Somehow my NFS lifs on one cluster are showingup under "mgmt" and on the one that showmount does not work are under "data"This is what I wrote in previous email it Iooks like on the cluster has ssh/http/https ports not opened the LIFS are showing up under network interface show -firewall-policy data
And on the cluster that has ssh/http/https ports open the lifs are showing up under "mgmt" network interface show -firewall-policy mgmt
Why and How it happened I have no idea? SVM for NFS has one LIF: should it be considered "Data" or "mgmt"Why one setup has at mgmt and one for data?I moved one LIF from DATA to MGMT and showmount works, but should I leave it like this?
On Tuesday, March 3, 2015 6:56 PM, "Parisi, Justin" Justin.Parisi@netapp.com wrote:
You don’t use data LIFs for showmount plugin. You use a vserver management LIF for it. Management LIFs use management firewall policies, which allow http/https/ssh traffic. ::> firewall policy show -policy data (system services firewall policy show)Policy Service Action IP-List---------------- ---------- ------ --------------------data dns allow 0.0.0.0/0 http deny 0.0.0.0/0 https deny 0.0.0.0/0 mountd deny 0.0.0.0/0 ndmp allow 0.0.0.0/0 ntp deny 0.0.0.0/0 rsh deny 0.0.0.0/0 snmp deny 0.0.0.0/0 ssh deny 0.0.0.0/0 telnet deny 0.0.0.0/010 entries were displayed. ::> firewall policy show -policy mgmt (system services firewall policy show)Policy Service Action IP-List---------------- ---------- ------ --------------------mgmt dns allow 0.0.0.0/0 http allow 0.0.0.0/0 https allow 0.0.0.0/0 mountd allow 0.0.0.0/0 ndmp allow 0.0.0.0/0 ntp allow 0.0.0.0/0 rsh deny 0.0.0.0/0 snmp allow 0.0.0.0/0 ssh allow 0.0.0.0/0 telnet deny 0.0.0.0/010 entries were displayed. Vserver management LIF should use data protocol of “none” and a firewall policy of “mgmt”. HTTP/HTTPS is needed to run the ZAPI calls for the tool. From: Iluhes iluhes@yahoo.com Reply-To: Iluhes iluhes@yahoo.com Date: Tuesday, March 3, 2015 at 6:44 PM To: "Toasters@teaparty.net" Toasters@teaparty.net Subject: Re: showmount plugin for CMOD
it Iooks like on the cluster has ssh/http/https ports not opened the LIFS are showing up under network interface show -firewall-policy data
And on the cluster that has ssh/http/https ports open the lifs are showing up under "mgmt" network interface show -firewall-policy mgmt
Why and How it happened I have no idea?Can someone recommend if that is right?How should it fixed?
On Tuesday, March 3, 2015 5:26 PM, Iluhes iluhes@yahoo.com wrote:
I have installed and used showmount plug-in in the past.But it does not work on new cluster and SVM'sI guess I forgeting a step..I am asuming it is using ssh/http/https connection?I see a difference in the ports between working and notAm I correct? Do I need to enable some services? Now working PORT STATE SERVICE 111/tcp open rpcbind2049/tcp open nfs4045/tcp open lockd10000/tcp open snet-sensor-mgmt
Working PORT STATE SERVICE22/tcp open ssh80/tcp open http111/tcp open rpcbind443/tcp open https2049/tcp open nfs4045/tcp open lockd10000/tcp open snet-sensor-mgmt