dc2-nc1::*> network interface show -vserver dc2-nc1
Logical Status Network Current Current Is
Vserver Interface Admin/Oper Address/Mask Node Port Home
----------- ---------- ---------- ------------------ ------------- ------- ----
dc2-nc1
cluster_mgmt up/up 10.20.8.70/21 dc2-nc1-node1 a0b true
mgmt1 up/up 10.20.8.71/21 dc2-nc1-node1 a0b true
mgmt2 up/up 10.20.8.72/21 dc2-nc1-node2 a0b true
3 entries were displayed.
dc2-nc1::*> network route show
Vserver Destination Gateway Metric
------------------- --------------- --------------- ------
dc2-nc1 0.0.0.0/0 10.20.8.1 20
dc2-nc1::*> network route show-lifs
Vserver: dc2-nc1
Destination Gateway Logical Interfaces
---------------------- ---------------------- ------------------------------
0.0.0.0/0 10.20.8.1 cluster_mgmt, mgmt1, mgmt2
I had a 2-node filer on 9.1. I had jobs doing backups (system configuration backup settings show) that would PUT to a webserver, and I had ASUPs going to NTAP over our proxies. Those connections would emerge from the node_mgmt IPs (I'm positive about this, as only .71 and .72 were on certain ACLs), and all was well.
As of going to 9.3 (finally), I'm seeing ASUPs from node 1 being denied by the proxies because they're egressing from .70, the cluster_mgmt LIF. Node2's filer-initiated connections come out of the node LIF's IP, .72, as I would expect.
I'm not seeing any particular advice on this. Not seeing something in the release notes for 9.2/9.3. I found a troubleshooting-ASUP doc that makes it sound like connections are expected to emerge from the cluster_mgmt LIF, but it's unclear.
My questions are:
- Should ASUPs/uploads be initiating out of the cluster_mgmt LIF in 9.3-and-beyond?
- If so, can you show me what changed between 9.1 and 9.3 so I can learn from my previous expectation?
- If not, any advice on what I should tweak in the routes so the node LIF is preferred over the cluster LIF in sourcing connections?
Thanks!