ONTAP Discussions

In CDOT, is it disruptive to CIFS if I migrate/failover the LIF?

mdvillanueva

Hi all:

 

I just want to confirm. Will it be disruptive to active CIFS sessions if I failover/migrate the LIF?

 

 

Thanks,

MV

10 REPLIES 10

aborzenkov
Yes in most cases. The only exception is continuous share, but I expect you'd knew if you had them 🙂

scottgelb

TR 4100 covers this really well.. a really nice reference.  See page 6.  a LIF migrate and vol move are non-disruptive to SMB 2 and SMB 3.  lif migrate is disruptive only if SMB 1.0.  An aggregate relocate (from takeover/giveback or by command) is disruptive to SMB 2.0 though but not 3.0 with CA.

mdvillanueva
Thanks for that information. I understand that XP and 2003 uses smb1. If I enable smb signing, that should prevent smb1 connection to the SVM, correct?

scottgelb

or cifs modify / cifs options modify and disable smb1

mdvillanueva

Hi,

 

in CDOT,  I run

 

cifs modify -vserver <svm name>

 

it does not show an option to disable smb1

scottgelb

Good catch... You can disable 2 and 3 but only from advanced or higher privilege.. no smb 1 in there though.  The link to TR-4100 from the above reference is http://www.netapp.com/us/media/tr-4100.pdf

 

mdvillanueva

Judging by the fact that NetApp created a solution to make sure SMB1 will still work, I guess NetApp left it to the Windows environment to decide if they will eliminate SMB1 or not. Security engineers may not like this. lol

scottgelb

SMB signing can prevent smb1, but looks like a patch fixes that.  http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=803058

aborzenkov

@scottgelb wrote:

TR 4100 covers this really well.. a really nice reference.  See page 6.


Page 7 is more interesting as it details conditions when LIF migration is really non-disruptive. It seems that SMB 2 or 3 alone does not gurantee it; there are situations when session may be lost.

 

I wonder if Windows is using durable handles by default (and in which versions). I could not find any explanation, but then I am not really Windows guy.

mdvillanueva

This is what it says in page 7

In order for the LIF migrate to be nondisruptive, the SMB 2.x and 3.0 connections must establish and maintain a durable handle to the open file handle. When a LIF is migrated between nodes, those SMB 2.x and 3.0 clients with durable handle connections have their handles put into a temporary “disconnected” state. In order for the file handles to remain open, the client applications need to reconnect to the “disconnected” file handles

 

 

All this tells me is that I cannot guarantee to my managers that there will be no outage in CIFS. You are right, I am not sure how to identify that "durable handle". 

Announcements
NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner
Public