ONTAP Discussions

ONTAP 9.8 SVM/CIFS interfaces and routing archirecture for FlexPod Windows Server 2016/SMB

vlsunetapp
2,058 Views

Hello.

I'm trying to build FlexPod configuration for Hyper-V with Windows Server 2016 SMB only VM storage using this guide: https://www.cisco.com/c/en/us/td/docs/unified_computing/ucs/UCS_CVDs/flexpod_mspc_ws2016.html

 

Hardware is: NetApp FAS2552A (2-Node Clustered ONTAP 9.8), Cisco UCS B22 Servers, Nexus 2x6248UP, Nexus 2x5548UP.

 

Do not need boot from SAN (use HDDs for hosts boot) and use 10GB SMB only data access.

 

So, my questions are:

1. When I create SVM (svm0) using GUI and especially CIFS service on it: 2 IPs for data lifs for node1/node2 are requested and ability to create  separate SVM management interface exists:

- do data lifs need to be on the same L2 network for both nodes or not?

- why two lifs for same service and how client uses them: do i need to register both data inerface IPs as two A records in DNS? what role for second node IP address - both nodes serve data same time?

- when we create separate SVM management lif, it resides on separate MS-IB-MGMT subnet on FlexPod solution: how routing table of SVM looks like? SVM needs to access AD/DNS using management lif default gateway (or not this lif?), same time CIFS service serves data for clients on separate ip subnet and needs defaul gateway for that too. Does SVM management interface have own routing table inside SVM and CIFS dervice uses ints own table too? If no, we have two default gateways in SVM routing table.

 

2. Second question (optional) if exactly about FlexPod solution:

- as stated they create two separate SMB vlans with diffeten tags and IP subnets:

MS-SMB-1-VLAN & MS-SMB-2-VLAN

VLAN for SMB traffic

3052/3053

It is not clear for me (sorry for this) why we need two SMB subnets for same service? And this is unclear int reference guide which vlans they use for SMB LIFs creation (search "Create SMB LIF" in text):

 

network interface create -vserver Infra-MS-SVM -lif smb_lif01 -role data -data-protocol cifs -home-node <st-node01> -home-port a0a-<infra-smb-vlan-id> –address <node01-smb_lif01-ip> -netmask <node01-smb_lif01-mask> -status-admin up –failover-policy broadcast-domain-wide –firewall-policy data –auto-revert true

 

network interface create -vserver Infra-MS-SVM -lif smb_lif02 -role data -data-protocol cifs -home-node <st-node02> -home-port a0a-<infra-smb-vlan-id> –address <node02-smb_lif02-ip> -netmask <node02-smb_lif02-mask>> -status-admin up –failover-policy broadcast-domain-wide –firewall-policy data –auto-revert true

 

Great thanks for any help!

1 ACCEPTED SOLUTION

pedro_rocha
1,982 Views

- do data lifs need to be on the same L2 network for both nodes or not?

 

yes - you may access your volumes from both LIFs, either directing traffic to one or the other controller.

 

- why two lifs for same service and how client uses them: do i need to register both data inerface IPs as two A records in DNS? what role for second node IP address - both nodes serve data same time?

 

you may do this manually, which in turn will possibly lead to some unbalanced traffic.

you can use DNS load balancing to access and use both IPs/Nodes. Since SMB is session oriented, session will be made to a specific node, so the same client will go through one or the other node at a time. But different CIFS clients will likely go through different node if some sort of load balancer is implemented.

check this for more: https://www.netapp.com/pdf.html?item=/media/19370-tr-4523.pdf

 

 

- when we create separate SVM management lif, it resides on separate MS-IB-MGMT subnet on FlexPod solution: how routing table of SVM looks like? SVM needs to access AD/DNS using management lif default gateway (or not this lif?), same time CIFS service serves data for clients on separate ip subnet and needs defaul gateway for that too. Does SVM management interface have own routing table inside SVM and CIFS dervice uses ints own table too? If no, we have two default gateways in SVM routing table.

 

each SVM has it’s own routing table

network route show -vserver SVM_X to see it

you can have two default routes, but you may need to have different metrics in that case

some answers will depend on your network topology

you can also create static routes to make sure AD/DNS traffic goes one specific way

 

- as stated they create two separate SMB vlans with diffeten tags and IP subnets:

 

It is not clear for me (sorry for this) why we need two SMB subnets for same service? And this is unclear int reference guide which vlans they use for SMB LIFs creation (search "Create SMB LIF" in text):

not clear to me also

I don’t have experience with flexpod.

BUT, I just saw this:

 

MS-SMB-1

Enter the SMB File Share VLAN ID.

 

MS-SMB-2

Enter the Infrastructure SMB File Share VLAN ID.

 

So maybe they separate VLANs for SMB shares for servers/services (2) and for users (1)

View solution in original post

2 REPLIES 2

pedro_rocha
1,983 Views

- do data lifs need to be on the same L2 network for both nodes or not?

 

yes - you may access your volumes from both LIFs, either directing traffic to one or the other controller.

 

- why two lifs for same service and how client uses them: do i need to register both data inerface IPs as two A records in DNS? what role for second node IP address - both nodes serve data same time?

 

you may do this manually, which in turn will possibly lead to some unbalanced traffic.

you can use DNS load balancing to access and use both IPs/Nodes. Since SMB is session oriented, session will be made to a specific node, so the same client will go through one or the other node at a time. But different CIFS clients will likely go through different node if some sort of load balancer is implemented.

check this for more: https://www.netapp.com/pdf.html?item=/media/19370-tr-4523.pdf

 

 

- when we create separate SVM management lif, it resides on separate MS-IB-MGMT subnet on FlexPod solution: how routing table of SVM looks like? SVM needs to access AD/DNS using management lif default gateway (or not this lif?), same time CIFS service serves data for clients on separate ip subnet and needs defaul gateway for that too. Does SVM management interface have own routing table inside SVM and CIFS dervice uses ints own table too? If no, we have two default gateways in SVM routing table.

 

each SVM has it’s own routing table

network route show -vserver SVM_X to see it

you can have two default routes, but you may need to have different metrics in that case

some answers will depend on your network topology

you can also create static routes to make sure AD/DNS traffic goes one specific way

 

- as stated they create two separate SMB vlans with diffeten tags and IP subnets:

 

It is not clear for me (sorry for this) why we need two SMB subnets for same service? And this is unclear int reference guide which vlans they use for SMB LIFs creation (search "Create SMB LIF" in text):

not clear to me also

I don’t have experience with flexpod.

BUT, I just saw this:

 

MS-SMB-1

Enter the SMB File Share VLAN ID.

 

MS-SMB-2

Enter the Infrastructure SMB File Share VLAN ID.

 

So maybe they separate VLANs for SMB shares for servers/services (2) and for users (1)

vlsunetapp
1,971 Views

Hello! Thanks for your answer - some things have become much clearer.

Moreover, I managed to find an excellent toolkit for learning ONTAP here - https://mysupport.netapp.com/site/tools?cat=Hands-on%20Labs - and especially Hands-on Lab for ONTAP NAS Technologies where SVM/CIFS explained in deteils.

 

Best regards.

Public