ONTAP Discussions

question about Netgroups file...

stupid question...can a netgroup contain hostnames AND IP addresses?


Checked everywhere and can't find the answer...


thank you.




Re: question about Netgroups file...



netgroup defines network wide groups used for access permission checking during remote mount request processing. Each line defines a group and has the format:


This is a typical netgroup file:

trusted_hosts (adminhost,,) (zeus,,) (thor,,) (minerva,,)

    (sleepy,,) (dopey,,) (grumpy,,) (sneezy,,)

    trusted_hosts untrusted_hosts

With this netgroup file it might make sense to modify /etc/exports to export / on the node only to trusted_hosts, but to export /home to all_hosts.


For further more details refer, https://library.netapp.com/ecmdocs/ECMP1196979/html/man5/na_netgroup.5.html



If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

Re: question about Netgroups file...

Thank you for the response. I appreciate it.  


I know this but my question is can I define a host name AND IP Addresses in the netgroup?  For example:


#netgroup file example
linuxhosts (rhel1.corp.com,,) (rhel1-nfs.corp.com,,) (,,) (,,)



We have a requirement to create exports and grant access to 1) the server hostname on VLAN1, i.e. rhel1.corp.com 2) the NFS interface hostname on VLAN2, i.e., rhel1-nfs.corp.com 3) the IP address for each of these two hostnames, i.e.,,  


I'd prefer not to have to list the IP addresses in the export file if I can just put them in to the netgroup.





Re: question about Netgroups file...

You cannot define ipaddress in netgroup.


For example, the following would be a typical /etc/netgroup file, on a NIS master:

# cat /etc/netgroup

root-users (-,user1), (-,user2), (-,user3)
trusted-machines (machine1,-), (machine2,-), (machine3,-)

Netgroups are limited to 1024 characters in size.

If you need to put together a longer netgroup, you can do so by making a meta-group:

meta-group netgroup1 netgroup2 netgroup1



If this post resolved your issue, help others by selecting ACCEPT AS SOLUTION or adding a KUDO.

View solution in original post

Re: question about Netgroups file...

This thread is kind of old and marked as resolved, but this may help someone.


Something to try... (tested on 8.2.3p3 7-mode)


Add the ip addresses to your /etc/hosts file


# My Group 1


XX.XX.XX.101                 HostGroup1

XX.XX.XX.105                 HostGroup1

XX.XX.XX.45                   HostGroup1



Use "HostGroup1" as the host in your NFS permissions, or your netgroup definition.


When a nfs host attaches, a reverse lookup via the order defined in nsswitch.conf is done.  it will find the ip in the hosts file, and respond with the "HostGroup1" host name that matches your permissions directly or by netgroup it is listed in.


Cloud Volumes ONTAP
Review Banner
All Community Forums