ONTAP Discussions
ONTAP Discussions
Hi all:
I just want to confirm. Will it be disruptive to active CIFS sessions if I failover/migrate the LIF?
Thanks,
MV
TR 4100 covers this really well.. a really nice reference. See page 6. a LIF migrate and vol move are non-disruptive to SMB 2 and SMB 3. lif migrate is disruptive only if SMB 1.0. An aggregate relocate (from takeover/giveback or by command) is disruptive to SMB 2.0 though but not 3.0 with CA.
or cifs modify / cifs options modify and disable smb1
Hi,
in CDOT, I run
cifs modify -vserver <svm name>
it does not show an option to disable smb1
Good catch... You can disable 2 and 3 but only from advanced or higher privilege.. no smb 1 in there though. The link to TR-4100 from the above reference is http://www.netapp.com/us/media/tr-4100.pdf
Judging by the fact that NetApp created a solution to make sure SMB1 will still work, I guess NetApp left it to the Windows environment to decide if they will eliminate SMB1 or not. Security engineers may not like this. lol
SMB signing can prevent smb1, but looks like a patch fixes that. http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=803058
@scottgelb wrote:TR 4100 covers this really well.. a really nice reference. See page 6.
Page 7 is more interesting as it details conditions when LIF migration is really non-disruptive. It seems that SMB 2 or 3 alone does not gurantee it; there are situations when session may be lost.
I wonder if Windows is using durable handles by default (and in which versions). I could not find any explanation, but then I am not really Windows guy.
This is what it says in page 7
In order for the LIF migrate to be nondisruptive, the SMB 2.x and 3.0 connections must establish and maintain a durable handle to the open file handle. When a LIF is migrated between nodes, those SMB 2.x and 3.0 clients with durable handle connections have their handles put into a temporary “disconnected” state. In order for the file handles to remain open, the client applications need to reconnect to the “disconnected” file handles
All this tells me is that I cannot guarantee to my managers that there will be no outage in CIFS. You are right, I am not sure how to identify that "durable handle".