ONTAP Discussions

In CDOT, is it disruptive to CIFS if I migrate/failover the LIF?


Hi all:


I just want to confirm. Will it be disruptive to active CIFS sessions if I failover/migrate the LIF?






Yes in most cases. The only exception is continuous share, but I expect you'd knew if you had them 🙂


TR 4100 covers this really well.. a really nice reference.  See page 6.  a LIF migrate and vol move are non-disruptive to SMB 2 and SMB 3.  lif migrate is disruptive only if SMB 1.0.  An aggregate relocate (from takeover/giveback or by command) is disruptive to SMB 2.0 though but not 3.0 with CA.

Thanks for that information. I understand that XP and 2003 uses smb1. If I enable smb signing, that should prevent smb1 connection to the SVM, correct?


or cifs modify / cifs options modify and disable smb1




in CDOT,  I run


cifs modify -vserver <svm name>


it does not show an option to disable smb1


Good catch... You can disable 2 and 3 but only from advanced or higher privilege.. no smb 1 in there though.  The link to TR-4100 from the above reference is http://www.netapp.com/us/media/tr-4100.pdf



Judging by the fact that NetApp created a solution to make sure SMB1 will still work, I guess NetApp left it to the Windows environment to decide if they will eliminate SMB1 or not. Security engineers may not like this. lol


SMB signing can prevent smb1, but looks like a patch fixes that.  http://mysupport.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=803058


@scottgelb wrote:

TR 4100 covers this really well.. a really nice reference.  See page 6.

Page 7 is more interesting as it details conditions when LIF migration is really non-disruptive. It seems that SMB 2 or 3 alone does not gurantee it; there are situations when session may be lost.


I wonder if Windows is using durable handles by default (and in which versions). I could not find any explanation, but then I am not really Windows guy.


This is what it says in page 7

In order for the LIF migrate to be nondisruptive, the SMB 2.x and 3.0 connections must establish and maintain a durable handle to the open file handle. When a LIF is migrated between nodes, those SMB 2.x and 3.0 clients with durable handle connections have their handles put into a temporary “disconnected” state. In order for the file handles to remain open, the client applications need to reconnect to the “disconnected” file handles



All this tells me is that I cannot guarantee to my managers that there will be no outage in CIFS. You are right, I am not sure how to identify that "durable handle".