS> aggr status -f FAS> priv set advanced FAS*> disk led_on 0a.21 FAS*> disk led_off 8c.65 FAS*> priv set Description Lists all failed disks Turn on the amber led on disk 0a.21 and turn off the amber LED on disk 8c.65. If led_on doesnt work, type led_off and then led_on.
Page 62 NetApp
FAS> disk maint 0a.25
Sends disk 0a.25 to Maintenance Center for analysis. NOTE: This forces a disk failure Manually fail disk 0a.27 to a spare drive. This initiates Rapid RAID recovery and will take time to copy data to the spare. Uses Rapid RAID Recovery to swap a spare drive with drive 0a.25 Spin down spare disk 0a.25 before removing from FAS Convert disks from a destroyed aggregate/tradvol into spares Runs about 5 minutes to diagnose loop and disk issues. A confidence factor less than 1 indicates problems. Any disk with hard disk errors should be failed manually
FAS> disk fail 0a.27
5 6 7
FAS> disk replace 0a.25 FAS> disk remove 0a.25 FAS> disk zero spares Boot into Maintenance Mode : *> disktest -v
8.4.1 Drive zeroing time estimates

Capacity
300 GB 450 GB 600 GB
Type
FC
Speed
15k rpm
Estimate zeroing time (hours)

1.5 2.2
300 GB 450 GB 600 GB 450 GB 600 GB 500 GB

1TB 2TB
SAS
15k rpm
SAS SATA
10k rpm 7.2k rpm
2.5 1.5 2.2 2.5 2.3 2.6 2.5

4.3 5.6
8.4.2 Update disk firmware and disk qualification file

Step 1 2 Command/Action Download the all.zip file and extract the files into /etc/disk_fw folder in the root volume FAS> disk_fw_update Description http://support.netapp.com/NOW/cgibin/diskfwmustread.cgi/download/tools/diskfw/bin/all Manually install disk firmware files placed in /etc/disk_fw
Note : New models of disk drives often require updating the disk qualification list in order to be properly recognized by Data ONTAP 1 Download the qual_devices.zip (or .tar.gz) file and extract into the /etc folder on the root volume http://support.netapp.com/NOW/download/tools/diskqual/
Page 63 NetApp
2 3
Wait 5 minutes for ONTAP to process the file Insert new drives or attach new shelf to system (Assuming you knew beforehand there would be an issue with the new disks)

Option raid.background_disk_fw_update. enable Default On Description When off, disk firmware updates will only occur at boot time or during disk insertion. Turning this on also allows system to come back up faster. Determines performance impact of RAID reconstruction. Does NOT affect reconstructions in progress only future reconstructs. When on, ONTAP always selects ATA disks of same RPM (5400 or 7200) when creating new aggregates or adding disks to an existing aggregate When off, allows mixing 10K and 15K RPM drives in an aggregate
raid.reconstruct.perf_impact
medium
raid.rpm.ata.enable
Off
raid.rpm.fcal.enable
On
8.5 Tape Device Maintenance

8.5.1 Managing Tape Devices
Step 1 2 3 4 5 6 Command/Action FAS> sysconfig -m FAS> sysconfig -t FAS> storage show tape FAS> ndmpd sessions FAS> storage stats tape nrst01 FAS> mt -f nrst0a offline Description Show attached tape media changers Show attached tape devices Display information about attached tape devices Display open/active ndmp backup sessions Display statistics for nrst01 tape drive Rewind and eject tape
8.5.2 Associated Key Tape OPTIONS

Option tape.reservations Default Off Description Allow reserving specific tape devices to prevent conflicts with other systems trying to backup to the tape device using NDMP
Page 64 NetApp
Controller Failover Implementation
This section covers basic cluster setup and failover. See the Data ONTAP Active/Active Configuration Guide and Data ONTAP System Administration Guide for more details. Also refer to TR-3450 HA Pair Configuration and Best Practices
9.1 Enable controller failover functionality

Step 1 2 3 4 5 Command/Action FAS1> license add <cluster_code> FAS2> license add <cluster_code> FAS1> reboot FAS2> reboot FAS1> cf enable FAS1> cf status Cluster enabled, fas2 is up. FAS1> fcstat device_map FAS2> fcstat device_map Description Add cluster license to both cluster partners (nodes) Reboot both partners Enable clustering Check status of cluster Ensure both partners can access the other partners disks

Option cf.giveback.auto.enable cf.takeover.on_failure
cf.takeover.on_network_interface_failure
Default On On off
Description Determine if a giveback is performed when a down node is repaired and reboots When off, disables automatic takeover Enable takeover on failure of all monitored NICs (NICs must be set in ifconfig statements in /etc/rc file.) By default, all NICs must fail to initiate failover. When set to any_nics then one NIC failure results in failover. Uses the RLM to notify partner of hardware failures, reducing delay before initiation of takeover. Define partner IP address to receive HardwareAssisted Takeover messages Define partner NIC port to receive HardwareAssisted Takeover
cf.takeover.on_network_interface_fail ure.policy
all_nics
[7.3] cf.hw_assist.enable
On
[7.3] cf.hw_assist.partner.address [7.3] cf.hw_assist.partner port
Null Null
Page 65 NetApp
9.2 Setup network takeover interfaces

Step Command/Action Gather network information on both nodes 1 IP address for local and partner node Netmask for local and partner node Description Example: Local IP/Netmask: 10.41.72.103/255.255.255.0 Partner IP/Netmask: 10.41.72.104/255.255.255.0 Setup local and partner node interfaces for partner takeover
FAS1> ifconfig e0 10.41.72.103 partner 10.41.72.104 FAS2> ifconfig e0 10.41.72.104 partner 10.41.72.103 or FAS1> ifconfig e0 partner 10.41.72.104 FAS2> ifconfig e0 partner 10.41.72.103 Modify /etc/rc ifconfig e0 `hostname`-e0 mediatype auto flowcontrol full netmask 255.255.255.0 partner 10.41.72.104 FAS1> ifconfig e0 e0: flags=948043<UP,BROADCAST,RUNNING,MULTICAST,T CPCKSUM> mtu 1500 inet 10.41.72.103 netmask 0xffffff00 broadcast 10.41.72.255 partner inet 10.41.72.104 (not in use) ether 00:0e:0c:2e:f8:54 (auto-1000t-fd-up) flowcontrol full
Make the changes in step 2 persistent across reboots
Check interfaces for partner configuration
9.3 Perform cf takeover/giveback

Controller failover functionality should be tested on a regular basis. One recommendation is to perform a cf takeover/giveback (or reboot for standalone systems) prior to any maintenance requiring downtime. This ensures the system is functioning properly by discovery pre-existing issues with the system. Step 1 2 FAS1> cf status FAS1> cf takeover FAS1(takeover)> cf status fas1 has taken over fas2.
Takeover due to negotiated failover, reason: operator initiated cf takeover
Command/Action
Description Verify cluster is normal status Local node takes over partner node Verify FAS1 has taken over FAS2 Switch to partners CLI context
FAS1(takeover)> partner
Page 66 NetApp
FAS2/FAS1> sysconfig -v *** This system has been taken over by fas1 NetApp Release 7.1: Fri Dec 23 02:32:04 PST 2005 System ID: 9950393031 (NA-2); partner ID: 9950393390 (FAS1) System Serial Number: 9990073 (FAS2); partner Serial Number: 9990079 (FAS1) System Rev: C2 No hardware device information is available. FAS2/FAS1> ifconfig -a FAS2/FAS1> vif status FAS2/FAS1> partner
Check to verify FAS1 has taken over partner.
6 7
Verify FAS2s network interfaces and VIFs have been created and are online. Switch back to FAS1 CLI Partner node reboots and functions normally Note: It is sometimes necessary to run cf giveback -f to terminate certain services that will prevent a giveback.
FAS1(takeover)> cf giveback [lots of console messages] Cluster monitor: takeover of fas2 enabled
9 10
Verify clients can access data using all licensed protocols FAS1> cf status Cluster enabled, fas2 is up. Verify cluster is back to normal status
Page 67 NetApp
10 MultiStore (vfiler) Implementation

This section will introduce a simple MultiStore implementation of a vfiler. A vfiler is logical partitioning of the resources of a storage appliance. Each vfiler has its own security domain. Refer to the Data ONTAP MultiStore Management Guide for more information.
10.1 MultiStore (vfiler) Configuration

Step 1 2 3 4 5 6 Command/Action FAS> license add <multistore_code> FAS> ifconfig e0 0.0.0.0 ifconfig e0 down FAS> ipspace create vfiler1-ipspace FAS> ipspace assign vfiler1-ipspace e0 FAS> vol create vol1 FAS> vfiler create vfiler1 -s vfiler1-ipspace -i 10.41.72.113 /vol/vol1 Add the ifconfig and default route commands to /etc/rc ifconfig e0 10.41.72.113 up netmask 255.255.255.0 mediatype 100tx-fd vfiler run vfiler1 route add default 10.41.72.1 Description License MultiStore interfaces used with vfilers must not be assigned an ip address and must be down Create an IPspace Assign an interface to the IPSpace Create storage to assign to the Vfiler Create a Vfiler Note: See vfiler limits below Add the ifconfig and vfiler commands to the hosting filers /etc/rc (ie: /vol/vol0/etc/rc) to make them persistent
10.1.1 Changing system limits on vFilers

All systems are limited to the number of vfilers they can manage. The limits include vfiler0 in the count. HA pairs do not get twice as many vfilers so must share the maximum limitation. System Memory Less than 1GB 1Gb - 2GB 2GB or more Step 1 2 3 Default 3 5 11 Command/Action FAS> sysconfig -v FAS> vfiler limit FAS> vfiler limit <number> Max allowed (standalone or HA pair) 11 26 65 Description Verify system memory size Display current limit setting Increase/decrease limit to number specified (using maximums above)
Page 68 NetApp
10.2 MultiStore (vfiler) Administration

Step 1 2 3 4 5 6 Command/Action FAS> vfiler status [-a|-r] vfiler1 running FAS> ipspace list FAS> vfiler disallow vfiler1 proto=nfs FAS> vfiler context vfiler1* vfiler1> setup vfiler1> cifs setup Description Check vfiler status [-a shows Allowed protocols] Display IPspaces configured Disallow nfs protocol on a per-vfiler basis Switch CLI to run all subsequent commands on the specified vfiler. Run setup on the vfiler Setup CIFS on vfiler. Be sure to give the vfiler a unique default name in the domain being configured. Create a qtree in the volume. Only possible if the vfiler is assigned to a volume. Create CIFS shares in the vfiler
7 8 9
vfiler1> qtree create eng /vol/vol1/eng vfiler1> cifs shares -add eng /vol/vol1/eng
Verify clients in the same IPspace can Verify everything worked access the share within this vfiler To return to the root filer, type vfiler context vfiler0. Additionally, you may type vfiler run before every command to run the command on the specified vfilers context.
10.2.1 Stop/Destroy a vfiler

Step 1 Command/Action FAS> vfiler stop vfiler1 FAS> ifconfig e0 down or FAS> ifconfig -alias <alias interface> FAS> vfiler destroy vfiler1 [...] Resources for vfiler vfiler1 moved to hosting filer. FAS> vfiler status vfiler1 Description Stops vfiler from receiving incoming packets Down the interface associated with the vfilers IPspace -alias if the interface is an alias Disassociate resources from a vfiler. This will not destroy any of the user data. All resources return to vfiler0 Check status of vfilers
3 4
Page 69 NetApp
11 Configuration Files
Filename cifs_homedir.cfg cifs_nbalias.cfg exports ftpusers group hosts hosts.equiv netgroup networks nsswitch.conf passwd quotas rc registery resolv.conf snapmirror.allow snapmirror.conf symlink.translations syslog.conf usermap.cfg Purpose configuration file for CIFS home directories configuration file for CIFS NetBIOS aliases a list of export entries for all file system paths that Data ONTAP exports automatically when NFS starts up. lists users for whom ftp login privileges are disallowed. stores Unix security group membership data base Maps IP addresses to host names and aliases. list of hosts and users with rsh permission network groups data base network name data base Specifies the order in which Data ONTAP searches local, NIS, DNS, and LDAP files. Unix security username and password data base quota description file system initialization command script registry database configuration file for domain name system (DNS) resolver list of allowed destination filers volume and qtree replication schedules and configurations Enables use of NFS absolute symlinks by mapping them to CIFS-based paths configuration file for syslogd logger daemon mappings between UNIX and Windows NT accounts and users
11.1 sample /etc/quota

#Quota * /vol/home/user/joe 21 /vol/eng/proj writers tonyp@netapp.com netapp\sxia rsaklikar big!raj@netapp.com S-1-5-32-544 Target type user user group tree group@/vol/eng user user@/vol/vol2 user@/vol/vol2 user user@/vol/vol2 disk 50M 500M 750M 750M 300M 200M 200M 100M 200M files 10K 75K 75K 50K thold 450M 700M 700M 250M 150M 150M 50M 150M sdisk 700M 45K sfiles -
Note: Important quota commands: - FAS> quota resize <vol> - FAS> quota off <vol> / quota on <vol>
11.2 sample /etc/rc

#Auto-generated by setup Mon Mar 14 08:18:30 GMT 2005 hostname FAS1 vif create multi MultiTrunk1 e0 e1 ifconfig MultiTrunk1 172.25.66.10 partner MultiTrunk2 vif favor e0 ifconfig e5a `hostname`-e5a mediatype auto flowcontrol full netmask 255.255.255.0 partner 10.41.72.101 vlan create e4 10 20 30 ifconfig e4-10 172.25.66.11 netmask 255.255.255.0 route add default 10.41.72.1 1 routed on options dns.domainname corp.acme.com options dns.enable on options nis.enable off savecore
11.3 sample /etc/hosts

127.0.0.1 10.41.72.100 10.41.72.3 localhost FAS1 FAS1-e5a mailhost
11.4 sample /etc/resolv.conf

#Auto-generated by setup Thu May 31 23:43:09 GMT 2007 nameserver 10.41.72.5 nameserver 172.25.66.5
11.5 sample /etc/exports

#Auto-generated by setup Mon Mar 14 08:18:30 GMT 2005 /vol/vol0 -sec=sys,ro,rw=fbsun1,root=fbsun1,nosuid /vol/vol0/home -sec=sys,rw,root=fbsun1,nosuid /vol/perf -sec=sys,rw,root=fbsun1,nosuid /vol/perf/qtree -sec=sys,rw=Adminhost:fbsun1 /vol/vol0/unix_tree -sec=sys,rw=Adminhost:fbsun1,root=fbsun1 /vol/vol0/mktg -sec=sys,ro /vol/perf/subnet -sec=sys,rw=10.41.72.0/24,root=10.41.72.0/24 /vol/perf/netgroup -sec=sys,rw=trusted-hosts /vol/cifsvol1 -sec=sys,rw,root=fbsun1,nosuid /vol/flex1 -sec=sys,rw,root=fbsun1,nosuid /vol/flex2 -sec=sys,rw,root=fbsun1,nosuid
11.6 sample /etc/snapmirror.conf

The snapmirror.conf file uses the same syntax as the Unix crontab file. Because SnapMirror is a pull technology, you should edit the snapmirror.conf file on the destination. The following examples show different ways to set up snapmirror schedules. The following entry indicates that fridge's qtree home, in volume vol2 will mirror qtree home, in volume vol1 from toaster. Transfer speed is set at a maximum rate of 2,000 kilobytes per second. The four asterisks mean transfers to the mirror are initiated every minute, (assuming a previous transfer has completed. If not, a new transfer will be initiated the first minute after the current transfer has completed.) toaster:/vol/vol1/home fridge:/vol/vol2/home kbs=2000 * * * * This entry, between the db volumes on fridge-gig dev and icebox, is kicked off every five minutes, starting at 0. (Note fridge-gig is just a network interface name. In this case, a gigabit ethernet link on fridge.) fridge-gig:db icebox:db - 0-55/5 * * * The entry below makes transfers every half hour, with the first at 8:15 a.m., and the last at 6:45 p.m. The asterisks mean the replication schedule is not affected by the day of month or week; so occurs every day. filer1:build filer2:backup - 15,45 8,9,10,11,12,13,14,15,16,17,18 * * Data ONTAP 7.3 introduced compression which makes significant changes to the config file. Each relationship now requires a connection definition line at the top of the file that defines the network path(s) to connect a source and destination together using the following syntax: connection_name=mode (source_IP, destination_IP) (source_IP, dest_IP) fas1_DR=multi(10.10.10.50,10.10.10.200) (192.168.1.52,192.168.1.202) fas1_DR:user_vol fas2:user_vol_dr compression=enable 15,45 *** In this example 10.10.10.50 is the 10Gb/E interface for FAS1 and .200 is the 10Gb/E interface on FAS2. In the second parentheses, 192.168.1.52 is a 1Gb VIF on FAS1 and .202 is the 1Gb VIF on FAS2. The multi says to use the 10Gb/E interfaces first and if they fail to use the 1Gb VIF connections. The next line is the standard schedule but with the compression option included. Note: SnapMirror compression will NOT work if you use hostnames instead of IP addresses (requires an /etc/hosts entry which defeats the purpose of DNS). Old snapmirror.conf files may need to be changed to use IP addresses in order to work with compression.
# minute hour dayofmonth dayofweek(0-Sunday to 6-Sat) ####define snapmirror compression relationships na01-na02=multi (192.168.1.107,192.168.1.112) fas1=multi(10.10.10.50,10.10.10.200) (192.168.1.52,192.168.1.202) ###end ##Start snapmirror fridge-gig:db icebox:db - 0-55/5 * * * filer1:build filer2:backup - 15,45 8,9,10,11,12,13,14,15,16 * * fas1_DR:user_vol fas2:user_vol_dr compression=enable 15,45 * * * na01-na02:vmware013 na02:sm_vmware013 compression=enable - - - -
Page 72 NetApp
12 Troubleshooting Commands
12.1 General Troubleshooting
1. 2. 3. 4. 5. 6. 7. 8. Define the problem. Gather facts related to the problem. Identify potential cause of problem. Create an action plan. Test the plan. Implement the plan. Observe results. Document the solution. Command FAS> sysstat -x 1 FAS> statit -b, statit -e FAS> stats FAS> wafl_susp -w FAS> perfstat FAS> sysconfig -v FAS> sysconfig -r FAS> sysconfig -c FAS> environment status FAS> memerr FAS> disk shm_stats FAS> aggr status -f FAS> aggr show_space <aggr name> FAS> fcstat device_map Description Display total system statistics every second Storage Appliance statistics printout (a priv set advanced command) Collects statistical data Display WAFL Statistics Collects performance statistics (Note: May increase load on system) System hardware configuration information System raid group information Checks config levels of hardware against DOT software requirement. Display power and temperature conditions print history of memory errors since boot Display I/O statistics per disk List failed disks Display usage of space by volumes, snapshots and WAFL overhead Display shelves and drives attached to FC ports
Page 73 NetApp
12.2 NFS Troubleshooting

The following section describes NFS specific troubleshooting commands. Command FAS> options cifs.nfs_root_ignore_acl on FAS> qtree security FAS> nfsstat FAS> exportfs FAS> rdfile /etc/exports FAS> showmount -e <FAS_ip> Description If this is off, NFS can mount NTFS volumes but not read or write to them (permissions error) Ensure the volume or qtree isnt using NTFS security Display NFS statistics Display currently exported volumes or qtrees Display persistent volume or qtree exports Run from Unix server to display a list of currently available exported volumes or qtrees
Page 74 NetApp
Page 75 NetApp
Page 76 NetApp
12.3 CIFS Troubleshooting

Command FAS> cifs domaininfo FAS> cifs stat FAS> cifs stat -h <Domain_Controller_IP> OR FAS> cifs stat -f <Workstation_IP> FAS> options cifs.per_client_stats.enable on FAS> wcc {-u uname | -s ntname} FAS> options cifs.trace_login on FAS> cifs testdc C:\Windows\Program Files\ssaccess.exe Description Display Domain Controller information Display CIFS statistics Review CIFS per client statistics
Enable per client CIFS statistics Diagnose security checking for both UNIX-style (uname) and NT-style security (ntname) Monitor CIFS login attempts. Test domain controller communications SecureShare Access application for windows. Shows UNIX/NTFS ACLs
12.4 Network Troubleshooting

The following sections describes IP network issue troubleshooting commands Command FAS> ifconfig -a FAS> netstat -rn FAS> routed status FAS> netstat -s FAS> netstat -i FAS> netstat -m FAS> ping <hostname | IP > FAS> netstat -p icmp FAS> netdiag FAS> ifinfo FAS> ifstat C:\net use pktt Wireshark Description Display all ethernet interfaces, configuration and status Display Routing Table Display route daemon status, default route info and routing protocols Packet statistics per protocol Packet statistics per Ethernet port Network interface memory buffer utilisation Node accessibility check over IP network Determine if the ping throttling threshold has been exceeded Network Diagnostics command Print interface driver information Print interface driver statistics From Windows server - displays network connections Gathers network traffic information Analyze pktt output
Page 77 NetApp
12.5 NDMP Troubleshooting

Command FAS> ndmpd debug 50 FAS> ndmpd status FAS> ndmpd probe FAS> ndmpd kill FAS> pktt Packet tracing on the FAS Description Increase the debug level to view connection attempts and NDMP communications with the FAS View the status of connections
12.6 SAN Troubleshooting

12.6.1 FAS SAN Utilities
Command FAS> fcp nodename FAS> fcp show adapter FAS> fcp show initiator FAS> iscsi initiator show FAS> lun show -m FAS> igroup show FAS> iswt interface Data ONTAP 7.1+> iscsi interface FAS> iscsi security Description If returns all zeros, then this adapter is not a target but an initiator Display the WWPN for the HBA adapter on the FAS Display FCP initiators connected to FAS Display ISCSI initiators connected to FAS Display information about lun_path to initiator_group mappings Check for correct WWPN -> Initiator name mappings Check appropriate interfaces are enabled for ISCSI (7.0 and below) Check appropriate interfaces are enabled for ISCSI (7.1+) Check and reconfigure initiator security settings
12.6.2 Solaris SAN Utilities

Command solaris# lputil solaris# sanlun fcp show adapters -v solaris# sanlun lun show solaris# reboot -- -r solaris# devfsadm Description Configure/view/verify HBA bindings Display information about host HBAs Display LUNs that are mapped to host Reboot reconfigure option. Used after changes to /kernel/drv files. Discovery of new LUNs
Page 78 NetApp
solaris# solaris_info/filer_info/brocade_info solaris# modinfo | grep lpfc
Utilities installed as part of the FCP attach kit. Used to collect all config info on the respective devices. Check if lpfc driver is loaded
12.6.3 Windows SAN Utilities

Command SnapDriveDC C:\>lputilnt Description Gathers Windows and FAS information Light Pulse Utility used to view Revision/Firmware, Persistent Bindings, configuration data (WWNN, WWPN), status of adapters ISCSI Control Panel used to set/verify persistent bindings, login and logoff from targets
Control Panel->ISCSI
12.6.4 Finding and fixing LUN alignment issues

Refer to TR-3747 Best Practices for File System Alignment in Virtual Environments for the steps to fix misaligned LUNs. Operating System Windows Linux ESX ESX Tool diskpart.exe fdisk mbrscan mbralign Description Disk partition utility Disk partition utility Identifies misalignment. Included in ESX Host Utilities Kit Fixed misalignment. Included in ESX Host Utilities Kit
12.6.5 Configuring Cisco EtherChannels

From the Catalyst 3750 Switch Software Configuration Guide: This example shows how to configure an EtherChannel on a single switch in the stack. It assigns two ports as static-access ports in VLAN 10 to channel 5 with the PAgP mode desirable:
Switch# configure terminal Switch(config)# interface range gigabitethernet2/0/1 -2 Switch(config-if-range)# switchport mode access Switch(config-if-range)# switchport access vlan 10 Switch(config-if-range)# channel-group 5 mode desirable non-silent Switch(config-if-range)# end
This example shows how to configure an EtherChannel on a single switch in the stack. It assigns two ports as static-access ports in VLAN 10 to channel 5 with the LACP mode active:
Switch# configure terminal Switch(config)# interface range gigabitethernet2/0/1 -2 Switch(config-if-range)# switchport mode access Switch(config-if-range)# switchport access vlan 10 Switch(config-if-range)# channel-group 5 mode active Switch(config-if-range)# end
This example shows how to configure cross-stack EtherChannel. It assigns two ports on stack member 2 and one port on stack member 3 as static-access ports in VLAN 10 to channel 5 with the PAgP and LACP modes disabled (on):
Switch# configure terminal Switch(config)# interface range gigabitethernet2/0/3 -4 Switch(config-if-range)# switchport mode access Switch(config-if-range)# switchport access vlan 10 Switch(config-if-range)# channel-group 5 mode on Switch(config-if-range)# exit Switch(config)# interface gigabitethernet3/0/3 Switch(config-if)# switchport mode access Switch(config-if)# switchport access vlan 10 Switch(config-if)# channel-group 5 mode on Switch(config-if)# exit
12.6.6 Common Brocade SAN Switch Commands

Command Brocade> switchshow Brocade> cfgshow Brocade> portperfshow Brocade> portdisable/portenable Brocade> portshow <port number> Description Displays switch and port status information Displays all zone configuration information Displays port throughput numbers for all ports on the switch Used to test storage controller port response Show port information
12.7 Test & Simulation Tools

Tool sio_ntap_win32 sio_ntap_sol perfstat.sh Description Simulated I/O tool for Windows Simulated I/O tool for Unix Performance Statistics A utility downloadable from the tool chest on the NOW website which can be run on a Linux system or in a Linux virtual machine. Fully functional except for hardware commands.
Ontap Simulator
Page 80 NetApp
Credits
Name
David Thiessen Australia PSE Eli Rodriguez RTP TSE Michael Cope San Diego PSE/ Services SE mcope@netapp.com
Email
Date
Mar 2005
Description
Original author Added Clustering, MultiStore, SAN Troubleshooting
May 2006
Most information was taken from NHTT v2.1 training guides and Data ONTAP docs. Expanded to include all installation and implementation procedures. Upkeep with new versions of ONTAP
Jun 2006 Present
Page 81 NetApp

Data ONTAP 7G Cook Book v4 - 1

Uploaded by

Copyright:

Available Formats

Data ONTAP 7G Cook Book v4 - 1

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Data ONTAP 7G Cook Book v4 - 1

Uploaded by

Copyright:

Available Formats

Data ONTAP 7G Cook Book

Data ONTAP 7G Cook Book v4.0

Revision: 4.1 May 2012

1.1.6 SnapLock volumes ................................................................................................................... 14 1.1.6.1 Associated Key OPTIONS .............................................................................................. 15