ONTAP Discussions

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ONTAP Discussions

Ask a Question

how to appropirately manage default export policy on cdot?

dragontiger
‎2015-04-23 08:51 AM
3,700 Views

The default export policy is wild open to all hosts (0.0.0.0/0), if a rule is created under this policy with specified clients, then we should be alright, this is how I understood.

 

My question is, should we ever use the default policy, or in what situation, it could be used. I would say we should not use it.

 

What would you say?

0 Kudos
View By:
5 REPLIES 5

aborzenkov
‎2015-04-24 02:02 AM
3,670 Views

Default policy does not contain any rule, so access is denied by default. There no universal answer whether you should add rules to default policy or define your own - it all depends on your specific requirements.

dragontiger
‎2015-05-21 03:55 AM
In response to aborzenkov
3,578 Views

OK. Would it cause any issues if I use one volume - one policy, which means everytime I create a volume I will assigned a new policy specifically to the volume?

0 Kudos

chott
NetApp
‎2015-05-21 04:50 AM
In response to dragontiger
3,571 Views

The idea behind having central policies is to enable easier administration by reusing policies.

 

In my opinion adding one policy per volume would defeat that purpose and would make your system cumbersom to administrate.

 

Just as a side note: There is a limit to the maximum number of export policies you can create depending on the cluster size:

https://fieldportal.netapp.com/Core/DownloadDoc.aspx?documentID=139294&contentID=273354

https://fieldportal.netapp.com/Core/DownloadDoc.aspx?documentID=139296&contentID=273359

https://fieldportal.netapp.com/Core/DownloadDoc.aspx?documentID=139298&contentID=273360

 

I think there is no one answer fits it all, as already posted.

 

hope that helps.

cheers chriz

 

 

P.S. if you feel this post is useful, please KUDO or “accept as a solution" so other people may find it faster.

netappmagic
‎2015-05-21 06:34 AM
In response to chott
3,559 Views

Understand that there is no one answer fits it all.

 

However, I am looking for a rule of thumb in creating exporting policy, if there is such. For instance, may be one policy for all related applications / projects /clients? Would that be a common rule?

 

Thanks for sharing.

0 Kudos

chott
NetApp
‎2015-05-21 06:41 AM
In response to netappmagic
3,557 Views

Yes I think your suggestion is great.

Create an export-policy per Client / Application

 

cheers chriz

P.S. if you feel this post is useful, please KUDO or “accept as a solution" so other people may find it faster.
0 Kudos
All Community Forums
Public