scenic zealot
My understanding is that one LIF per SVM and per node should be created upon the design.
We followed the rule initially, however, as we've decommissioned old nodes and added new nodes, such rule got broken. Because LIF's used to be on old nodes have been migrated onto the new nodes, now
there are 2 or more LIF's per SVM and per node.
Would this cause any issues? Is it worth of efforts to merge LIF's to one?
wooden vessel
This heavily depends on the protocol. For SAN, this is definitely (part of) the rule in 2-node clusters. NFS/CIFS/S3? Depends
even in SAN, you usually have two fabrics which would mean 2 LIFs per node and not one...
scenic zealot
My questions are mainly for NFS/CIFS?
wooden vessel
even there it depends on the number of subnets/VLANs that your SVM is part of. You can have one LIF in the 10.0.0.0/8 range, one in the 192.168.0.0/16 range and one in the 172.16.0.0/12 subnet. Then you would need three LIFs (unless the networks are routed)
I guess you could look at the traffic patterns, if the LIFs are all in the same subnet, chances are that only one of them is used anyway
if you are unsure, just leave it as is. Unless you have hundreds to thousands of LIFs, it will not cause any issues
as long as you only have one default route, everything is fine 😄 (I still see many admins who don't understand how routing works and add default routes for every LIF, for example)
scenic zealot
Now we have multiple LIF's in the same SVM, on the same node and in the same VLAN for NFS/CIFS. So, you don't think there would be any issues and not worth of efforts to merge them to one?
wooden vessel
there should not be any issues. We have customers who run such a config without problems
scenic zealot
By using multiple LIF's (through the same defalt routing) for different NFS/CIFS volumes/apps, will TCP/IP traffic be segregated and therefore the performance should get improved ?
The answer probbly is not, why not?
wooden vessel
it will help if your bottleneck is the performance of a network port. e.g. if you only have 1gb ports then sharing LIFs across multiple ports will help performance. However, if it's all on a 10gig network or faster, you will probably have trouble "filling up" that link so that performance suffers
OTOH if you connect to, say, \\filername\share$, unless you use ONTAP's internal DNS loadbalancer, your clients will all end up at the same IP address anyway
white plover
For cifs I try to enable dynamic DNS on the cifs lifs. It will basically round robin the connections. It’s not the same as the internal load balancer which hands out the least loaded lif but that internal one cannot handle extremely large loads. It is a denial of service waiting to happen if too many clients hit at the same time. When we saw this years ago we were told it will never be fixed and not to use it in large environments
wooden vessel
For cifs I try to enable dynamic DNS on the cifs lifs. It will basically round r...
interesting. Almost all our customers find the configuration they would have to do on their DNS (which is usually managed by another team) too much trouble to be worth it, especially with 10g+ speeds. I have seen only one customer using this so far (and that was a university with over 10k Unix NFS clients)
white plover
If ddns is enabled in Active Directory it’s just a matter of setting it in ONTAP
vserver services name-service dns dynamic-update modify -vserver xxx -is-enabled true -vserver-fqdn xxx.abcd.com -use-secure true
Then go to a windows cmd prompt and do nslookup vservername
Occasionally an error pops up, but look at “event log show” and sometimes another command needs to run. But if ddns is running, no need for anyone else to do anything other than this
Does not work with info blocks unless info blocks turns on ddns which most don’t
scenic zealot
@white plover Interesting, in terms of using the DNS internal load balancer.
Hhow would you define "a large environment"?
We have almost 3000 VM's on about 360 NFS datastores, and additional 630 NFS/CIFS. Is it considerated to be a large environment, and not recommended to use the internal load balancer?
white plover
lol. Try it!
I had a customer with 5000 Linux clients. They all hit the Netapp at the same time for dns requests. The Netapp stopped serving for about 20 minutes.
It’s the number of simultaneous requests. If you have 3000 clients but only a smallish number at a time request dns lookups you should be fine.
Mine was an HPC environment and they killed it. Turned off the load balance and just went back to ip addresses
Don’t use dns for mounting VMware datastores themselves