Data ONTAP 7-Mode Administration. StudentGuide PDF

Data ONTAP 7-Mode
Administration
NETAPP UNIVERSITY
Data ONTAP 7-Mode Administration

Student Guide
Course Number: STRSW-ILT-D7ADM
Catalog Number: STRSW-ILT-D7ADM-SG
Content Version: 2.0
ATTENTION
The information contained in this guide is intended for training use only. This guide contains information
and activities that, while beneficial for the purposes of training in a closed, non-production environment,
can result in downtime or other severe consequences and therefore are not intended as a reference guide. This guide is not a technical
reference and should not, under any circumstances, be used in production environments. To obtain reference materials, please refer to
the NetApp product documentation located at http://now.netapp.com/ for product information.
COPYRIGHT
2011 NetApp, Inc. All rights reserved. Printed in the U.S.A. Specifications subject to change without notice.
No part of this book covered by copyright may be reproduced in any form or by any meansgraphic, electronic, or mechanical, including
photocopying, recording, taping, or storage in an electronic retrieval systemwithout prior written permission of the copyright owner.
NetApp reserves the right to change any products described herein at any time and without notice.
NetApp assumes no responsibility or liability arising from the use of products or materials described
herein, except as expressly agreed to in writing by NetApp. The use or purchase of this product or
materials does not convey a license under any patent rights, trademark rights, or any other intellectual property rights of NetApp.
The product described in this manual may be protected by one or more U.S. patents, foreign patents,
or pending applications.
RESTRICTED RIGHTS LEGEND

NetApp Documentation is protected by Copyright and is provided to U.S. Government Agencies with LIMITED RIGHTS as defined at
FAR 52.227-14(a). Use, duplication, or disclosure by the U.S. Government is subject to the restrictions as set forth therein. In the event
of use by a DOD agency, the Government's rights in Documentation are governed by the restrictions in the Technical Data Commercial
Items clause at DFARS 252.227-7015 and the Commercial Computer Software and Commercial Computer Software
Documentation clause at DFARS 252.227-7202.
TRADEMARK INFORMATION
NetApp, the NetApp logo, Go Further, Faster, Data ONTAP, Appliance Watch, ASUP, AutoSupport, Bolt Design, Center-to-Edge,
ComplianceClock, ComplianceJournal, ContentDirector, Cryptainer, Data Motion, DataFabric, DataFort, Decru, Decru DataFort, Evolution
of Storage, Exec-Vault, FAServer, FilerView, FlexCache, FlexClone, FlexShare, FlexVol, FPolicy, Get Successful, gFiler, LockVault,
Manage ONTAP, MultiStore, NearStore, NetApp Availability Assurance, NetApp IT As A Service, NetApp ProTech Expert, NetCache,
NOW, NOW (NetApp on the Web), ONTAPI, Raid-DP, Replicator-X, SANscreen, SecureAdmin, SecureShare, Shadow Tape, Simulate
ONTAP, SmartClone, SnapCache, SnapCopy, SnapDrive, SnapLock, SnapManager, SnapMirror, SnapMover, SnapRestore, Snapshot,
SnapStore, SnapSuite, SnapValidator, SnapVault, Spinnaker Networks, Spinnaker Networks logo, SpinCluster, SpinFlex, SpinFS,
SpinHA, SpinMove, SpinServer, SpinStor, StoreVault, SyncMirror, Tech OnTap, Topio, vFiler, VFM, VFM (Virtual File Manager), WAFL,
and Web Filer are either trademarks, registered trademarks, or service marks of NetApp, Inc. in the United States and/or other countries.
Not all common law marks used by NetApp are listed on this page. Failure of a common law mark to appear on this page does not mean
that NetApp does not use the mark nor does it mean that the product is not actively marketed or is not significant within its relevant
market.
Apple and QuickTime are either trademarks or registered trademarks of Apple Computer, Inc. in the United States and/or other countries.
Microsoft and Windows Media are either trademarks or registered trademarks of Microsoft Corporation in the United States and/or other
countries.
RealAudio, RealNetworks, RealPlayer, RealSystem, RealText, RealVideo, RealMedia, RealProxy, and SureStream are either trademarks
or registered trademarks of RealNetworks, Inc. in the United States and/or other countries.
All other brands or products are either trademarks or registered trademarks of their respective holders and should be treated as such.
NetApp is a licensee of the CompactFlash and CF Logo trademarks.
Data ONTAP 7-Mode Administration: Welcome
2011 NetApp, Inc. This material is intended for training use only. Not authorized for reproduction purposes.
TABLE OF CONTENTS
WELCOME......................................................................................................................................................... 1
MODULE 1: NETAPP STORAGE ENVIRONMENT ...................................................................................... 1-1
MODULE 2: BASIC ADMINISTRATION ....................................................................................................... 2-1
MODULE 3: PHYSICAL STORAGE ............................................................................................................. 3-1
MODULE 4: LOGICAL STORAGE ............................................................................................................... 4-1
MODULE 5: WAFL SIMPLIFIED ................................................................................................................... 5-1
MODULE 6: ADMINISTRATION SECURITY ................................................................................................ 6-1
MODULE 7: NETWORKING ......................................................................................................................... 7-1
MODULE 8: NFS ........................................................................................................................................... 8-1
MODULE 9: CIFS .......................................................................................................................................... 9-1
MODULE 10: NAS MANAGEMENT ........................................................................................................... 10-1
MODULE 11: SAN ....................................................................................................................................... 11-1
MODULE 12: SNAPSHOT COPIES ............................................................................................................ 12-1
MODULE 13: SPACE MANAGEMENT ....................................................................................................... 13-1
MODULE 14: HIGH AVAILABILITY ........................................................................................................... 14-1
MODULE 15: VIRTUALIZATION SOLUTIONS .......................................................................................... 15-1
MODULE 16: BACKUP AND RECOVERY METHODS .............................................................................. 16-1
MODULE 17: DATA COLLECTION TOOLS .............................................................................................. 17-1
MODULE 18: DATA ONTAP UPGRADES ................................................................................................. 18-1
MODULE 19: FINAL WORDS ...................................................................................................................... 19-1
APPENDIX A: WAFL INTERNALS .............................................................................................................. A-1
APPENDIX B: SHELLS ................................................................................................................................ B-1
Data ONTAP
7-Mode
Administration
Part Number: STRSW-ILT-D7ADM
DATA ONTAP 7-MODE ADMINISTRATION
Logistics and Safety

Logistics
Introductions
Schedule (start time,
breaks, lunch, close)
Telephones and
messages
Food and drinks
Restrooms
Safety
Alarm signal
Evacuation route
Assembly area
Electrical safety
2011 NetApp, Inc. All rights reserved.
LOGISTICS AND SAFETY
Course Objectives
By the end of this course, you should be able to:
Identify the components that are included within a
NetApp storage environment
Upgrade and administer the Data ONTAP operating
system
Configure physical and logical storage
Configure client protocols
Explain how to manage virtualization solutions
Create, manage, and use Snapshot copies
Explain and manage space consumption using Data
ONTAP
List back up and recover data methods available
COURSE OBJECTIVES
Course Agenda: Days 1 and 2

Day 1
NetApp Storage Environment
Basic Administration
Physical Storage
Day 2
Logical Storage
WAFL Simplified
Administrative Security
Networking
COURSE AGENDA: DAYS 1 AND 2
Course Agenda: Days 3, 4 and 5

Day 3
Network File System

Common Internet File System
NAS Management
Storage Area Networks
Day 4
Snapshot Copies
Space Management
High Availability Solutions
Virtualization Solutions
Day 5
Backup and Recovery Methods

Data Collection Tools
Data ONTAP Upgrade
Final Words
COURSE AGENDA: DAYS 3, 4 AND 5
NetApp University Information Sources

NOW (NetApp on the Web)
http://now.netapp.com
NetApp University
http://www.netapp.com/us/services/university/
NetApp University Support

http://netappusupport.custhelp.com
NETAPP UNIVERSITY INFORMATION SOURCES
Font Styles
Convention
Italic Font
Type of Information
Book titles.
Words or characters that require special attention.
Variable names or placeholders for information that
must be supplied, for example:
An ifstat command looks like this:
ifstat -z -a <interface>
The name of the interface for which you want
to view statistics is interface.
Monospaced font
Command names, daemon names, and option

names.
Information displayed on the system console or
other computer monitors.
The contents of files.
Bold monospaced font
Words or characters that are typed, for example:

Enter the following command:
options httpd.enable on
license add <code1> <code2>
FONT STYLES
10
NetApp Storage
Environment
Module 1
NETAPP STORAGE ENVIRONMENT
1-1
Data ONTAP 7-Mode Administration: NetApp Storage Environment
Module Objectives
By the end of this module, you should be able to:
Identify the key features and functions of
NetApp storage systems
Describe the advantages that a NetApp
storage system provides
Distinguish between network-attached storage
(NAS) and storage area network (SAN)
topologies
Describe NetApp unified storage architecture
Access the NetApp Support site to obtain
software and hardware documentation
MODULE OBJECTIVES
1-2
Terms and Acronyms Used in This Course

ACL
Access control list
CIFS
Common Internet File System
CLI
Command-line interface
Data ONTAP
The operating system for NetApp storage systems
FC
Fibre Channel
GID
Group ID
HBA
Host bus adapter (FC)
HA
High availability (formerly active-active controller configuration)
NAS
Network-attached storage
NFS
Network File System
NIS
Network Information Service
RLM
Remote LAN Module
SAN
Storage area network
SD
Security descriptor
SID
Secure ID
SP
Service processor
Storage controller
Storage engines, heads, or CPU modules
Storage system
Controller or storage appliance
UID
User ID
VTL
Virtual Tape Library
TERMS AND ACRONYMS USED IN THIS COURSE

This table lists terms and concepts that are used frequently in this course. Many of the terms relate to specific
areas of NetApp technology, such as SAN, network-attached storage (NAS), the Data ONTAP operating
system, and protocols.
1-3
NetApp and the

Storage Industry
NETAPP AND THE STORAGE INDUSTRY
1-4
Storage Industry
Data storagean industry worth US $27 billion
Centralized storage
Reduced IT costs
Increased flexibility
Maximum efficiency of processes and services
Trends in the marketplace

Data lifecycle
Virtualization
Storage efficiency
Security
Data in motion
Cloud storage
STORAGE INDUSTRY
As IT departments throughout the world attempt to reduce costs and increase flexibility, the storage industry
is expanding rapidly. Established trends continue, and new trends arise
1-5
Data lifecycle: controlling data through its various stages of life, meeting the needs of each stage in the
cycle
Virtualization: consolidating servers and hosting multiple machines on one physical platform
Storage efficiency: using techniques, such as thin provisioning and deduplication, that maximize storage
resources
Security: securing data (an ever-increasing problem for many IT departments)
Data in motion: moving data to the optimal storage storage location
Cloud storage: providing or using storage as a service
NetApp: Leader in the Storage Industry

NetApp firsts:
First in the industry to support
unified storage (NAS and SAN) on
one platform
First in the industry with Fibre
Channel over Ethernet (FCoE)
support and Unified Connect
First storage vendor to decouple
physical storage from logical
storage (flexible volumes)
NETAPP: LEADER IN THE STORAGE INDUSTRY
1-6
NetApp: Leader in Innovation and Quality

NetApp provides:
State-of-the-art hardware solutions
Award-winning OS platforms
Software management products
NETAPP: LEADER IN INNOVATION AND QUALITY
1-7
NetApp Hardware Solution: FAS
NetApp provides FAS solutions (also

called storage controllers):
FAS6200 seriesenterprise storage
FAS3200 seriesperformance storage
FAS2000 seriesdepartmental storage
FAS6280
FAS3270
A
B
FAS2050
FAS6200 series
FAS3200 series
FAS2000 series
NOTE: Data ONTAP 8.0 not supported on FAS2020 or FAS2050

NETAPP HARDWARE SOLUTION: FAS

NetApp storage systems offer unmatched business agility, superior application uptime, simplicity of
management, and breakthrough value.
FAS6200 series: Rely on the versatility, scalability, and reliability of the FAS6200 series for your largest
enterprise applications and your most demanding technical workloads. Achieve lower acquisition and
operation costscompared to traditional, large-scale storage.
FAS3200 series: Do more for your business than you thought possible with a storage system. Choose the
FAS3200 for its flexibility, performance, availability, and the responsiveness to growth that a high-bandwidth
64-bit architecture provides.
FAS2000 series: With the FAS2000 series, you can manage your growing, complex data in dispersed
departments or remote locations and add functionality easily and cost effectively.
1-8
NetApp FAS Storage Systems

Old
Models
Max
Capacity
Replaces
New
Models*
64-Bit
Max
Aggregate
Capacity
Limit*
FAS2020
68 TB
FAS2040
272 TB
30 TB
FAS2050
104 TB
FAS3210
420 TB
50 TB
FAS3140
840 TB
FAS3240
1200 TB
50 TB
FAS3160
1344 TB
FAS3270
1920 TB
70 TB
FAS3170
1680 TB
FAS6210
2400 TB
70 TB
FAS6040
1680 TB
FAS6240
3840 TB
100 TB
FAS6080
2352 TB
FAS6280
5760 TB
100 TB
* Based on the Data ONTAP 8.0.1 7-Mode operating system

NETAPP FAS STORAGE SYSTEMS
1-9
NetApp FAS6200 Series

3
FAS6210 model in a singlecontroller configuration
e0a
e0b
e0c
e0d
e0e
0a
e0f
0b
LINK
LINK
LINK LINK
0c
0d
LINK LINK
LINK
LINK
e0a
e0b
e0c
e0d
e0e
0a
e0f
0b
LINK
LINK
LINK LINK
0c
0d
LINK LINK
LINK
LINK
FAS6210 model in a dualcontroller configuration
e0a
e0b
e0c
e0d
e0e
0a
e0f
0b
LINK
LINK
LINK LINK
0c
LINK LINK
0d
LINK
LINK
FAS6280 model in a singlecontroller configuration with

an I/O expansion module
(IOXM)
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
0d
LINK LINK
LINK
LINK
13
14
15
10
16
10
NETAPP FAS6200 SERIES

The FAS6200 family is a platform of high-end storage systems that are supported on the Data ONTAP 8.0.1
7-Mode operating system and the Data ONTAP 8.0.1 Cluster-Mode operating system. The family includes
three models, each with a unique configuration. Each FAS6200 model has the following characteristics:
6U chassis
Embedded SAS, FC, Gigabit Ethernet (GbE), 10 GbE
Minimum of four Peripheral Component Interconnect Express (PCIe) slots per controller
Embedded Service Processor (integrated platform management device)
USB flash support for OS boot media
Depending on the model, the chassis can accommodate one controller, one controller and an I/O expansion
module (IOXM), or two controllers. The IOXM provides additional PCIe slots to the system. When two
controllers are installed in a chassis, they form an HA pair through a nonvolatile RAM 8 (NVRAM8)
backplane connection. In addition, two FAS6200 systems, each with a controller and an IOXM, can form an
HA pair through external cabling.
The following FAS6200 system configurations are supported:
System | Single chassis, 1 controller, 1 empty bay | Single chassis, 2 controllers | Two chassis,
1 controller, 1 IOXM
6210
Yes
Yes
No
6240
No
No
Yes
6280
No
No
Yes
1 - 10
NetApp Hardware Solution: V-Series

NetApp provides V-Series solutions for
virtualization of heterogeneous storage:
V6200 seriesenterprise storage
V3200performance storage
FAS6280
FAS3270
V6200 series
V3200 series
11
NETAPP HARDWARE SOLUTION: V-SERIES

V-Series open-storage controllers enable you to manage disk arrays from EMC, IBM, Hewlett-Packard
Company, Hitachi Data Systems, and other storage vendors as easily as you can manage NetApp storage.
V6200 series: The open-storage controllers of the NetApp V6200 series can handle your largest enterprise
and technical applications in multiprotocol, multivendor storage environments.
V3200 series: The open-storage controllers of the V3200 series give you advanced data-management and
storage-efficiency capabilities in multiprotocol, multivendor environments.
1 - 11
NetApp Compatible Disk Shelves

NetApp provides compatible disk shelves:
FC
DS14 Mark FC
DS14
MK4
FC
Power
Fault
Loop A
Loop B
System
Shelf ID
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
ATA
DS14Mark 2AT
DS14
MK2
AT
Power
Fault
Module A
Module B
System
Shelf ID
SAS
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
450GB
DS4243
10
11
12
13
14
15
16
17
18
19
20
21
22
23
DS2246
DS4243
DS2246
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
600GB
12
NETAPP COMPATIBLE DISK SHELVES

NetApp storage supports a variety of disk shelves, from high-performance FC shelves to inexpensive ATA
shelves. With the DS4243 shelf and the new 2.5-inch disk form-factor DS2246, shelf NetApp storage
supports SAS drives with both speed and cost efficiency. The DS4243 is named for its 4U rack size with 24
disk and 3 Gb line rate while the DS2246 is named for its 2U rack size with 24 disk and 6 Gb line rate.
1 - 12
SSDs in a NetApp Disk Shelf

Solid-state disks (SSDs):
Can provide consistently fast response times for your
mission-critical applications
Are supported in the highly reliable DS4243 disk shelf
Use 24 x 100 GB SSDs per shelf
Are available with higher performance NetApp FAS
and V-Series storage controllers, which run the Data
ONTAP 8.0.1 or later system
13
SSDS IN A NETAPP DISK SHELF

Solid-state disks (SSDs) are best suited for random read-intensive workloads that require consistently fast
response times. Currently, SSDs are available in the DS4243 shelf, which houses 24 drives in 3.5-inch form
factor carriers. Each shelf gives you approximately 2 TB of raw capacity. For best results, use SSDs with a
high-performance storage controller.
1 - 13
NetApp Hardware Solution: Flash Cache

Flash Cache (PAM II):
Was formerly named Performance
Acceleration Module (PAM)
Eliminates up to 75% of the high-performance
disk drives in a storage system while providing
better response time across the I/O throughput
14
NETAPP HARDWARE SOLUTION: FLASH CACHE

Use Flash Cache, formerly the Performance Acceleration Module II (PAM II), to optimize the performance of
random read-intensive workloadssuch as file services, messaging, virtual infrastructure, and OLTP
databaseswithout using additional high-performance disk drives. This intelligent read cache speeds access
to your data, reducing latency by a factor of 10 or morecompared to disk drives. Faster response times can
translate into higher throughput for random I/O workloads.
1 - 14
Use Cases for Flash Cache and SSDs
Intelligent caching
Persistent storage
NetApp Flash Cache (PAM II)
SSDs in NetApp DS4243 shelf
Good fit when
Good fit when
Workload is random read-intensive

Hot data is dynamic or unknown
Workload is random read-intensive

Consistently fast response times
are required
Administration-free approach is
desired
Example workloads
Example workload
Server and desktop virtualization

File services, e-mail, databases
Databases for mission-critical

applications
Technical applications
15
USE CASES FOR FLASH CACHE AND SSDS

Both intelligent caching and persistent storage are effective ways to improve performance for random readintensive workloads.
When both Flash Cache and SSDs are part of a storage system configuration, the data from SSD volumes is
not placed in Flash Cache. Instead, SSD data is placed in the first-level read cache, which resides in the
controllers dynamic RAM (DRAM) main memory. Only data from rotating media (disk drives) is placed in
Flash Cache. In this case, Flash Cache functions as a second-level read cache.
It is often said that SSDs improve write performance, not just read performance. Because the WAFL (Write
Anywhere File Layout) file system in combination with the use of NVRAM as a write journal enables
NetApp storage to handle random writes very efficiently, this statement applies more to traditional FC-SAN
storage than to NetApp storage. Nevertheless, SSDs can improve the write performance of a NetApp
controller for workloads that are very write intensive.
Currently, promotion of autotiering software is at its peak, so the gap between expectations and reality is
large. Autotiering software works better for moving data downhill, to a lower tier, than for moving data
uphill, to a higher tier. When data on a lower tier (such as on SATA disk drives) suddenly becomes hot, it is
typically moved to an upper tier (such as SSDs) only after several hours, perhaps only after several days.
As a factor in the delay, chunk sizes range from 512 KB for Compellent to 1 GB for EMC CLARiiON
Fully Automated Storage Tiering (FAST). As chunk size increases, so does the likelihood that cold data will
be moved with hot data. As a consequence, larger chunk sizes increase the burden on the storage controller.
In contrast to autotiering software, NetApp intelligent caching moves newly hot data into cache in small 4-KB
chunks and in real time. The data chunk is initially placed in the first level of read cache, which is in
controller memory (DRAM). Eventually, the data chunk flows into the much larger, second-level Flash
Cache.
1 - 15

NetApp provides:
1 - 16
16
NetApp OS Platforms: Data ONTAP
7-Mode
ClusterMode
Data
ONTAP
GX
17
NETAPP OS PLATFORMS: DATA ONTAP

Achieve new levels of scalability and storage flexibility, resulting in decreased TCO, maximum business
agility, and 24x7 business continuity.
Accelerate your move to a service-oriented architecture with the Data ONTAP 8.0 operating system, which
enables service levels across a diverse set of applications and extends data center virtualization. The Data
ONTAP 8.0 operating system provides a unified, scalable platform that addresses your NAS, SAN, multitier,
multiprotocol, and multitenant virtualized environments.
1 - 17
Data ONTAP 8.0.x Operating System

7-Mode
7-Mode
Simple transition from

Data ONTAP 7G
Scale-up technology that
enables aggregates to be 100
TB (higher in the future)
Simple configuration for NAS
or SAN
Cluster-Mode
Cluster-
Mode
Simple transition from
Data ONTAP GX
Scale-out technology that
enables a pool of storage
controllers to manage the
storage cluster
One NAS namespace shared
across the cluster
Storage Pool
Storage Pool
18
DATA ONTAP 8.0.X OPERATING SYSTEM

The Data ONTAP 8.0 7-Mode operating system is both scalable and flexible. It provides:
More efficient storage
High availability
Business continuance
Quality of service
Reduced complexity, greater simplicity
To achieve high performance and high capacity, deploy the Data ONTAP 8.0 Cluster-Mode operating system.
The Data ONTAP 8.0 Cluster-Mode operating system helps you achieve results and get to market faster by
providing the massive throughput and scalability that you need to meet the demanding requirements of your
high-performance computing and digital media content applications. Achieve high levels of performance,
manageability, and reliability for your large Linux, UNIX, or Microsoft Windows clusters with the
Data ONTAP 8.0 Cluster-Mode operating system. The Data ONTAP 8.0 Cluster-Mode operating system
includes:
1 - 18
Multinode scaling, using a global namespace

NetApp FlexVol technology storage virtualization
Clustered file system
Snapshot technology replication and mirroring
Upgrading to Data ONTAP 8.0.x

Data
ONTAP
7.3.x
Conversion
Nondisruptive Upgrade
Conversion
(NDU) or Data in Place
Data
ONTAP 8.0.x
7-Mode
Conversion
Data
ONTAP GX
Data in Place
Data
ONTAP 8.0.x
Cluster-Mode
Conversion = Disks and system wiped clean

19
UPGRADING TO DATA ONTAP 8.0.X

Upgrading Data ONTAP or Data ONTAP GX is easy when you upgrade within the same mode, such as
Data ONTAP 7.3.x to Data ONTAP 8.0.x 7-Mode. In a high-availability configuration, you can upgrade from
Data ONTAP 7.3.x to Data ONTAP 8.0.x 7-Mode with a nondisruptive upgrade (NDU), maintaining data
access during the upgrade. In a single-node configuration, you can upgrade from Data ONTAP 7.3.x to Data
ONTAP 8.0.x 7-Mode without disturbing the data on the shelves (called Data in Place). Although upgrades
from Data ONTAP GX to Data ONTAP 8.0 Cluster-Mode require a reboot, all data can be maintained. All
other upgrades are conversions, requiring disks and systems to be wiped clean.
1 - 19
Data ONTAP-v
Configures Data ONTAP as a virtual machine (VM)
Runs in VMware vSphere 4.1 with a Fujitsu
PRIMERGY BX400 blade server
Infrastructure Blade
Server Blade
Data ONTAP VSA
Vendor
VM
CF Card
NVRAM
VM Services
WAFL
RAID 0
SAS SCSI
NFS
CIFS
SCSI
Target
vmdk
vmdk
vmdk
VMFS
iSCSI
Initiator
Server Blade
ESX
ESX
Vswitch
VMFS
iSCSI
Initiator
iSCSI
Initiator
Network Stack
WAN
Vswitch
Storage Blade
Storage Blade
Storage Blade
RAID 5
Network Backplane
Virtual machine storage provisioned and managed by Data ONTAP
vmdk
vmdk
vmdk
vmdk
parity
Async Mirror
Target
Volume mounted directly from Data ONTAP (NFS, CIFS, iSCSI)
NFS Client
CIFS Client
Storage managed by Data ONTAP storage stack

V-NVRAM backing store provisioned by ESX
Physical Disk
20
DATA ONTAP-V
The Data ONTAP operating system in a virtual machine (Data ONTAP-v) delivers the Data ONTAP storage
stack, data management, and caching features within a virtual machine. Currently, Data ONTAP-v is based
upon Data ONTAP 8.0.1 7-Mode. The virtual machine is on physical servers that use direct-attached storage
or are part of an external storage system. The Data ONTAP-v product is included within the virtual storage
appliance category.
Data ONTAP-v (in a virtual environment) and Data ONTAP (in a physical environment) provide the same
capabilities. The capabilities of Data ONTAP-v can be configured for multiple usage scenarios. When used
with the Fujitsu BX400, Data ONTAP-v enables storage stack management of local Fujitsu disks and
provides IP-based (CIFS, iSCSI, and NFS) data access for home directories, e-mail, and business applications
for small-sized and medium-sized firms.
NetApp offers Data ONTAP-v to Fujitsu as an OEM product. Data ONTAP-v will be incorporated into the
Fujitsu SX960 storage blade for the PRIMERGY BX400 blade server. As of January 2011, the Data
ONTAP-v system embedded with the SX960 storage blade is sold exclusively by Fujitsu and its worldwide
authorized resellers.
1 - 20

NetApp provides:
1 - 21
21
NetApp Software Management Products
Storage suite
Server suite
Application suite
Operations Manager
Protection Manager
Provisioning Manager
File Storage Resource Manager
SnapDrive for UNIX
SnapDrive for Windows
SnapManager for Exchange

SnapManager for SharePoint
SnapManager for SAP
SnapManager for Oracle
SnapManager for SQL Server
Data center: SANscreen
22
NETAPP SOFTWARE MANAGEMENT PRODUCTS

The NetApp manageability software family consists of four suites that provide software tools for effective
data management.
With the NetApp storage suite of productsincluding Operations Manager, File Storage Resource Manager,
SAN Manager, and Command Central Storageyou can do more with less. Instead of managing physical
storage systems individually, you can view and manage multiple devices from a central console.
The NetApp server suite includes the SnapDrive data management software and ApplianceWatch
Performance and Resource Optimization (PRO) Management Pack product families. SnapDrive products
provide a server-aware alternative to maintaining manual host connections to underlying NetApp storage
systems. ApplianceWatch products integrate with third-party system-management tools from HP, IBM, and
Microsoft. With ApplianceWatch products, you can view, monitor, and manage NetApp storage systems from
within their respective system-management environments.
The NetApp application suite delivers increased productivity and flexibility across the entire enterprise. The
various NetApp SnapManager management software products enable you to improve data availability,
reduce unexpected data loss, and increase storage management flexibility by leveraging the power of
integrated NetApp storage systems.
NetApp SANscreen storage management software provides effective tools for managing SAN
environments.
1 - 22
NAS
Protocols
HTTP REST
Protocol
Namespace
Metadata
tagging and search
Policy API
NAS
I/O
Native
Object
Access
NetApp StorageGRID
Object-Based Storage Solution
Policydriven
automanagement
Object-level data management

Location-transparent distributed object store
Data ONTAP 8.0.X
StorageGRID object-based storage solution

23
NETAPP STORAGEGRID OBJECT-BASED STORAGE SOLUTION

NetApp StorageGRID object-based storage solution:
1 - 23
Is a proven tool for managing petabyte-scale, globally distributed repositories of images, video, and
records for enterprises and service providers.
Provides tremendous scalability by eliminating the typical constraints of mapping data into predefined
data containers as blocks and files. It supports billions of files or objects and multiple petabytes of
capacity in one global namespace.
Enables intelligent data management and secure content retention. It optimizes data placement, metadata
management, and efficiency through a global policy engine with built-in security that manages how data
is stored, placed, protected, and retrieved. Technologies such as digital fingerprints and encryption protect
the content from corruption and tampering.
Helps provide data availability any time, anywhere, to facilitate nonstop operations. Because the solution
is designed to allow flexible deployment configurations, it can meet the varying needs of global, multisite
organizations.
Storage
Architectures
STORAGE ARCHITECTURES
1 - 24
24
NAS and SAN Topology
NFS
Corporate
LAN
iSCSI
CIFS
FCoE
FC
NAS
(file-level
access)
SAN
(block-level
access)
NetApp FAS
25
NAS AND SAN TOPOLOGIES

SAN is a block-based storage system that makes data available over the network, using FC, FCoE, and iSCSI
protocols.
NAS is a file-based storage system that makes data available over the network, using NFS and CIFS
protocols. Within the Data ONTAP 8.0.1 7-Mode operating system, NetApp provides Unified Connect, which
allows a single 10-Gb adapter on the storage system, called a Unified Target Adapter (UTA), and a single 10Gb adapter on a client host, called a Converged Network Adapter (CNA), to be used as an Ethernet path for
both NAS and SAN.
NetApp SAN and Unified Storage Architecture provide an outstanding level of investment protection and
flexibility. The FAS system on the slide implies one box. However, the actual storage environment includes
small and large FAS systems.
1 - 25
Protocols Supported by Data ONTAP

NetApp storage systems support SAN and NAS
protocols simultaneously:
NAS
NFS
CIFS
FTP
HTTP
WebDAV
SAN
FC
iSCSI
FCoE
NFS
CIFS
iSCSI
FCoE
LAN (Ethernet)
FC
Data
ONTAP
FC Network
26
PROTOCOLS SUPPORTED BY DATA ONTAP

NFS: The NFS protocol allows UNIX and PC NFS clients to mount file systems to local mount points. The
storage appliance supports NFS v2, NFS v3, NFS v4, and NFS over User Datagram Protocol (UDP) and
Transmission Control Protocol (TCP).
CIFS: The CIFS protocol supports Windows Server 2000, Windows Server 2003, and Windows Server
2008.
FTP: The FTP enables UNIX clients to remotely transfer files to and from the storage appliance.
HTTP: The HTTP enables Web browsers to display files that are stored on the storage appliance.
WebDAV: Web-based Distributed Authoring and Versioning (WebDAV) enables certain applications to
create, modify, and access files by using extensions to HTTP.
FC, iSCSI, or FCoE: The FC, iSCSI, and FCoE protocols enable a storage device to communicate with one
or more hosts that are running operating systems such as Solaris or Windows in a SAN environment.
1 - 26
Data ONTAP 7.3.x Architecture
Network
Protocols
Clients
WAFL
Physical
Memory
RAID
Storage
NVRAM
Disk
Array
27
DATA ONTAP 7.3.X ARCHITECTURE

The Data ONTAP 7.3 operating system architecture consists of these elements:
1 - 27
Network interface: The point of interconnection between a user terminal and the network. The network
layer delivers data to RAM through the simple kernel and through some libraries.
Protocol stack: Enables the processing of the data that is placed into RAM by the network layer.
Processing is based on protocols (CIFS, NFS, FC, iSCSI, FTP, or HTTP).
WAFL (Write Anywhere File Layout): An intelligent file system that actively optimizes write
performance by identifying the most effective way to lay out data.
RAID Layer: Provides RAID 4 and RAID-DP protection by taking the data that is processed by the
WAFL file system. The RAID layer creates stripes that are used to calculate parity. The RAID layer also
protects data by performing RAID scrubs and assists in the reconstruction of failed disks.
Storage: Manages data transfer to and from disks. The storage layer is responsible for writing to the
disks. According to the data that is delivered by the WAFL file system and RAID, it optimizes the write
process to the disks.
Nonvolatile RAM (NVRAM): Logs all transactions that change the state of the file system. Because
writes are processed in system RAM, NVRAM provides battery-backed protection against data loss only
in emergency situations. After an improper shutdown, NVRAM is read only.
Clients
D-Blade
Network
M-Host
Client Protocol
Access
Data ONTAP 8.0.x 7-Mode Architecture
Protocols
WAFL
Physical
Memory
RAID
Storage
NVRAM
FreeBSD
Disk
Array
28
DATA ONTAP 8.0.X 7-MODE ARCHITECTURE

M-Host
Within FreeBSD, the M-host management component provides an API to the Data ONTAP 8.0 operating
system. M-host has a swap space on the root volume of the D-blade.
D-Blade
The D-blade is a kernel module within FreeBSD that provides Data ONTAP 7G compatibilities. The D-blade
consists of these elements:
1 - 28
Network interface
Protocol stack
WAFL file system
RAID layer
Storage
NVRAM
Support Options
SUPPORT OPTIONS
1 - 29
29
NetApp Technical Support

Assisted-service products
SupportEdge Premium
SupportEdge Standard
SupportEdge Secure for Government
Storage Availability Audits
Rapid Deployment Services
Self-service products
NetApp Support siteformerly NOW
(NetApp on the Web)
AutoSupport and My AutoSupport
30
NETAPP TECHNICAL SUPPORT

The NetApp architecture eliminates single points of failure and helps you achieve high availability, but there
are factors that no design can eliminate.
NetApp technical support can help. The NetApp global team of experts is ready to respond to your problems.
NetApp provides cost-effective technical support that is scaled and priced for your needs, whether you are a
large enterprise, classified government installation, or small business.
1 - 30
NetApp Support Site
31
NETAPP SUPPORT SITE

The NetApp Support knowledge database provides support, information, and documentation. The NetApp
Support site is a NetApp customer-driven and employee-driven knowledgebase that is accessible at either of
these locations:
http://support.netapp.com
http://now.netapp.com
When you log in to the NetApp Support site, the Home page is displayed. From this page, you can access the
following kinds of administrative support:
1 - 31
Request technical assistance

Submit or review the status of a technical assistance case
Submit or review the status of a Return Materials Authorization (RMA)
Find bug reports
Locate documentation
Find downloads
Find information about your product
Locate troubleshooting solutions
Storage Efficiency in My AutoSupport

Statistics on system
efficiency and effective
utilization of NetApp
Overview of physical and
effective capacity
Calculation of storage
efficiency savings from:
Deduplication
Snapshot technology
RAID-DP technology
FlexClone technology
Thin provisioning
Available on the NetApp Support site

32
STORAGE EFFICIENCY IN MY AUTOSUPPORT

My Autosupport (formerly called Premium AutoSupport) is based upon AutoSupport data and is designed to
tell you:
1 - 32
How much storage you are using and what storage efficiency features are enabled
How much storage savings you are realizingcompared to traditional storage
What additional storage savings you can realize by enabling more storage efficiency components
Module Summary
In this module, you should have learned to:
Identify the key features and functions of
Describe the advantages of a NetApp storage
system
Distinguish between NAS and SAN topologies
Describe NetApp Unified Storage Architecture
Access the NetApp Support site to obtain
software and hardware documentation
MODULE SUMMARY
1 - 33
33
Exercise
Module 1: NetApp Storage
Environment
Estimated Time: 15 minutes
EXERCISE
Please refer to your Exercise Guide for more instructions.
1 - 34
Check Your Understanding

What are the NetApp hardware solutions?
What is the primary function of the WAFL file system?
What storage topologies are supported by NetApp and
the Data ONTAP operating system?
How is SAN different from NAS?
Where can you find support for the Data ONTAP

operating system?
CHECK YOUR UNDERSTANDING
1 - 35
35
Basic
Administration
Module 2
BASIC ADMINISTRATION
2-1
Data ONTAP 7-Mode Administration: Basic Administration
Module Objectives
Connect remotely to a FAS system by using
the console and a remote host
Access NetApp System Manager to
administer a storage system
Execute commands by using the console, a
remote host, and NetApp System Manager
Use commands to analyze a FAS system
Configure and manage the NetApp
AutoSupport support tool for a FAS system
MODULE OBJECTIVES
2-2
Administrative
Interfaces
ADMINISTRATIVE INTERFACES
2-3
CLI and GUI

A storage system can be managed from:
The command-line interface (CLI)
Accessed directly through a serial connection to
the console
Accessed remotely through Secure Shell (SSH)
or Telnet
A graphic user interface (GUI): accessed

remotely through a variety of protocols
CLI AND GUI
2-4
Command-Line
Interface
COMMAND-LINE INTERFACE
2-5
Command-Line Interface
CLI is accessed through the console or through Ethernet:
system> Wed Apr
7 20:53:01 ...
logged in from console
system>
Maximum of 2 sessions:
1 from console
1 from Ethernet (SSH or telnet)
By default, a storage system allows:
One session, one user at a time
Two sessions, up to two users at a time
Creating additional sessions generates an error:

Too many users logged in!
Please try again later.
Connection closed.
COMMAND-LINE INTERFACE
To enable two sessions, use the following command:
system> options telnet.distinct.enable on
NOTE: If two sessions are not created, administrators must share the one session.
2-6
Console Connections: Serial Port

The console allows a physical connection
through the:
Serial port
Storage systems have an
RLM or SP
RJ45 port marked IOIOI (on
BMC
the rear panel).
You connect the DB9 end to a
serial port on a host computer.
Properties:
Serial Port
3
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
13
14
15
10
16
Speed: 9600 bits per second

Data bits: 8
Stop bits: 1
Parity: none
Flow control: hardware or none
CONSOLE CONNECTIONS: SERIAL PORT

For console access, you can connect a terminal (or terminal server) to the storage system console port through
a standard RS232 connection, such as a DB9-to-DB9 serial cable (null modem). You use with the following
settings for the serial communication port:
Bits per second: 9600
Data bits: 8
Parity: none
Stop bits: 1
Flow control: hardware or none
Console access can be password protected. On newer systems with a Service , administrator may access a
Service Processor (SP) through the serial port by type the Control-G keystroke combination.
2-7
Console Connections: RLM or SP

through the:
Serial port
Remote LAN Manager (RLM) or
Service Processor (SP) Remote access to your
storage system regardless of
BMC
the system state
SP Ports
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
13
14
15
10
16
Continuous power and secure

access
An rlm command or sp
command used for
configuration
The naroot account used to
log in as root
CONSOLE CONNECTIONS: RLM OR SP

The Remote LAN Module (RLM) or the new Service Processor (SP is a remote management card that
provides remote platform management capabilities, including remote access, monitoring, troubleshooting,
logging, and alerting features.
These connections stays operational regardless of the operating state of the storage system. They are powered
by standby voltage, which are available as long as the storage system has input power to at least one of the
storage systems power supplies.
The RLM and the SP has a single temperature sensor to detect ambient temperature around the module board.
Data that is generated by this sensor is not used for any system or RLM environmental policies. It is only used
as a reference point that might help you troubleshoot storage system issues. For example, it might help a
remote system administrator determine if a system was shut down due to an extreme temperature change in
the system.
The FAS30xx series and FAS6000 series storage systems provide an Ethernet interface for connecting to the
RLM.
The FAS32xx series and FAS62xx series storage system provide two separate Ethernet interfaces (e0M and
e0P) for connecting to the SP.
2-8
Console Connections: BMC

through the:
Serial port
RLM or SP
On the FAS2000 series, Baseboard
Management Controller (BMC)
BMC Port
2
REPLACE THIS ITEM WITHIN

2 MINUTES OF REMOVAL
REPLACE THIS ITEM WITHIN 2 MINUTES OF REMOVAL
REPLACE THIS ITEM WITHIN

2 MINUTES OF REMOVAL
FAS2050
LNK
0a
0b
e0a
e0b
e0a
e0b
LNK
A
B
REPLACE THIS ITEM WITHIN 2 MINUTES OF REMOVAL
FAS2050
LNK
0a
0b
LNK
Remote access to your

storage system regardless of
the system state
Continuous power and secure
access
A bmc command used for
configuration
CONSOLE CONNECTIONS: BMC

The Baseboard Management Controller (BMC) is a remote management device that is built into the
motherboard of the FAS2000 series storage systems. It provides remote platform management capabilities,
including remote access, monitoring, troubleshooting, logging, and alerting features.
The BMC stays operational regardless of the operating state of the storage system. Both the BMC and its
dedicated Ethernet network interface card (NIC) use standby voltage for high availability. The BMC is
available as long as the storage system has input power to at least one of the storage systems power supplies.
2-9
Shell Access: e0M and e0P

In addition to direct console access, administrators
can access a storage system through the:
e0M and e0P (if available)

Ethernet
Data
LAN
Management
LAN
RLM
or SP
e0P
e0M
e0a
e0b
Data ONTAP 8.0

10
SHELL ACCESS: E0M AND E0P

Some storage system models include an interface named e0M and e0P. These interfaces are dedicated to Data
ONTAP management activities with e0M for standard management functionality and e0P for private
management traffic. They enable you to separate management traffic from data traffic on your storage system
for security and throughput benefits. On a storage system that includes the e0M interface, the Ethernet port
that is indicated by a wrench icon on the rear of the chassis connects to an internal Ethernet switch. On a
storage system that includes the e0P interface, the Ethernet port that is indicated by a wrench icon with a
padlock on the rear of the chassis connects to an internal Ethernet switch.
When you set up a system that includes the e0M or e0P interface, the Data ONTAP setup script informs you
that, for environments that use dedicated LANs to isolate management traffic from data traffic, e0M and e0P
are the preferred interfaces for the management LAN. The setup script prompts you to configure e0M and
e0P. The e0M and e0P configurations are separate from the RLM or SP configuration. Both configurations
require unique IP and MAC addresses to allow the Ethernet switch to direct traffic to either the management
interfaces or the RLM or SP.
Although the e0M interface and the RLM both connect to the internal Ethernet switch by means of the
Ethernet port that is indicated by a wrench icon on the rear of the chassis, the e0M interface and the RLM
serve different functions. The e0M interface serves as the dedicated interface for environments that have
dedicated LANs for management traffic. You use the e0M interface for Data ONTAP administrative tasks.
The RLM, conversely, can be used for managing the Data ONTAP operating system and for providing remote
management capabilities for the storage system, including remote access to the console, monitoring,
troubleshooting, logging, and alerting features. Also, the RLM stays operational regardless of the operating
state of the storage system and regardless of whether the Data ONTAP operating system is running or not.
After e0M is configured, you can open a Telnet, RSH, or SSH session on a client.
2 - 10
Shell Access: Ethernet

In addition to using direct console access,
administrators can access a storage system
through:
e0M and e0P (if available)
Ethernet
Communication protocols:
Defaults to secure protocols

Defaults to insecure protocols
Secure protocols like SSH and SSL are recommended

The following insecure protocols are not
recommended:
RSH
Telnet
11
SHELL ACCESS: ETHERNET

If your system is not configured with an e0M or e0P interface, use a standard Ethernet port for administrative
communication. NetApp recommends using a dedicated interface (such as e0a) for administrative access.
Using a secure shell protocol is also recommended.
2 - 11
Secure Shell
Secure shell (SSH):
Allows for secure administrative access to the storage system
Requires no license; set on by default in Data ONTAP 8.0.x
Is supported by the Data ONTAP 7.3.x and Data ONTAP 8.0.x
operating systems
To configure SSH 2.0:

system> secureadmin setup ssh
Follow the wizard and enter a host key of 768 bits.
Wait for a syslog message that indicates that SSH is set up.
system> secureadmin enable ssh2
Host keys are found where indicated:

RSA key: /etc/sshd/ssh_host_rsa_key
DSA key: /etc/sshd/ssh_host_dsa_key
12
SECURE SHELL
Although the Data ONTAP 7.3.x and Data ONTAP 8.0.x operating systems support SSH 1.x, the use of SSH
1.x is not recommended because SSH 1.x contains known vulnerabilities.
2 - 12
Secure Sockets Layer

Secure Sockets Layer (SSL):
Uses a certificate to provide a secure connection between the
storage system and a Web browser
Can use either of two types of certificates
Self-signed certificate
Certificate-authority-signed certificate
To configure a self-signed certificate SSL:

system> secureadmin setup ssl
Enter country, state, locality, organization, unit, common, email, days until expiration, and key length.
The certificate is created in the /etc/keymgr directory.
A self-signed certificate is called secureadmin.der.
13
SECURE SOCKETS LAYER

Secure Socket Layer (SSL) is an industry-accepted method to encrypt communication between an adminhost
and a storage system.
SSL uses a certificate to provide a secure connection between the storage system and a Web browser. Two
types of certificates are used: a self-signed certificate and a certificate-authority-signed certificate.
Self-signed certificate: A certificate that is generated by the Data ONTAP operating system. Self-signed
certificates can be used as is, but they are less secure than certificate-authority-signed certificates because
the browser has no way of verifying the signer of the certificate. This means that the system could be
spoofed by an unauthorized server.
Certificate-authority-signed certificate: A certificate-authority-signed certificate is a self-signed
certificate that is sent to a certificate authority to be signed. The advantage of a certificate-authoritysigned certificate is that it verifies to the browser that the system is the system to which the client
intended to connect.
The Data ONTAP 8.0 operating system comes with SSL enabled by default. However, if you upgrade,
NetApp strongly recommends that you configure the protocol.
2 - 13
Secure Sockets Layer Configuration

To configure a certificate-authority-signed certificate
SSL:
system> secureadmin addcert ssl directory_path
For directory_path enter the full path:
/etc/tempdir/secureadmin.pem /
The certificate is created in the /etc/keymgr directory/
A certificate-authority-signed certificate is called
secureadmin.pem/
To enable SSL:
system> secureadmin enable ssl
SECURE SOCKETS LAYER CONFIGURATION
2 - 14
14
Working with the CLI

Move the cursor right
one position
Ctrl-F or the Right

arrow key
Move the cursor left

one position
Ctrl-B or the Left arrow

key
Move the cursor to the

beginning of the line
Ctrl-A
Delete all characters from

the cursor to the end
Ctrl-K
Delete the character to the

left of the cursor
Ctrl-H
Delete the line
Ctrl-U
Delete a word
Ctrl-W
Reprint the line
Ctrl-R
15
WORKING WITH THE CLI

The Data ONTAP operating system provides shortcuts that make it easier for you to work with the CLI.
2 - 15
Command-Line Privileges
The CLI has two modes:
Administrative
priv set or priv set admin
Represented by system>
Advanced
priv set advanced
Represented by system*>
Use advanced commands only under the direction of

NetApp personnel.
system> priv set advanced
Warning: These advanced commands are potentially
dangerous; use them only when directed to do so
by NetApp personnel.
system*>
16
COMMAND-LINE PRIVILEGES
The Data ONTAP operating system provides two sets of commands that are based on privilege level:
administrative and advanced. Use the priv command to set the privilege level.
The administrative level provides access to commands that are sufficient for managing your storage system.
The advanced level provides access to these same administrative commands, plus additional troubleshooting
commands.
Advanced-level commands should only be used with the guidance of NetApp technical support. When you
use advanced-level commands, the following warning is displayed:
Warning: These advanced commands are potentially dangerous; use them only when directed to do so by
NetApp personnel.
2 - 16
Basic Administration Commands

system> ?
?
acpadmin
aggr
arp
backup
bmc
cdpd
cf
charmap
cifs
clone
config
date
dcb
df
disk
disk_fw_update
dns
download
du
dump
echo
ems
environment
exportfs
fpolicy
fsecurity
ftp
halt
help
hostname
httpstat
ide_savecore
ifconfig
ifgrp
ifstat
igroup
ipsec
ipspace
iscsi
key_manager
keymgr
license
lock
logger
logout
lun
man
maxfiles
mt
nfsstat
nis
options
orouted
partner
passwd
ping
ping6
pktt
portset
priority
priv
qtree
quota
radius
rdate
rdfile
reallocate
reboot
restore
rlm
route
routed
rshstat
sasadmin
smtape
snap
snaplock
snapmirror
snapvault
snmp
software
source
sp
stats
storage
sysconfig
sysstat
timezone
traceroute
traceroute6
ups
uptime
useradmin
version
vfiler
vlan
vmservices
vol
vscan
17
BASIC ADMINISTRATION COMMANDS

At the normal administration privilege level, entering a question mark at the command line displays the
commands that are available to the system administrator for disk management, networking and system
management, physical and virtual interface configuration, and related tasks.
Some commands are simple, some use arguments, and some perform an obvious function, such as backup,
ping, or help.
Type help command_name on the command line to display a brief description of the command. Type only
command_name on the command line to display the full syntax of the command and any arguments that it
takes.
Data ONTAP 8.0.1 7-Mode example is shown.
2 - 17
Advanced Privilege Commands

system*> ?
/etc/rmt
?
acorn
acpadmin
aggr
arp
availtime
backup
blink_off
blink_on
bmc
bootfs
bringhome
cdpd
cf
charmap
cifs
clone
com
config
date
dcb
dd
df
disk
hostname
httpstat
ic
ide_savecore
ifconfig
ifgrp
ifinfo
ifstat
igroup
incpy_cmd
inodepath
ipsec
ipspace
iscsi
java
key_manager
keymgr
led_off
led_off_all
led_on
led_on_all
led_on_off
led_reset_all
led_test
led_test_one
nv8
ontapi
options
orouted
panic
partner
passwd
perf
ping
ping6
pktt
portset
priority
priv
ps
qtree
quota
radius
rc_loop
rc_loop_check
rdate
rdfile
reallocate
reboot
registry
showfh
showfh4
sis
sldiag
sm_mon
sm_mon_old
sm_not
smb_hist
smtape
snap
snaplock
snapmirror
snapvault
snmp
software
source
sp
statit
stats
storage
stty
sysconfig
syslog
sysstat
systemshell
18
ADVANCED PRIVILEGE COMMANDS

In privileged mode, you can use advanced commands that provide more control and access to the storage
system. In some cases, more arguments or options are available for a given command when you are in
privileged mode. These commands are potentially dangerous and should be used only by knowledgeable
personnel.
To access the advanced commands, enter priv set advanced. Typing this command enables advanced
privileges and changes the command line prompt by appending an asterisk (*).
To return to basic administration mode, enter priv set admin. Some administration commands that are
considered advanced are also available in the basic administration mode, but they are hidden and do not
appear when you enter the help command from the basic administration mode.
Data ONTAP 8.0.1 7-Mode example is shown.
2 - 18
Graphical
User Interfaces
GRAPHICAL USER INTERFACES
2 - 19
19
GUIs Used to Manage Storage Systems

A storage system can be managed through
various GUIs:
NetApp System Manager
NetApp Operations Manager (formerly
DataFabric Manager)
Microsoft Windows interfaces, such as
Computer Management for certain CIFS
functionality
GUIS USED TO MANAGE STORAGE SYSTEMS
2 - 20
20
NetApp System Manager 1.1

Enables:
Quick setup
Easy management of NetApp storage
Requires:
NetApp
System
Manager 1.1
Windows XP, Windows Vista, Windows Server

2003, or Windows Server 2008
Microsoft Management Console (MMC) 3.0
Microsoft .NET Framework 2.0
Supports:
The Data ONTAP 7.2.3 and later operating systems
Current storage systems
21
NETAPP SYSTEM MANAGER 1.1

NetApp System Manager provides comprehensive management and the ability to manage one or more arrays
through a simple, easy-to-use, intuitive UI.
NetApp System Manager is a Microsoft Management Console (MMC) 3.0 Windows application that supports
discovery, set up, Fibre Channel (FC), iSCSI, CIFS, NFS, deduplication, provisioning, thin provisioning,
Snapshot technology, and configuration management of multiple NetApp storage systems from a single UI.
To learn more, go to the NetApp Support site.
2 - 21
NetApp System Manager Features

Windows integration
Discovery and setup
of storage systems
NAS provisioning
LUN provisioning
CIFS and NFS configuration
ISCSI and Fibre Channel (FC) configuration
Management of storage systems
Streamlined HA pair configuration
Windows system tray notification
22
NETAPP SYSTEM MANAGER FEATURES

NetApp System Manager 1.1 is the first release of this product to support the Data ONTAP 8.0 7-Mode
operating system. NetApp System Manager includes these features:
2 - 22
Seamless Windows integration: Integrates seamlessly into your management environment through the
MMC.
Discovery and setup of storage systems: Enables you to quickly discover a storage system or a highavailability (HA) configuration on a network subnet. You can easily set up a new system and configure it
for storage.
iSCSI and FC: Manages iSCSI and FC protocol services for exporting data to host systems.
SAN provisioning: Provides a workflow for LUN provisioning, as well as simple aggregate and
FlexVol creation.
Network-attached storage (NAS) provisioning: Provides a unified workflow for CIFS and NFS
provisioning, as well as management of shares and exports.
Management of storage systems: Provides ongoing management of your storage system or HA
configuration.
Streamlined HA configuration management: Provides combined setup for HA configuration of
NetApp systems, logical grouping and management of such a configuration in the console or navigation
tree, and common configuration changes for both systems in an HA configuration.
Systray (Windows notification area): Provides real-time monitoring and notification of key healthrelated events for a NetApp system.
Assigning a System to Be Managed

After installation, administrators can either discover or
manually assign storage systems to be managed.
Add host name or IP

and click here.
Discovery requires
DHCP.
ASSIGNING A SYSTEM TO BE MANAGED
2 - 23
23
NetApp System Manager: Storage Systems

Edit allows host name changes.
Setup allows authenticated

users to configure
the selected storage.
24
NETAPP SYSTEM MANAGER: STORAGE SYSTEMS

Use the Setup wizard to configure storage systems. If you are not authenticated, the NetApp System Manager
prompts you for your credentials.
2 - 24
NetApp System Manager: Setup Wizard
If previously configured, check OK

and then click Next
NETAPP SYSTEM MANAGER: SETUP WIZARD
2 - 25
25
Setup Wizard Network Configuration
SETUP WIZARD NETWORK CONFIGURATION
2 - 26
26
Setup Wizard Configuration Summary
SETUP WIZARD CONFIGURATION SUMMARY
2 - 27
27
Setup Wizard Setup Completion
SETUP WIZARD SETUP COMPLETION
2 - 28
28
NetApp System Manager: Configuration
NETAPP SYSTEM MANAGER: CONFIGURATION
2 - 29
29
NetApp System Manager: Dashboard
Select a storage
system to
view details.
NETAPP SYSTEM MANAGER: DASHBOARD
2 - 30
30
NetApp System Manager: Security
Configure SSH
and SSL.
NETAPP SYSTEM MANAGER: SECURITY
2 - 31
31
NetApp System Manager: SSH Keys
NETAPP SYSTEM MANAGER: SSH KEYS
2 - 32
32
NetApp System Manager: SSL Certificate
NETAPP SYSTEM MANAGER: SSL CERTIFICATE
2 - 33
33
Operations Manager
Discovers, monitors, and manages NetApp storage
Provides maximum availability, reduces TCO, and
ensures business policy compliance
34
OPERATIONS MANAGER
NetApp Operations Manager delivers comprehensive monitoring and management for NetApp enterprise
storage and content caching environments. From a central point of control, Operations Manager provides
alerts, reports, and configuration tools to keep your storage infrastructure in line with your business
requirements, for maximum availability and reduced TCO.
Operations Manager is a simple, centralized administration tool that enables comprehensive management of
enterprise storage and content delivery infrastructures. No other single management application provides the
same level of NetApp monitoring and management for NetApp FAS systems storage. The detailed
performance and health monitoring of Operation Manager gives administrators proactive information to help
resolve potential problems before they occur and troubleshoot problems faster if they do occur.
2 - 34
Alternative GUIs
MMC and its snap-ins
Computer Management
Server Manager (in Windows Server 2008 and later)
35
ALTERNATIVE GUIS
Microsoft Windows Server 2000 and later, and client operating systems such as Microsoft Windows XP and
later, have a management console called Computer Management that can connect to a storage system.
Alternatively, MMCs can be used to administrate a storage system remotely.
2 - 35
Configuring
Your System
CONFIGURING YOUR SYSTEM
2 - 36
36
Configuring Your System

To change the configuration of a storage system, use
one of the following methods:
CLI
Configuration files
Steps in setting up a new storage system:
Verify the date, time, and time zone configuration

Set up SNMP variables to be monitored, if any
Review the System Log (Syslog)
Configure the AutoSupport support tool
Verify configuration: AutoSupport tool to report

configurations
CONFIGURING YOUR SYSTEM
2 - 37
37
CLI Commands
System options:
system> options [feature.option_name] [value]
Example:
options rsh.enable off
NOTE: If no value is entered, the current value is displayed.
Aggregate options:
system> aggr options aggrname [option_name] [value]
Volume options:
system> vol options volname [option_name] [value]
38
CLI COMMANDS
The options command implementation is unique in the Data ONTAP operating system. If you enter just
the command, the system displays all of the visible options and their values. If you enter the options
command along with a feature name (such as cifs or raid), the system displays all of the visible options
settings for that feature. Taking this a step further, if you enter the options command along with any
characters, the system parses the string and displays all of the visible options that match what you entered.
2 - 38
Registry Files
Registry files contain many persistent configurations.
File
Usage
/etc/registry
Current registry
/etc/registry.lastgood
Copy of registry after last successful boot
/etc/registry.bck
First-level backup
/etc/registry.default
Default registry
NOTE: The registry should never be edited directly.
39
REGISTRY FILES
Persistent configuration information and other data is stored in a registry database.
There are several backups of the registry database that are used automatically if the original registry becomes
unusable. The /etc/registry.lastgood database is a copy of the registry as it existed after the last successful
boot.
The /etc/registry is edited by the Data ONTAP operating system and should not be edited manually.
Configuration commands, such as the network interface configuration (ifconfig), must remain in the
/etc/rc file.
2 - 39
Editing Files from the CLI

1. Make a backup copy of the file.
2. Read the file: rdfile.
3. Use one of two command to write to the file:
To write to the file and delete the original
file: wrfile
To append 1 line to the file without
deleting the original file: wrfile a
NOTE: Better yet, use NetApp System Manager.
40
EDITING FILES FROM THE CLI

The console command rdfile displays the present contents of an ASCII text file. If the file doesnt exist or
is empty, this command returns nothing. For example, to display the /etc/hosts file from the CLI, enter
rdfile /etc/hosts.
To create or re-create a file, enter the console command wrfile. For example, to re-create the /etc/hosts file
from the CLI, enter wrfile /etc/hosts. Then enter the contents of the file and press Ctrl-C to commit
the file. Enter the command rdfile to verify the contents of the file.
2 - 40
CLI: Time Options

To configure the date and time:
system> date [-u] [[[CC]yy]mmddhhmm[.ss]]
Example:
system> date 201004020728
sets the date for April 2, 2010, at 7:28 a.m.
To configure the time zone:

system> timezone [name]
The name argument specifies the time zone.

Each time zone is described by a file in the storage
systems /etc/zoneinfo directory.
Example:
system> timezone America/Chicago
sets the time zone to CST.
CLI: TIME OPTIONS

Use these settings with the date command:
2 - 41
-u: sets the date and time to Greenwich Mean Time instead of the local tim
CC: the first two digits of the current year
yy: the second two digits of the current year
mm: the current month (If the month is omitted, the default is the current month.)
dd: the current day (If the day is omitted, the default is the current day.)
hh: the current hour, using a 24-hour clock
mm: the current minute
ss: the current second. If the seconds are omitted, the default is 0
41
CLI: NTP Time Options

To configure a storage system for Simple
Network Time Protocol (SNTP):
system> options timed.proto ntp
To set the SNTP servers:

system> options timed.servers
pool.ntp.org, 10.125.25.23
To enable the time configuration:

system> options timed.enable on
In an Active Directory
environment, set the ID to
match the servers that are
synchronized with Active
Directory.
CLI: NTP TIME OPTIONS
2 - 42
42
NetApp System Manager: Time Options
To configure
date, time, and
time zone
NETAPP SYSTEM MANAGER: TIME OPTIONS
2 - 43
43
CLI: Syslog
A syslogd daemon performs message logging.
The /etc/syslog.conf configuration file on the storage
system's root volume determines how system
messages are logged.
Messages can be sent to:
The console
A file
A remote system
By default, all system messages are sent to the

console and logged in the /etc/messages file.
You can access the /etc/messages file by using:
An NFS or CIFS client
44
CLI: SYSLOG
The syslog contains information and error messages that the storage system displays on the console and logs
in the /etc/messages file.
To specify the types of messages that the storage system logs, use the Syslog Configuration page in NetApp
System Manager to edit the /etc/syslog.conf file. This file specifies which types of messages are logged by the
syslogd daemon. (A daemon is a process that runs in the background, rather than under the direct control of a
user.)
2 - 44
The /etc/syslog.conf File

The /etc/syslog.conf file consists of lines with
space-separated fields in the following format:
facility.level action
The facility parameter specifies the

subsystem from which the message originated.
The level parameter describes the severity
level of the message.
The action parameter specifies where
messages are sent.
45
THE /ETC/SYSLOG.CONF FILE

By default, the /etc/syslog.conf file does not exist; however, there is a sample /etc/syslog.conf file. To view a
manual page, enter the man syslog.conf command.
The facility parameter uses one of the following keywords: kern, daemon, auth, cron, or local7.
The level parameter is a keyword from the following ordered list (higher to lower): emerg, alert, crit, err,
warning, notice, info, debug.
The action parameter can be in one of three forms:
A pathname (beginning with a leading slash): Selected messages are appended to the specified log file.
A hostname (preceded by @): Selected messages are forwarded to the syslogd daemon on the named
host.
/dev/console: Selected messages are written to the console.
For more information about /etc/syslog.conf settings, see the System Administration Guide.
2 - 45
NetApp System Manager: Syslog
To view the
Syslog
NETAPP SYSTEM MANAGER: SYSLOG
2 - 46
46
AutoSupport
AUTOSUPPORT
2 - 47
47
AutoSupport Tool
The AutoSupport tool:
Monitors a storage system's operations

Sends automatic messages to technical support
HTTP/HTTPS
SMTP
E-Mail Server
AutoSupport messages are generated:
When triggering events occur

When you initiate a test message
When the system reboots
Once a week (usually after 12 a.m. on Sundays)
48
AUTOSUPPORT TOOL
The AutoSupport support tool is a call-home feature that is included in the Data ONTAP operating system
software for all NetApp systems. This integrated and efficient monitoring and reporting tool constantly
monitors the health of your system.
The AutoSupport tool allows storage systems to send messages to the NetApp technical support team and to
other designated addressees when specific events occur. The AutoSupport message contains useful
information for technical support to identify and solve problems quickly and proactively.
You can also subscribe to the abbreviated version of urgent AutoSupport messages through alphanumeric
pages, or you can customize the type of message alerts that you want to receive.
The AutoSupport Message Matrices list all of the current AutoSupport messages in order of software version.
The AutoSupport tool allows the system to send messages directly to system administrators and NetApp
technical support, which has a dedicated team that continually enhances AutoSupport analysis tools.
To continuously monitor your systems status and health, the AutoSupport support tool:
2 - 48
Is automatically triggered by the kernel once a week to send information to the e-mail addresses that are
specified in the autosupport.to option before the message file is backed up. In addition, the
options command can be used to invoke the AutoSupport mechanism to send this information.
Sends a message in response to events that require corrective action from the system administrator or
NetApp technical support.
Sends a message when the system reboots.
Examples of AutoSupport Events

Events
E-Mail Subject Line
Low NVRAM battery
BATTERY_LOW
Disk failure
DISK_FAIL!!!
Disk scrub detected checksum errors
DISK_SCRUB CHECKSUM ERROR
Shutdown occurred because of overheating
OVER_TEMPERATURE_SHUTDOWN!!!
Partial RPS failure occurred
REBOOT
Disk shelf error occurred
SHELF_FAULT
Spare disk failure occurred
SPARE DISK FAILED
Weekly backup of /etc/messages occurred
WEEKLY_LOG
Successful HA takeover of partner
CLUSTER TAKEOVER COMPLETE
Unsuccessful HA takeover
CLUSTER TAKEOVER FAILED
HA takeover of virtual filer
REBOOT (CLUSTER TAKEOVER)
HA giveback occurred
CLUSTER GIVEBACK COMPLETE
49
EXAMPLES OF AUTOSUPPORT EVENTS

AutoSupport e-mail messages can be triggered by the following events:
Weekly logs (/etc/messages)
System reboots
Low NVRAM batteries
Disk, fan, and power supply failures
Shelf faults
File system growing too large
Administrator-defined SNMP traps
To read descriptions of some of the AutoSupport messages that you might receive, access the NetApp
Support site and search for AutoSupport Message Matrices. You can view either the online version or the
version in the Data ONTAP operating system guide.
2 - 49
CLI: Configuring AutoSupport, Steps 12

1. Specify whether to notify NetApp (required for many
NetApp Support services):
system> options autosupport.support.enable [off|on]
2. Specify to notify NetApp technical support over

SMTP or over HTTP/HTTPS:
system> options autosupport.support.transport

[smtp|http|https]
If smtp, notice is sent to

autosupport.support.to
If http or https, notice is sent to

autosupport.support.url
Read-only
CLI: CONFIGURING AUTOSUPPORT, STEPS 1-2
2 - 50
50

3. Determine the amount of information to include:
system> options autosupport.content

[complete|minimal]
4. If minimal, specify how to identify storage systems:
system> options autosupport.minimal.subject.id

[hostname|systemid]
5. Specify up to five mail host servers:
system> options autosupport.mailhost host1[,]
6. Specify the senders e-mail:
system> options autosupport.from address
7. Specify up to five e-mail addresses to send

notifications to:
system> options autosupport.to address[,]
51

AutoSupport e-mail messages contain the following information:
Output of system commands
Message date and timestamp
NetApp software version
Storage system ID and host name
Software licenses enabled
SNMP contact information and location (if configured)
Contents of the /etc/messages file
Contents of the /etc/serialnum file (if created)
AutoSupport messages also contain additional information that is specific to your storage system. This
information helps identify crucial parameters that are required for follow-up handling of the triggering event.
To control the detail level of event messages and weekly reports, use the options command to specify the
value of autosupport.content as complete or minimal. Complete AutoSupport messages are
required for normal technical support. Minimal AutoSupport messages omit sections and values that might be
considered sensitive information and reduce the amount of information sent. However, keep in mind that
choosing minimal greatly affects the level of support that NetApp is able to provide.
2 - 51

8. Specify up to five e-mail addresses to send notes to:
system> options autosupport.noteto address[,]
Notes are designed to send short e-mail messages to devices

such as cell phones or other text devices.
9. Enable AutoSupport:
system> options autosupport.enable [on|off]
NOTE: AutoSupport logs are stored in /etc/log/autosupport.
2 - 52
52
Testing AutoSupport Messages

To send an AutoSupport manual message, run
the following command on the storage system
console:
system> options autosupport.doit [message]
The message can be a word or a string that is

enclosed in single quotation marks ( ).
For testing your AutoSupport configuration, NetApp
recommends that you use the message TEST or
TESTING.
TESTING AUTOSUPPORT MESSAGES
2 - 53
53
NetApp System Manager: AutoSupport
To configure
AutoSupport
NETAPP SYSTEM MANAGER: AUTOSUPPORT
2 - 54
54
AutoSupport Configuration
AUTOSUPPORT CONFIGURATION
2 - 55
55
Module Summary
Connect remotely to a FAS system, using the
console and a remote host
Access NetApp System Manager to administer
a storage system
Execute commands by using the console, a
remote host, and NetApp System Manager
Use commands to analyze a FAS system
Configure and manage the NetApp
AutoSupport support tool for a FAS system
MODULE SUMMARY
2 - 56
56
Exercise
Module 2: Basic Administration
EXERCISE
2 - 57

What methods can you use to access a
storage systems CLI?
How can you configure a FAS system from a
remote host?
When are AutoSupport messages generated?
2 - 58
58
Physical Storage
Module 3
PHYSICAL STORAGE
3-1
Data ONTAP 7-Mode Administration: Physical Storage
Module Objectives
Describe Data ONTAP RAID technology
Identify a disk in a disk shelf based on its ID
Execute commands to determine a disk ID
Identify a hot-spare disk in a FAS system
Describe the effects of using multiple disk
types
Create a 32-bit and a 64-bit aggregate
Execute aggregate commands in the Data
ONTAP operating system
Calculate usable disk space
MODULE OBJECTIVES
3-2
Storage
The Data ONTAP operating system provides
data storage for clients:
A volume (or a smaller increment within
vol1
a volume) makes storage available to
clients through protocols.
Volumes are contained in an aggregate.
aggr1
Aggregates are not visible to clients.
STORAGE
3-3
Storage Architecture
STORAGE ARCHITECTURE
3-4
Storage Architecture: Aggregates

Aggregates:
Are created by administrators
aggr1
Contain one or two plexes
Aggregate types:
plex0
Traditional: deprecated
32-bit: 16-TB limitation
64-bit:
Data ONTAP 8.0.x operating system only
system> aggr status
Aggr
State
aggr_trad online
aggr0
online
aggr1
online
Status
Options
raid4, trad
32-bit
raid_dp, aggr root
32-bit
raid_dp, aggr
64-bit
STORAGE ARCHITECTURE: AGGREGATES

To support the differing security, backup, performance, and data sharing needs of your users, group the
physical data storage resources on the storage system into one or more aggregates. An aggregate provides
storage to the volume or volumes that it contains.
Each aggregate has its own RAID configuration, plex structure, and set of assigned disks. When you create an
aggregate without an associated traditional volume, you can use the aggregate to hold one or more FlexVol
volumesthe logical file systems that share the physical storage resources, RAID configuration, and plex
structure of that common containing aggregate. When you create an aggregate that contains a single
traditional volume, the aggregate and its volume are tightly bound together as an administrative unit, and the
aggregate can contain only that volume.
3-5
Storage Architecture: Plexes

A plex:
When used with SyncMirror software,
provides mirror capabilities
Contains one or more RAID groups
If mirroring is not used, is limited to
one per aggregate
aggr1
plex0
rg0
rg1
system> sysconfig -r
...
Plex /aggr1/plex0 (online, normal, active, pool0)
RAID group /aggr1/plex0/rg0 (normal)
...
...
Disks belong to
pool0 unless part
of SyncMirror.
STORAGE ARCHITECTURE: PLEXES

Mirrored aggregates have two copies of their data, called plexes, which use the SyncMirror synchronous
mirroring software functionality to provide redundancy by duplicating the data.
When SyncMirror synchronous mirroring software is enabled, all of the disks are divided into two disk pools,
and a copy of the plex is created. The plexes are physically separated (each plex has its own RAID groups and
its own disk pool), and the plexes are updated simultaneously. This architecture provides added protection
against data loss if there is a double-disk failure or a loss of disk connectivity because the unaffected plex
continues to serve data while you fix the cause of the failure. After you fix the affected plex, you can
resynchronize the two plexes and re-establish the mirror relationship.
3-6
Storage Architecture: RAID Protection

RAID group:
Provides data protection
Contains two or more disks
aggr1
RAID types:
RAID 4
RAID-DP technology
(a RAID 6 implementation)
plex0
rg0
rg1
...
RAID Disk Device HA SHELF BAY CHAN Pool...
--------- ------ ------------- ---- ---parity
0a.24
0a
1
8
FC:A
0...
data
0a.25
0a
1
9
FC:A
0...
STORAGE ARCHITECTURE: RAID PROTECTION

The Data ONTAP operating system supports two levels of RAID protection: RAID-DP and RAID 4. RAIDDP technology can protect against double-disk failures or failures during reconstruction. RAID 4 can protect
against single-disk failures. You assign the RAID level on a per-aggregate basis.
3-7
Storage Architecture: Disks

Disks:
Store data
Are contained in shelves
Disk types:
Parity
aggr1
plex0
Composed of
4-KB blocks
Data
rg0
rg1
...
--------- ------ ------------- ---- ---parity
0a.24
0a
1
8
FC:A
0...
data
0a.25
0a
1
9
FC:A
0...
STORAGE ARCHITECTURE: DISKS

Disks provide the basic unit of storage for storage systems that run the Data ONTAP operating system.
Understanding how the Data ONTAP operating system uses and classifies disks helps you manage your
storage more effectively.
3-8
Disks
DISKS
3-9
Disks
All data is stored on disks.
To understand how physical media is
managed in your storage system, you need to
be familiar with:
Disk types
Disk qualification
Disk ownership
Spare disks
DISKS
3 - 10
10
Disk Qualification
NetApp allows only qualified disks to be used
with the Data ONTAP operating system.
Qualification
Ensures quality and reliability
Is enforced by /etc/qual_devices
Caution!
Modifying the disk qualification
requirement file can cause your
storage system to halt.
11
DISK QUALIFICATION
NetApp storage systems only support disks that are qualified by NetApp. Disks must be purchased from
NetApp or an approved reseller.
Unqualified Disks
The Data ONTAP operating system automatically detects unqualified disks. If you attempt to use an
unqualified disk, the Data ONTAP operating system responds by issuing a delay forced shutdown warning,
giving you 72 hours to remove and replace the unqualified disk before a forced system shutdown occurs in
Data ONTAP 7.2.1 through 7.2.3. In Data ONTAP 7.2.4 and later, you will receive a console warning.
In addition, when the Data ONTAP operating system detects an unqualified disk, it takes the following
actions:
Provides notification through syslog entries, console messages, and the AutoSupport support tool
Generates an automatic error message and delayed forced shutdown if the /etc/qual_devices file is
modified
Marks unsupported drives as unqualified
Disk Qualification
If you install a new disk drive into your disk shelf and the storage system responds with an unqualified disk
error message, you must remove the disk and replace it with a qualified disk.
To correct an unqualified disk error and avoid a forced shutdown, complete the following steps:
1. Remove any disk drives that were not provided by NetApp or an authorized NetApp vendor or reseller.
2. To update your list of qualified disks, download and install the most recent /etc/qual_devices file from
http://now.netapp.com/NOW/download/tools/diskqual/.
3. If the unqualified disk error message persists after you install an up-to-date /etc/qual_devices file, try
reinstalling the /etc/qual_devices file.
4. If the reinstallation fails, remove the unqualified disk and contact NetApp technical support.
3 - 11
Supported Disk Connection Architectures
FC-AL
SAS
DS14mk4
(ESH2 or
ESH4)
DS4243
DS14mk2AT
DS2246
12
SUPPORTED DISK CONNECTION ARCHITECTURES

The Data ONTAP operating system supports six disk types: Fibre Channel-Arbitrated Loop (FC-AL), ATA,
BSAS, SATA, SAS, and SSD using two different disk connection architectures: FC-AL and SAS.
For a specific configuration, the disk types that are supported depend on the storage system model, the disk
shelf type, and the I/O modules that are installed in the system.
FC and ATA disks are attached using the FC-AL disk connection architecture. SAS, BSAS, SATA and SSD
disks are attached using the SAS disk connection architecture.
Generally, different disk types are not allowed within a single aggregate. However, the following exceptions
to this rule apply when you are creating an aggregate or increasing the size of an aggregate:
SATA and ATA disks are treated as the same disk type
SAS and FC disks are treated as the same disk type
NOTE: Data ONTAP also supports LUN disk type over a FC connection in the NetApp V-Series systems.
3 - 12
FC-AL Architecture
FC and ATA disks connect
through an FC-AL (Fibre
Channel Arbitrated Loop)
architecture with ESH
(electronically switched
hub) technology
Uses FC and ATA disks
types
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
ESH
DS14
MK4
FC
Power
Fault
Loop A
Loop B
System
Shelf ID
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
450F
FC-AL ARCHITECTURE
3 - 13
13
FC-AL Device Names

The system assigns the device ID automatically
through the host_adapter and disk_id.
Aggregate aggr0 (online, raid_dp, redirect) (block checksums)
Plex /aggr0/plex0 (online, normal, active)
RAID Disk
--------dparity
parity
data
Device
-----0a.16
0a.17
0a.18
HA
-0a
0a
0a
SHELF BAY CHAN Pool Type

----- --- ---- ---- ---1
0 FC:A FCAL
1
1 FC:A FCAL
1
2 FC:A FCAL
RPM
---10000
10000
10000
Used (MB/blks)...
-------------34000/69632000...
34000/69632000...
34000/69632000...
Device ID = host_adapter.disk_id
14
FC-AL DEVICE NAMES

Disks are numbered in all storage systems. Disk numbering allows you to:
Interpret messages that are displayed on your screen, such as command output or error messages
Quickly locate a disk that is associated with a displayed message
To determine a disk ID, use the sysconfig r, vol status r, or aggr status r command.
3 - 14
FC-AL Device Names: host_adapter

The host_adapter designates the slot and port
where an adapter is located.
0a
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
0d
LINK LINK
LINK
LINK
13
14
15
10
16
FAS6280 with optional IOXM

15
FC-AL DEVICE NAMES: HOST_ADAPTER

Disks are numbered based on a combination of their host_adapter and device_id, represented as
host_adapter.device_ID, as shown in the graphic.
Host_adapter refers to the adapter number that is associated with the disk, and device ID refers to the logical
loop ID of the disk.
3 - 15
FC-AL Device Names: disk_id

DS14
MK4
FC
Power
Fault
Loop A
Loop B
System
Shelf ID
450F
450F
450F
450F
13 12 11 10
450F
450F
450F
450F
450F
450F
450F
450F
450F
Shelf ID
450F
Bay Number
Shelf ID
Bay Number
Disk ID
130
2916
130
4532
130
6148
130
7764
130
9380
130
10996
130
125112
16
FC-AL DEVICE NAMES: DISK_ID

The table shows the numbering system for FC loop IDs.
The following IDs of DS14 series shelves are reserved and are not used: 0-15, 30-31, 46-47, 62-63, 78-79, 9495, 110-111.
The table can be summarized by the following formula:
DS14 Device ID = DS14 Shelf ID * 16 + Bay Number
3 - 16
The fcstat device_map Command

Use the fcstat command to troubleshoot disks and
shelves.
Use the fcstat device_map command to display
the relative physical position of the drives on an FC
loop and the mapping of devices to shelves.
system> fcstat device_map
Loop Map for channel 0a:
Translated Map: Port Count
7 29
Shelf mapping: Shelf 1: 29
Loop Map for channel 0b:
Translated Map: Port Count
7 45
Shelf mapping: Shelf 2: 45
15
28 27 25 26 23 22 21 20 16 19 18 17 24
28 BYP 26 25 24 23 22 21 20 19 18 17 XXX
15
44 43 41 42 39 38 37 36 32 35 34 33 40
44 43 42 41 40 39 38 37 36 35 34 33 32
17
THE FCSTAT DEVICE_MAP COMMAND

An FC loop is a logically closed loop from a frame transmission perspective. Consequently, signal integrity
problems that are caused by a component upstream are seen as problem symptoms by components
downstream. The relative physical position of drives on a loop is not necessarily related directly to the drives
loop IDs (which are, in turn, determined by the drive shelf IDs). To determine the relative physical positions
of drives on a loop, use the device_map subcommand.
The device_map subcommand displays:
The relative physical position of drives on the loop, as if the loop were one flat space
The mapping of devices to shelves, thus enabling you to quickly correlate disk IDs with shelf tenancy
Error codes can be found in the device map output such as BYP and XXX:
3 - 17
BYP (Drive Bypass) events are situations which cause the ESH to bypass a drive port thus making it
inaccessible by the host and isolating the drive from the loop. See this FAQ for more information:
https://kb.netapp.com/support/index?page=content&id=3012395
XXX are slots that do not have any disks.
SAS Architecture
Serial Attached SCSI (SAS)
provides the affordability of
SATA with the reliability of FC
SAS uses expanders
Expanders are switches
Maintain point-to-point
connections with disks
Uses SATA, SAS and SSD

disk types
Expander
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
Expander
18
SAS ARCHITECTURE
NetApp uses the term "stack" to refer to a collection of correctly wired and interconnected SAS shelves and
adapters. The following guidelines apply:
3 - 18
Up to 10 shelves are supported per stack, except in the FAS2040 and FAS2050, which support up to 4
shelves per stack.
The DS4243 and DS2246 cannot be mixed in the same stack. They can be mixed in the same system by
connecting them to different SAS ports. If you connect them to different ports on the same adapter, the
adapter will automatically use the correct link speed for each stack.
When using the DS4243, SAS and SATA drives can be mixed in the same stack but not in the same shelf.
You should not mix 15k and 10k RPM SAS drives in the same aggregate. While it is possible, this will
very likely limit the performance youll see from the faster drives.
NetApp extensively qualifies SAS cables for use with our SAS shelf family. SAS cables are a highperformance and critical component of the SAS architecture. Only official NetApp SAS cables are
supported for use in SAS data path connections.
SAS Device Names

The system assigns the device ID automatically through
the host_adapter, shelf_id and bay_id.
Aggregate aggr0 (online, raid_dp, redirect) (block checksums)
Plex /aggr0/plex0 (online, normal, active)
RAID Disk
--------dparity
parity
data
Device
-----0a.00.18
0a.00.19
0a.00.20
HA
-0a
0a
0a
SHELF
----00
00
00
BAY
--18
19
20
CHAN Pool Type

---- ---- ---SA:A SAS
SA:A SAS
SA:A SAS
RPM...
---15000...
15000...
15000...
Device ID = host_adapter.shelf_id.bay_id
19
SAS DEVICE NAMES

Shelf IDs can range from 00 to 99. We recommend assigning intervals of 10 to each stack attached to a
storage system. For example, the first stack would have IDs 10 through 19 reserved, while stack two would
have IDs 20 through 29 reserved, and so on. Those IDs are reserved even if the stacks are not fully populated.
For example, if the first stack has four shelves, the shelf IDs would be 10, 11, 12, and 13. The second stack
would start at shelf ID 20, even though IDs 14 through 19 are not currently utilized. This helps you to easily
identify which shelves are assigned to each stack. Unused IDs can be used for future stack expansion. Both
the DS4243 and DS2246 support the hot addition of capacity, and additional shelves can be added to a
running storage system without disruption.
3 - 19
SAS Device Names Example

RAID Disk
--------dparity
parity
data
Device
-----0a.00.18
0a.00.19
0a.00.20
HA SHELF BAY...
-- ----- --0a
00
18...
0a
00
19...
0a
00
20...
3
0a
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
Shelf ID
of 00
Bay 0
Bay 1
Bay 20
Bay 2
LINK LINK
0c
LINK LINK
0d
LINK
LINK
Bay 3
Bay 23
SAS DEVICE NAMES EXAMPLE
3 - 20
0b
20
Alternative Control Path

SAS Shelves like the DS4243 and DS2246 have multiple
connections
Data paths are over standard SAS cables
Alternative control paths (ACPs) are over Ethernet connections
ACP
(Ethernet)
Data Paths
(SAS)
ACP requires configuration (systems setup command)
Do you want to configure the Shelf Alternate Control Path Management

interface for SAS shelves [n]: y
Enter the network interface you want to use for the Alternate Control
Path Management. []: e0P
Enter the domain for network interface e0P [198.168.0.0]: 198.168.4.0
Enter the netmask for network interface e0P [255.255.252.0]:
21
ALTERNATIVE CONTROL PATH

Alternative control path (ACP) was introduced at the same time as the DS4243 for out-of-band management
on SAS disk shelves. ACP gives you an alternate communications path to each of your disk shelves. It is
completely separate from the SAS data path and provides options for nondisruptive recovery of shelf
modules, including the ability to reset or power cycle an individual I/O module (IOM) or an entire domain
(that is, all IOMs connected to the A" shelf modules within a SAS stack). ACP gives the storage
administrator the ability to power cycle the entire shelf as well. For redundancy, each shelf contains two
IOMs, and each IOM has ACP connectivity. ACP technology enhances the ability of Data ONTAP to
automatically reset a misbehaving component in order to return it to a fully operational mode without
disruption.
ACP actively monitors the SAS data path for issues that can be corrected by a nondisruptive shelf module
reset or power cycle. The proactive shelf recovery mechanism of Data ONTAP performs these actions
automatically; this is enabled by default when using ACP.
Although NetApp highly recommends it, ACP is not required. Because ACP is completely separate from the
data path, the data path continues to function when ACP is not connected or not operational. Many of the
ACP functions described can be performed manually when ACP is not present. If e0P is available, use this
private management port instead of other ports.
3 - 21
Disk Ownership
Disks are assigned to one system controller.
Disk ownership is either:
Hardware-based: determined by the slot
position of the host bus adapter (HBA) and shelf
module port
Software-based: determined by the storage
system administrator
Storage Systems
Software Disk Ownership
FAS6200 series
FAS6000 series
FAS3200 series
FAS3100 series
FAS3000 series
FAS2000 series
X
X
X
X
X
X
Hardware Disk Ownership
22
DISK OWNERSHIP
Disk ownership can be hardware-based or software-based.
Hardware-Based Ownership
In hardware-based disk ownership, disk ownership and pool membership are determined by the slot position
of the host bus adapter (HBA) or onboard port and the shelf module port where the HBA is connected.
NOTE: Only the FAS3020 and FAS3050 support hardware-based ownership. The FAS3040 and FAS3070
support only software-based ownership.
Software-Based Ownership
In software-based disk ownership, disk ownership and pool membership are determined by the storage system
administrator. The Data ONTAP operating system might also set disk ownership and pool membership
automatically, depending on the initial configuration. Slot position and shelf module port do not affect disk
ownership.
The Data ONTAP 8.0 operating system supports only software-based ownership.
3 - 22
Determining Disk Ownership

To determine your systems ownership:
system> storage show
Hardware-based output: SANOWN not enabled

Software-based output: report on the current
ownership
In a stand-alone storage system without

SyncMirror synchronous mirroring software:
Disks are owned by one controller
Disks are in pool0
DETERMINING DISK OWNERSHIP
3 - 23
23
Hardware-Based Ownership
Determined by two conditions:
1.
2.
How a storage system is configured

How the disk shelves are attached to the storage system
A standalone system owns all disks that are

directly attached to it.
If part of a high-availability configuration:
Local node owns the disks connected to the ESH A channel
Partner node owns the disk connected to the ESH B channel
Channel A
4Gb 2Gb
1Gb ELP
X2
X2
ES H 4
1Gb
2Gb
4Gb
SHELF
ID
A
B
ESH4
4Gb 2Gb
1Gb ELP
Channel B
24
HARDWARE-BASED OWNERSHIP
The Data ONTAP 7.3.x operating system supports hardware-based ownership on some hardware platforms.
The Data ONTAP 8.0.x operating system does not support hardware-based ownership on any hardware
platform.
3 - 24
Software-Based Ownership
Ownership is determined by the system administrator:
To verify current ownership:
system> disk show -v
DISK
OWNER
--------- --------------0b.43
Not Owned
...
0b.29
system (84165672)
...
POOL
----NONE
SERIAL NUMBER
------------41229013
Pool0
41229011
To view all disks without an owner:

system> disk show -n
DISK
OWNER
--------- --------------0b.43
Not Owned
...
POOL
----NONE
SERIAL NUMBER
------------41229013
SOFTWARE-BASED OWNERSHIP
3 - 25
25
Software-Based Ownership: Disk Assign

To assign disk ownership:
system> disk assign {device_list|all|

[-T storage_type] -n count|auto}...
device_list is the disk IDs of the unassigned disks
T is ATA, FCAL, LUN, SAS, or SATA
To assign a specific set of disks:
system> disk assign 0b.43 0b.41 0b.39
To assign all unassigned disks:

system> disk assign all
To unassign disks:
Specify the device

IDs that you want
to work with.
system> disk assign 0b.39 -s unowned -f

Use -s to specify the sysid to take ownership.
Use -f to force assignment of previously assigned disks.
NOTE: Unassign only hot-spare disks.
SOFTWARE-BASED OWNERSHIP: DISK ASSIGN
3 - 26
26
Software-Based Ownership: Auto Assign

Automatic assignment option:
system> options disk.auto_assign
This option specifies whether disks are automatically

assigned on systems with software disk ownership.
The default is on.
The Data ONTAP operating system assigns
unassigned disks to the system and pool based upon
the disk loop.
Automatic assignment is invoked:
10 minutes after boot
Every five minutes
system> disk assign auto
SOFTWARE-BASED OWNERSHIP: AUTO ASSIGN
3 - 27
27
Disk Selection
When creating an aggregate, the Data ONTAP
operating system selects disks:
With the same speed
That match the speed of existing disks
The Data ONTAP operating system verifies

that adequate spares are available.
If spares are not available, the Data ONTAP
operating system warns you.
NOTE: NetApp recommends that spares be
available.
28
DISK SELECTION
If disks with different speeds are present on a NetApp system (for example, 10,000 RPM and 15,000 RPM
disks), the Data ONTAP operating system attempts to avoid mixing them in one aggregate or traditional
volume.
By default, the Data ONTAP operating system selects disks:
With the same speed when creating an aggregate or traditional volume in response to the following
commands:
aggr create
vol create
That match the speed of existing disks in an aggregate or traditional volume that requires expansion or
mirroring in response to the following commands:
aggr add
aggr mirror
vol add
vol mirror
If you use the -d option to specify a list of disks for commands that add disks, the operation fails if disk
speeds differ from each other or differ from the speed of disks already included in the aggregate or traditional
volume. The commands for which the -d option fails in this case are aggr create, aggr add,
aggr mirror, vol create, vol add, and vol mirror. For example, if you enter
aggr create vol4 -d 9b.25 9b.26 9b.27, and two of the disks are different speeds, the
operation fails.
3 - 28
Using Multiple Disk Types in an Aggregate

Drives in an aggregate can be:
Different speeds (not recommended)
On the same shelf or on different
shelves
Not all drive types can be mixed

within an aggregate:
FC and SAS can be mixed (not
recommended)
FC and SATA or SAS and SATA
cannot be mixed
The spares pool is global within a

single controller
29
USING MULTIPLE DISK TYPES IN AN AGGREGATE

The storage system allows the use of various disk sizes. This sometimes occurs when disks are purchased
after the original equipment is set up. However, different-sized disks require different versions of the Data
ONTAP operating system and different disk shelves. For specific information about your system, see the
System Configuration Guide on the NetApp Support site.
You must ensure that parity and hot-spare disks are as large as the largest disk in a RAID group so that they
can support all of the stripes on the data disks. When creating RAID groups with disks of different sizes, the
Data ONTAP operating system assigns parity to the largest disk. If you later add larger disks to the RAID
group, the Data ONTAP operating system reassigns parity to the largest of those disks.
NOTE: Although mixing disk sizes in a volume is a supported configuration, this practice can lead to
suboptimal volume performance. NetApp recommends that all disks in a volume be the same size.
3 - 29
Spare Disks
Spare disks are used to:
Increase aggregate capacity
Replace failed disks
Disks must be zeroed before use:

Disks are automatically zeroed when they are
brought into use.
NetApp recommends zeroing disks
before use:
system> disk zero spares
30
SPARE DISKS
You can add spare disks to an aggregate to increase its capacity. If the spare is larger than the other data disks,
it becomes the parity disk. However, it does not use the excess capacity unless another disk of similar size is
added. The second largest additional disk has full use of additional capacity.
Replacing Failed Disks with Spares
If a disk fails, a spare disk is automatically used to replace the failed disk. If the spare that is used is larger
than the failed disk that is being replaced, the excess capacity of the larger disk is not used.
Zeroing Used Disks
After you assign ownership to a disk, you can add that disk to an aggregate on the storage system that owns it,
or leave it as a spare disk on that storage system. If the disk has been used previously in another aggregate,
you should use the disk zero spares command to zero the disk to reduce delays when the disk is used.
3 - 30
NetApp System Manager: Disks
Select Disks to
reveal a list of
disks.
NETAPP SYSTEM MANAGER: DISKS
3 - 31
31
Disk Protection
and Validation
DISK PROTECTION AND VALIDATION
3 - 32
32
Disk Protection and Validation

The Data ONTAP
operating system protects
data through RAID.
The Data ONTAP

operating system verifies
data through disk
scrubbing.
DISK PROTECTION AND VALIDATION
3 - 33
33
RAID Groups
RAID groups are a collection of data disks and
parity disks.
RAID groups provide protection through parity.
The Data ONTAP operating system organizes
disks into RAID groups.
The Data ONTAP operating system supports:
RAID 4
RAID-DP technology
34
RAID GROUPS
To understand how to manage disks and volumes, it is important to first understand the concept of RAID.
A RAID group includes several disks that are linked together in a storage system. Although there are various
implementations of RAID, the Data ONTAP operating system supports only RAID 4 and RAID-DP
technology.
In the Data ONTAP operating system, each RAID 4 group consists of one parity disk and one or more data
disks. The storage system assigns the role of parity disk to the largest disk in the RAID group.
When a data disk fails, the storage system identifies the data on the failed disk and rebuilds a hot-spare disk
with that data.
NOTE: If a parity disk fails, it can be rebuilt from data on the data disks.
3 - 34
RAID 4 Technology
RAID 4 protects against data loss that results
from a single-disk failure in a RAID group.
A RAID 4 group requires a minimum of two
disks:
One parity disk
One data disk
Data
Data
Data
Data
Data
Data
Data
Parity
35
RAID 4 TECHNOLOGY
RAID 4 protects against data loss due to a single-disk failure within a RAID group.
Each RAID 4 group contains the following:
One parity disk (assigned to the largest disk in the RAID group)
One or more data disks
Using RAID 4, if one disk block goes bad, the parity disk in that disk's RAID group is used to recalculate the
data in the failed block, and then the block is mapped to a new location on the disk. If an entire disk fails, the
parity disk prevents any data from being lost. When the failed disk is replaced, the parity disk is used to
automatically recalculate its contents. This is sometimes referred to as row parity.
3 - 35
RAID-DP Technology
RAID-DP technology protects against data loss
that results from double-disk failures in a RAID
group.
A RAID-DP group requires a minimum of three
disks:
One parity disk
One double-parity disk
One data disk
Data
Data
Data
Data
Data
Data
Parity
DoubleParity
36
RAID-DP TECHNOLOGY
RAID-DP technology protects against data loss due to a double-disk failure within a RAID group.
Each RAID-DP group contains the following:
One data disk
One parity disk
One double-parity disk
RAID-DP technology employs the traditional RAID 4 horizontal row parity. However, in RAID-DP
technology, a diagonal parity stripe is calculated and committed to the disks when the row parity is written.
For more information about RAID-DP processes, see Technical Report 3298, found at
http://www.netapp.com/library/tr/3298.pdf.
3 - 36
RAID Group Size

RAID-DP
NetApp
Platform
Minimum
Group Size
Maximum
Group Size
Default
Group Size
All storage systems

(with SATA disks)
16
14
All storage systems

(with FC or SAS disks)
28
16
Minimum
Group Size
Maximum
Group Size
Default
Group Size
All storage systems

(with SATA)
All storage systems

(with FC or SAS)
14
RAID 4
NetApp
Platform
37
RAID GROUP SIZE

RAID groups can include anywhere from 2 to 28 disks, depending on the platform and RAID type. For best
performance and reliability, please see Technical Report 3437 and Technical Report 3838.
3 - 37
Growing Aggregates
Take care with how you grow your aggregates.
Existing
rg0
Data
Data
Data
Data
Data
Data
Data
Parity
Data
Data
Data
Data
Data
Data
Data
Parity
Data
Parity
Existing
rg1
If you grow this configuration by three disks when

the existing disks are nearly full, the new data
disks can become hot disks.
GROWING AGGREGATES
3 - 38
38
Data Validation
NetApp uses various methods to validate data:
RAID-level checksums
Media scrub process
RAID scrub process
RAID-level checksums enhance data

protection and reliability.
The WAFL (Write Anywhere File Layout) file

system ensures that real-time validation occurs.
Two disk checksums:
Block checksum (BCS)
Zone checksum (ZCS), used only with V-Series
39
DATA VALIDATION
NOTE: NetApp deduplication depends on block checksum (BCS). Deduplication is not available with zone
checksum.
3 - 39
Data Validation and Disk Structure

To understand disk protection and validation, you
must understand disk structure.
Track
Mathematical
Sector
Sector
DATA VALIDATION AND DISK STRUCTURE
3 - 40
40
BCS Method with FC

In FC disks,
sector size
is 520 bytes.
4-byte
checksums
for 4096
bytes stored
within a cluster
1
Inode number and timestamp
520 Bytes
NetApp data block = 4096 bytes
64 bytes
41
BCS METHOD WITH FC

The block checksum (BCS) method provides 64 bytes of checksum data for every 4 KB of data. Within BCS,
there are two possibilities: 520 bytes per sector of FC disks or 512 bytes per sector of ATA disks.
FC disks: With 520 bytes per sector, one block is composed of eight 520-byte sectors. The eighth sector
within the block is composed of both data and checksum data. The entire block's space is 4160 bytes (8
sectors x 520 bytes = 4160 bytes).
3 - 41
BCS Method with ATA

In ATA disks,
sector size
is 512 bytes.
Wasted space
Checksums for
the previous
4096 bytes are
stored within the
ninth sector.
1
Inode number and timestamp
512 Bytes
NetApp data block = 4096 bytes
64 bytes
42
BCS METHOD WITH ATA

ATA disks: With 512 bytes per sector, one block is composed of nine 512-byte sectors. Eight of these sectors
are used for data, and the ninth sector is used to store the 64-byte checksum. The entire blocks space is 4096
bytes. About eight-ninths of the disk is used for data.
3 - 42
Data Validation Processes

Two processes:
system> options raid.media_scrub
Looks only for media errors

If enabled, runs continuously in the background
system> options raid.scrub
Is also called disk scrubbing

Looks for media errors by verifying the
checksum in every block
Checks for parity consistency
43
DATA VALIDATION PROCESSES

Media scrubbing checks disk blocks for physical errors. Disk scrubbing checks disk blocks on all disks in the
storage system for media errors and logical parity errors.
If the Data ONTAP operating system identifies media errors or inconsistencies, it repairs them by
reconstructing the data from parity data, and then rewriting the data back to the data disk. Disk scrubbing
reduces the chance of data loss from media errors that occur during reconstruction.
3 - 43
Media and RAID Scrubs

A media scrub:
Runs in the background when the
storage system is not busy
Looks for unreadable sectors at
the lowest level (0s and 1s)
Is unaware of the data stored in a
sector
Takes corrective action when it
finds too many unreadable blocks
on a disk (sends warnings or fails
the disk, depending on findings)
A RAID scrub:
Is enabled by default
Can be scheduled or disabled
NOTE: Disabling is not
recommended.
Uses RAID checksums
Reads a block and then verifies
the data
On finding a discrepancy between
the RAID checksum and the data
read, re-creates the data from
parity and writes it back to the
block
Reads every block in an
aggregate to ensure that data has
not become stale, even if users
havent accessed the data
44
MEDIA AND RAID SCRUBS

Storage systems use disk scrubbing to protect data from media errors or bad sectors on a disk. Each disk in a
RAID group is scanned for errors. If errors are identified, they are repaired by reconstructing data from parity
and rewriting the data. Without this process, a disk media error could cause a multiple disk failure, causing
the storage system to run in degraded mode.
Automatic RAID scrub is enabled by default. If you prefer to control the timing of RAID scrubs, you can turn
off the automatic scrubs. You can also manually start and stop disk scrubbing regardless of the current value
(on or off) of the raid.scrub.enable option.
ERROR MESSAGE
CAUSE
Inconsistent parity on volume volume_name,

RAID group n, stripe #n. Rewriting bad parity block
on volume volume_name, RAID group n.
Inconsistent parity block
Rewriting bad parity block on volume

volume_name, RAID group n, stripe #n.
Media error on the parity disk or a data disk
Multiple bad blocks found on volume

volume_name, RAID group n, stripe #n.
More than one bad block
Scrub found n parity inconsistencies. Scrub found n

media errors. Disk scrubbing finished.
Disk scrubbing is complete
3 - 44
RAID Scrubs
Automatic RAID scrub:
By default, a scrub begins at 1:00 a.m. each Sunday.
An administrator can change the schedule and specify the
duration.
Manual RAID scrub (overrides automatic settings):

To scrub disks manually:
system> options raid.scrub.enable off
and then system> aggr scrub start
To view scrub status:
system> aggr scrub status aggrname
To configure the reconstruction impact on performance:

system> options raid.reconstruct.perf_impact
To configure the scrubbing performance impact:
system> options raid.scrub.perf_impact
45
RAID SCRUBS
Prior to Data ONTAP 7.0, to manually scrub disks use the disk scrub start command.
3 - 45
Disk Failure and Physical Removal

To fail a disk:
system> disk fail device_id
To unfail a disk:
system*> disk unfail device_id
To unload a disk so that it can be physically removed:
system> disk remove device_id
The disk is now ready
to be pulled from the
shelf.
DISK FAILURE AND PHYSICAL REMOVAL
3 - 46
46
Disk Sanitization
A way to protect sensitive datato make recovery of the
data impossible
The process of physically obliterating data by overwriting
disks with three successive byte patterns or with random
data
Administrators can specify the byte patterns or use the Data
ONTAP default pattern.
47
DISK SANITIZATION
Disk sanitization is the process of physically obliterating data by overwriting disks with specified byte
patterns or with random data so that recovery of the original data is impossible. Use the disk sanitize
command to ensure that no one can recover the data on the disks.
The disk sanitize command uses three successive default or user-specified byte overwrite patterns for
up to seven cycles per operation. Depending on the disk capacity, the patterns, and the number of cycles, the
process can require several hours. Sanitization runs in the background. You can start, stop, and display the
status of the sanitization process.
3 - 47
Disk Sanitization Commands

To license the storage for sanitization:
system> license add XXXXXX
To verify the disks to be sanitized:
To start the sanitization operation:
system> disk sanitize start -r -c 3 device_list
Use r to indicate that a random pattern should overwrite the disks.
Use c to specify the number of times to run the operation (maximum
is seven).
Use p to provide a custom overwrite pattern.
Use device_list to specify a space-separated list of disk IDs.
To check the status of the sanitization operation:

system> disk sanitize status
To release disks back to the spare pool:
system> disk sanitize release device_list
48
DISK SANITIZATION COMMANDS

You can monitor the status of the sanitization process by using the /etc/sanitized_disks and
/etc/sanitization.log files:
Status for the sanitization process is written to the /etc/sanitization.log file every 15 minutes.
The /etc/sanitized_disks file contains the serial numbers of all drives that have been successfully sanitized.
For every invocation of the disk sanitize start command, the serial numbers of the newly sanitized
disks are appended to the file.
You can verify that all of the disks were successfully sanitized by checking the /etc/sanitized_disks file.
3 - 48
Degraded Mode
Degraded mode occurs when a disk fails in a RAID group
During degraded mode:
Data is still available
Performance is less than optimal
Data must be recalculated from parity until the failed disk is
replaced.
CPU usage increases to calculate from parity.
The failed disk (or disks for RAID-DP) will be rebuilt on a spare
drive (if available)
If no spares are available or if the rebuild fails, the system

shuts down after a period of time.
To change the time interval, use the options
raid.timeout command.
The default value is 24 hours.
49
DEGRADED MODE
If one disk in a RAID group fail, the system operates in degraded mode. In degraded mode, the system does
not operate optimally, but no data is lost. Within a RAID 4 group, if a second disk fails, data is lost; within a
RAID-DP group, if a third disk fails, data is lost. The following AutoSupport message will be broadcast:
[monitor.brokenDisk.notice:notice].
If the maximum number of disks have failed in a RAID group (two for RAID-DP, one for RAID 4) and there
are no suitable spare disks available for reconstruction, the storage system automatically shuts down in the
period of time specified by the raid.timeout option. The default timeout value is 24 hours. See this FAQ
for more information: https://kb.netapp.com/support/index?page=content&id=2013508.
Therefore, you should replace failed disks and used hot-spare disks as soon as possible. You can use the
options raid.timeout command to modify the timeout internal. However, keep in mind that, as the
timeout interval increases, the risk of subsequent disk failures also increases.
3 - 49
Hot-Swapping: Replacing Failed Disks

Hot-swapping is the process of removing or installing a
disk drive while the system is running.
Hot-swapping allows for:
Minimal interruption
The addition of new disks
Removing two disks from a RAID 4 group results in:

Double-disk failure
Data loss
Removing two disks from a RAID-DP group results in:

Double-degraded mode
No data loss
HOT-SWAPPING: REPLACING FAILED DISKS
3 - 50
50
Replacing Failed Disks
750 GB
1 TB
750 GB
750 GB
750 GB
750 GB
NOTE: When a larger disk replaces a smaller disk, disk resizing occurs.
51
REPLACING FAILED DISKS

When a failed disk is replaced, the size of the new disk must be equal to or larger than the usable space of the
replaced disk to accommodate all of the data blocks on the failed disk.
If the usable space on the replacement disk is larger than the failed disk, the replacement disk is right-sized to
the capacity of the failed disk. The extra space on the disk is not usable.
3 - 51
Disk Replacement
To replace a data disk with a spare disk:
system> disk replace start device_id
spare_device_id
system> disk replace start 0a.21 0a.23
Parity
Disk
0a.20
0a.21
0a.22
0a.23
Data
Disk
Target
Disk
Data
Disk
Spare
Disk
To check the status of a replace operation:

system> disk replace status
To stop a disk replace operation:

system> disk replace stop device_id
DISK REPLACEMENT
3 - 52
52
Aggregates
AGGREGATES
3 - 53
53
Aggregates
Aggregates logically contain flexible volumes
(FlexVol volumes).
NetApp recommends that aggregates be 32-bit or
64-bit.
An aggregate name must:
Begin with a letter or the underscore character (_)
Contain only letters, digits, and underscore
characters
Contain no more than 255 characters
54
AGGREGATES
To support the differing security, backup, performance, and data-sharing requirements of users, physical data
storage resources on your storage system can be grouped into one or more aggregates. Aggregates provide
storage for the volume or volumes they contain.
Each aggregate has its own RAID configuration, plex structure, and set of assigned disks. When you create an
aggregate without an associated traditional volume, you can use it to hold one or more FlexVol volumes
(logical file systems that share the physical storage resources, RAID configuration, and plex structure of the
aggregate container). When you create an aggregate with a traditional volume tightly bound, the aggregate
can contain only that volume.
A single storage system supports up to 100 aggregates (including traditional volumes).
Aggregate Names
Aggregate names must follow the naming conventions shown here. The same rules apply to volume names.
3 - 54
Adding an Aggregate
Use one of two methods:
The CLI: system> aggr create ...

NetApp System Manager: the Aggregate Wizard
Know the following information:
Aggregate name (required)

Aggregate type (32-bit is default)
RAID Type (DP is default)
RAID group size
Disk selection method
Disk size
Number of disks including parity (required)
To create an aggregate:
system> aggr create aggr1 3
Minimum options
shown
ADDING AN AGGREGATE
3 - 55
55
Using the CLI to Create an Aggregate

To create a 64-bit aggregate:
system> aggr create aggr -B 64 24
The 64-bit aggregate, which is called aggr, has

24 disks.
By default, the aggregate uses RAID-DP
technology.
The command succeeds only if 24 disks
(spares) are available.
To create a 32-bit aggregate:
system> aggr create aggr -B 32 24
or
system> aggr create aggr 24
USING THE CLI TO CREATE AN AGGREGATE

For more information about 64-bit aggregates, see Technical Report 3786, found at
http://www.netapp.com/us/library/technical-reports/tr-3786.html.
3 - 56
56
32-Bit or 64-Bit Aggregate

For creating aggregates, NetApp recommends
the following:
32-bit
Maximize performance
when no more than 16 TB
of space is needed.
64-bit
Achieve high performance
and the ability to exceed
the 16-TB limitation.
32-BIT OR 64-BIT AGGREGATE
3 - 57
57
Common Aggregate Commands

To grow an existing aggregate:
system> aggr add aggr [options] disk_number
To review the status of an aggregate:
system> aggr status aggr [options]
To rename an aggregate:
system> aggr rename aggr new_aggr
To take an aggregate offline:

system> aggr offline aggr
To put an aggregate back online:

system> aggr online aggr
To destroy an aggregate:
system> aggr offline aggr

system> aggr destroy aggr
Before you take an

aggregate offline,
destroy all volumes
inside the aggregate.
Before you destroy

an aggregate,
take it offline.
COMMON AGGREGATE COMMANDS
3 - 58
58
NetApp System Manager: Storage View
Select Storage and

launch the wizard to
configure storage.
NETAPP SYSTEM MANAGER: STORAGE VIEW
3 - 59
59
Storage Configuration Wizard
If NFS and CIFS

are licensed, this
page appears.
STORAGE CONFIGURATION WIZARD
3 - 60
60
Storage Configuration Wizard Summary
STORAGE CONFIGURATION WIZARD SUMMARY
3 - 61
61
NetApp System Manager: Aggregate
Select Aggregates
to administrate
aggregates.
Select Create to
create an
aggregate.
NETAPP SYSTEM MANAGER: AGGREGATE
3 - 62
62
Create Aggregate Wizard
For a 64-bit aggregate,

select this option. For a 32bit aggregate, do not select
the option.
CREATE AGGREGATE WIZARD
3 - 63
63
Create Aggregate Wizard Conclusion
CREATE AGGREGATE WIZARD CONCLUSION
3 - 64
64
Create Aggregate Wizard Results
CREATE AGGREGATE WIZARD RESULTS
3 - 65
65
Space Allocation
SPACE ALLOCATION
3 - 66
66
Aggregate Space Allocation: Concerns

How the Data ONTAP operating system
allocates space
How you balance conflicting goals
Use space
efficiently
Protect
data
To calculate space allocation, use 5 easy steps:

system> aggr create aggr1 5@847
1-TB ATA disks
are used.
Data
Data
Data
Parity Double-Parity
AGGREGATE SPACE ALLOCATION: CONCERNS
3 - 67
RAID-DP
is the
default.
67
Aggregate Space Allocation: First 20 MB

1. The first 20 MB of every disk is used for disk labels.
Data
...
1 TB
Data
...
1 TB
Data
...
1 TB
Data
...
1 TB
Data
...
1 TB
20 MB
AGGREGATE SPACE ALLOCATION: FIRST 20 MB
3 - 68
68
Aggregate Space Allocation: Binary Format

2. Disks are calculated differently:
Disks are originally calculated in decimal format, where 1 GB = 1000 MB.
A 1-TB disk is in decimal format: 1000000 MB.
When the Data ONTAP operating system analyzes a disk, it computes it
in binary format, where 1 GB = 1024 MB.
1000000 MB / 1024 GB / 1024 MB = 976.56 GB

Data
...
977 GB 1 TB
system> aggr status -r aggr1

...
RAID
Disk Device HA SHELF BAY CHAN Pool Type RPM Used(MB/blks) Phys(MB/blks)
-----------------------------------------------------------------------------data
2b.52
2b
3
4
FC:A
- ATA 7200 847555/... 847827/...
But wait! The Data ONTAP operating system reports more space taken away.
AGGREGATE SPACE ALLOCATION: BINARY FORMAT
3 - 69
69
Aggregate Space Allocation: Size Variance

3. Right-size allocation reduces the size slightly to
eliminate manufacturing variance.
Data
Data
Data
Data 0
Data
...
847 GB 1 TB
847 GB is the.right-size
..
allocation for a 1-TB ATA disk.
847 GB 1 TB
...
847 GB 1 TB
Because ATA drives have 512 bytes per

. . lose 12.5%
847 GB
sector, these drives .also
due to block checksum allocation.
...
847 GB
1 TB
1 TB
70
AGGREGATE SPACE ALLOCATION: SIZE VARIANCE

NOTE: ATA drives have only 512 bytes per sector and lose an additional one-ninth (12.5%) due to block
checksum allocation.
The following table is an abbreviated list of right-sized capacities for Data ONTAP 8.0.1 7-Mode. Please see
the Storage Management Guide of the appropriate Data ONTAP operating system version for a complete list.
DISK TYPE
DISK SIZE
RIGHT-SIZED
CAPACITY
AVAILABLE BLOCKS
FC
300 GB
272 GB
557,056,000
450 GB
418 GB
856,064,000
600 GB
560 GB
1,146,880,000
500 GB
423 GB
866,531,584
750 GB
635 GB
1,301,618,176
1 TB
847 GB
1,735,794,176
450 GB
418 GB
856,064,000
600 GB
560 GB
1,146,880,000
100 GB
84 GB
173,208,064
ATA or SATA
SAS
SSD
3 - 70
Aggregate Space Allocation: Counted Disks

4. Disks to count are different per OS version:
In Data ONTAP operating systems earlier than version
7.3, aggregate size is calculated using all of the
aggregates disks.
Data
Data
Data
Parity Double-Parity
Beginning with the Data ONTAP 7.3 operating system,

aggregate size is calculated using only the aggregates
data disks.
Data
Data
Data
AGGREGATE SPACE ALLOCATION: COUNTED DISKS
3 - 71
71
Aggregate Space Allocation: WAFL

5. The WAFL reserve requires 10% of the available
space. You can use the remaining 90%.
Data
...
10% WAFL Reserve
847 GB 1 TB
Data
...
847 GB 1 TB
Data
...
847 GB 1 TB
90% of the available space

AGGREGATE SPACE ALLOCATION: WAFL

To ensure efficiency, a 10% WAFL reserve is allocated for working space.
3 - 72
72
Space Usage of an Aggregate

To show how much space is available in an aggregate:
system> aggr show_space aggr
In increments of GB
system> aggr show_space -g aggr1
Aggregate aggr1'
Space available after right-sizing

and allocation of kernel space
Total space WAFL reserve Snap reserve Usable space BSR NVLOG A-SIS Smtape
2483GB
248GB
0GB
2234GB
0GB
0GB
0GB
This aggregate contains no volume
Aggregate
Total space
Snap reserve
WAFL reserve
Allocated
0GB
0GB
248GB
10% WAFL reserved

Used
0GB
0GB
0GB
Avail
2234GB
0GB
248GB
90% of the available

space can be used.
SPACE USAGE OF AN AGGREGATE
3 - 73
73
Module Summary
Describe Data ONTAP RAID technology
Identify a disk in a disk shelf based on its ID
Execute commands to determine a disk ID
Identify a hot-spare disk in a FAS system
Describe the effects of using multiple disk types
Create a 32-bit and a 64-bit aggregate
Execute aggregate commands in the Data ONTAP
operating system
Calculate usable disk space
MODULE SUMMARY
3 - 74
74
Exercise
Module 3: Physical Storage
EXERCISE
3 - 75

What is a RAID group?
Why use double parity?
If the RAID group size is 16, the following

command creates how many RAID groups and
an aggregate of what type?
system> aggr create newaggr 32
What is the minimum number of disks in a

RAID-DP group?
3 - 76
76
Logical Storage
Module 4
LOGICAL STORAGE
4-1
Data ONTAP 7-Mode Administration: Logical Storage
Module Objectives
Explain the concepts related to volume in the
Data ONTAP operating system
Define and create a flexible volume
Execute vol commands
Define and create qtrees
MODULE OBJECTIVES
4-2
Volumes
VOLUMES
4-3
Volumes
Volumes represent logical storage.
The Data ONTAP operating system allows up to 500
volumes per storage system.
Volumes are accessible through supported
protocols, such as CIFS, NFS, or iSCSI.
Data ONTAP 7.3 operating system and later versions
support the following types of volumes:
Flexible volumes, also known as FlexVol volumes
Traditional volumes (deprecated)
Additional product-specific volumes, such as
SnapLock volumes and FlexClone volumes
NOTE: The SnapLock product is only available on some
of Data ONTAP releases
VOLUMES
Volumes are file systems that hold user data that is accessible by means of one or more of the access
protocols that the Data ONTAP operating system supports, including NFS, CIFS, HTTP, Web-based
Distributed Authoring and Versioning (WebDAV), FTP, Fibre Channel (FC), Fibre Channel over Ethernet
(FCoE), and iSCSI. You can create one or more Snapshot copies of the data in a volume so that multiple,
space-efficient, point-in-time images of the data can be maintained for backup and error recovery.
The Data ONTAP operating system limits a storage system to only 100 aggregates, but within those
aggregates you can create up to 500 traditional and flexible volumes. For FAS2040 and FAS3050 systems,
the limit is 200 volumes per storage system.
4-4
Rules for Volumes

A volume name must:
Begin with either a letter or underscore
character (_)
Contain only letters, digits, and underscore
characters
Contain no more than 255 characters
The maximum size of a flexible volume is

limited by the maximum containing aggregate
size with a space-guaranteed volume.
RULES FOR VOLUMES
4-5
Root Volumes
/vol
Special virtual root path

/vol0
/etc
Root volume
Directory (configuration information)
One root volume per storage system

Contained in an aggregate:
Data ONTAP 7.3 and 8.0 7-Mode operating systems support
only 32-bit aggregates
Data ONTAP 8.0.1 7-Mode operating system and later supports
both 32-bit and 64-bit aggregates
Root volume contains the /etc directory

Root volume is accessible using /vol/vol(such as
/vol/vol0) or simply /
ROOT VOLUMES
The storage system contains a root volume that was created when the system was initially set up. The default
root volume name is /vol/vol0.
Storage systems on which the Data ONTAP 7.0 operating system or later was preinstalled have a FlexVol
volume for a root volume. Systems that run earlier versions of the Data ONTAP operating system have a
traditional root volume.
Each storage system has only one root volume, but the designated root volume can be changed. The root
volume is used to start up the storage system. It is the only volume with root attributes, which means that its
/etc directory is used for configuration information.
4-6
Volumes Access
/vol
Special virtual root path

/vol0
/etc
/users
/cheryl
Root volume
Directory (configuration information)
Volume
Directory
All volume path names begin with /vol.

The /vol path name is not a directory.
You cannot access /vol.
VOLUMES ACCESS
Volume path names begin with /vol. For example:
If the name of a volume is /vol0, the volume path is /vol/vol0.
If the name of a directory in a volume of shared users is cheryl, the volume path is /vol/users/cheryl.
NOTE: There is no directory called /vol. Rather, /vol is a special virtual root path under which the storage
appliance mounts directories. You cannot mount /vol to view all of the volumes on the storage system; you
must mount each volume separately.
4-7
Flexible Volumes
FLEXIBLE VOLUMES
4-8
Flexible Volumes
Flexible volumes allow you to manage the
logical layer of the file system independently of
the physical layer of storage.
Multiple flexible volumes can exist within a
single aggregate.
aggr1
FlexVol 1
FlexVol 2
FLEXIBLE VOLUMES
A flexible volume (also called a FlexVol volume) is a volume that is loosely coupled to its container
aggregate. Because the volume is managed separately from the aggregate, you can create small FlexVol
volumes (20 MB or larger), and then increase or decrease the size of FlexVol volumes in increments as small
as 4 KB.
Advantages of flexible volumes:
You can create flexible volumes almost instantaneously. These volumes:
You can increase and decrease a flexible volume while online, allowing you to:
4-9
Can be as small as 20 MB
Are limited to aggregate capacity (if guaranteed)
Can be as large as the volume capacity that is supported for your storage system (not guaranteed)
Resize without disruption
Size in any increment (as small as 4 KB)
Size quickly
Aggregates and FlexVol Volumes

Create aggregate
FlexVol 1
vol1
FlexVol 2
RAID groups are created as

result.
FlexVol 3
Create FlexVol 1
vol2
Metadata is written when

the volume is created.
There is no preallocation
of blocks to a specific
volume.
vol3
Create FlexVol 2
Aggregate
RG1
RG2
The WAFL (Write Anywhere

File Layout) file system
allocates aggregate space
as data is written.
RG3
aggr1
Populate volumes.
AGGREGATES AND FLEXVOL VOLUMES
4 - 10
10
Performance Gains with Flexible Volumes

I/O performance:
Spindle-sharing makes
total aggregate
performance available to
all volumes.
Space utilization:
Vol 1
Vol 2
Free
Vol 3
Vol 4
There is no preallocation of free

space.
Free space is
available for use by
other volumes or new
volumes.
PERFORMANCE GAINS WITH FLEXIBLE VOLUMES
4 - 11
11
Creating a Flexible Volume

To create a flexible volume using the command-line
interface (CLI):
system> vol create volname aggrname size[k|m|g|t]
To create a flexible volume using NetApp System

Manager, use the Volume Wizard.
When creating a flexible volume, you should know
the following information available:
Volume name (required)

Aggregate name (required)
Size (required)
Language
Space guarantee settings (discussed in Module 13)
12
CREATING A FLEXIBLE VOLUME

When you create a FlexVol volume, you must provide the following information:
A name for the volume

The name of the container aggregate
The size of a FlexVol volume must be at least 20 MB and no more than 16 TB (or whatever is the largest
size your system configuration supports).
In addition, you can provide the following optional FlexVol volume values:
4 - 12
Language (by default, the language of the root volume)

Space-guarantee setting for the new volume
Using the CLI to Create a Flexible Volume

Example:
system> vol create sales aggr1 20g
Creates a flexible volume:

Called sales
In aggr1
Of 20 GB
aggr1
sales
13
USING THE CLI TO CREATE A FLEXIBLE VOLUME

To manage traditional and flexible volumes, use the vol commands. The majority of the vol commands work
on traditional as well as flexible volumes. For a complete list of all the vol commands, see the system
documentation.
Language specifies the language that you want to use on this volume. The default language is the same as that
set for the root volume.
NOTE: It is strongly recommended that all volumes have the same language as the root volume, and that you
set the volume language at volume creation time. Changing the language of an existing volume can cause
some files to become inaccessible.
4 - 13
NetApp System Manager: Volumes
Select Volumes
to reveal a list
of volumes.
Click the Create

button to allocate a
new volume from an
existing aggregate
NETAPP SYSTEM MANAGER: VOLUMES
4 - 14
14
NetApp System Manager: Volume Creation
Removed Snapshot
reserve default
NETAPP SYSTEM MANAGER: VOLUME CREATION
4 - 15
15
NetApp System Manager: Volume Created
The new volume
NETAPP SYSTEM MANAGER: VOLUME CREATED
4 - 16
16
NetApp System Manager: Volume Usage
The new volume

usage
NETAPP SYSTEM MANAGER: VOLUME USAGE
4 - 17
17
Volume Administration
To resize a volume:
system> vol size volname [[+|-]<size>[k|m|g|t]]
Command
Result
vol size flexvol 50m
FlexVol volume size is changed to 50 MB.
Vol size flexvol +50m
FlexVol volume size is increased by 50 MB.
Vol size flexvol -25m
FlexVol volume size is decreased by 25 MB.
To verify the status of the volume:

system> vol status volname
To offline a volume:
system> vol offline volname
To online a volume:
system> vol online volname
To destroy a volume:
system> vol offline volname
system> vol destroy volname
First, take the

volume offline.
VOLUME ADMINISTRATION
4 - 18
18
NetApp System Manager: Volumes
To delete the
selected volume
NETAPP SYSTEM MANAGER: VOLUMES
4 - 19
19
NetApp System Manager: Volume Resize

Increase the
size from 1 GB
to 2 GB.
NETAPP SYSTEM MANAGER: VOLUME RESIZE
4 - 20
20
NetApp System Manager: Resize Summary
Verify your
request.
NETAPP SYSTEM MANAGER: RESIZE SUMMARY
4 - 21
21
NetApp System Manager: Volume Resized
The newly
resized volume
NETAPP SYSTEM MANAGER: VOLUME RESIZED
4 - 22
22
Qtrees
QTREES
4 - 23
23
Qtrees
A qtree is:
A logically defined file system within a volume
A special subdirectory at the root of a volume
Viewed as a directory by clients
Qtrees allow the user to:

Further partition data within a volume
Establish unique quotas for the restricting space
Perform backup and recover with SnapVault
software
Perform logical mirroring with SnapMirror software
4,995 maximum qtrees per volume

24
QTREES
You might consider creating a qtree for the following reasons:
You can easily create qtrees for managing and partitioning data within a volume.
You can create a qtree to assign user-based or workgroup-based usage quotas (soft or hard) and limit the
amount of storage space that a specific user or group of users can consume on the qtree to which they
have access.
Creating Qtrees
When you want to group files without creating a volume, you can create qtrees instead. When you create
qtrees, you can group files using any combination of the following criteria:
Security style
Oplocks setting
Quota limit
Qtree Limitations
The primary limitation of qtrees is that a maximum of 4,995 qtrees are allowed per volume on a storage
system.
NOTE: When you enter a df command with a qtree path name on a UNIX client, the command displays
the smaller client file system limit or the storage system disk space, making the qtree look fuller than it
actually is.
4 - 24
CLI: Qtree Management

To add a qtree using the CLI:
system> qtree create fullpath
Full path syntax: /vol/volname/qtreename
To verify the status using the CLI:

system> qtree status
To delete a qtree from CLI:

system*> qtree delete [-f] fullpath
To delete a qtree from a client:

Mapped drive to the volume
M:\> dir
08/09/2009 10:02 AM
<DIR> qtree1
M:\> rmdir qtree1
25
CLI: QTREE MANAGEMENT

You can back up individual qtrees to:
Add flexibility to your backup schedules
Modularize backups by backing up only one set of qtrees at a time
Limit the size of each backup to one tape
Many products with NetApp software (such as SnapMirror and SnapVault) are qtree-aware.
When you work at the qtree level, because you are working in a smaller increment than the entire volume, you
can back up and recover files quickly.
4 - 25
NetApp System Manager: Qtree Creation
Select Qtrees
to reveal a list
of qtrees and
volumes.
NETAPP SYSTEM MANAGER: QTREE CREATION
4 - 26
26
NetApp System Manager: Qtrees
The newly
created qtree
is displayed.
To delete a
qtree, select it,
and then click
Delete.
NETAPP SYSTEM MANAGER: QTREES
4 - 27
27
Module Summary
Explain the concepts related to volume in the
Define and create a flexible volume
Execute vol commands
Define and create qtrees
MODULE SUMMARY
4 - 28
28
Exercise
Module 4: Logical Storage
EXERCISE
4 - 29

How does a traditional volume compare to an
aggregate?
What is the name of the default root volume?
4 - 30
30
WAFL Simplified
Module 5
WAFL SIMPLIFIED
5-1
Data ONTAP 7-Mode Administration: WAFL Simplified
Module Objectives
Describe how data is written to and read from
a WAFL (Write Anywhere File Layout) file
system on a volume
Explain the WAFL file system concepts,
including consistency points (CPs), RAID
management, and storage levels
Describe how RAID is used to protect disk data
Explain how the WAFL file system processes
write and read requests
MODULE OBJECTIVES
5-2
Data ONTAP 7.3.x Architecture
Network
Protocols
Clients
WAFL
Physical
Memory
RAID
Storage
NVRAM
Disk
Array
DATA ONTAP 7.3.X ARCHITECTURE
5-3
Clients
D-Blade
Network
Protocols
M-Host
Client Protocol
Access
Data ONTAP 8.0.x 7-Mode Architecture
WAFL
Physical
Memory
RAID
Storage
NVRAM
FreeBSD
DATA ONTAP 8.0.X 7-MODE ARCHITECTURE
5-4
Disk
Array
Write Requests
WRITE REQUESTS
5-5
Write Requests
The Data ONTAP operating system receives write
requests through multiple protocols:
CIFS
NFS
Fibre Channel (FC)
iSCSI
HTTP
Web-based Distributed Authoring and Versioning
(WebDAV)
Write requests are buffered into:

System memory
Nonvolatile RAM (NVRAM)
WRITE REQUESTS
5-6
Write Request Data Flow: Write Buffer

Network
Network
Stack
RS-232
SAN
Service
HBA
NFS
Service
NIC
CIFS
Service
SAN Host
UNIX
Client
Protocols
Memory Buffer /
Cache
WAFL
NVLOG
NVLOG
NVLOG
NVLOG
NVLOG
N
V
R
A
M
NVRAM Full
RAID
Windows
Client
Storage
WRITE REQUEST DATA FLOW: WRITE BUFFER

Write requests are received from clients. Each write request is stored in a buffer in memory. A copy of each
request is made in the NVLOG. The WAFL file system acknowledges receipt as requests are received.
5-7
Consistency Point
A CP is a completely self-consistent image of a file
system.
A CP is equivalent to capturing the structure of a file
system at a moment in time.
When a CP occurs, designated data is written to a disk
and a new root inode is determined.
A CP occurs for multiple reasons, including but not
limited to the following:
Half of the NVRAM card is full
10 seconds elapse
A Snapshot copy is created (discussed in Module 12)
The system is halted
CONSISTENCY POINT
A consistency point (CP) is a completely self-consistent image of the entire file system and is not actually
accomplished until the data has been written to disk and a new root inode is determined.
Although CPs occur for many reasons, a few of the major reasons are:
5-8
Half of the nonvolatile RAM (NVRAM) card is full

10 seconds elapse
A Snapshot copy is created
The system is halted
CPs in the Data ONTAP Operating System

For a CP, the Data ONTAP operating system
flushes writes to disk
It always writes to new data blocks.
The volume is always consistent on the disk.
When the Data ONTAP operating system

flushes memory to disk:
It updates the file system atomically, meaning
that the entire write must be completed or the
entire write is rolled back.
The flush includes all metadata.
It checks and then clears the NVRAM.
CPS IN THE DATA ONTAP OPERATING SYSTEM

At least once every 10 seconds, the WAFL file system generates a CP (an internal Snapshot copy) so that
disks contain a completely self-consistent version of the file system. When the storage system boots, the
WAFL file system always uses the most recent CP on the disks, so you dont have to spend time checking the
file system, even after power loss or hardware failure. The storage system boots in a minute or two, with most
of the boot time devoted to spinning up disk drives and checking system memory.
The storage system uses battery-backed NVRAM to avoid losing data write requests that might have occurred
after the most recent CP. During a normal system shutdown, the storage system turns off protocol services,
flushes all cached operations to disk, and turns off the NVRAM. When the storage system restarts after a
power loss or hardware failure, it replays into system RAM any protocol requests stored in NVRAM that are
not on the disk. To view the CP types that the storage system is currently using, use the sysstat x 1 option.
CPs triggered by the timer, a Snapshot copy, or internal synchronization are normal. Other types of CPs can
occur from time to time.
Atomic Operations
An atomic operation is actually a set of operations that can be combined so that they appear to the rest of the
system to be a single operation, with only two possible outcomes: success or failure.
For an operation to be atomic, the following conditions must be met:
1. Until the entire set of operations is complete, no other process can be aware of the changes being made.
2. If any single operation fails, then the entire set of operations fail and the system state is restored to its
state prior to the start of any operations.
Source: http://en.wikipedia.org/wiki/Atomic_operation
5-9
Write Request Data Flow: WAFL to RAID

Network
Network
Stack
RS-232
SAN
Service
HBA
NFS
Service
NIC
CIFS
Service
SAN Host
UNIX
Client
Protocols
NVLOG
NVLOG
NVLOG
NVLOG
NVLOG
Memory Buffer /
Cache
N
V
R
A
M
NVRAM Full
WAFL
RAID
Windows
Client
Storage
10
WRITE REQUEST DATA FLOW: WAFL TO RAID

The WAFL file system provides short response times to write requests by saving a copy of each write request
in system memory and battery-backed NVRAM, and immediately sending acknowledgments. This process is
different from traditional servers that must write requests to the disk before acknowledging them. The WAFL
file system delays writing data to the disk, which provides more time to collect multiple write requests and
determine how to optimize storage of data across multiple disks in a RAID group. Because NVRAM is
battery-backed, you dont have to worry about losing data.
In the WAFL file system:
Data has no fixed location except in the superblock.
Metadata is stored in files.
All data is stored in files.
Layouts can always be optimized.
By combining batch writes, the WAFL file system:
5 - 10
Allows the Data ONTAP operating system to convert multiple small file writes into one sequential disk
write.
Distributes data across all disks in a large array, meaning no overloaded disks or hotspots (disks that
might be utilized more than other disks in an array).
CPs from the WAFL File System to RAID

The RAID layer calculates the parity of the data:
To protect it from one or more disk failures
To protect stripes of data
The RAID layer calculates checksums, stored in

the block or zone method.
If a data disk fails, the missing information can be
calculated from parity.
The storage system can be configured in one of
two ways:
RAID 4: The system can recover from one disk
failure in the RAID group.
RAID-DP: The system can recover from up to two
disk failures in the RAID group.
11
CPS FROM THE WAFL FILE SYSTEM TO RAID

The WAFL file system then hands off data to the RAID subsystem, which calculates parity and then passes
the data and parity to the storage layer, where the data is committed to the disks. RAID uses parity to
reconstruct broken disks. Parity scrubs, which proactively identify and solve problems, are performed at the
RAID level using checksum data.
5 - 11
Write Request Data Flow: RAID to Storage

Network
Network
Stack
RS-232
SAN
Service
HBA
NFS
Service
NIC
CIFS
Service
SAN Host
UNIX
Client
Protocols
NVLOG
NVLOG
NVLOG
NVLOG
NVLOG
Memory Buffer /
Cache
N
V
R
A
M
NVRAM Full
WAFL
RAID
4k
Windows
Client
Checksum
computed
Storage
12
WRITE REQUEST DATA FLOW: RAID TO STORAGE

Storage drivers move data between system memory and storage adapters, and ultimately to disks. The disk
driver component reassembles writes into larger I/O operations and also monitors which disks have failed.
The SCSI driver creates the appropriate SCSI commands to synchronize with the reads and writes that it
receives.
5 - 12
CPs from RAID to Storage

The storage layer commits data and parity to
the physical disks.
The root inode is updated to point to the new
file inodes on the disk.
NVRAM is flushed and made available.
The CP now is complete.
CPS FROM RAID TO STORAGE
5 - 13
13
Write Request Data Flow: Storage Writes

Network
Network
Stack
RS-232
SAN
Service
HBA
NFS
Service
NIC
CIFS
Service
SAN Host
UNIX
Client
Protocols
NVLOG
NVLOG
NVLOG
NVLOG
NVLOG
Memory Buffer /
Cache
N
V
R
A
M
NVRAM Full
WAFL
RAID
Windows
Client
Storage
14
WRITE REQUEST DATA FLOW: STORAGE WRITES

The storage layer transfers data to physical disks. After data is written to the disks, a new root inode is
updated, a CP is created, and the NVRAM bank is cleared.
5 - 14
NVRAM
The Data ONTAP operating system writes from
system memory:
NVRAM is never read during normal write
operations.
NVRAM is backed up with a battery.
If a system failure occurs before the

completion of a CP, the data is read from
NVRAM and added back to the system
memory buffer when the system is brought
back online (or by the partner machine in a
high-availability controller configuration).
15
NVRAM
NVRAM is best viewed as a log. This log stores a subset of incoming file actions.
When a request comes in, two things happen:
The request gets logged to NVRAM. NVRAM is not read during normal processing. It is simply a log of
requests for action (including any data necessary, such as the contents of a write request).
The request is acted upon. The storage system's main memory is used for processing requests. Buffers are
read from the network and from the disk and processed according to the directions that came in as CIFS
or NFS requests. NVRAM holds the instructions that are necessary if the same actions need to be
repeated.
If the storage system does not crash, the NVRAM eventually is cleared without ever being read back. If the
storage system crashes, the data from NVRAM is processed as if the storage system were receiving those
same requests over the wire again. The same response is made by the storage system for the request in
NVRAM, just as if it had come in through the network again.
5 - 15
Read Requests
READ REQUESTS
5 - 16
16
Read Requests
Every time a read request is received, the
WAFL file system does one of two things:
Reads the data from the system memory, also
known as the cache
Reads the data from the disks
The cache is populated by:

Data recently read from disk
Data recently written to disk
17
READ REQUESTS
The Data ONTAP operating system includes several built-in, read-ahead algorithms. These algorithms are
based on patterns of usage, which helps ensure that the read-ahead cache is used efficiently.
Five Steps in a Read
1.
2.
3.
4.
5.
The network layer receives an incoming read request (read requests are not logged to NVRAM).
If the requested data is located in cache, it is returned immediately to the requesting client.
If the requested data is not located in cache, the WAFL file system initiates a read request from the disk.
Requested blocks and intelligently chosen read-ahead data are sent to cache.
The requested data is sent to the requesting client.
NOTE: In the read process, cache is used to refer to system memory.
5 - 17
Read Request Data Flow: Read from Disk

Network
Network
Stack
Console
SAN
Service
HBA
NFS
Service
NIC
CIFS
Service
SAN Host
UNIX
Client
Protocols
N
V
R
A
M
Memory Buffer /
Cache
WAFL
RAID
Windows
Client
Storage
18
READ REQUEST DATA FLOW: READ FROM DISK

Read requests that can be satisfied from the read cache are retrieved from the disk. The read cache is then
updated with new disk information for subsequent read requests.
5 - 18
Read Request Data Flow: Cache

Network
Network
Stack
RS-232
SAN
Service
HBA
NFS
Service
NIC
CIFS
Service
SAN Host
UNIX
Client
Protocols
N
V
R
A
M
Memory Buffer /
Cache
WAFL
RAID
Windows
Client
Storage
19
READ REQUEST DATA FLOW: CACHE

When a read request is received from a client, the WAFL file system determines whether to read data from
the disk or respond to the request using the cache buffers. The cache can include data that was recently
written to or read from the disk.
5 - 19
Module Summary
Describe how data is written to and read from
a WAFL file system on a volume
Explain the WAFL file system concepts,
including CPs, RAID management, and
storage levels
Describe how RAID is used to protect disk data
Explain how the WAFL file system processes
write and read requests
MODULE SUMMARY
5 - 20
20
Exercise
Module 5: WAFL Simplified
EXERCISE
5 - 21

What is a consistency point?
What is the purpose of RAID?
What does the storage layer do?
5 - 22
22
Administration
Security
Module 6
ADMINISTRATION SECURITY
6-1
Data ONTAP 7-Mode Administration: Administration Security
Module Objectives
Restrict administrative access
Restrict console and NetApp System
Manager access
Configure a client machine as an
administration host to manage a storage
system
MODULE OBJECTIVES
6-2
Storage System Access

Exercise careful attention when you set up
administrative access.
Limit who has administrative access
Limit where administrators can gain access
To secure your system:
Ensure a secure configuration

Manage user logins
Communicate securely with the storage system
Guard physical access
NOTE: Data ONTAP 8.0 operating
system and later default more secure
settings than previous versions
STORAGE SYSTEM ACCESS
6-3
Secure Configuration
SECURE CONFIGURATION
6-4
Securing a NetApp Storage System

Use secureadmin to enable Secure Shell (SSH) and
Secure Sockets Layer (SSL) and to verify that the
following settings are set:
system>
system>
system>
system>
options
options
options
options
ssh.enable on
ssh2.enable on
ssh.passwd_auth.enable on
ssh.pubkey_auth.enable on
NOTE: These steps were performed during
the discussion of configuring a storage
system with NetApp System Manager and
the command-line interface (CLI).
Use SSL to communicate with NetApp System

Manager:
system> options httpd.admin.ssl.enable on
SECURING A NETAPP STORAGE SYSTEM
6-5
Securing a NetApp Storage System

Disable nonsecure protocols:
system>
system>
system>
system>
system>
system>
options
options
options
options
options
options
rsh.enable off
telnet.enable off
ftpd.enable off
httpd.enable off
httpd.admin.enable off
ssh1.enable off
Check to ensure that the passwords are hardened:

system>
system>
system>
system>
...
options
options
options
options
security.passwd.rules.everyone on
security.passwd.rules.history 6
security.passwd.minimum 8
security.passwd.minimum.digit 1
Set password options in compliance with
corporate security policies.
SECURING A NETAPP STORAGE SYSTEM
6-6
Manage User Logins
MANAGE USER LOGINS
6-7
Administrative Users
Initially, there is only one administrative account:
root.
Multiple administrative accounts are allowed,
managed by role-based access control (RBAC).
Login information is tracked in the syslog
(/etc/messages) file, including:
User name
Time of access
Node name or address
Administration operations are tracked in the audit

log (/etc/log/auditlog).
ADMINISTRATIVE USERS
To manage a storage system, you can use the default system administration account, or root. You can also use
the useradmin command to create additional administrator user accounts.
Administrator accounts are beneficial because:
You can give administrators and groups of administrators differing levels of administrative access to your
storage systems.
You can limit an individual administrator's access to specific storage systems by giving the individual an
administration account on only those systems.
Having different administrator accounts allows you to display information about who is performing
commands on a storage system, and what commands they are using.
The auditlog file keeps a record of all administrator operations that are performed on a storage system and
the administrator who performed each operation, as well as any operations that failed due to insufficient
capabilities.
You can assign each administrator to one or more groups whose assigned roles (sets of capabilities)
determine what operations they are authorized to carry out on the storage system.
If a storage system that is running CIFS is a member of a domain or a Windows workgroup, domainuser
accounts that are authenticated on the Windows domain can use any available method to access the
storage system.
The Audit Log
An audit log is a record of commands that are executed at the console through a Telnet shell, SSH, or by
using the rsh command. All commands that are executed in a source-file script are also recorded in the audit
log. Audit log data is stored in the /etc/log directory, in the auditlog file. HTTP administration operations,
such as those resulting from the use of NetApp System Manager, are also logged. You can use the
auditlog.max_file_size option to specify the maximum size of the auditlog file. By default, the Data
ONTAP operating system is configured to save an audit log.
6-8
Role-Based Access Control

Role-based access control (RBAC) is a mechanism for
managing a set of capabilities that an administrator can
perform on a storage system.
Follow these steps to implement RBAC:
Create a role with specific capabilities.

Create a group with one or more assigned roles.
Create one or more users that are assigned to one or more
groups.
Groups
Roles
Capabilities
ROLE-BASED ACCESS CONTROL

Role-based access control (RBAC) specifies how users and administrators can use a particular computing
environment.
Most organizations have multiple system administrators, some of whom require more privileges than others.
By selectively granting or revoking privileges for each user, you can customize the degree of access that each
administrator has to the system.
RBAC allows you to define sets of capabilities that apply to one or more users. Users are assigned to groups
based on their job functions, and each group is granted a set of roles to perform those functions.
6-9
Capabilities
Capabilities are predefined privileges that
allow users to execute commands or take
other specified actions.
A role is a set of capabilities.
The following capabilities are predefined:
Login
CLI
Security
API
10
CAPABILITIES
A capability is a privilege that is granted to a role to execute commands or take other specified actions.
The Data ONTAP operating system uses four types of capabilities:
Login rights: These capabilities begin with login- and are used to control which access methods an
administrator is permitted to use for managing the system.
CLI rights: These capabilities begin with cli- and are used to control which commands an
administrator can use in the Data ONTAP command-line interface (CLI).
Security rights: These capabilities begin with security- and are used to control an administrators
ability to use advanced commands or change passwords for other users.
API rights: These capabilities begin with api- and are used to control which API commands can be
used. API commands are usually executed by programs, not administrators. However, you might want to
restrict a specific program to certain APIs by creating a special user account for it, or you might want to
have a program authenticate as the administrator who is using the program and then limit the program by
that administrators roles.
See the System Administration guide for the appropriate Data ONTAP operating system version.
6 - 10
Roles
A role is a defined set of capabilities.
The Data ONTAP operating system includes
several predefined roles.
Administrators can create additional roles or
modify existing roles.
Admin Role
Login capability
Security capability
CLI capability
API capability
11
ROLES
A role is a collection of capabilities or rights to execute certain functions. Usually, a role is created to assign a
task or tasks to a particular group of users.
6 - 11
Predefined Administrative Roles

The root role grants all possible capabilities.
The admin role grants all CLI, API, login, and security
capabilities.
The power role grants the ability to:
Invoke all cifs, exportfs, nfs, and useradmin CLI
commands
Make all cifs and nfs API calls
Log in using Telnet, HTTP, RSH, and SSH sessions
The compliance role grants the ability of the power role, along
with the ability to use SnapLock compliance software and file API
calls.
The audit role grants the ability to make snmp-get and snmpget-next API calls.
The backup role grants the ability to make NDMP calls.
The none role grants no administration capabilities.
12
PREDEFINED ADMINISTRATIVE ROLES

Roles have assigned capabilities that can be modified.
The useradmin role list command is used to view capabilities that are assigned to each role.
To assign a user to a system, you must first assign the user to a group that has specified capabilities.
6 - 12
Groups
A group is:
A collection of users
Associated with one or more roles
Built-in groups have defined permissions and

access levels that are defined by built-in roles.
Admin Role
13
GROUPS
A group is a collection of users or domain users. It is important to remember that the groups that are defined
in the Data ONTAP operating system are separate from other groups, such as groups that are defined in the
Microsoft Active Directory server or a Network Information System (NIS) environment. This is true even
if the groups that are defined in the Microsoft Active Directory and the groups that are defined in the Data
ONTAP operating system have the same name.
When you create new users or domain users, the Data ONTAP operating system requires that you specify a
group. Therefore, you should create appropriate groups before you define users or domain users.
6 - 13
Predefined Groups
Administrators: grants all CLI, API, login, and security
capabilities
Power Users: grants the ability to invoke cifs, nfs,
and useradmin CLI commands, manage cifs and
nfs API calls, and log in using Telnet, HTTP, RSH,
and SSH sessions
Compliance Administrators: compliance role
Backup Operators: none role
Replicators: none role
Users: grants the ability to make snmp-get and
snmp-get-next API calls
Guests: none role
14
PREDEFINED GROUPS
To create or modify a group, start by giving the group capabilities that are associated with one or more
predefined or customized roles.
6 - 14
User Creation Requirements: Role

Use this CLI command to view current role
definitions:
system> useradmin role list [role]
Leave the role list empty to view general information

for all roles.
Enter a specific role to view detailed information
about that particular role.
Use this CLI command to create a new role:

system> useradmin role add <role> a <capability>,
Capability can be one or more of the login, CLI,

security, or API capabilities.
Each capability can be refined to a specific subset.
USER CREATION REQUIREMENTS: ROLE
6 - 15
15
Users
A user is:
An individual account that may or may not have
capabilities defined for the storage system
Part of a group
NOTE: For security purposes, each user should have a unique
login account.
Group
Admin Role
USERS
6 - 16
16
User Creation Requirements: Group

Use this CLI command to view current group definitions:
system> useradmin group list [group_name]
Leave the group name list empty to view general

information for all groups.
Enter a specific group name to view detailed
information about that particular group.
Use this CLI command to create a new group:
system> useradmin group add <groupname> -r <role>,
A group must be associated with one or more roles.
USER CREATION REQUIREMENTS: GROUP
6 - 17
17
Purpose of Local Users

Local users:
Are used for administrative access
In CIFS:
Provide a list of authenticated users with Microsoft
Windows workgroup authentications
Provide access to users when there is no domain
controller access with Windows domain
authentications
In NFS v4, provide access to the storage system
Although you can provide access to data with

local users, NetApp recommends using local
users only for administrative access.
18
PURPOSE OF LOCAL USERS

Local users are often used to delegate configuration duties to other administrators. However, local users are
also created if the system storage is configured to perform local authentication with CIFS or NFS protocols
(for example, when the storage systems CIFS server is configured for Windows workgroup authentication).
6 - 18
Security Administration: Users

Use the following command from the CLI to manage
user accounts:
useradmin user
This command allows you to list, add, and delete users.
The user account is maintained in the /etc/registry file.
User authentication is performed locally on the storage

system.
Group
Admin Role
SECURITY ADMINISTRATION: USERS
6 - 19
19
User Security Administration

Security options in this command define
password control:
system> options security
This CLI command defines password

management:
system> passwd
NOTE:
The root user ID cannot be deleted.

There is no initial password for root for upgrades (new installs
require a root password by default).
A password cannot be the same as the associated user name.
Root has full administration rights to the machine without login
if there are no other user definitions or password settings.
20
USER SECURITY ADMINISTRATION

PASSWORD RULE OPTION
security.passwd.firstlogin.enable
{on|off}
DESCRIPTION
Specifies whether new users and users who log in for the first
time after another user has changed his or her password must
change the password when they log in. The default value for
this option is off.
NOTE: If you enable this option, you must ensure that all
groups have login-telnet and cli-passwd capabilities. Users in
groups that do not have these capabilities cannot log in to the
storage system.
security.passwd.lockout.numtries num
Specifies the number of allowable login attempts before a user

account is disabled. The default value for this option is
4,294,967,295.
security.passwd.rules.
enable {on|off}
Specifies whether a check-for-password composition is

performed when new passwords are specified. If this option is
set to on, passwords are checked against the rules that are
specified in this table, and the password is rejected if it doesn't
pass the check. If this option is set to off, the check is not
performed. The default value for this option is on. By default,
this option does not apply to root or administrator users.
everyone {on|off}
Specifies whether a check-for-password composition is

performed for the root and administrator users. If the
security.passwd.rules.enable option is set to off, this option
does not apply. The default value for this option is off.
6 - 20
PASSWORD RULE OPTION
DESCRIPTION
history num
Specifies the number of previous passwords that are checked

against a new password to disallow repeats. The default value
for this option is 0, meaning that no repeat passwords are
allowed.
maximum max_num
Specifies the maximum number of characters in a password.

NOTE: This option can be set to a value greater than 16, but a
maximum of 16 characters are used to match the password.
Users with passwords longer than 14 characters cannot log in
through Windows interfaces, so if you are using Windows, do
not set this option to a value greater than 14. The default value
for this option is 256.
minimum min_num
Specifies the minimum number of characters in a password.

The default value for this option is 8.
minimum.alphabetic min_num
Specifies the minimum number of alphabetic characters in a

password. The default value for this option is 2.
minimum.digit min_num
Specifies the minimum number of digit characters (numbers

from 0 to 9) in a password. The default value for this option is
1.
minimum.symbol min_num
Specifies the minimum number of symbol characters (white

space and punctuation characters) in a password. The default
value for this option is 0.
6 - 21
NetApp System Manager: Passwords
Select
Set the root user

password and
click Change.
NETAPP SYSTEM MANAGER: PASSWORDS
6 - 22
21
User Creation Requirements: User

Use this CLI command to view the current user:
system> useradmin user list [user]
Leave the list empty to view general information for all

users.
Enter a specific user to view detailed information
about that particular user.
Use this CLI command to create a new user:
system> useradmin user add <username> -g <group>,
A password can be required (see security options).

The user must be associated with one or more
groups.
USER CREATION REQUIREMENTS: USER
6 - 23
22
NetApp System Manager: Users
To configure
users
NETAPP SYSTEM MANAGER: USERS
6 - 24
23
User Management
The newly created user

To delete the selected
user, click Delete.
USER MANAGEMENT
6 - 25
24
User Properties
USER PROPERTIES
6 - 26
25
NetApp System Manager: Groups
To configure
groups
Select the
predefined role.
NETAPP SYSTEM MANAGER: GROUPS
6 - 27
26
Group Management
The newly
created group
GROUP MANAGEMENT
6 - 28
27
Group Properties
GROUP PROPERTIES
6 - 29
28
Communicate Securely
COMMUNICATE SECURELY
6 - 30
29
Data ONTAP 8.0 Security

The Data ONTAP 8.0 operating system ships
with the most secure options enabled:
SSH and SSL are enabled by default, but
configuration is required.
Telnet, RSH, HTTP, and FTP are disabled by
default.
When you upgrade a storage system, it

inherits the settings of the previous version.
DATA ONTAP 8.0 SECURITY
6 - 31
30
Administration Host
The setup command requests the name and IP
address of the administration host.
This is typically a UNIX or Linux host that has
access to mount the root volume from the storage
system.
When mounted, user root on the administration host
has root access to the root volume.
If provided, the administration host is granted root

access to the root volume for administration
purposes.
If not provided, all NFS clients are granted
read-write access to the root volume (not
recommended).
31
ADMINISTRATION HOST
The term administration host is used to describe an NFS client machine that has the ability to view and
modify configuration files that are stored in the /etc directory of the storage systems root volume.
When you designate a workstation as an administration host, the storage system's root file system (/vol/vol0
by default) is accessible by NFS mounting if NFS is licensed.
You can designate additional administration hosts after setup by modifying the storage system's NFS exports
and CIFS shares.
The Administration host can set using the setup command or the hidden admin.host option.
Administration Host Privileges
The storage system grants root permissions to the administration host after the setup procedure is complete.
This table describes administration host privileges.
IF THE
ADMINISTRATION
HOST IS ...
YOU CAN ...
An NFS client
A CIFS client
6 - 32
Mount the storage system root directory and edit configuration files from
the administration host.
Use an RSH connection to enter Data ONTAP commands.
Connect to the storage system as root or administrator, and then edit

configuration files from any CIFS client.
Restricting Access
To improve security, you can configure the
storage system to allow logins only from
trusted hosts. Configure this option by using:
The CLI command:
system> options trusted.hosts [hostname|*|-]
You can specify up to five clients to be given

SSH and NetApp System Manager privileges.
32
RESTRICTING ACCESS
When you restrict access by using the options trusted.hosts command:
6 - 33
Host names should be entered as a comma-separated list with no spaces.

Enter an asterisk (*) to allow access to all clients (this is the default).
Enter a hyphen (-) to disable access to the server.
This value is ignored for Telnet if options telnet.access is set, and is ignored for HTTP
administration if options httpd.admin.access is set.
NetApp System Manager: Security
Configure Security
immediately to ensure
a proper security
connection.
NETAPP SYSTEM MANAGER: SECURITY
6 - 34
33
Security Settings
SECURITY SETTINGS
6 - 35
34
Guard Physical Access
GUARD PHYSICAL ACCESS
6 - 36
35
Physical Access
Physical access concerns:
Guard access to your storage systems. The root
password can be reset. (discussed in Module 18)
PHYSICAL ACCESS
6 - 37
36
Module Summary
Restrict administrative access
Restrict console and NetApp System Manager
access
Configure a client machine as an
administration host to manage a storage
system
MODULE SUMMARY
6 - 38
37
Exercise
Module 6: Administration Security
EXERCISE
6 - 39

How do you control administrative access to
the storage system?
Why would you use the useradmin
command?
6 - 40
39
Networking
Module 7
NETWORKING
7-1
Data ONTAP 7-Mode Administration: Networking
Module Objectives
Identify the configuration of network settings and
components in the Data ONTAP operating system
Explain and configure name resolution services
Configure routing tables in the Data ONTAP operating
system
Define and create interface groups
Discuss the operation of virtual LANs (VLANs) and
how to route them
MODULE OBJECTIVES
7-2
Interface Configuration
INTERFACE CONFIGURATION
7-3
Interface Configuration
The setup command performs the initial
network interface configuration.
After initial setup, you can create and modify
the interface configuration using:
Command-line interface (CLI) with the
ifconfig command
Interface configuration is stored in the /etc/rc

file, which is executed when the storage
system boots normally.
INTERFACE CONFIGURATION
From the CLI, the ifconfig command displays and configures network interfaces for a storage system.
These are ifconfig command examples:
Display network interface configurations:

ifconfig -a
Change an interface IP address:

ifconfig interface 10.10.10.XX
Bring down an interface:

ifconfig interface down
Bring up an interface:
ifconfig interface up
The /etc/rc file configures the interface settings during boot. To edit this configuration on the storage system,
you can use the wrfile command from NetApp System Manager or from an administration host that uses
CIFS or NFS.
Example: Using the ifconfig command in the /etc/rc file:
ifconfig interface 10.10.10.XX netmask 255.255.252.0 up
7-4
Ethernet Interface Naming

The Data ONTAP
operating system
supports these network
types:
Network Types
Letter
Ethernet
Port Number
Letter
Ethernet 10/100 Base-T

Gigabit Ethernet
10 Gigabit Ethernet
(Data ONTAP 7.2 operating

system or later)
Storage systems with

multiple-port Ethernet
adapters use letters to
identify the ports.
EHTERNET INTERFACE NAMING

Your storage system supports these interface types:
Ethernet, including quad-port Ethernet adapters

Gigabit Ethernet (GbE)
Asynchronous transfer mode (ATM). Emulated LAN (ELAN), and FORE/IP
Onboard network interfaces (supported on FAS250, FAS270, FAS3000/V3000, and FAS6000/V6000
systems)
10 Gigabit Ethernet (10GbE) TCP offline engine (TOE) network interface card (NIC)
Your storage system also supports these virtual network interface types:
7-5
Virtual interface
Virtual LAN (VLAN)
Virtual hosting (VH)
Interface Naming Quiz

Interface Type
Slot
Port
Interface Name
Ethernet
0 (onboard)
e0a
Ethernet
0 (onboard)
e0b
Ethernet
e3a
Ethernet
e3b
Ethernet
e3c
Ethernet
e3d
INTERFACE NAMING QUIZ

For physical interfaces, interface names are assigned automatically, based on the slot where the network
adapter is installed.
VLAN interfaces are displayed in the interfaceID_and_slot_number-vlan_id format, where slot_number is the
slot where the network adapter is installed, and vlan_id is the identifier of the VLAN that is configured on the
interface. For example, e8-2, e8-3, and e8-4 are three VLAN interfaces for VLANs 2, 3, and 4, configured on
interface e8.
You can assign names to vifs (for Data ONTAP 7.3.x), interface groups (for Data ONTAP 8.0 7-Mode and
later), and emulated LAN interfaces.
7-6
Managing Interfaces: ifconfig

These network interface parameters can be
configured:
IP address
Netmask address
Broadcast address
Media type and speed
Maximum transmission unit (MTU)
Flow control (Gigabit Ethernet II controller only)
Up or down state
system> ifconfig e0c 10.10.10.10 netmask
255.255.255.0 up
To display current status, use ifconfig -a.

Interface configuration changes are not permanent
until entered into the /etc/rc file.
MANAGING INTERFACES: IFCONFIG

Changes that you make by using the CLI are not permanent until you use either the CLI or NetApp System
Manager to add the changes to the /etc/rc file.
Network Parameter Descriptions
7-7
IP address: Standard format is used for IP addresses (for example, 192.168.23.10). IP addresses are
mapped to host names in the /etc/hosts file.
Netmask and broadcast address: Standard format is used for netmask and broadcast addresses (for
example, 255.255.255.0 for netmask, and 192.168.1.255 for broadcast address).
Media type and speed: These media types can be configured:
[ mediatype { tp | tpfd | 100tx | 100txfd | 1000fx | auto }]
MTU: Use a smaller interface maximum transmission unit (MTU) value if a bridge or router on the
attached network cannot break large packets into fragments.
Flow control for the GbE II controller: The original GbE controller supports only full duplex, not flow
control. The GbE Controller II negotiates flow control with an attached device that supports
autonegotiation. However, if autonegotiation fails on either device, the flow control setting that was
entered using the ifconfig command is used. These flow control settings can be configured:
[ flowcontrol { none | receive | send | full } ]
Up or down state: The state of any interface can be configured up or down.
CLI: Managing Interfaces

To configure the current status:
system> ifconfig
To display permanent settings:

system> rdfile /etc/rc
Better yet, use NetApp

System Manager.
To change permanent settings:

system> wrfile /etc/rc
A command overwrites the existing file.

You can cut and paste existing information.
Press Ctrl-C to save changes and exit.
To activate changes to the /etc/rc file, reboot or
issue source /etc/rc.
CLI: MANAGING INTERFACES

system> ifconfig
usage: ifconfig [ -a | [ <interface>
[ [ alias | -alias ] <address> ] [ up | down ]
[ netmask <mask> ] [ broadcast <address> ]
[ mtusize <size> ]
[ mediatype {tp|tp-fd|100tx|100tx-fd|1000fx|auto} ]
[ flowcontrol {none|receive|send|full} ]
[ trusted | untrusted ]
[ wins | -wins ]
[ [ partner {<address>|<interface>} ] | [ -partner ] ] ] ]
7-8
NetApp System Manager: Interfaces Setup
Select the interface

to manage.
To configure
interfaces
NETAPP SYSTEM MANAGER: INTERFACES SETUP

NetApp System Manager provides an administrator-friendly way to manage network interfaces with
confidence. NetApp System Manager offers advanced functionality, such as interface groups and VLAN
management. Any modifications that you make by using NetApp System Manager persist in the /etc/rc file
through reboot.
7-9
NetApp System Manager: Interface Edits
When you specify an interface as untrusted, any packets that are

received on the interface are likely to be dropped. Internet Control
Message Protocol (ICMP) ping requests might be dropped.
10
NETAPP SYSTEM MANAGER: INTERFACE EDITS

When you specify an interface as untrusted (untrustworthy), any packets that are received on the interface are
likely to be dropped. For example, if you run a ping command on an untrusted interface, the Internet Control
Message Protocol (ICMP) response packet that is received on the interface might be dropped.
7 - 10
Virtual Interfaces and

Interface Groups
VIRTUAL INTERFACES AND INTERFACE GROUPS
7 - 11
11
Interface Groups
Interface groups enable trunking of one or
more Ethernet interfaces (IEEE 802.3ad link
aggregation).
Trunks are called vitural interfaces or vifs

Trunks are called interface groups or
ifgroups
3
Types:
Single-mode
Multimode 1-Gb Copper
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK LINK
0d
LINK
10-Gb Optical
Interfaces
Interface Group
Interface Group
1
0c
LINK LINK
LINK
Interfaces
0b
LINK
LINK
12
INTERFACE GROUPS
The Data ONTAP operating system connects with networks through physical interfaces (links). The Data
ONTAP operating system has supported IEEE 802.3ad link aggregation for many years. This standard
enables multiple network interfaces to be combined into one virtual interface group. After it is created, this
group is indistinguishable from a physical network interface. In the Data ONTAP 7.3 operating system,
virtual interfaces were referred to as vifs. In the Data ONTAP 8.0 operating system and later, interface
aggregation groups are referred to as interface groups.
7 - 12
Single-Mode Interface Group

Single-mode:
Only one interface

is active
Other interfaces
are on standby
Advantage: Fault
tolerance
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
x
0
Active Path
0b
0c
LINK LINK
0d
LINK
LINK
Interface Group
5
Standby Path
13
SINGLE-MODE INTERFACE GROUP

Interface groups can be single-mode or multimode. In a single-mode interface group, one interface is active,
and the other interface is inactive (on standby).
NOTE: Failure of the active interface signals the inactive interface to take over and maintain the connection
with the switch.
7 - 13
Multimode Interface Group

Multimode:
All interfaces active

Interfaces share the
same Media Access
Control (MAC)
address
Types:
e0a
e0b
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
Fault tolerance
Active Path
Higher throughput
Single points of failure
eliminated
0b
0c
LINK LINK
0d
LINK
LINK
Static: multi
Dynamic: lacp
Advantages:
e0c
Interface Group
5
Active Path
14
MULTIMODE INTERFACE GROUP

Called simply multi in the ifgrp command, the multimode static interface group implementation
complies with the IEEE 802.3ad static standard. The multimode dynamic link is compliant with the IEEE
802.3ad dynamic standard, also called Link Aggregation Control Protocol (LACP). Dynamic multimode
interface groups can detect the loss of link status, as well as a loss of data flow. However, a compatible switch
must be used to implement the dynamic multimode configuration.
7 - 14
Load Balancing
Load balancing is supported for multimode interface groups only:
IP-based (default)
Port-based
Round-robin (not recommended)
MAC-based
In this example, IP-based load balancing is shown:

Client IPs assigned to an interface
e0a
e0b
e0c
e0d
10.10.10.1
10.10.10.2
10.10.10.3
10.10.10.4
10.10.10.5
10.10.10.6
10.10.10.7
10.10.10.8
10.10.10.9
10.10.10.10
10.10.10.11
10.10.10.12
10.10.10.13
10.10.10.14
10.10.10.15
10.10.10.16
15
LOAD BALANCING
Load balancing ensures that all the interfaces in a multimode vif or interface group are equally utilized for
outbound traffic. Load balancing, which is supported for multimode trunks only, relies on an even distribution
of hosts. Three methods of load balancing use the IP-based default:
IP-based: The outgoing interface is selected on the basis of the storage system and clients IP address.
Port-based: The outgoing interface is selected using a fast hashing algorithm on the source and
destination IP addresses, along with the transport layer port number.
Round-robin: All of the interfaces are selected on a rotating basis.
NOTE: The round-robin method provides true load balancing, but it can cause out-of-order packet delivery
and retransmissions due to overruns.
Another method of load balancing, MAC-based, selects the outgoing interfaces on the basis of the storage
system and clients Media Access Control (MAC) address.
Both IP-based and MAC-based address methods use a formula to determine which interface to use for
outgoing frames. The formula uses the exclusive operator (XOR) value of the last four bits of the source
destination addresses to determine which interface to return data on.
7 - 15
Example: Single-Mode Interface Group

An interface must be brought down to be
added to an interface group.
Entries created on the command line are not

permanent.
system> ifgrp create single Singig1 e0a e0c
system> ifconfig Singig1 172.17.200.201 netmask
255.255.255.0 mediatype auto up
system> ifgrp favor e0a
system> ifconfig Singig1
Singig1:flags=1148043
<UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM>
mtu 1500 inet 172.17.200.201 netmask 0xffffff00
broadcast 172.17.200.255
ether 02:a0:98:03:28:8e
NOTE: substitute vif for ifgrp

16
EXAMPLE: SINGLE-MODE INTERFACE GROUP

These are the Data ONTAP 7.3.x operating system commands for a single-mode interface group:
system> vif create single Singig1 e0a e0c
system> ifconfig Singig1 172.17.200.201 netmask 255.255.255.0 mediatype
auto up
system> vif favor e0a
system> ifconfig Singig1
Singig1:flags=1148043 <UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM> mtu 1500
inet 172.17.200.201 netmask 0xffffff00 broadcast 172.17.200.255
ether 02:a0:98:03:28:8e
7 - 16
Example: Multimode Interface Group

system> ifgrp create multi multiig2 e0a e0b e0c e0d
system> ifconfig multiig2 172.17.200.202 netmask
255.255.255.0 mediatype auto
system> ifconfig multiig2
multiig2:flags=1148043
<UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM>
mtu 1500 inet 172.17.200.202 netmask 0xffffff00
broadcast 172.17.200.255 ether 02:a0:98:03:28:8e

17
EXAMPLE: MULTIMODE INTERFACE GROUP

These are the Data ONTAP 7.3.x operating system commands for a multimode interface group:
system> vif create multi multiig2 e0a e0b e0c e0d
system> ifconfig multiig2 172.17.200.202 netmask 255.255.255.0
mediatype auto
system> ifconfig multiig2
multiig2:flags=1148043 <UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM> mtu 1500
ether 02:a0:98:03:28:8e
7 - 17
Example: Second-Level Interface Group

system> ifgrp create multi multiig1 e0c e0e
system> ifgrp create multi multiig2 e0d e0f
system> ifgrp create single l2ig multiig1 multiig2
system> ifconfig l2ig 172.17.200.206 netmask
If the
switch
supports system> ifconfig l2ig
crossl2ig:flags=1148043
stack
<UP,BROADCAST,RUNNING,
EtherMULTICAST,TCPCKSUM>
Channel,
mtu
1500
you can
inet
172.17.200.206
use
LACP.
netmask 0xffffff00
multiig1
l2ig
broadcast 172.17.200.255
multiig2
ether 02:a0:98:03:28:8c
3
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
LINK LINK
0c
0d
LINK
LINK

18
EXAMPLE: SECOND-LEVEL INTERFACE GROUP

These are the Data ONTAP 7.3.x operating system commands for a second-level interface group:
system> vif create multi multiig1 e0c e0e
system> vif create multi multiig2 e0d e0f
system> vif create single l2ig multiig1 multiig2
system> ifconfig l2ig 172.17.200.206 netmask 255.255.255.0 mediatype auto
system> ifconfig l2ig
l2ig:flags=1148043 <UP,BROADCAST,RUNNING,MULTICAST,TCPCKSUM> mtu 1500
ether 02:a0:98:03:28:8c
7 - 18
NetApp System Manager: Interface Groups
To configure
interfaces
NETAPP SYSTEM MANAGER: INTERFACE GROUPS
7 - 19
19
7 - 20
20
7 - 21
21
Name Resolution
NAME RESOLUTION
7 - 22
22
Host-Name Resolution
A storage system must be able to resolve host
names to valid IP addresses.
Host-name resolution is commonly
used in:
Processing CIFS requests

Processing NFS requests
Authenticating SSH sessions
Many other services
HOST-NAME RESOLUTION
7 - 23
23
Host-Name Resolution Mechanisms

The Data ONTAP operating system stores and
maintains host information in these locations:
/etc/hosts file
Domain Name System (DNS) server
Network Information Service (NIS) server
In host-name resolution:
The /etc/nsswitch.conf file controls the order in which

these three locations are checked.
The Data ONTAP operating system stops checking
locations when a valid IP address is returned.
NOTE: For convenience, you can use NetApp System Manager.
24
HOST-NAME RESOLUTION MECHANISMS

The Data ONTAP operating system uses these methods to resolve host information on a storage system:
/etc/hosts file
Domain Name System (DNS) server
Network Information Service (NIS) server
DNS and NIS can be configured using the setup command during installation of a storage system.
Therefore, many of the commands and files that are included in this lesson are executed automatically.
Usually, NIS or DNS commands are only entered manually when:
NIS or DNS was not configured during setup
You need to make a change to a configuration
The /etc/nsswitch.conf file displays the order in which a storage system searches for resolution. For example,
to resolve host names, a storage system uses the search order list for hosts and (in this example) searches first
using the /etc/hosts file, then NIS, and then DNS. Each line in the /etc/nsswitch.conf file uses this format. You
can change the default search order for host-name resolution at any time by modifying this file. After a
storage system resolves the host name, the search ends.
7 - 24
Configuration by /etc/hosts
The /etc/hosts file provides local IP and name
resolution.
To modify /etc/hosts, use:
The rdfile and wrfile commands in CLI
Any client machine where the /etc directory
is visible, such as an administration host
25
CONFIGURATION BY /ETC/HOSTS
Because the /etc/hosts file is checked first and changes in it take effect immediately, it is important to keep
this file current. You can edit the file using a standard editing program. When using a standard editing
program, be sure to include a blank line at the end. The /etc/hosts format is:
IP address
hostname
alias(es)
The /etc/hosts file is generated automatically during the storage system setup procedure as part of the data
installation process. It is populated at that time with IP addresses and host names.
NOTE:
7 - 25
The default IP address for the storage system is listed in the /etc/hosts file.
Installed cards without IP addresses are included in the /etc/hosts file, but they are commented out.
NetApp System Manager: Add Host
To configure
network files
NETAPP SYSTEM MANAGER: ADD HOST
7 - 26
26
NetApp System Manager: Other Files
NETAPP SYSTEM MANAGER: OTHER FILES
7 - 27
27
DNS Configuration
The DNS provides a centralized mechanism
for host-name resolution in Windows and
UNIX environments.
To configure the DNS:
In the CLI, use:
setup command
options dns
dns command
DNS configuration information is stored in the

/etc/resolv.conf file.
28
DNS CONFIGURATION
DNS matches domain names to IP addresses and enables you to centrally maintain host information so that
you do not have to update the /etc/hosts file every time you add a new host to the network. This is particularly
helpful if you have several storage systems on your network. You can configure DNS by using options and
commands.
To make the configuration commands permanent, enter them in the /etc/rc file. The /etc/rc file is generated
automatically during the setup procedure, as part of the Data ONTAP installation process. If you choose to set
up DNS at that time, the file is populated with DNS configuration information.
Use the information command dns info to display the status of the DNS resolver, a list of DNS servers,
the state of each DNS server, the default domain that is configured on the storage system, and a list of other
domains that are used with unqualified names for name lookup.
EXAMPLE
RESULT
options dns.domainname dns_campus2
Sets the DNS domain name to dns_campus2
options dns.enable on
Enables DNS
7 - 28
NetApp System Manager: DNS Setup
To configure
DNS
NETAPP SYSTEM MANAGER: DNS SETUP
7 - 29
29
NetApp System Manager: DNS Setup Dialog
NETAPP SYSTEM MANAGER: DNS SETUP DIALOG

DNS setup adds systems to /etc/resolv.conf.
7 - 30
30
NIS
NIS provides:
A centralized mechanism for host-name resolution

User authentication
The storage system can participate only as a

NIS client.
To configure NIS:
Use NetApp System Manager
In the CLI, use:
setup command
options nis
nis command
31
NIS
The NIS client service provides information about security-related parameters on a network, such as hosts,
user passwords, user groups, and netgroups.
NIS enables you to centrally maintain host information, so you don't have to update the /etc/hosts file on
every storage system on your network.
Although the storage system can be an NIS client and can query NIS servers for host information, it cannot be
an NIS server. You can use the options nis.slave.enable command to configure the storage system, an
NIS client, as an NIS slave. The storage system then downloads NIS maps from the NIS master servers that
are defined in nis.servers.
The storage system NIS slave checks the master servers every 45 minutes. Downloaded maps are stored under
/etc/yp/<NIS_domain>/. If you want to use NIS as the primary method for host resolution, specify it above the
other methods that are listed in the /etc/nsswitch.conf file.
7 - 31
NetApp System Manager: NIS Setup
To configure
NIS
NETAPP SYSTEM MANAGER: NIS SETUP
7 - 32
32
NetApp System Manager: NIS Setup Dialog
NETAPP SYSTEM MANAGER: NIS SETUP DIALOG
7 - 33
33
Route Resolution
ROUTE RESOLUTION
7 - 34
34
Route Information
A route defines the path to a network or host.
To display the current routing table in CLI, use
netstat -r.
system> netstat -r
Routing tables
Internet:
Destination
Gateway
default
66.166.149.161
66.166.149.160/2 link#1
66.166.149.161
0:20:6f:10:25:7a
Flags
UGS
UC
Refs
14
0
UHL
35
ROUTE INFORMATION
A storage system does not function as a router for other network hosts, even if it has multiple network
interfaces. However, the storage system does route its own packets.
To display the defaults and explicit routes that your storage system uses to route its own packets, use the
netstat -r command to view the current routing table. The netstat command displays network-related
data structures.
The route command enables you to manually manipulate the network routing table for a specific host or
network that is specified by destination.
To add or delete a specific host or network route in the routing table, use route.
COMMAND
RESULT
route add default 10.10.10.1 1
Adds a default route through 10.10.10.1 with a metric (hop)

of 1
route delete 193.20.8.173 193.20.4.254
Deletes the route destination 193.20.8.173 connecting

through 193.20.4.254
7 - 35
The netstat Command

Use the netstat r command to view or
change the network routing tables.
Use the netstat nr command to view or
change the network routing tables with IP
addresses (instead of name resolution).
Use the netstat rs command to view or
display the per protocol statistics.
36
THE NETSTAT COMMAND

The netstat command symbolically displays the contents of various network-related data structures. There
are a number of output formats, depending on the options that you choose. Use the manual pages (using the
man command) to see all available options.
7 - 36
The route Command

Use the route -s command to show routing
tables.
Use the route -f command to flush all
gateway entries in the routing table.
Use the route ns command to view
network routing tables with IP addresses
(instead of name resolution).
37
THE ROUTE COMMAND

The route command enables you to manually manipulate the network routing table for a specific host or
network that is specified by destination.
7 - 37
Virtual LANs
VIRTUAL LANS
7 - 38
38
VLANs
Group and divide:
VLANs provide:
Increased IP network security

Optimized packet routing
Reduced broadcast chatter
Independent configuration
(jumbo frames)
60
Floor 1
Group interfaces together

Divide into VLANs as needed
VLAN 60
VLAN 70
VLAN 80
70
80
60
70
Floor 2
80
39
VLANS
A virtual LAN (VLAN) is a switched network that is logically segmented by function, project team, or
applications. End stations can be grouped by department, by project, or by security level. End stations can be
geographically dispersed and still be part of the broadcast domain in a switched network.
Advantages of VLANs
7 - 39
Ease of administration: VLANs enable a logical grouping of users who are physically dispersed.
Moving to a new location does not interrupt membership in a VLAN. Similarly, changing job functions
does not require moving the end station because it can be reconfigured into a different VLAN.
Confinement of broadcast domains: VLANs reduce the need for routers on the network to contain
broadcast traffic. Packet flooding is limited to the switch ports on the VLAN.
Reduction of network traffic: Because the broadcast domains are confined to the VLAN, traffic on the
network is significantly reduced.
Enforcement of security: End stations on one VLAN cannot communicate with end stations on another
VLAN unless a router is connected between them.
VLAN Commands
Use these commands for VLANs:
system>
system>
system>
system>
system>
vlan
vlan
vlan
vlan
vlan
create g on <ifname> <vlanid >

delete [-q] <ifname> <vlanid>
add <ifname> <vlanid [vlanid ]>
stat <ifname> <vlanid>
modify g [on|off] <ifname>
Supported VLAN IDs are 14094.

NOTE: VLAN ID 1 is used by a number of switch vendors and
generally should not be used.
VLANs over IFGRP are supported.

Use the /etc/rc file to persist configurations during
reboot.
40
VLAN COMMANDS
You can create a VLAN by using the vlan create command in the CLI or in the FilerView browserbased administration tool. After you create the trunk, you can configure the VLAN like any other regular
network interface by using the ifconfig command.
EXAMPLE
RESULT
vlan create g on e4 2 3 4
Creates three VLANs on interface e4 named e4-2, e4-3, and

e4-4. The -g on option enables GVRP on the VLANs. Enter
this command in the /etc/rc file to make it persistent over
reboots.
vlan delete q e8 2
Removes VLAN e8-2. If the interface was configured up, a

message appears asking you to confirm the deletion.
vlan add e8 3
Adds e8-3 to the VLAN. Enter this command in the /etc/rc

file to make it persistent over reboots.
vlan stat e4 10
Displays the number of packets that were received and

transmitted on each interface. You can specify the time
interval (in seconds) at which the statistics are displayed. If
no number is entered, statistics are displayed by default at
two-second intervals.
vlan modify g off e8
Interface e8 is excluded from participating with GVRP.

Enter this command in the /etc/rc file to make it persistent
over reboots.
7 - 40
Using the CLI to Create a VLAN

system> ifconfig e0b down
system> vlan create e0b 10
vlan: e0b-10 has been created
system> ifconfig e0b-10 172.17.200.201 netmask
system> ifconfig a
e0b:flags=80908043
<BROADCAST,RUNNING,MULTICAST,TCPCKSUM,VLAN>
mtu 1500 ether 00:a0:98:03:28:8f (auto-1000tfd-up) flowcontrol full
41
USING THE CLI TO CREATE A VLAN

Use the vlan create and the ifconfig commands to create and configure a VLAN.
The vlan create command:
Creates a VLAN interface
Includes the VLAN interface in one or more VLAN groups as specified by the VLAN identifier
Enables VLAN tagging
Enables (optionally) GVRP on the VLAN interface
After you create the VLAN interface with the vlan command, you can configure it by using the ifconfig
command.
7 - 41
NetApp System Manager: VLAN Setup
To configure
interfaces
NETAPP SYSTEM MANAGER: VLAN SETUP
7 - 42
42
Module Summary
Identify the configuration of network settings and
components in the Data ONTAP operating system
Explain and configure name resolution services
Configure routing tables in the Data ONTAP operating
system
Define and create interface groups
Discuss the operation of VLANs and how to route them
MODULE SUMMARY
7 - 43
43
Exercise
Module 7: Networking
EXERCISE
Please refer to your Exercise Guide for more instruction.
7 - 44

Where can you set or change IP to host-name
resolution locally on the storage system?
How do you configure host-name resolution for
a storage system?
What is the difference between single-mode
and multimode trunks?
What are the benefits of a VLAN?
7 - 45
45
NFS
Module 8
NFS
8-1
Data ONTAP 7-Mode Administration: NFS
Module Objectives
Explain NFS implementation in the Data
License NFS on a storage system
Explain the purpose and format of /etc/exports
List and define the export specification options
Describe the use of the exportfs command
Mount an export on a UNIX host
MODULE OBJECTIVES
8-2
NFS Overview
NFS OVERVIEW
8-3
NFS Overview
NFS enables network file systems (clients) to
share files and directories that are stored and
administered centrally from a storage system.
These platforms usually support NFS:
Sun Microsystems Solaris

Linux
HP-UX
And more
NFS OVERVIEW
NFS, a protocol that was originally developed by Sun Microsystems in 1984, enables users on a client
computer to access files over a network as easily as if the network devices were attached to its local disks.
NFS, like many other protocols, builds on the Open Network Computing Remote Procedure Call (ONC RPC)
system. The NFS protocol is specified in RFC 1094, RC 1813, and RFC 3530.
8-4
Exported Resources Overview

Storage System
vol0
flexvol1
data_files
etc
eng_files
home
misc_files
Network Connection
Client1
Client2
EXPORTED RESOURCES OVERVIEW

In this diagram, the storage system contains resources that many users need, such as data_files, eng_files, and
misc_files.
To use a resource, the storage system must have the resource exported, and Client1 must have the resource
mounted. A user on Client1 can then change to the directory (cd) that contains the mounted resource and
access it as if it were stored locally (assuming that permissions are set appropriately).
8-5
Setting Up and
Configuring NFS
SETTING UP AND CONFIGURING NFS
8-6
Setting up NFS
Configure NFS using either:
CLI
When you set up NFS, you should:

Have an NFS license code
Determine if you are enabling NFS over TCP,
User Data Protocol (UDP), or both
Determine which version of NFS to enable
SETTING UP NFS
8-7
CLI: NFS Setup

To use the CLI to configure NFS on a storage
system, complete these steps:
License NFS on the storage system:

system> license add nfslicensecode
NOTE: Executing this command starts the

rpc.mountd and nfsd daemons.
Set and view NFS options:

system> options nfs
CLI: NFS SETUP

When you license NFS on a storage system, it starts the daemons (rpc.mountd and nfsd) that handle NFS RPC
protocol.
These are NFS configurable options:
8-8
nfs.v3.enable
nfs.v4.enable
nfs.tcp.enable
nfs.udp.xfersize
NetApp System Manager: NFS Setup
To configure
licenses
Enter the NFS

license code.
NETAPP SYSTEM MANAGER: NFS SETUP
8-9
NetApp System Manager: Setup Results
Exports Added
The newly added

license code
NETAPP SYSTEM MANAGER: SETUP RESULTS
8 - 10
10
Exporting Resources
EXPORTING RESOURCES
8 - 11
11
Exporting Resources
To make resources available to remote clients,
the resource must be exported.
To export a resource persistently:
Edit the /etc/exports file with a new entry.
Execute the exportfs -p command.
Use NetApp System Manager.
To export a resource temporarily, use the

exportfs -i -o command.
Use the ignore switch
only if same resource is
in the /etc/exports file
12
EXPORTING RESOURCES
To export resources, use one of these methods:
For persistence across reboots, specify the resources to export in the /etc/exports file, and then execute the
exportfs -a command to make the changes effective immediately.
For temporary access, use the exportfs command to export resources that are not specified in the
/etc/exports file, or to export resources that are specified in the file but with different access permissions.
Five Rules for Creating Exports

1. You must export each volume separately. If you create, rename, or destroy a volume, the /etc/exports file
is updated automatically. You can disable this functionality by using the options
nfs.export.auto-update switch.
2. The storage system must be able to resolve host names if host names are used in exports:
/etc/hosts, NIS, DNS
3. Access must be granted in a positive way:
A host is excluded when it is not listed or when it is preceded by a dash (-).

If no host is specified, all hosts have access.
4. Subdirectories of parent exports can be exported with different option specifications.

5. Permissions are determined by matching the longest prefix to the access permissions in the /etc/exports
file.
8 - 12
Adding an Export: /etc/exports
Specifies the full path to the

directory that is exported
The first option is listed following a

dash. Additional options are separated
by commas. In this example the
-rw option enables host1 and host2 to
mount the pubs directory with readwrite permissions. Host names are
listed, separated by colons.
/vol/vol0/pubs -rw=host1:host2,root=host1
/vol/vol1 -rw=host2
/vol/vol0/home
This option gives root access

to the host1 root user.
All hosts can mount the

/vol/vol0/home directory as readwrite if an option is not specified.
This option gives read-write

permissions to host2 only. All
other hosts have no access.
13
ADDING AN EXPORT: /ETC/EXPORTS

System administrators must control how NFS clients access files and directories on a storage system.
Exported resources are resources that are made available to hosts. NFS clients can only mount resources that
have been exported from a storage system that is licensed for NFS.
To export directories, add an entry for each directory to the /etc/exports file. Use the full path to the directory
and options. The full path name must include /vol.
Export specifications use these options to restrict access:
8 - 13
root = list of hosts, netgroup names, and subnets

rw = list of hosts, netgroup names, and subnets
ro = list of hosts, netgroup names, and subnets

1. Allow root access to
/vol/vol0 by the adminhost.
2. Allow read-write access to
/vol/vol0/home by host1
and host2.
3. Allow read-write access to
/vol/vol1 by host1 and
read-only access by host3.
/etc/exports
a.
/vol/vol1 -rw=host2
b.
/vol/vol0 -rw=adminhost,root=adminhost
c.
/vol/vol0/home -rw=host1:host2
d.
/vol/vol0 -ro=host2
e.
/vol/vol1 -rw=host1,ro=host3
f.
/vol/vol1 rw=host1,root=host3
g.
/vol/vol0/home rw=host1,ro=host2
h.
/vol/vol0 ro=adminhost2,root=adminhost2
8 - 14
14
Exporting
EXPORTING
8 - 15
15
The exportfs Command

After adding an export to /etc/exports, use the
exportfs -a command to load the export.
system>
exportfs
system>
system>
Nothing returned from

the command
rdfile /etc/exports
#Auto-generated by setup Mon Apr 30 08:32:21 GMT 2007

/vol/flexvol/qtree -sec=sys,rw=10.254.232.12
/vol/vol0/home -sec=sys,rw,root=10.254.232.12,nosuid
system>
system>
exportfs a
exportfs
/vol/flexvol/qtree -sec=sys,rw=10.254.232.12
/vol/vol0/home -sec=sys,rw,root=10.254.232.12,nosuid
16
THE EXPORTFS COMMAND

To specify which file system paths the Data ONTAP operating system automatically exports when NFS starts,
add export entries to (or remove them from) the /etc/exports file. To manually export or unexport file system
paths, use the exportfs command in the storage system CLI.
Editing the /etc/exports File
To add export entries to (or remove entries from) the /etc/exports file, use a text editor on an NFS client that
has root access to the storage system.
This is an example of /etc/exports file entries:
#Auto-generated by setup Mon Mar 24 14:39:40 PDT 2008
/vol/vol0
-sec=sys,ro,rw=sun,root=sun,nosuid
/vol/vol0/home
-sec=sys,rw,root=sun,nosuid
/vol/flexvol1
-sec=sys,rw,root=sun,nosuid
8 - 16
Temporary Exports
Use the exportfs command to create
in-memory exports:
system> exportfs -i -o
Example:
system> exportfs -i -o ro=host1 /vol/vol0/home
NOTE: When the storage system reboots, this export

will be gone.
17
TEMPORARY EXPORTS
OPTION
DESCRIPTION
Root Access
The root option specifies that the root on the client has root permissions for the
resource when it is mounted from the storage system.
Read-Write
Access
The rw option gives read-write access to specific hosts. If no host is specified, all
hosts have read-write access.
Read-Only
Access
The ro option gives read-only access to specific hosts. If no host is specified, all
hosts have read-only access.
Anonymous User
The anon option determines the UID of the root user on the client.
ID
8 - 17
Common exportfs Options

Display all current exports:
system> exportfs
Add exports to the /etc/exports file:

system> exportfs -p [options] path
Reload exports from /etc/exports files:

system> exportfs -r
Unload all exports:

system> exportfs -uav
Unload a specific export:

system> exportfs -u [path]
Unload an export and remove it from /etc/exports:

system> exportfs -z [path]
18
COMMON EXPORTFS OPTIONS

To export a file system path and add a corresponding export entry to the /etc/exports file, enter this command:
exportfs -p [options] path
NOTE: If you do not specify an export option, the Data ONTAP operating system automatically exports the
file system path with the rw and sec=sys export options.
To export all file system paths that are specified in the /etc/exports file and unexport all file system paths that
are not specified in the /etc/exports file, enter this command:
exportfs r
exportfs uav
exportfs -u path
exportfs -z path
To unexport all file system paths without removing the corresponding export entries from the /etc/exports file,
enter this command:
To unexport a file system path without removing the corresponding export entry from the /etc/exports file,
enter this command:
To unexport a file system path and remove the corresponding export entry from the /etc/exports file, enter this
command:
8 - 18
NetApp System Manager: Exporting
To configure
exports
Current /etc/exports file
NETAPP SYSTEM MANAGER: EXPORTING
8 - 19
19
Share and Export Wizard
SHARE AND EXPORT WIZARD
8 - 20
20
Choose the Folder to Export
CHOOSE THE FOLDER TO EXPORT
8 - 21
21
Export Properties
EXPORT PROPERTIES
8 - 22
22
Export Summary
EXPORT SUMMARY
8 - 23
23
NetApp System Manager: Exports
The newly added

export
NETAPP SYSTEM MANAGER: EXPORTS
8 - 24
24
Export Settings
anon applies
only to root users
anon=0
(root access allowed)
anon=65535
(deny access to root users)
anon=65534 (root
user is mapped to user id

65534 and it is looked up
on the UNIX system)
EXPORT SETTINGS
8 - 25
25
Mounting
MOUNTING
8 - 26
26
Mounting From a Client

To mount an export from a client:
1. Establish a session with a client.
2. Create a directory as a mountpoint for the storage system.
3. Mount the exported directory in the host directory that you just
created.
4. Change directories to the mounted export.
5. Enter ls l to verify that the storage appliance is mounted and
accessible.
telnet 10.32.30.20
(1)
# mkdir /system-vol1-qt1 (2)

# mount system:/vol/vol1/qtree1 /system-vol1-qt1
# cd /system-vol1-qt1 (4)
# ls l (5)
-rwxr-xr-x root 719634 FEB 11 2004
,general
-rwxr-xr-x root 719634 FEB 13 2004
,policy
(3)
27
MOUNTING FROM A CLIENT

Use the mount command to mount an exported NFS directory from another machine.
An alternate way to mount an NFS export is to add a line to the /etc/fstab (called /etc/vfstab on some UNIX
systems). This line must specify the NFS server host name, the exported directory on the server, and the local
machine directory where the NFS share is to be mounted. For more information, see the NFS documentation
for your client.
8 - 27
Other NFS Administration Resources

For more information about NFS administration,
see the Data ONTAP NFS Administration course.
This advanced course covers:
Exporting resources across domains, subnets, and
netgroups
Advanced configuration
NFS statistics gathering
NFS performance tuning
NFS troubleshooting
OTHER NFS ADMINISTRATION RESOURCES
8 - 28
28
Module Summary
Explain NFS implementation in the Data
License NFS on a storage system
Explain the purpose and format of /etc/exports
List and define the export specification options
Describe the use of the exportfs command
Mount an export on a UNIX host
MODULE SUMMARY
8 - 29
29
Exercise
Module 8: NFS
EXERCISE
8 - 30

What does NFS stand for?
What is the format for the /etc/exports file?
What is the purpose of export options?
What command would you use to view what is
exported from the storage appliance?
8 - 31
31
CIFS
Module 9
CIFS
9-1
Data ONTAP 7-Mode Administration: CIFS
Module Objectives
Describe the CIFS environment
Configure the storage system to participate in
the CIFS environment
Share a resource on the storage system
Map a drive from a client to the shared
resource on the storage system
MODULE OBJECTIVES
9-2
CIFS Overview
CIFS OVERVIEW
9-3
CIFS Definition
CIFS is a Microsoft network file-sharing protocol that
evolved from the Server Message Block (SMB) protocol.
In a CIFS environment, any application that processes
network I/O can access and manipulate files and folders
(directories) on remote servers.
CIFS can be either SMB 1.0 or SMB 2.0
Data ONTAP Version
SMB Version Supported
Data ONTAP 7.3.1 or later
SMB 1.0, SMB 2.0
Data ONTAP 8.0.0 7-Mode
SMB 1.0
SMB 1.0, SMB 2.0
CIFS DEFINITION
CIFS is a Microsoft network file-sharing protocol that evolved from the Server Message Block (SMB)
protocol.
When using CIFS, any application that processes network I/O can access and manipulate files and folders
(directories) on remote servers in a manner that is similar to the way in which the application accesses and
manipulates files and folders on the local system.
9-4
User Authentication
In a CIFS environment, the storage system
authenticates users in one of four ways:
Active Directory authentication
Microsoft Windows NT 4.0 domain
authentication
Windows workgroup authentication
Authentication for non-Windows workgroups
This module focuses on only Active Directory

authentication.
USER AUTHENTICATION
For information about methods of authenticating users other than Active Directory, see the Data ONTAP
CIFS Administration course.
9-5
Storage System Joins a Domain

When a storage system joins a domain:
The domain controller adds the storage system to a
domain database.
The storage system becomes a member server.
Clients
Member Server
Domain Controller
Machine
Accounts
Directory
Machine name
Joining a domain
STORAGE SYSTEM JOINS A DOMAIN

When a storage system joins a domain, it becomes a member server that provides services to clients. The
storage system (member server) sends a request to a domain controller, and the domain controller adds the
machine account to the directory database.
9-6
Domain Name to IP Resolution

When a client accesses a storage systems resource:
Client requests the browse list from the domain controller.
Domain controller contacts the DNS/WINS server for the IP address.
Client communicates with storage system.
What is the storage
systems IP?
Clients
Here is storage systems IP
Member Server
Domain Controller/
Browser Server
DNS/WINS
Machine name
Here is the browse list
What machines are available?

DOMAIN NAME TO IP RESOLUTION
9-7
User Authentication
User authentication on a storage system in a domain:
Domain users are created on domain controller.
User session authentication occurs at the domain controller.
Authenticated users must be authorized to access a share
and resources.
Member Server
Clients
Domain
Controller
Machine name
Session with Client-B user

Client-B user requests user
session authentication
Client-B authenticated
Authenticates Client-B user
USER AUTHENTICATION
Domain users that have already been added to the domain controller can browse the storage system for
available shares and then request access to the storage system and its shares and to the resources in a share.
User session authentication with a user name and password is performed centrally on the domain controller;
this establishes a user session with the storage system.
Users must be authorized to access a share and the resources in a share. Data access on a storage system
requires a network login to the storage system. A user can administer a storage system through the network
(for example, through a Telnet session) using a local account on the storage system; however, a user cannot
log in locally to a storage system to access data.
In this example, Client-Bs user requests user session authentication with the member server (storage system).
The member server requests the domain controller to authenticate Client-Bs user. The domain controller
authenticates Client-Bs user, and a session is established with Client-Bs user and the member server (storage
system).
9-8
Setting Up and
Configuring CIFS
SETTING UP AND CONFIGURING CIFS
9-9
CLI: CIFS Setup

To prepare a storage system to support
Windows client users, complete these steps at
the command-line interface (CLI):
1. License CIFS.
2. Perform the initial CIFS configuration by
running the cifs setup program or using
NetApp System Manager.
If the setup is successful, the CIFS server

starts automatically.
10
CLI: CIFS SETUP

Steps to Set Up CIFS
During CIFS setup, you can perform these tasks:
9 - 10
Assign or remove WINS servers

Configure the storage system Active Directory site information (if not already configured)
Join the storage system to a domain or change domains
Automatically generate /etc/passwd and /etc/group files when NIS or Lightweight Directory Access
Protocol (LDAP) is enabled
NetApp System Manager: CIFS Licensing
The newly added

CIFS license
Notice the new
categories
NETAPP SYSTEM MANAGER: CIFS LICENSING
9 - 11
11
NetApp System Manager: Verify DNS
Before you set

up CIFS, verify
DNS
NETAPP SYSTEM MANAGER: VERIFY DNS
9 - 12
12
NetApp System Manager: CIFS Setup
To configure
CIFS
NETAPP SYSTEM MANAGER: CIFS SETUP
9 - 13
13
NetApp System Manager: Setup
NETAPP SYSTEM MANAGER: SETUP
9 - 14
14
NetApp System Manager: Setup Dialog
NETAPP SYSTEM MANAGER: SETUP DIALOG
9 - 15
15
NetApp System Manager: Setup Summary
NETAPP SYSTEM MANAGER: SETUP SUMMARY
9 - 16
16
NetApp System Manager: Setup Complete
NETAPP SYSTEM MANAGER: SETUP COMPLETE
9 - 17
17
CIFS Shares
CIFS SHARES
9 - 18
18
Creating and Managing Shares

You can create and manage shares by using:
Storage System CLI
system> cifs shares add webfinal

/vol/vol1/webfinal
Microsoft Tools
Microsoft
Management
Console
Command Line
Graphical Tools
NetApp System
Manager
19
CREATING AND MANAGING SHARES

When you create CIFS shares, there is a limitation with Windows Computer Management. For more
information, see the Data ONTAP CIFS Administration course and the File Access and Protocols
Management Guide.
9 - 19
The cifs shares Command

Display shares:
system> cifs shares [share_name]
Add shares:
system> cifs shares -add <share_name> <path>

[-comment description]
[-forcegroup name]
[-maxusers n]
Change shares:
system> cifs shares -change <share_name> <path>

[-comment description]
[-forcegroup name]
[-maxusers n]
Delete shares:
system> cifs shares -delete <share_name>
20
THE CIFS SHARES COMMAND

You can use the CLI or NetApp System Manager to create and modify shares.
Using the CLI to Create and Access Shares
To display one or more shares, add a share, change a share, or delete a share, use the cifs shares
command.
Parameters Used with CIFS Shares
The parameters that are used with the cifs shares command enable you to modify or display CIFS shares
information. Share settings can be changed at any time, even if the share is in use.
9 - 20
The cifs shares Command: Example

system> cifs shares -add pub /vol/vol0/pub -comment new pub
system> cifs shares
Name
---ETC$
HOME
C$
pub
Mount Point
Description
--------------------/etc
Remote Administration
BUILTIN\Administrators / Full Control
/vol/vol0/home
Default Share
everyone / Full Control
/
/vol/vol0/pub
new pub
system> cifs shares -delete pub

system> cifs shares
Name
---ETC$
HOME
C$
Mount Point
Description
--------------------/etc
/vol/vol0/home
Default Share
/
THE CIFS SHARES COMMAND: EXAMPLE
9 - 21
21
Managing Share Permissions

You can manage share permissions by using:
Storage System CLI
system> cifs access eng engineering

Full Control
Microsoft Tools
Microsoft
Management
Console
Command Line
Graphical Tools
NetApp System
Manager
22
MANAGING SHARE PERMISSIONS

Providing Access to Shares
After you have created shares, you can use the cifs access command to set or modify the access control
list (ACL) for that share. This command grants or removes access by specifying the share, the rights, and the
user or group.
EXAMPLE
RESULT
cifs access webfinal tuxedo

Full Control
Gives full Windows NT access to the group tuxedo on the

webfinal share
cifs access webfinal

engineering\jbrown rw
Gives read/write access to the user engineering\jbrown on

the webfinal share
9 - 22
The cifs access Command

Set share permission:
system> cifs access <sharename> [-g]
[user|group] <rights>
Remove share permission:

system> cifs access -delete <sharename>
[user|group]
23
THE CIFS ACCESS COMMAND

PARAMETER
WHAT IT DOES
-g
Specifies that the user is the name of the UNIX group. Use this option when
you have a UNIX group and a UNIX user, or a Windows NT user or group
with the same name.
user
Specifies that the user or group for the ACL entry can be a Windows NT user
or group (if the storage system uses NT domain authentication), or can be the
special group everyone.
group
Specifies the user or group for the ACL entry. Can be a Windows NT user or
group (if the storage system uses NT domain authentication), or can be the
special group everyone.
rights
Assigns either Windows NT or UNIX-style rights. Windows NT rights are: No

Access, Read, Change, and Full Control.
-delete
Removes the ACL entry for the named user on the share.
9 - 23
The cifs access Command: Example

system> cifs access eng engineering Full Control
system> cifs shares eng
Name
---eng
Mount Point
----------/vol/vol1/eng
EDSVCS\engineering
Description
----------Eng Share
/ Full Control
system> cifs access eng jbrown Read

system> cifs shares eng
Name
---eng
Mount Point
Description
--------------------/vol/vol1/eng
Eng Share
EDSVCS\jbrown / Read
EDSVCS\engineering / Full Control
system> cifs access delete

Name
---eng
eng jbrown
Mount Point
----------/vol/vol1/eng
EDSVCS\engineering
Description
----------Eng Share
/ Full Control
THE CIFS ACCESS COMMAND: EXAMPLE
9 - 24
24
Client Access
CLIENT ACCESS
9 - 25
25
Mapping a Drive to a Share
\\10.254.134.35\C$...
26
MAPPING A DRIVE TO A SHARE

On a Windows workstation, map a network drive letter to a share by performing these steps:
1. Open Windows Explorer and click Tools > Map Network Drive.
The Map Network Drive window appears.
2. In the Drive list box, select any unused letter.
In the example, the letter K is selected.
3. In the Folder list box, type \\storage_system\C$.
NOTE: The storage system name can be the name or IP address.
4. Click Finish.
The Map Network Drive utility attempts to connect to the storage system and share.
5. When the Connect to window appears, in the User name text box, type administrator, and in the
Password text box, type the administrators password.
6. Click OK.
NOTE: Steps continue on next page.
9 - 26
Mapping a Drive to a Share Complete
27
MAPPING A DRIVE TO A SHARE COMPLETE

The mapped network drive letter (Z is shown in this example) displays the mapping to the C$ share. The etc
folder and the home folder are both in the C$ share.
9 - 27
Terminating Sessions
cifs terminate Host1
system> cifs terminate [-t time]

[host]
Host1
Host2
cifs terminate
Host3
Host4
28
TERMINATING SESSIONS
The cifs terminate command stops the CIFS service. If a single host is named, all CIFS sessions that
were opened by that host are terminated. If a host is not specified, all CIFS sessions are terminated, and the
CIFS service is shut down.
If you run the cifs terminate command without specifying a time until shutdown, and there are users
with open files, you are prompted to enter the number of minutes to delay before terminating. If the CIFS
service is terminated immediately on a host that has one or more files open, users are unable to save changes.
You can use the -t option to warn of an impending service shutdown. If you execute cifs terminate from rsh,
you must supply the -t option.
EXAMPLE
RESULT
cifs terminate -t 10
gloriaswan
Terminates a session in 10 minutes for the host gloriaswan and

periodically sends alerts to the affected host or hosts
cifs terminate -t 0
Terminates all CIFS sessions immediately for all clients
cifs restart
Reconnects the storage appliance to the domain controller and

restarts the CIFS service
9 - 28
CLI: Reconfiguring CIFS

Use the cifs terminate command to
disconnect users and stop the CIFS service.
Use the cifs setup command to reconfigure
the CIFS service.
The storage system automatically attempts to
restart the CIFS service with the new CIFS
configuration.
29
CLI: RECONFIGURING CIFS

To reconfigure CIFS, you must run the cifs setup program again, and then enter new configuration
settings. You can use cifs setup to change these CIFS settings:
WINS server addresses
Security style (multiprotocol or NTFS-only)
Authentication (Windows domain, Windows workgroup, or UNIX password)
File system that is used by the storage system
Domain or workgroup to which the storage system belongs
Storage system name
Prerequisites for Reconfiguring CIFS
Before you reconfigure CIFS, you must meet these prerequisites:
The CIFS service must be terminated.
If you want to change the storage system's domain, the storage system must be able to communicate with the
primary domain controller for the domain in which you want to install the storage system. You cannot use the
backup domain controller for installing the storage system.
9 - 29
CIFS Sessions
CIFS SESSIONS
9 - 30
30
Displaying CIFS Sessions

You can display these types of CIFS session
information:
A summary of session information
Share and file information for one or all
connected users
Security information for one or all connected
users
To obtain session information, use:

CLI
31
DISPLAYING CIFS SESSIONS

You can display these types of session information:
A summary of session information, including storage system information and the number of open shares
and files that were opened by each connected user
NOTE: The number of open shares that are shown in the session information includes the hidden IPC$
share.
Share and file information about one connected user or all connected users, including names of shares
opened by a specific connected user or all connected users
Access levels of opened files
Security information about a specific connected user or all connected users, including the UNIX UID and
a list of UNIX groups and Windows groups to which the user belongs.
9 - 31
CLI: Managing CIFS Sessions

system> cifs sessions
Server Registers as ' NetApp1 ' in Windows 2000 domain
'DEVELOPMENT'
Filer is using en_US for DOS users
Selected domain controller \\DEVDC for authentication
========================================
PC (user)
#shares
#files
system (DEVELOPMENT\administrator - root)
1
0
system> cifs sessions -s
users
Security Information
system (DEVELOPMENT\administrator - root)
***************
UNIX uid = 0
user is a member of group daemon (1)
user is a member of group daemon (1)
NT membership
DEVELOPMENT\Administrator
DEVELOPMENT\Domain Users
DEVELOPMENT\Domain Admins...
32
CLI: MANAGING CIFS SESSIONS

To display a summary of information about the storage system and connected users, use the
cifs sessions command without arguments. For information about a single connected user, you can
specify the user, the machine name, or IP the address. You can use the -s option to obtain security
information about one or all connected users.
EXAMPLE
RESULT
cifs sessions
Displays a summary of all connected users
cifs sessions growe
Displays information about the user, files opened by the

user, and the access level of the open files
cifs sessions growe_NT

cifs sessions 192.168.33.3
Displays information about the host, files opened by the

host, and the access level of the open files
cifs sessions s
Displays security information about all connected users
cifs sessions s growe_NT
Displays security information about the connected machine
9 - 32
NetApp System Manager: CIFS Sessions
NETAPP SYSTEM MANAGER: CIFS SESSIONS
9 - 33
33
Other CIFS Administration Resources

For more information about CIFS administration, see
the Data ONTAP CIFS Administration course.
Different CIFS user authentication methods:
Workgroup
Active Directory
Windows NT 4.0 domain
Non-Windows workgroup
Advanced configuration
Collecting CIFS statistics
CIFS performance tuning
Troubleshooting CIFS
OTHER CIFS ADMINISTRATION RESOURCES
9 - 34
34
Module Summary
Describe the CIFS environment
Configure the storage system to participate in
the CIFS environment
Share a resource on the storage system
Map a drive from a client to the shared
resource on the storage system
MODULE SUMMARY
9 - 35
35
Exercise
Module 9: CIFS
EXERCISE
9 - 36

What is the purpose of CIFS?
What authentication mechanisms are available

with the CIFS service?
What are the steps to set up CIFS?
9 - 37
37
NAS Management
Module 10
NAS MANAGEMENT
10 - 1
Data ONTAP 7-Mode Administration: NAS Management
Module Objectives
List some security methods for protecting data
Explain and configure a security style setting
for a volume and a qtree
Describe methods of tracking and restricting
storage usage
Explain, create, and manage quotas
Explain and configure the Data ONTAP
FPolicy file-screening policy
MODULE OBJECTIVES
10 - 2
NAS Management
After you configure network-attached storage
(NAS) protocols, additional steps are needed
to ensure that you get the full use of NAS
technologies.
This module examines:
Securing data
Tracking and restricting storage usage
NAS MANAGEMENT
10 - 3
Securing Data
SECURING DATA
10 - 4
Data Security Techniques

NetApp systems provide several security
methods to protect data on your storage system.
Limit protocol access by interface
Specify and manage the security style
Integration with third-party products

Virus scanning
File screening and hierarchical storage
management (HSM)
DATA SECURITY TECHNIQUES
10 - 5
Securing NAS Data with Data ONTAP

By default, protocols are accessible by all
configured interfaces
To restrict access through a particular
interface:
system> options interface.blocked.cifs e0a
system> options interface.blocked.nfs e0a,e0b
To allow a protocol access through all

interfaces:
system> options interface.blocked.cifs
SECURING NAS DATA WITH DATA ONTAP

By using the interface.blocked option, you can also restrict iSCSI, FTP, and SnapMirror processes.
10 - 6
Multiprotocol
Volumes and qtrees can have either:
New Technology File System (NTFS) security
style access control list (ACL) permissions
UNIX-style permissions
Having UNIX security style permissions does

not prevent Windows (CIFS) users from
accessing a volume or qtree if multiprotocol is
correctly configured.
Having NTFS security style ACL permissions
does not prevent UNIX (NFS) users from
accessing a volume or qtree if multiprotocol is
correctly configured.
MULTIPROTOCOL
Qtrees can have one of these three security styles:
NTFS:
UNIX: UNIX files and directories, like UNIX systems, have UNIX permissions.
Mixed:
10 - 7
For CIFS clients, security is handled using Windows NTFS ACLs.

For NFS clients, the NFS user ID (UID) is mapped to a Windows security identifier (SID) and its associated
groups. These mapped credentials are used to determine file access, based on the NFTS ACL.
Both NTFS and UNIX security are allowed. A file or directory can have either Windows NT permissions or
UNIX permissions.
The default file security style is the style that was most recently used to set permissions on that file.
Security Style Interaction

For a Windows user to
access:
An NTFS security style
volume or qtree, the
Windows user is tested
against NTFS security
style ACLs
A UNIX security style
Windows user must be
mapped to a UNIX UID
(and an associated UNIX
GID)
Windows Host
Windows
User ID
NTFS
UNIX
User
UNIX
Unix
SECURITY STYLE INTERACTION

User mapping between UNIX users and NTFS users always occurs, whether the chosen security style is
NTFS or multiprotocol. Even when a Windows client user is accessing data through an NTFS qtree on a
storage system with NTFS security style, a user mapping occurs for the Windows client user.
10 - 8
Windows-to-UNIX User Resolution

Active Directory
Authentication
Domain
Authenticated
Windows
authenticated
Unauthenticated
Windows
Domain
Controller
Authentication
Authenticate by
/etc/registry
Windows Workgroup
Authentication
Windows
authenticated
Unauthenticated
Storage System
WINDOWS-TO-UNIX USER RESOLUTION

When a CIFS user attempts to access a volume or qtree that has UNIX permissions, the user is authenticated
with the method by which the CIFS server has previously been configured. If the storage system has been
configured for domain authentication, the storage system passes the credentials to the domain controller for
proper authentication. The credentials are either authenticated or not. If the storage system has been
configured for workgroup authentication, then the user is authenticated by the /etc/registry.
10 - 9

If an admin, check
wafl.nt_admin_priv_map_to_root
Windows
authenticated
Check mapping
/etc/usermap.cfg
Domain\user => UNIX name
If not
verified
off
Check
wafl.default_unix_user
on, use root
If mapping exists,
try mapped user
Verify UNIX user by

/etc/passwd,
NIS, or LDAP
If no mapping,
try Windows user
If mapped to
Invalid user
User accepted
10

A Windows authenticated user is looked up in the /etc/usermap.cfg file. Three possibilities are available. The
user might be mapped to a UNIX user, not mapped at all, or mapped to an empty string. If the user is mapped,
then the mapped UNIX user is passed to verification. If the user is not mapped, then the authenticated CIFS
users name, with all lowercase letters, is tried for UNIX verification. If the user is mapped to an empty string
( ), then the user is invalid.
Verification
The storage system attempts to verify a UNIX user by employing the mechanism that is specified in the
/etc/nsswitch.conf file. The mechanism could be using /etc/passwd, using Network Information Service (NIS),
using Lightweight Directory Access Protocol (LDAP), or using NIS and LDAP. If verification is
unsuccessful, then the option wafl.default_unix_user is tried as a generic user account. A typical
default UNIX user is pcuser (UID=65534 and GID=65534), which is stored in /etc/passwd file by default. If
verification is successful, the CIFS user is properly associated with a UNIX account. If verification is
unsuccessful, the CIFS user is invalid.
Windows Administrator
The Windows administrator user is a special case. The administrator is mapped to the UNIX user name root
(UID=0 and GID=0) if the wafl.nt_admin_priv_map_to_root option is set on.
10 - 10

Unauthenticated
or invalid user
Try
Guest account configured
guest
options cifs.guest_account Yes
user
Verify
UNIX user by
/etc/passwd,
NIS, or LDAP
Guest user
accepted
No
Unauthenticated
or invalid user
rejected
Guest user
rejected
11

Unauthenticated or invalid users still might be allowed access to the resource if the option
cifs.guest_account is configured. The guest account is then passed to the storage system for UNIX
verification that is specified by the /etc/nsswitch.conf file.
10 - 11
UNIX User Access to Files

For a UNIX user to access:
A UNIX security style
UNIX user is tested
against the UNIX files
permissions
An NTFS security style
volume or qtree, the UNIX
user and group must be
mapped to a Windows
user (and associated
Windows groups)
UNIX Host
UNIX
User
Unix
Windows
User ID
NTFS
UNIX
12
UNIX USER ACCESS TO FILES

This section explains the default mechanism (/etc/usermap.cfg) for mapping UNIX user names to Windows
accounts. This mapping can also be accomplished by using LDAP, Active Directory, or NIS servers, as
described in http://www.netapp.com/library/tr/3458.pdf.
10 - 12
UNIX-to-Windows User Resolution

UID to UNIX user
name successful
# cd /mnt/home
# ls
UID
and GID
Resolves UID to
UNIX user name by
/etc/passwd,
NIS, or LDAP
Storage System
UID to UNIX user
name failed
NOTE: UNIX UID (and GID) were assigned at user login, when the
user name and password were authenticated.
13
UNIX-TO-WINDOWS USER RESOLUTION

For the sake of this example, assume that the version of NFS is NFS v2 or v3. When an NFS user attempts to
access a volume or qtree that has NTFS ACLs, the users UID is passed from the client to the storage system.
The storage system attempts to resolve the users name by the normal UNIX methods, as defined in
/etc/nsswitch.conf.
10 - 13

If not
verified
UID to UNIX user

name successful
Look for mapped Windows

user in
/etc/usermap.cfg
Domain\user <= UNIX name
Check
wafl.default_nt_user
If mapping exists,
try mapped user
Verify Windows user

by local storage
system or domain
If no mapping,
try UNIX user
If mapped to
Invalid user
User accepted
14

A valid user name is then looked up in the /etc/usermap.cfg file. Three possibilities are available. The user
might be mapped to a Windows user, not mapped at all, or mapped to an empty string. If the user is mapped,
then the mapped Windows user is passed to verification. If the user is not mapped, then the UNIX users
name is tried for CIFS verification. If the user is mapped to an empty string ( ), then the user is
automatically invalid.
Verification
The storage system attempts to verify a Windows user by using the mechanism as configured by the CIFS
server. The mechanism is either using the local accounts that are defined in the /etc/registry or passing
verification to a domain controller. If verification is unsuccessful, then the option
wafl.default_nt_user is tried as a generic user account. There is no default setting for this value, so it
must be configured. If verification is successful, the NFS user is properly associated with a Windows account.
If verification is unsuccessful, the NFS user is invalid.
10 - 14
UID to UNIX
user name
failed or invalid
user
Invalid
user
rejected
15

Unlike Windows-to-UNIX resolution, there is no guest user account for NFS users. If the user is invalid, the
user is rejected.
10 - 15
Security Styles
Security Styles
Hosts That Can
Change Security
Permissions
CIFS Client
Access
Determined by
NFS Client
Access
Determined by
UNIX
NFS clients
UNIX
permissions
(Windows user
names mapped
to UNIX account)
UNIX
permissions
Mixed
NFS and CIFS

clients
Security Style
NTFS
CIFS clients
Depends on the last client to set

security settings (permissions)
Windows NTFS
ACLs
Windows NTFS
ACLs
(UNIX user
names mapped
to Windows
account)
16
SECURITY STYLES
A CIFS user can access the file without disrupting UNIX permissions by using one of these techniques:
For the versions of the Data ONTAP operating system earlier than version 7.2, the CIFS user must have
the SecureShare multiprotocol file-locking system, an add-on from the NetApp Support site.
For the Data ONTAP 7.2 operating system and later, the CIFS user can manage security directly with
cifs.preserve_unix_security.
For more information, see the CIFS Administration on Data ONTAP course.
10 - 16
Setting Security Styles

To set a security style for a volume:
system> qtree security /vol/vol0 ntfs
To set a security style for a qtree:

system> qtree security /vol/vol0/q1 ntfs
Changing a security style resets all security

permissions within a volume or qtree to the
default.
NTFS: Everyone has read-write access
UNIX: User/group/world have rwx
drwxrwxrwx
2 root
root
4096
cifs_tree1
SETTING SECURITY STYLES
10 - 17
17
Securing NAS Data with Third-Party Tools

Data ONTAP operating system can integrate
with third-party data to secure NAS data.
Virus protection:
Provides on-access virus scanning of files on a
storage system
Requires a virus-scanning Windows server
running compliant antivirus applications
May require a file to be scanned before a CIFS
client can open it
See the Data ONTAP CIFS Administration

course for more details.
18
SECURING NAS DATA WITH THIRD-PARTY TOOLS

CIFS virus protection is a feature of the Data ONTAP operating system that enables a virus-scanning
Windows server running compliant antivirus applications to provide on-access virus scanning of files on a
storage system.
On-access virus scanning means that a file is scanned before a CIFS client is allowed to open it. For more
information about virus scanning, please see Technical Report 3107 entitled Antivirus Scanning Best
Practices Guide at the NetApp website.
10 - 18
Tracking and
Restricting
Storage Usage
TRACKING AND RESTRICTING STORAGE USAGE
10 - 19
19
Tracking and Restricting NAS Usage

Administrator may wish to track NAS usage to:
Monitor trends
Charge back department usage
Effectively manage storage
Restrict user usage
Data ONTAP operating system provides the

mechanism to track and restrict NAS usage:
1. Quotas
2. Qtree statistics
3. FPolicy file-screening policy
TRACKING AND RESTRICTING NAS USAGE
10 - 20
20
Purpose of Quotas
Quotas are necessary to:
Limit the amount of disk space that can be used
Track disk space usage
Warn of excessive usage
Quota targets:
Users
Groups
Qtrees
21
PURPOSE OF QUOTAS
Quotas are important tools for managing the use of disk space on your storage system. A quota is a limit that
is set to control or monitor the number of files or the amount of disk space that an individual or group can
consume. Quotas enable you to manage and track the use of disk space by clients on your system.
A quota is used to:
Limit the amount of disk space or the number of files that can be used
Track the amount of disk space or the number of files that are used, without imposing a limit
Warn users when disk space or file usage is high
10 - 21
NetApp System Manager: Quota Creation

To manage quotas in NetApp System Manager:
Create a quota
NETAPP SYSTEM MANAGER: QUOTA CREATION
10 - 22
22
Quota Type
23
QUOTA TYPE
The quota limit type can be a:
User: Indicated by a UNIX or Windows ID
Group: Indicated by UNIX GIDs
Qtree: Represented by the qtree path name
User quotas, group quotas, and qtree quotas are stored in the /etc/quotas file. You can edit this file at any time.
In both NFS and CIFS environments, quotas are based on a Windows account name, UNIX ID, or GID.
The CIFS system administrator must maintain:
The /etc/passwd file for CIFS users to obtain UIDs (if those users are going to create UNIX files)
The /etc/group file for CIFS users to obtain GIDs or use an NIS server to implement CIFS quotas
Qtree quotas do not require UIDs or GIDs. If you only implement qtree quotas, you do not have to maintain
the /etc/passwd and /etc/group files (or NIS services).
10 - 23
Quota Limits
24
QUOTA LIMITS
Disk Column
The Disk Space Hard Limit field specifies the maximum disk space that is allocated to the quota target. This
hard limit cannot be exceeded. If the limit is reached, messages are sent to the user and console, and SNMP
traps are generated.
Files Column
The Files Hard Limit field specifies the maximum number of files that the quota target can use. To track
usage of the number of files without imposing a quota, enter a blank or a dash (-) in this field. You can omit
abbreviations (uppercase or lowercase) and you can enter an absolute value, such as 15000. NOTE: The value
for the Files Hard Limit field must be on the same line in your quotas file as the value for the disk field;
otherwise, the Files field is ignored.
Threshold Column
The Threshold field specifies the limit at which write requests trigger messages to the console. If the threshold
is exceeded, the write still succeeds, but a warning is logged to the console. The Threshold field uses the same
format as the Disk field. Do not leave this field blank. The value that follows Files is always assigned to the
Threshold field. If you do not want to specify a threshold limit, enter a dash (-) here.
Soft Disk Column
The Disk Space Soft Limit field specifies the disk space that can be used before a warning is issued. If this
limit is exceeded, a message is logged to the console, and an SNMP trap is generated. When the soft disk
limit returns to normal, another syslog message and SNMP trap is generated. The Disk Space Soft Limit field
has the same format as the Disk Space Hard Limit field. If you do not want to specify a soft limit, enter a dash
(-) or leave this field blank. NOTE: The Disk Space Soft Limit value must be on the same line as the value
for the Disk Space Hard Limit field; otherwise, the soft disk limit is ignored. The sdisk limit is the NFS
equivalent of a CIFS threshold.
10 - 24
Soft Files Column

The Files Soft Limit field specifies the number of files that can be used before a warning is issued. If the soft
limit is exceeded, a warning message is logged to the storage system console, and an SNMP trap is generated.
When the soft files limit returns to normal, another syslog message and SNMP trap is generated. The Files
Soft Limit field has the same format as the Files Hard Limit field. If you do not want to specify a soft files
limit, enter a dash (-) or leave the field blank.
10 - 25
Quota Summary
QUOTA SUMMARY
Changes to the /etc/quotas file are not persistent until you click Commit.
10 - 26
25
NetApp System Manager: Resize Quotas

Quota status and resize
To enable
or disable
quota per
volume
Resize quotas
if quota definitions
have changed or
system> quota resize
26
NETAPP SYSTEM MANAGER: RESIZE QUOTAS

The quota resize command adjusts currently active quotas to reflect changes in the /etc/quotas file. For
example, if you edit an entry in /etc/quotas to increase a quota, executing the quota resize command
causes the change to take effect. To view active quotas, create a quota report before and after the quota resize.
Use quota resize only when quotas are already set for the volume. The quota resize command
implements additions and changes to the /etc/quotas file.
10 - 27
Quota Messages
Disk quota exceeded results from requests
that cause a user or group to exceed an
applicable quota.
Out of disk space results from requests that
cause the number of blocks or files in a qtree
to exceed the qtree limit.
Root or Windows administrator account:
Group quotas do not apply
Tree quotas do apply
27
QUOTA MESSAGES
Quotas are set to warn you that limits are being approached, enabling you to act before users are affected.
For all quota types, the Data ONTAP operating system sends console messages when the quota is exceeded
and when it returns to normal. SNMP traps for quota events are also initiated. Additional messages are sent to
the client when hard quota limits are exceeded.
NOTE: Threshold quotas in CIFS are the same as soft quotas in NFS.
Quota Error Messages
When receiving a write request, the Data ONTAP operating system checks to see if the file to be written is in
a qtree. If the write would exceed the tree quota, this error message is sent to the console:
tid tree_ID: tree quota exceeded on volume vol_name
If the qtree is not full but the write would cause either the user or group quota to be exceeded, the Data
ONTAP operating system logs one of these errors:
uid user_ID: disk quota exceeded on volume vol_name
gid group_ID: disk quota exceeded on volume vol_name
Error Messages Received by Clients
When hard quota limits are violated, the Data ONTAP operating system returns an out-of-disk-space error to
the NFS write request or a disk-full error to the CIFS write request.
10 - 28
NetApp System Manager: Edit Quota Rules

To edit quota rules by using NetApp System Manager:
Dont forget
to resize the
volumes quotas
NETAPP SYSTEM MANAGER: EDIT QUOTA RULES
10 - 29
28
Quota Rules
New users or groups that are created after the default
quota is in effect have the default value.
Users or groups that do not have a specific quota
defined have the default value.
Configurable rules (/etc/quotas fields) are:
# Target
Type
Disk
Files
Thold
Sdisk
Sfiles
*
/vol/home/usr/x1
21
/vol/eng/proj
Writers
acme\cheng
[email protected]
Rtaylor
S-1-5-32-544
user@/vol/vol2
user
Group
tree
group@/vol/techpub
user@/vol/vol2
user
user@/vol/vol2
user@/vol/vol2
50M
50M
750M
100M
75M
200M
200M
200M
15K
10K
75K
75K
75K
-
45M
45M
700M
90M
70M
150M
150M
150M
10K
9000
-
NOTE: Columns are separated by blank spaces.

29
QUOTA RULES
Target Column
The Target column identifies what the quota is applied against. In this example, there are multiple equivalent
ways in which you can specify the target. These entries provide target UIDs (for users) or GIDs (for groups)
of the local storage system. The ID numbers must not be 0. The system checks quotas every time it receives a
write request, so it is important to use a target that wont change over time, unless you account for the change
in the quotas file.
NOTE: Do not use the backslash (\) or an at sign (@) in UNIX quota targets. The Data ONTAP operating
system interprets these characters as part of Windows names.
Type Column
You can create a quota based upon the following types: user, user@volume_path, user@tree_path, group,
group@volume_path, group@tree_path, or a tree (short for qtree).
Default Quotas
You can create a default quota (*) for users, groups, or qtrees. A default quota applies to quota targets that are
not explicitly referenced in the /etc/quotas file.
Overriding Default Quotas
If you do not want the Data ONTAP operating system to apply a default quota to a particular target, you can
create an entry in the /etc/quotas file for that target so that the explicit quota overrides the default quota.
10 - 30
Quota Report
system> quota report
Type
ID
Volume
Tree...
----- ---- -------- -----tree
1
NASvol
tree1...
K-Bytes
Files
...Used
Limit Used Limit Quota Specifier
--------- ------- ----- ------ --------------... 14612
12288
24
2 /vol/NASvol/tree1
30
QUOTA REPORT
The quota report command prints the current file and space consumption for each user, group, and qtree.
Using a path argument, it displays information about all quotas that apply to the files in the path. Space
consumption and disk limits are rounded up and reported in multiples of 4 K.
In the example above, the quota report command is used with the u option. For targets with multiple
IDs, this report shows the first ID on the first line of each report entry. Other IDs are shown on separate lines
with one ID per line. Each ID is followed by its original quota specifier, if any. The default is to display one
ID per target.
These options are available with the quota report command:
The -s option shows soft and hard limit values for each user, group, and qtree.
The -u option shows the first ID on first line of each report entry for targets with multiple IDs. Other IDs
are shown on separate lines with one ID per line. Each ID is followed by its original quota specifier, if
any. The default is to display one ID per target.
The -x option shows all IDs (separated by commas) on first line of each report entry for targets with
multiple IDs. The report also shows threshold column. Columns are tab delineated.
The -t option prints the threshold of the quota entry. If omitted, the warning threshold is not included.
10 - 31
Quota Information
Beginning with the Data ONTAP 7.3 operating
system, the AutoSupport support tool message
contains this quota information:
A collection of quota statistics, including a set of
new counters that collect quota statistics
The quota configuration file (/etc/quotas)
The user mapping file (/etc/usermap.cfg)
Quota information is included in AutoSupport

support tool message as attachments.
31
QUOTA INFORMATION
Starting with Data ONTAP 7.3 operating system, the message that is generated by the Data ONTAP operating
systems AutoSupport support tool now includes quota information, which enables NetApp to improve its
response to quota-related support questions. Before the release of the Data ONTAP 7.3 operating system, if
you had a quota-related support question, it was necessary for you to gather the appropriate information and
send it to NetApp technical support, which sometimes created a delay of several days. With the inclusion of
quota information in the latest version of the AutoSupport support tool message, this information is
automatically sent to NetApp technical support. Quota information in AutoSupport also enables NetApp to
store quota statistics that are useful for analysis.
Quota information is included in AutoSupport message as an attachment. The attachment name appears in the
format YYYYMMDDHHMM.N.quotas.gz. For privacy protection, the contents of the quota files are
encrypted.
The AutoSupport attachment contains three types of quota information:
A collection of quota statistics

The configuration file /etc/quotas
The user-mapping file /etc/usermap.cfg
10 - 32
Qtree Statistics
To display the number of NFS and CIFS operations
resulting from user access to files in a qtree:
system> qtree stats
...
Volume
-------NASvol
Tree
-------nas_tree1
NFS ops
------0
CIFS ops
----802
32
QTREE STATISTICS
To help you determine what qtrees are incurring the most traffic, the qtree stats command enables you
to display statistics about user accesses to files in the qtrees on your system. This information can identify
traffic patterns to help with qtree-based load balancing.
The storage system maintains counters for each qtree in each of the storage systems volumes. These counters
are not persistent.
To reset the qtree counters, use the -z option.
The values that are displayed by the qtree stats command correspond to the operations on the qtrees that
have occurred since most recent occurrence of one of these actions:
Volume containing the qtrees was created

Volume containing the qtrees was brought online on the storage system (either through a vol online
command or a reboot)
Counters were reset
If you do not specify a name in the qtree stats command, the statistics for all qtrees on the storage
system are displayed. Otherwise, statistics for qtrees in the named volume are displayed.
Similarly, if you do not specify a name with the -z option, the counters are reset on all qtrees and all
volumes.
The qtree stats command displays the number of NFS and CIFS accesses on the designated qtrees since
the counters were last reset. The qtree stats counters are reset when one of these actions occurs:
System is booted
Volume containing the qtree is brought online
Counters are explicitly reset using the qtree stats -z command
10 - 33
FPolicy File-Screening Policy

FPolicy file-screening policy:
Enables administrators to create file policies and
associate them with file operations that are
executed with CIFS and NFS v4
Example: Restrict .jpg and .mpg files from being
stored on a storage system
FPolicy file-screening policy is enabled two

ways:
Using third-party file screening software
(can be located at www.netapp.com/partners)
Using native file blocking

33
FPOLICY FILE-SCREENING POLICY

A file-screening policy determines how the storage system handles requests from individual client systems for
operations such as open, rename, create, and delete.
You use a file-screening policy to specify files or directories and the restrictions to be placed on them.
Upon receiving a file operation request (such as open, write, create, or rename), the Data ONTAP operating
system checks its file-screening policies before permitting the operation.
10 - 34
Triggering Operations
Operations that can trigger a file policy:
create
open
write
rename
delete
close
create_dir
getattr
link
lookup
read
rename_dir
setattr
symlink
TRIGGERING OPERATIONS
10 - 35
34
Third-Party File-Screening Process

1. A client requests a file.
2. The storage system consults the screening server.
3. The screening server responds as follows:
If a file is OK, the storage system allows access.
If a file is denied, the storage system denies
access.
Storage System
File Screen Server
Operations that can be controlled

by policy are:
Creation of a new file
Opening an existing file
Renaming a file
Ethernet
Client
THIRD-PARTY FILE-SCREENING PROCESS
10 - 36
35
Hierarchical Storage Management (HSM)

FPolicy file-screening policy may integrate with
HSM servers to manage data more efficiently.
HSM Server
(FPolicy
Server)
Policy: Migrate files more than

six months old to secondary
Primary
Storage System
my.docx
Clients
my.docx
Stub or
sparse file
Complete
file
Secondary
Storage System
36
HIERARCHICAL STORAGE MANAGEMENT (HSM)

Hierarchical storage management (HSM) automates the migration of data among storage devices, usually
based on inactivity or time. HSM is based on the concept of a cost-performance storage model. By accepting
lower access performance (higher latency), you can store data less expensively. By automatically moving less
frequently accessed objects to less expensive hardware, you can achieve a better overall cost-performance
ratio.
In this example, a policy is created to migrate files that are more than six months old from primary storage
systems to secondary storage. When the policy runs, the file named my.docx moves from the primary storage
system to the secondary storage system. A stub or sparse file remains in the directory structure as a pointer
that is still visible to clients.
10 - 37
Hierarchical Storage Management

When a client requests a file, Data ONTAP 7.3
and later operating systems redirect the request.
HSM Server
(FPolicy
Server)
Read Request: my.docx

my.docx
Clients
Primary
Storage System
Secondary
Storage System
37
HIERARCHICAL STORAGE MANAGEMENT

When a read request comes in, the Data ONTAP operating system forwards the request to the HSM server,
which retrieves the file from the secondary storage system.
10 - 38
Configuring Native-Blocking FPolicy

Turn the feature on:
system> options fpolicy.enable on
Create a file policy:

system> fpolicy create <policy_name> screen
NOTE: Screen is the only supported policy type.
Add extensions and options to the file policy or

remove extensions and options from the file
policy.
Set up a file policy monitor.
Enable the file policy:
system> fpolicy enable <policy_name>
CONFIGURING NATIVE-BLOCKING FPOLICY
10 - 39
38
Blocking MP3s Example

To block MP3s on a storage system:
Create the blocking policy:
system> fpolicy create mp3blocker screen
Add the extension mp3 to the FPolicy:
system> fpolicy ext inc set mp3blocker mp3
Require FPolicy to be implemented:
system> fpolicy options mp3blocker required on
Assign the FPolicy to the create and rename

operations over CIFS and NFS traffic:
system> fpolicy monitor set mp3blocker

-p cifs,nfs create,rename
Enable the new policy:
system> fpolicy enable mp3blocker -f
39
BLOCKING MP3S EXAMPLE

NOTE: This is intended as a high-level discussion. The corresponding labs have detailed instructions on how
to implement this example.
10 - 40
Module Summary
List some security methods for protecting data
Explain and configure a security style setting
for a volume and a qtree
Describe methods of tracking and restricting
storage usage
Explain, create, and manage quotas
Explain and configure the Data ONTAP
FPolicy file-screening policy
MODULE SUMMARY
10 - 41
40
Exercise
Module 10: NAS Management
EXERCISE
10 - 42

What is a security style?
Does a security style prevent protocols from

accessing the volume or qtree?
What are the functions of a quota?
Name three quota targets.
10 - 43
42
SAN
Module 11
SAN
11 - 1
Data ONTAP 7-Mode Administration: SAN
Module Objectives
Explain the purpose of a SAN
Identify supported SAN configurations
Distinguish between Fibre Channel (FC), Fibre
Channel over Ethernet (FCoE), and iSCSI protocols
Define a LUN and explain LUN attributes
Use the lun setup command and NetApp System
Manager to create iSCSI-attached LUNs
Access and manage a LUN from a Windows host
Define SnapDrive data management software and its
features
MODULE OBJECTIVES
11 - 2
SAN Overview
SAN OVERVIEW
11 - 3
Unified Storage
NFS
Corporate
LAN
iSCSI
CIFS
FCoE
FC
NAS
SAN
NetApp FAS
UNIFIED STORAGE
SAN is a block-based storage system that makes data available over the network, using Fibre Channel (FC),
Fibre Channel over Ethernet (FCoE), and iSCSI protocols.
Network-attached storage (NAS) is a file-based storage system that makes data available over the network,
using NFS and CIFS protocols.
The NetApp SAN and Unified Storage Architecture provides an outstanding level of investment protection
and flexibility. The FAS system at the bottom of this image implies one box. However, the actual storage
environment includes small and large FAS systems.
11 - 4
SAN Protocols
WAFL File System Architecture

Block Services
SAN Protocols
FC, iSCSI, FCoE
Network Interfaces
FC
Encapsulated SCSI
FC Network
Ethernet
Encapsulated SCSI
TCP/IP Network
SAN PROTOCOLS
Network access to LUNs on a NetApp storage system can be through either an FC network or a TCP/IP-based
network. Both of these protocols carry encapsulated SCSI commands as the data transport mechanism.
11 - 5
SAN Components
SAN COMPONENTS
11 - 6
Initiator and Target

Application
File System
SCSI Driver
Initiator
Host
Target
SAN Services
WAFL
Controller
LUN
INITIATOR AND TARGET

Initiators, including Windows and UNIX-type hosts, are consumers or clients within a SCSI relationship.
Targets, including NetApp controllers and storage arrays, present data as logical units and are the servers
within a SCSI relationship.
11 - 7
SAN Types
A SAN can be implemented using either:
FC
Referred to as FC SAN
Uses FC protocol to communicate
Physical Data FC Frame
SCSI
Uses FCoE to communicate

Ethernet FCoE FC Frame
SCSI
IP, which uses iSCSI to communicate

Ethernet IP TCP iSCSI
SCSI
SAN TYPES
LUNs on a NetApp storage system can be accessed through either an FC SAN fabric, using the FC protocol,
or an Ethernet network, using the FCoE or iSCSI protocol. In all cases, the transport portals (FC, FCoE, or
iSCSI) carry encapsulated SCSI commands as the data transport mechanism.
11 - 8
Ports
Application
File System
TCP/IP Driver iSCSI Driver
SCSI Driver
FC Driver
Initiator
Ethernet Port
TCP/IP Driver iSCSI Driver
HBA on both initiator and target or

CNA on the initiator and UTA on the target
SAN Services
WAFL
FC Driver
Target
IP
SAN
LUN
FC
SAN
9
PORTS
Data is communicated over ports. In an Ethernet SAN, the data is communicated by means of Ethernet ports.
In an FC SAN, the data is communicated over FC ports.
11 - 9
Node and Port Names in FC

Application
File System
Initiator
SCSI Driver
21:00:00:2b:34:26:a6:56
20:00:00:2b:34:26:a6:56
Worldwide Node Name (WWNN)
Worldwide Port Name (WWPN)

50:0a:09:81:86:f7:c7:86
50:0a:09:80:86:f7:c7:86
SAN Services
WAFL
Target
IP
SAN
LUN
FC
SAN
10
NODE AND PORT NAMES IN FC

In FC SAN, a worldwide node name (WWNN) describes a machine, and a worldwide port name (WWPN)
describes a physical port that is attached to that machine.
The FC specification for the naming of nodes and the ports on those nodes can be quite complicated. Each
device is given a globally unique WWNN and an associated WWPN for each port on the node. WWNNs and
WWPNs are 64-bit addresses made up of 16 hexadecimal digits grouped together in pairs, with a colon
separating each pair (for example, 21:00:00:2b:34:26:a6:54).
The first number in the address defines what the other numbers in the address represent, according to the FC
specification. The first number is usually a 1, 2, or 5. In the example of QLogic initiator HBAs, the first
number is usually a 2. For Emulex initiator HBAs, the first number is usually a 1. A NetApp storage system
is assigned a 5.
11 - 10
Nodes and Portals in iSCSI

Application
File System
Initiator
SCSI Driver
Local Network Connection
iqn.1999-04.com.a:system
Portals
Node Name
Target Portal Group (TPG)
iqn.1998-02.com.netapp:ss1
SAN Services
WAFL
Target
IP
SAN
LUN
FC
SAN
11
NODES AND PORTALS IN ISCSI

In IP SAN, the node name describes a machine, and the portal describes a physical port. Each iSCSI node
must have a node name. There are two possible node name formats.
IQN-Type Designator
The format of this node name is conventionally:
iqn.yyyy-mm.backward_naming_authority: unique_device_name
This is the most popular node name format and is the default that is used by a NetApp storage system. These
are the components of the logical name:
Type designator, IQN, followed by a period (.)
The date when the naming authority acquired the domain name, followed by a period
The name of the naming authority, optionally followed by a colon (:)
A unique device name
Eui-Type Designator
The format of this node name is:
eui.nnnnnnnnnnnnnnnn
These are the components of the logical name:
The type designator itself, eui, followed by a period (.)

Sixteen hexadecimal digits
Example: eui.123456789ABCDEF0
11 - 11
Connectivity Between Initiator and Target

Application
File System
Initiator
SCSI Driver
Directly Connected
Connected by a Switch
SAN Services
WAFL
Target
IP
SAN
LUN
CONNECTIVITY BETWEEN INITIATOR AND TARGET
11 - 12
FC
SAN
12
Set Up a SAN
SET UP A SAN
11 - 13
13
Set Up a SAN
To set up a SAN:
1. License the appropriate SAN protocol on the
storage system.
2. Create a volume or qtree where the LUN will
reside.
3. Verify that the SAN protocol service is on.
4. Configure the host initiator.
5. Create the LUN and igroup, and then
associate the igroup to the LUN.
14
SET UP A SAN
To configure a SAN, you must ensure that these requirements are implemented:
1.
2.
3.
4.
5.
6.
7.
The initiator on a host must discover the target on a storage system.

The initiator binds to the target. The bindings can optionally be persisted across reboots.
On the storage system, initiators that are allowed access are placed within an igroup.
A LUN must be created on the storage system.
A LUN must be mapped to an igroup containing the initiator.
The initiator operating system then finds the virtual disk or LUN on the host.
The host operating system must generally prepare the LUN by labeling, formatting, and mounting the
LUN.
11 - 14
Review Questions
How do you license the appropriate SAN
protocol on the storage system?
How do you create a volume or qtree for a
LUN?
REVIEW QUESTIONS
11 - 15
15
Managing FC or iSCSI
After licensing, the FC or iSCSI service can be
activated.
To manage the FC or iSCSI protocols, use the
command-line interface (CLI):
FC
system> fcp [subcommand]
Example: fcp start or fcp status
iSCSI
system> iscsi [subcommand]
Examples: iscsi start or iscsi status
MANAGING FC OR ISCSI
11 - 16
17
NetApp System Manager: iSCSI Setup
The iSCSI license
Notice the new

categories
To configure
licenses
NETAPP SYSTEM MANAGER: ISCSI SETUP
11 - 17
18
NetApp System Manager: iSCSI Service
Storage systems
node name
To configure
iSCSI
NETAPP SYSTEM MANAGER: ISCSI SERVICE
11 - 18
19
Configuring the Initiator

Only the initiators that are identified in the LUN igroup
can access the LUN through the protocol that is
specified.
There are different methods for setting up the initiator,
depending on:
Host operating system
SAN protocol that is used
Method of connection (HBA or software initiator)
NOTE: This is a simple configuration example. See the
SAN Fundamentals on the Data ONTAP Web-based course
and take the SAN Implementation Workshop instructor-led
course for more details.
20
CONFIGURING THE INITIATOR

This module focuses on Windows platforms using the iSCSI Software Initiator from Microsoft. For more
information about configuring iSCSI and FC LUNs on other platforms, see the SAN Fundamentals on Data
ONTAP Web-based course and the SAN Implementation Workshop instructor-led course.
11 - 19
iSCSI Software Initiator: Discovery
Click here to
configure
Add storage
systems IP address
Windows Server 2008 R2

example shown
ISCSI SOFTWARE INITIATOR: DISCOVERY

To configure the iSCSI Software Initiator:
Install the Microsoft iSCSI Software Initiator.

On the Discovery tab, specify the storage systems IP address as a target portal.
11 - 20
21
iSCSI Software Initiator: Connection
Storage system
is discovered
Click here to
connect
Click here to
accept the
connect method
ISCSI SOFTWARE INITIATOR: CONNECTION

The storage system node name is displayed in the target table.
Select the node name and click Connect.
11 - 21
22
iSCSI Software Initiator: Favorite Targets
23
ISCSI SOFTWARE INITIATOR: FAVORITE TARGETS

In the Connect to Target window, if you select Add this connection to the list of Favorite Targets, then the
connection appears on the Favorite Targets tab.
11 - 22
Creating LUNs
Create LUNs using one of the following
methods:
The CLI:
lun create
lun setup
NetApp System Manger

SnapDrive data management software
Provisioning Manager
This course focuses on lun setup and

NetApp System Manager methods
24
CREATING LUNS
You can create a LUN by using one of the following methods:
Use the lun create command on the storage system.
This command only creates a LUN. When using this command, you must complete the following additional
configuration steps:
Create initiator groups using the igroup create command.

Map the LUN to an initiator group using the lun map command.
Add portset (FC only).
Use the lun setup command on the storage system. This command is a wizard that walks you through
creating and mapping the LUN and igroup.
Use NetApp System Manager on a client host.
Use SnapDrive data management software on a client host.
11 - 23
The lun setup Command

LUN creation, optionally igroup creation, and
igroup and LUN mapping can be accomplished
with a single command:
lun setup
This is a wizard-like command that prompts

the user for relevant information.
The result of the command is a newly created
LUN that is mapped to a new or existing
igroup.
THE LUN SETUP COMMAND
11 - 24
25
Creating a LUN with lun setup

system> lun setup
This setup will take you through the steps needed to
create LUNs and to make them accessible by initiators.
You can type ^C (Control-C)at any time to abort the
setup and no unconfirmed changes will be made to the
system.
Do you want to create a LUN? [y]: y
Multiprotocol type of LUN

(solaris/windows/hpux/aix/linux/netware/vmware/windows_g
pt/windows_2008/xen/hyper_v/solaris_efi/vld/openvms)
[linux]: windows_gpt
A LUN path must be absolute. A LUN can only reside in a
volume or qtree root. For example, to create a LUN with
name "lun0" in the qtree root /vol/vol1/q0, specify the
path as "/vol/vol1/q0/lun0".
Enter LUN path: /vol/winvol/tree1/lun0
CREATING A LUN WITH LUN SETUP
11 - 25
26
lun setup: LUN Settings

A LUN can be created with or without space reservations
being enabled.
Space reservation guarantees that data writes to that
LUN will never fail.
Do you want the LUN to be space reserved? [y]: y
Size for a LUN is specified in bytes. You can use
single-character multiplier suffixes: b(sectors), k(KB),
m(MB), g(GB) or t(TB).
Enter LUN size: 12g
You can add a comment string to describe the contents of
the LUN.
Please type a string (without quotes), or hit ENTER if
you don't want to supply a comment.
Enter comment string: Windows LUN
LUN SETUP: LUN SETTINGS
11 - 26
27
lun setup: Initiator Group Creation

The LUN will be accessible to an initiator group. You can
use an existing group name, or supply a new name to create
a new initiator group. Enter '?' to see existing initiator
group names.
Name of initiator group []: ?
No existing initiator groups.
Name of initiator group []: salesigroup
Type of initiator group iWIN_fcp (FCP/iSCSI) [FCP]: iSCSI
LUN SETUP: INITIATOR GROUP CREATION
11 - 27
28
lun setup: Initiator Group Node Names

An iSCSI initiator group is a collection of
initiator node names. Each node name can begin
with either 'eui.' or 'iqn.' and should be in the
following formats: eui.{EUI-64 address} or
iqn.yyyy-mm.{reversed domain name}:{any string}
Eg: iqn.2001-04.com.acme:storage.tape.sys1.xyz or
eui.02004567A425678D
You can separate node names by commas. Enter '?'
to display a list of connected initiators. Hit
ENTER when you are done adding node names to this
group.
Enter comma separated portnames: ?
Initiators connected on adapter ism_sw1:
iSCSI Initiator Name
Group
iqn.1991-05.com.microsoft:slu2-win.edsvcs.netapp.com
LUN SETUP: INITIATOR GROUP NODE NAMES
11 - 28
29
lun setup: LUN Masking

Enter comma separated portnames: iqn.199105.com.microsoft:slu2-win.edsvcs.netapp.com
Enter comma separated portnames: <CR>
The initiator group has an associated OS type.
The following are currently supported: solaris,
windows, hpux, aix, linux, netware or vmware.
OS type of initiator group "iWIN_fcp" [windows]:
windows
The LUN will be accessible to all the initiators

in the initiator group. Enter '?' to display LUNs
already in use by one or more initiators in group
"iWIN_fcp".
LUN ID at which initiator group "iWIN_fcp" sees
"/vol/SAN/lun1" [0]: 0
LUN SETUP: LUN MASKING
11 - 29
30
lun setup: Summary and Confirmation

LUN Path
: /vol/winvol/tree1/lun0
OS Type
: windows
Size
: 12.0g (12889013760)
Comment
: Windows LUN
Initiator Group
: salesigroup
Initiator Group Type
: iSCSI
Initiator Group Members : iqn.199105.com.microsoft:slu2-win.edsvcs.netapp.com
Mapped to LUN-ID
: 0
Do you want to accept this configuration? [y]: y
Do you want to create another LUN? [n]: n
LUN SETUP: SUMMARY AND CONFIRMATION
11 - 30
31
Verifying a New LUN

Verify the LUN:
system> lun show m

LUN path
Mapped to
LUN ID
-----------------------------------------------/vol/winvol/tree1/lun0 salesigroup
0
VERIFYING A NEW LUN
11 - 31
32
NetApp System Manager: LUN Setup
To configure
LUNs
NETAPP SYSTEM MANAGER: LUN SETUP
11 - 32
33
NetApp System Manager: LUN Name
Recommended workflow
creates a FlexVol
container if possible
(1X + autogrow, autodelete)
NETAPP SYSTEM MANAGER: LUN NAME
11 - 33
34
NetApp System Manager: LUN Container
Items are filtered by

free space according to
the requested LUN size
NETAPP SYSTEM MANAGER: LUN CONTAINER
11 - 34
35
NetApp System Manager: Initiators
NETAPP SYSTEM MANAGER: INITIATORS
11 - 35
36
NetApp System Manager: Initiator Selection
NETAPP SYSTEM MANAGER: INITIATOR SELECTION
11 - 36
37
NetApp System Manager: LUN Summary
NETAPP SYSTEM MANAGER: LUN SUMMARY
11 - 37
38
NetApp System Manager: LUN Management
The newly created

LUN
NETAPP SYSTEM MANAGER: LUN MANAGEMENT
11 - 38
39
NetApp System Manager: igroups
The newly created

igroup
NETAPP SYSTEM MANAGER: IGROUP
11 - 39
40
Accessing a LUN
ACCESSING A LUN
11 - 40
41
Scanning For a New LUN
Select Disk
Management
Right-click and select

Rescan Disks.
SCANNING FOR A NEW LUN

After creating a LUN with the lun setup command or with NetApp System Manager, use Windows Disk
Management on the host to prepare the LUN for use. The new LUN should be visible as a local disk. If it is
not, click the Action button in the toolbar, and then click Rescan Disks.
11 - 41
Initializing a New LUN
The LUN
appears
The LUN
is offline
Right-click
and select
Initialize.
INITIALIZING A NEW LUN
11 - 42
Provisioning a New LUN
The wizard will launch
Right-click and select

New Simple Volume.
PROVISIONING A NEW LUN

To open the New Simple Volume Wizard, right-click the bar that represents the unallocated disk space, and
then select New Simple Volume. Or, from the Action drop-down menu in the Computer Management
window, you can click All Tasks > New Simple Volume.
11 - 43
Volume Size and Mount Options
Specify the volume size.
Specify the method

to mount.
45
VOLUME SIZE AND MOUNT OPTIONS

Choose the partition size and drive letter. Accept the default drive assignment or use the drop-down list to
select a different drive.
11 - 44
Format and Summary Pages
Specify the format.
Verify the configuration

and click Finish.
The LUN is now ready to use.

46
FORMAT AND SUMMARY PAGES

Partition the drive using the settings shown, but change the Volume Label to an appropriate Windows volume
name that represents the LUN you are creating.
11 - 45
SAN Management
SAN MANAGEMENT
11 - 46
47
SAN Management
NetApp provides a number of SAN
management techniques to simplify block
storage administration.
This module focuses on:
SnapDrive data management software
NetApp DataMotion for Volumes data migration
software
NAS and SAN traffic over the same connection
with NetApp Unified Connect
SAN MANAGEMENT
11 - 47
48
SnapDrive
SnapDrive software can create a LUN on the
storage system and automatically attach it to
the client host.
SnapDrive software, which ensures consistent
LUN Snapshot copies, is available:
On the Support site to manage a LUN from a
supported Client
For the Windows, Oracle Solaris, Linux,
IBM AIX, and HP-UX platforms
NOTE: If SnapDrive software is used to create a LUN, you must use
SnapDrive to manage that LUN. Do not use the CLI to delete, rename, or
otherwise manage a LUN that was created by SnapDrive.
49
SNAPDRIVE
SnapDrive is server management software for Windows 2000 Server, Windows Server 2003, and Windows
Server 2008 systems. SnapDrive provides virtual-disk and Snapshot management on the client side. Use
SnapDrive to create FC or iSCSI LUNs on a Windows host.
SnapDrive includes three main components:
1. Windows 2000 service
2. Microsoft Management Console (MMC) plug-in
3. CLI
SnapDrive includes the same features of the lun setup command on the storage system, but can also add
LUNs to the Windows host and integrate the use of LUNs into other NetApp applications, such as
SnapManager management software.
11 - 48
DataMotion for Volumes Software
1. Data Copy Phase
2. Cutover Phase
aggr1
aggr2
LUN
Also called nondisruptive volume move (NDVM)

Transparent from hosts that connect by means of SAN
protocols (NAS not supported)
Requires Data ONTAP 8.0.1 7-Mode operating system
and later
No special license
50
DATAMOTION FOR VOLUMES SOFTWARE

NetApp DataMotion for Volumes is a new feature for FAS and V-Series disk shelves. This feature was
introduced in the Data ONTAP 8.0.1 operating system to enable nondisruptive movement of volumes from
one aggregate to another. The DataMotion for Volumes feature is currently limited to 7-Mode volumes with
LUNs that use block storage networking protocols, including FC, FCoE, and iSCSI. NetApp DataMotion for
Volumes was referenced internally as nondisruptive volume migration (NDVM). It is an extension of the
NetApp DataMotion suite of offerings and the data mobility component of the NetApp cloud initiative,
highlighting the flexibility of NetApp solutions in the dynamic data center.
The value of NetApp DataMotion for Volumes is to support nondisruptive operations by enabling a volume to
be moved from one aggregate to another, without disruption to host application, to facilitate:
Load balancing: address hot spots

Capacity management: capacity spillover
Hardware servicing or upgrades
Performance optimization between classes of storage media (FC, SAS, SSD, SATA)
NetApp DataMotion
(for vFiler)
NetApp DataMotion
for Volumes
Protocols supported
NFS, iSCSI
iSCSI, FCP, FCoE
Moves data
Two different controllers on Aggregates within the same

two different HA pairs
controller
Supported Data ONTAP version
7.3.3+ only, no 8.0.x
8.0.1+
Management
Provisioning Manager only
CLI only
vFiler support
Data must be in a vFiler unit Data cannot be in a vFiler unit
11 - 49
DataMotion for Volumes Details

Start move:
system> vol move start src_vol dest_aggr
View status of move:

system> vol move status [src_vol] [-v]
Pause move:
system> vol move pause src_vol
Resume move:
system> vol move resume src_vol
Abort move:
system> vol move abort src_vol
By default, NDVM automatically executes the cutover phase

Manual cutover:
system> vol move start src_vol dest_aggr m
system> vol move cutover src_vol [-w cutover_time]
51
DATAMOTION FOR VOLUMES DETAILS

By default, a nondisruptive volume move (NDVM) automatically enters cutover when it determines that the
destination volume can be synchronized with the source volume in fewer than 60 seconds. If the volume
move is unable to complete automatic cutover in the specified number of cutover attempts, you can initiate
manual cutover. Users have an option to disable this automatic cutover from NDVM and use a manual
cutover with the m switch on the vol move start command. With the manual cutover option, NVDM
simply keeps creating SnapMirror updates from the source to the destination volume, reporting the amount of
data that is transferred, along with the time to transfer the data, but without computing the delta blocks
between the two volumes.
Users must carefully examine the EMS logs and note the delta between the source and destination volumes
before initiating a manually triggered cutover for NDVM.
NOTE: The source volume cannot be exported in the /etc/exports file for the move operation to succeed.
11 - 50
Unified Connect
In the Data ONTAP 8.0.1 7-Mode operating system, NetApp introduces
Unified Connect:
Consolidating FCoE and IP-based traffic over the same connection

Including support for FC to FCoE implementation
Host
Bus
Adapter
Converged
Network
Adapter
Fibre Channel Module
1/2/4G FIBRE CHANNEL
L1
L2 MGMTO
MGMT1
CONSOLE
10 11
12
13
14 15
16
17
10 19
20
N5K-M1008
PS2
PS1
SLOT2
Cisco Nexus 5010

STAT
X1139A Unified Target

Adapter
10-Gb Connections
PROPERLY SHUT DOWN SYSTEM BEFORE OPENING CHASSIS.
PCI 1
PCI 3
PCI 2
LNK
0a
0b
e0a
e0b
RLM
LNK
PCI 4
e0c
e0d
LNK
0c
0d
LNK
For detailed information regarding Unified Connect, please see

NetApp Unified Connect Technical Overview and Implementation
52
UNIFIED CONNECT
In data the ONTAP 8.0.1 7-Mode operating system, NetApp is pleased to introduce Unified Connect, which
supports both FCoE and IP-based traffic over the same 10-Gb connection. Unified Connect enables standard
Fibre Channel (FC) host bus adapter (HBA) traffic from the host initiator to be mapped to the unified target
adapter (UTA) on the storage. Unified Connect supports complete end-to-end connection between a
converged network adapter (CNA) and the UTA. For more information, please see the NetApp Unified
Connect Technical Overview and Implementation Web-based course.
11 - 51
Other SAN Administration Resources

For more information about SAN administration,
see the SAN Implementation Workshop
instructor-led course.
Configuring Linux hosts for FCP and iSCSI
Configuring Windows hosts for FCP and iSCSI
Creating FCP and iSCSI LUNs from the CLI
Creating FCP and iSCSI LUNs from SnapDrive with
Windows
SAN in a high-availability controller configuration
SAN performance tuning
SAN troubleshooting
53
OTHER SAN ADMINISTRATION RESOURCES

SnapDrive for Windows provides an interface for Windows to interact with LUNs directly.
SnapDrive also:
Enables online storage configuration, LUN expansion, and streamlined management

Integrates Snapshot technology to create point-in-time images of data that is stored in LUNs
11 - 52
Module Summary
Explain the purpose of a SAN
Identify supported SAN configurations
Distinguish between FC, FCoE, and iSCSI protocols
Define a LUN and explain LUN attributes
Use the lun setup command and NetApp System
Manager to create iSCSI-attached LUNs
Access and manage a LUN from a Windows host
Define SnapDrive data management software and its
features
MODULE SUMMARY
11 - 53
54
Exercise
Module 11: SAN
EXERCISE
11 - 54

List the SAN protocols that are supported by
NetApp.
What are the functions of a LUN?
What are the methods of creating a LUN?
Why would you use SnapDrive in a SAN
environment?
11 - 55
56
Snapshot Copies
Module 12
SNAPSHOT COPIES
12 - 1
Data ONTAP 7-Mode Administration: Snapshot Copies
Module Objectives
Describe the function of Snapshot copies
Explain the benefits of Snapshot copies
Identify and execute Snapshot commands
Create and delete Snapshot copies
Configure and modify Snapshot options
Explain the importance of the .snapshot directory
Describe how Snapshot technology allocates disk
space for volumes and aggregates
Schedule Snapshot copies
Configure and manage the Snapshot copy reserve
MODULE OBJECTIVES
12 - 2
Overview
OVERVIEW
12 - 3
Snapshot Technology
A Snapshot copy is a read-only image of the active file
system at a point in time.
The benefits of Snapshot technology are:
Nearly instantaneous application data backups
Fast recovery of data lost due to:
Accidental data deletion
Accidental data corruption
Snapshot technology is the foundation for these

NetApp products:
SnapManager
SnapRestore
SnapMirror
SnapDrive
SnapVault
FlexClone
SNAPSHOT TECHNOLOGY
Snapshot technology is a key element in the implementation of the WAFL (Write Anywhere File Layout)
file system:
A Snapshot copy is a read-only, space-efficient, point-in-time image of data in a volume or aggregate.
A Snapshot copy is only a picture of the file system, and it does not contain any data file content.
Snapshot copies are used for backup and error recovery.
The Data ONTAP operating system automatically creates and deletes Snapshot copies of data in volumes to
support commands that are related to Snapshot technology.
12 - 4
Taking a Snapshot Copy
Disk Blocks
Active Data
Snapshot
File or LUN X
File or LUN X
Blocks are frozen on disk
Consistent point-in-time copy

Ready to use (read-only)
Consumes no space*
* With the exception of the 4-KB replicated root
inode block that defines the Snapshot copy
TAKING A SNAPSHOT COPY

Before a Snapshot copy is created, there must be a file system tree that points to data blocks, which contain
content. When the Snapshot copy is created, the file structure metadata is saved. The Snapshot copy points to
the same data blocks as the file structure metadata that was existing upon creation of the Snapshot copy.
There is no significant impact on disk space when a Snapshot copy is created. Because the file structure takes
up little space, and no data blocks must be copied to disk, a new Snapshot copy consumes almost no
additional disk space. In this case, the phrase consumes no space really means no appreciable space. The
so-called top-level root inode, which contains metadata that is necessary to define the Snapshot copy, is 4
KB.
12 - 5
Changing Data
Disk Blocks
Active Data
Snapshot
File or LUN X
File or LUN X
Client sends new data for block C
New
Data
The active version of file X is now composed of blocks A, B, and C.

The Snapshot version of file X remains composed of blocks A, B, and C.
The WAFL file system automatically updates active data to a new
consistent state.
CHANGING DATA
Snapshot copies begin to use space when data is deleted or modified. The WAFL file system writes the new
data to a new block (C) on the disk and changes the root structure for the active file system to point to the
new block.
Meanwhile, the Snapshot copy still references the original block C. Any time that a Snapshot copy references
a data block, the block remains unavailable for other uses, which means that Snapshot copies start to consume
disk space only when the file system changes after a Snapshot copy is created.
12 - 6
Snapshot Copies and Inodes

A Snapshot copy saves the current copy of the
root inode of a volume.
Each volume can contain up to 255 Snapshot
copies.
The inodes of Snapshot copies are read-only.
When the Snapshot inode is created:
The Snapshot copy points to exactly the same
disk blocks as the root inode.
New Snapshot copies consume only the space
that is required for the inode itself.
SNAPSHOT COPIES AND INODES

A Snapshot copy is a frozen, read-only image of a traditional volume, a FlexVol volume, or an aggregate
that reflects the state of the file system at the time that the Snapshot copy was created. Snapshot copies are
your first line of defense for backing up and restoring data. You can configure the Snapshot copy schedule.
12 - 7
Inodes
An inode is a 192-byte data structure that is
used to represent file system objects, such as
files and directories.
An inode describes a files attributes, including
this information:
Type of file (regular file, directory, link, and so on)

Size
Owner, group, permissions
Pointer to xinode access control lists (ACLs)
Complete file data if the file is 64 bytes or less
Pointers to data blocks
INODES
WAFL inodes are similar to Berkeley FFS (Fast File System) inodes. Veritas and Microsoft file systems
are based on the Berkeley FFS, which forces writes to preallocated locations. The primary difference is in the
way that the WAFL file system writes contiguous data and metadata blocks to the next available block instead
of to predefined locations.
The most important metadata file is the root inode, which contains the inodes that describe all of the other
files in the file system. The root inode has a fixed disk location.
12 - 8
Managing Inodes
If there are no inodes available, the system
cannot write files or take Snapshot copies.
To verify the number of inodes:
system> df -i
To increase the maximum:

system> maxfiles
MANAGING INODES
For file sizes between 64 GB and 8 TB, the single-indirect blocks in Level 3 inodes become double-indirect
blocks. These double-indirect blocks reference 1024 single-indirect blocks, which then reference up to 1024
4-KB data blocks.
df -i
The df -i command displays the number of inodes in a volume. For more information about this command,
see the manual pages (using the man command).
maxfiles
The maxfiles command increases the number of inodes that are designated in a volume. For more
information about this command, see the manual pages.
12 - 9
Creating Snapshot
Copies
CREATING SNAPSHOT COPIES
12 - 10
10
Snapshot Copy Reserve

Administrators can make Snapshot copies of:
Aggregates
The aggregate default for Snapshot copy reserve is 5% of
the aggregate.
Restoring an aggregate Snapshot copy restores all volumes
within that aggregate.
Volumes
The volume default for Snapshot copy reserve is 20% of the
volume.
Administrators can restore the entire volume or one or more
files.
To change the amount of Snapshot copy reserve:
system> snap reserve [ -A | -V ] [aggr or vol]

[percent]
11
SNAPSHOT COPY RESERVE

Volumes
Snapshot copies for traditional and flexible volumes are stored in special subdirectories that can be made
accessible to Windows and UNIX clients so that users can access and recover their own files without
assistance. The maximum number of Snapshot copies per volume is 255.
Aggregates
In an aggregate, 5% of space is reserved for Snapshot copies. In normal, day-to-day operations, aggregate
Snapshot copies are not actively managed by a system administrator. For example, the Data ONTAP
operating system automatically creates Snapshot copies of aggregates to support commands that are related to
the SnapMirror software, which provides volume-level mirroring.
NOTE: Even if the Snapshot copy reserve is 0%, you can still create Snapshot copies. If there is no Snapshot
copy reserve, Snapshot copies take their blocks from the active file system.
12 - 11

Aggregates
Each aggregate has 5% allocated for

Snapshot copy reserve.
Aggregate Space
Flexible Volumes
Each volume has 20% allocated for

Snapshot copy reserve. The
remainder is used for client data.
Active File
System
80%
Snap Reserve
20%
The amount of space that is allocated

for Snapshot copy reserve is
adjustable. To use this space for data
(not recommended), you must
manually override the allocation that is
reserved for Snapshot copies.
Snapshot Copy Reserve 5%
SNAPSHOT COPY RESERVE
12 - 12
12
CLI: Snapshot Creation

Snapshot copies can be:
Scheduled
Manual
To manually create Snapshot copies, use either

argument with snap create:
system> snap create [ -A | -V ] [aggr|vol]
[snapshot_name]
To rename Snapshot copies:
system> snap rename [ -A | -V ] [aggr|vol]

[old_filename] [new_filename]
13
CLI: SNAPSHOT CREATION

In the snap command, option -A is used for aggregates and option -V is used for volumes. If neither -A nor
-V is specified, volume is the default.
This table lists the commands that are used to create and manage Snapshot copies. If you omit the volume
name from any of these commands, the command will apply to the root volume.
EXAMPLE
snap create engineering test
snap list engineering
snap delete engineering test
snap delete a vol2
snap rename engineering
nightly.0 firstnight.0
snap reserve vol2 25
snap sched vol2 0 2 6 @ 8, 12,
16, 20
12 - 13
RESULT
Creates a Snapshot copy called test in the
engineering volume.
Lists all available Snapshot copies in the
engineering volume.
Deletes the Snapshot copy test in the
engineering volume.
Deletes all Snapshot copies in vol2.
Renames the Snapshot copy from nightly.0 to
firstnight.0 in the engineering volume.
Changes the Snapshot copy reserve to 25% on
vol2.
Sets the automatic schedule on vol2 to save
these weekly Snapshot copies: 0 weekly, 2
nightly, and 6 hourly at 8 a.m., 12 p.m., 4 p.m.,
and 8 p.m.
NetApp System Manager: Snapshot Copies
Select the volume

and Snapshot > Create
to create a new Snapshot copy.
NETAPP SYSTEM MANAGER: SNAPSHOT COPIES
12 - 14
14
The newly created

Snapshot copy
12 - 15
15
NetApp System Manager: LUN Snapshot
Be certain that
LUN snapshot copies
are consistent.
NETAPP SYSTEM MANAGER: LUN SNAPSHOT
12 - 16
16
Scheduling Snapshot
Copies
SCHEDULING SNAPSHOT COPIES
12 - 17
17
Scheduling Snapshot Copies

Default schedule (Volume vol0: 0 2 6@8,12,16,20):
Once nightly, Monday through Saturday, at midnight (12:00
a.m.)
Four hourly at 8:00 a.m., 12:00 p.m., 4:00 p.m., and 8:00 p.m.
Retains:
Two most recent nightly
Six most recent hourly
First in, first out:
NOTE: If you change the

root volumes Snapshot
schedule, all new volumes
adopt the altered schedule
by default.
Oldest nightly Snapshot copy

Oldest hourly Snapshot copy
Disable automatic Snapshot copies:
system> vol options vol nosnap [on|off]
18
SCHEDULING SNAPSHOT COPIES

Set the nosnap option to on to disable automatic Snapshot creation. You can still create Snapshot copies
manually at any time.
12 - 18
Snapshot Schedule
To print the current schedule for all volumes:
system> snap sched
To print a schedule per volume:

system> snap sched [vol]
To change the current schedule per volume:
system> snap sched

[vol [weeks[days[hours[@list]]]]]
Example:
system> snap sched vol2 0 2 6@8,12,16,20
This Snapshot schedule keeps these Snapshot copies for

vol2:
No weekly Snapshot copies
Two nightly Snapshot copies
Six hourly Snapshot copies made at 8:00 a.m., 12:00 p.m., 4:00
p.m., and 8:00 p.m.
19
SNAPSHOT SCHEDULE
The snap sched command sets a schedule to automatically create Snapshot copies and specifies how many
of each type are stored. When the limit is reached, the oldest Snapshot copy for each interval is deleted and
replaced by a new Snapshot copy.
This example shows a default schedule, which specifies that Snapshot copies will be made at 8:00, 12:00,
16:00, and 20:00 (24-hour time), and that the two most recent daily Snapshot copies and the six most recent
hourly Snapshot copies will be kept.
Snapshot copies are like a picture of a volume. The only difference between a weekly Snapshot copy and a
nightly or hourly copy is the time at which the Snapshot copy is created and any data that has changed
between the Snapshot copies.
12 - 19
To configure
volumes
Select the volume

and the Snapshot > Configure
to manage Snapshot
technology on the volume
12 - 20
20
12 - 21
21
Notice the default space allocation
12 - 22
22
Restoring Snapshot
Copies
RESTORING SNAPSHOT COPIES
12 - 23
23
Recovering Data
When you recover data, you have two options:
Copy the data from a Snapshot copy.
Use SnapRestore data recovery software.
To copy data from a Snapshot copy:

Locate the Snapshot copy.
Recover the copy from the Snapshot directory.
To overwrite the data, copy to the original
location.
For a new version, copy to a new location.
RECOVERING DATA
Using Snapshot Copies to Recover Data
To recover data, you can:
Restore a file from a Snapshot copy
Use SnapRestore data recovery software (license required)
To restore a file from a Snapshot copy:
1. Locate the Snapshot copy that contains the correct version of the file.
2. Restore the file from the .snapshot directory.
12 - 24
To overwrite existing data, copy to the original location.

To restore a writeable version, copy to a new location.
24
Snapshot Visibility to Clients

Make the .snapshot directory invisible to clients, and
turn off access to the .snapshot directory:
system> vol options vol nosnapdir [on|off]
Make the ~snapshot directory visible to CIFS clients:

system> options cifs.show_snapshot [on|off]
Make the .snapshot directory visible to NFS clients:

system> options nfs.hide_snapshot [on|off]
25
SNAPSHOT VISIBILITY TO CLIENTS

This table lists the options that are available for controlling the creation of Snapshot copies and access to
those copies and Snapshot directories on a volume:
Make the .snapshot directory invisible to clients and turn off access to the .snapshot directory. Setting the
nosnapdir option to on disables access to the Snapshot directory that is present at client mountpoints
and at the root of CIFS directories, and makes the Snapshot directories invisible. (NFS uses .snapshot for
directories, and CIFS uses ~snapshot.) By default, the nosnapdir option is off (directories are visible).
To make the ~snapshot directory visible to CIFS clients:
1.
2.
Turn the cifs.show_snapshot option on.

Turn the nosnapdir option off for each volume for which you want directories to be visible.
NOTE: You must also ensure that Show Hidden Files and Folders is enabled on your Windows system.
To make the .snapshot directory invisible to NFS clients:

Turn the nfs.hide_snapshot option on.
2. Turn the nosnapdir option off for each volume that you want directories to be visible.
1.
12 - 25
The .snapshot Directory of vol0

/
mnt
etc
usr
var
Snapshot directories exist at every level but

are visible at only the top level of the mount.
system
vol0
.snapshot Directory
home
.snapshot Directory
nightly.0
Directory
nightly.1
Directory
Files on home Files on home

(as of previous (as of nightmidnight)
before-last)
nightly.0
Directory
nightly.1
Directory
Files on vol0
Files on vol0
(as of previous (as of nightmidnight)
before-last)
26
THE .SNAPSHOT DIRECTORY OF VOL0

The .snapshot directory is at the root of a volume.
In this example, the directory structure is shown for an NFS client mounting vol0 to the mountpoint
/mnt/system.
12 - 26
Snapshot View from a UNIX Client

# pwd
/system/vol0/.snapshot
# ls -l
total 240
drwxrwxrwx
9 root
drwxrwxrwx
9 root
drwxrwxrwx
9 root
drwxrwxrwx
9 root
drwxrwxrwx
9 root
drwxrwxrwx
9 root
drwxrwxrwx
9 root
drwxrwxrwx
9 root
drwxrwxrwx
9 root
drwxrwxrwx
9 root
other
other
other
other
other
other
other
other
other
other
12288
12288
12288
12288
12288
12288
12288
12288
12288
12288
Jan
Jan
Jan
Jan
Jan
Jan
Jan
Jan
Jan
Jan
29
29
29
29
29
29
29
29
29
29
16:19
16:19
16:19
16:19
16:19
16:19
16:19
16:19
16:19
16:19
hourly.0
hourly.1
hourly.2
hourly.3
hourly.4
hourly.5
nightly.0
nightly.1
weekly.1
weekly.2
27
SNAPSHOT VIEW FROM A UNIX CLIENT

Snapshot Directories
Every volume in your file system contains a special Snapshot subdirectory that enables you to access earlier
versions of the file system to recover lost or damaged files.
Viewing Snapshot Copies from a UNIX Client
The Snapshot subdirectory appears to NFS clients as .snapshot. The .snapshot directories are usually hidden
and are not displayed in directory listings.
To view a .snapshot directory:
1. On the storage appliance, log in as root and ensure that the nosnapdir option is set to off.
2. To view hidden directories, from the NFS mountpoint, enter the ls command with the -a (all) option.
When client Snapshot directories are listed, the timestamp is usually the same for all directories. To find the
actual date and time of each Snapshot copy, use the snap list command on the storage system.
12 - 27
Snapshot View from a Windows Client
Snapshot copies are

visible to Windows
clients that have File
Manager configured
to display hidden
files.
28
SNAPSHOT VIEW FROM A WINDOWS CLIENT

Snapshot directories are hidden on Windows clients. To view them, you must first configure the file manager
to display hidden files, then navigate to the root of the CIFS share and find the directory folder.
The subdirectory for Snapshot copies appears to CIFS clients as ~snapshot. Files that are displayed here are
those files that are created automatically for specified intervals. Manually created Snapshot copies are also
listed here.
Restoring a File
To restore a file from the ~snapshot directory, rename or move the original file, then copy the file from the
~snapshot directory to the original directory.
12 - 28
Integration with Snapshot Copies

NetApp supports the integration of Snapshot
copy files with CIFS using Microsofts Previous
Versions tool.
To configure:
system> options cifs.ms_snapshot_mode xp
In this example,
/etc/rc was changed
and then a
Snapshot copy
of vol0 was made.
INTEGRATION WITH SNAPSHOT COPIES
12 - 29
29
SnapRestore: Creating a Snapshot Copy

Active File System
SNAP1
MYFILE
MYFILE
MyFILE is made of disk blocks A, B, and C.

The active file system is captured in Snapshot copy SNAP1.
SNAP1 points to blocks A, B, and C, so it does not use
additional disk space.
30
SNAPRESTORE: CREATING A SNAPSHOT COPY

The Data ONTAP operating system preserves pointers to all of the disk blocks currently in use at the time
that a Snapshot copy is created.
In this illustration, the active file system contains a file named MYFILE, which is made of blocks A, B, and
C.
Based on a schedule or in response to the snap create command, the active file system is captured in a
Snapshot copy named SNAP1. This Snapshot copy uses almost no additional disk space, because the version
of MYFILE within this Snapshot copy includes the same blocks as the blocks for MYFILE in the active file
system.
12 - 30
Changes to a File After a Snapshot Copy

Active File System
SNAP1
MYFILE
MYFILE
C block is modified, and WAFL (Write Anywhere File

Layout) writes the change in new disk block C.
MYFILE is now made of disk blocks A, B, and C.
Snapshot copy SNAP1 still points to disk blocks A, B, and C.
31
CHANGES TO A FILE AFTER A SNAPSHOT COPY

When a file is changed, the Snapshot copy still points to the disk blocks where the file existed before it was
modified. Changes are written to new disk blocks. Snapshot copies begin to use extra space only when
corresponding files in the active file system are changed or deleted.
In the illustration, a client modifies some data in MYFILE, causing the contents of block C to change. The
WAFL (Write Anywhere File Layout) file system uses a copy-on-write policy that writes the modified
block to a new location on disk, creating block C.
The active file system version of MYFILE is now composed of disk blocks A, B, and C, whereas the
Snapshot copy SNAP1 still points to blocks A, B, and C. Deleting MYFILE in the active file system wont
free-up disk blocks A, B, and C, because SNAP1 still has those blocks reserved.
12 - 31
Options for Restoring a File

Active File System
SNAP1
MYFILE
MYFILE
If you are testing and want to revert to MYFILE, you have

two choices:
Restore the original version of MYFILE by copying the data from the
Snapshot directory
Use SnapRestore technology
OPTIONS FOR RESTORING A FILE
12 - 32
32
Reverting a File in the Original Location

Active File System
SNAP1
MYFILE
MYFILE
When you use SnapRestore technology to revert to a file from

a Snapshot copy in the original location:
The original file (composed of blocks A, B, and C) is restored to
the active file system.
The change block (C) is unallocated.
REVERTING A FILE IN THE ORIGINAL LOCATION
12 - 33
33
Restoring a File to a New Location

Active File System
SNAP1
MYFILE/MYFILE2
MYFILE
When you use SnapRestore technology to restore a file from a

Snapshot copy to a new location:
The original file (A, B, and C) is copied to a new location on the
disk (D, E, and F).
The new file can be in the same location as the original file or in
an alternative location.
RESTORING A FILE TO A NEW LOCATION
12 - 34
34
Reverting and Restoring a File

1. Verify that the volume is online and writable.
2. List the Snapshot copies in the volume:
system> snap list volume_name
3. Notify network users about the reversion.

4. Initiate the reversion:
system> snap restore -t file s snapshot

path_and_file
5. Use the r option to restore a file to a different

location
system> snap restore -t file -s snapshot
r new_path_and_file old_path_and_file
35
REVERTING AND RESTORING A FILE

Follow these steps to restore a single file.
1. Verify that the volume is online and writable.
2. List the Snapshot copies in the volume.
system> snap list volume_name
3. Notify network users that you are going to revert a file.
4. If you know the name of the Snapshot copy, initiate the reversion using this command:
system> snap restore -t file -s snapshot_name path_and_file_name
-t file indicates that a file SnapRestore is to be performed.

snapshot_path_and_file_name is the complete path to the name of the file to be reverted.
The Data ONTAP operating system displays a warning message and prompts you to confirm your decision to
revert the file. Press Y to confirm that you want to revert the file. If you do not want to proceed, enter Ctrl-C
or N for no.
If the file already exists in the active file system, it will be overwritten by the version in the Snapshot copy.
12 - 35
SnapRestore Technology Versus Copying

If a file is large (such as a database), you
should revert it with SnapRestore technology
rather than copying the file:
Copying requires double the storage and time
Reverting saves time and reinstates the data
NetApp recommends SnapRestore technology
over alternative technologies to ensure reliability
For more information about using SnapRestore

technology to revert volumes and aggregates,
see the NetApp Protection Software
Administration course
36
SNAPRESTORE TECHNOLOGY VERSUS COPYING

Restoring large quantities of data takes a long time if you either copy files from a Snapshot copy or restore
them from tape. Instead, use SnapRestore technology to save time.
12 - 36
FlexClone Technology
FLEXCLONE TECHNOLOGY
12 - 37
37
FlexClone Volume Clones

FlexClone technology:
Enables the creation of multiple, instant
dataset clones with no storage overhead
Provides dramatic improvement for application
test and development environments
38
FLEXCLONE VOLUME CLONES

FlexClone volume clones provide an efficient way to copy data for:
Manipulation
Projection operations
Upgrade testing
The Data ONTAP operating system enables you to create a volume duplicate in which the original volume
and clone volume share the same disk space for storing unchanged data.
12 - 38
How Volume Cloning Works

Volume cloning:
Aggregate
FlexVol Volume
Parent
Snapshot
copy of
Parent
Clone
Starts with a volume

Makes a Snapshot copy
of the volume
Creates a clone (a new
volume based on the
Snapshot copy)
Modifications of the
original volume are
separate from
modification of the
cloned volume.
Result: Independent
volume copies are
efficiently stored.
39
HOW VOLUME CLONING WORKS

FlexClone volumes are managed similarly to regular FlexVol volumes, with a few key differences. Consider
these important facts about FlexClone volumes:
FlexClone volumes are a point-in-time, writable copy of the parent volume. Changes made to the parent
volume after the FlexClone volume is created are not reflected in the FlexClone volume.
You can only clone FlexVol volumes. To create a copy of a traditional volume, you must use the
vol copy command, which creates a distinct copy with its own storage.
FlexClone volumes are fully functional volumes that are managed, as with the parent volume, by using
the vol command. Likewise, FlexClone volumes can be cloned.
FlexClone volumes always exist in the same aggregate as parent volumes.
FlexClone volumes and parent volumes share the same disk space for common data. This means that
creating a FlexClone volume is instantaneous and requires no additional disk space (until changes are
made to the clone or parent).
A FlexClone volume is created with the same space guarantee as the parent.
You can sever the connection between the parent and the clone. This is called splitting the FlexClone
volume. Splitting removes all restrictions on the parent volume and causes the FlexClone to use its own
storage.
IMPORTANT: Splitting a FlexClone volume from its parent volume deletes all existing Snapshot copies of
the FlexClone volume and disables the creation of new Snapshot copies while the splitting operation is in
progress.
Quotas that are applied to a parent volume are not automatically applied to the clone.
When a FlexClone volume is created, existing LUNs in the parent volume are also present in the
FlexClone volume, but these LUNs are unmapped and offline.
12 - 39
NetApp System Manager: FlexClone
Select the volume and

click Snapshot > Clone.
NOTE: FlexClone software must be licensed first.
NETAPP SYSTEM MANAGER: FLEXCLONE CREATION
12 - 40
40
NetApp System Manager: FlexClone Setup
NETAPP SYSTEM MANAGER: FLEXCLONE SETUP
12 - 41
41
Flexible Volume Clone Syntax

Use the vol clone create command to create a flexible
volume clone.
system> vol clone create <vol> [-s none|file|
volume] -b <parentvol> [parent_snapshot>]
This is an example of a CLI entry that is used to create a flexible
volume clone:
system> vol clone create clone1 b flexvol1 snap1
system> vol status clone1
Volume State
Status
Options
clone1 online raid_dp, flex
guarantee=volume(disabled)
Clone, backed by volume snap1 snapshot
clone_clone1.1'
Containing aggregate: 'aggr1'
FLEXIBLE VOLUME CLONE SYNTAX
12 - 42
42
Splitting Volumes
Volume 1
Snapshot Copy
of Volume 1
Cloned
Volume
With a volume and a

Snapshot copy of that
volume, create a clone
of that volume.
Split volumes when
most of the data on a
volume is not shared.
Replicate shared blocks
in the background.
Result:
A new, permanent volume
is created for forking
(branching) project data.
43
SPLITTING VOLUMES
Splitting a FlexClone volume from its parent removes any space optimizations that are currently employed by
the FlexClone volume. After the split, both the FlexClone volume and the parent volume require the full
space allocation that is specified by their space guarantees. After the split, the FlexClone volume becomes a
normal FlexVol volume.
When splitting clones, consider these important facts:
When you split a FlexClone volume from its parent, all existing Snapshot copies of the FlexClone volume
are deleted.
During the split operation, no new Snapshot copies of the FlexClone volume can be created.
Because the clone-splitting operation is a copy operation that could take some time to complete, the Data
ONTAP operating system provides the vol clone split stop and vol clone split status
commands to stop clone-splitting or to check the status of a clone-splitting operation.
The clone-splitting operation is executed in the background and does not interfere with data access to
either the parent or the clone volume.
If you take the FlexClone volume offline while clone-splitting is in progress, the operation is suspended.
When you bring the FlexClone volume back online, the splitting operation resumes.
After a FlexClone volume and its parent volume have been split, they cannot be rejoined.
12 - 43
The vol clone split Command

To start a FlexClone split:
system> vol clone split start vol
To stop a FlexClone split:
system> vol clone split stop vol
To view the status of a FlexClone split:

system> vol clone split status [vol]
To estimate the time to complete a

FlexClone split:
system> vol clone split estimate [vol]
44
THE VOL CLONE SPLIT COMMAND

How to View the Results of a clone split Command
Example:
vol clone split status:
vol clone split start clone1
Tue Oct 12 23:49:43 GMT [wafl.scan.start:info]: Starting volume clone
split on volume clone1.
Clone volume 'clone1' will be split from its parent.
Monitor system log or use 'vol clone split status' for progress.
vol clone split status
Volume 'clone1', 117193 of 364077 inodes processed (32%)
18578 blocks scanned. 18472 blocks updated.
12 - 44
Space Usage
SPACE USAGE
12 - 45
45
Using the CLI to Monitor Space Used

To monitor space that is used for Snapshot copies, use:
From the CLI:
system> snap list
To determine how much space you will get back:

system> snap reclaimable
system> snap delta
To delete a space to recover space:

A particular Snapshot copy:
system> snap delete [ -A | -V ] [aggr|vol]

[snapshot_name]
All Snapshot copies:
system> snap delete [ -A | -V ] -a [aggr|vol]
USING THE CLI TO MONITOR SPACE USED
12 - 46
46
The snap list Command

system> snap list
Volume vol0
working...
%used
%total
-----------0% (0%)
0% (0%)
17% (20%) 1% (1%)
33% (20%) 2% (1%)
%used
This column shows the

relationship between
accumulated Snapshot
copies and the total disk
space that is consumed
by the active file
system. Values in
parentheses show the
contribution of this
individual Snapshot
copy.
date
-----------Apr 20 12:00
Apr 20 10:00
Apr 20 08:00
%total
This column shows the

relationship between
accumulated Snapshot
copies and the total
disk space that is
consumed by the
volume. Values in
parentheses show the
contribution of this
individual Snapshot
copy.
date
name
-------hourly.0
hourly.1
hourly.2
This column shows

the date and time
that the Snapshot
copy was made.
Time is indicated
on the 24-hour
clock, and in this
example reflects the
hours that are set in
the automatic
Snapshot schedule.
name
Scheduled Snapshot
copies are
automatically
renumbered as new
copies are made, so
that the most recent
copy is always 0.
This numbering
scheme ensures
that the file with the
highest number
is always the oldest.
47
THE SNAP LIST COMMAND

The snap list command displays a single line of information for each Snapshot copy in a volume. In the
Snapshot List Example shown here, a list of Snapshot copies is displayed for the engineering volume. The list
consists of these columns:
%used: Shows the relationship between accumulated Snapshot copies and the total disk space that is
consumed by the active file system. Values in parentheses show the contribution of this individual
Snapshot copy.
%total: Shows the relationship between accumulated Snapshot copies and the total disk space that is
consumed by the volume. Values in parentheses show the contribution of this individual Snapshot copy.
date: Shows the date and time that the Snapshot copy was made. Time is indicated on the 24-hour clock
and, in this example, reflects the hours that are set in the automatic Snapshot copy schedule.
name: Lists the names of each of the saved Snapshot copies. Scheduled Snapshot copies are
automatically renumbered as new ones are created, so that the most recent copy is always 0. This
numbering scheme ensures that the file with the highest number (in this case, hourly.2) is always the
oldest Snapshot copy.
Examples: snap list
The examples that follow demonstrate how the %used values in the snap list command output relate to
the size of Snapshot copies, and how to determine which Snapshot copies to delete to reclaim the most space.
12 - 47
snap reclaimable and snap delta

snap reclaimable
system> snap reclaimable vol0 hourly.0 nightly.0
Processing (Press Ctrl-C to exit) ...................
snap reclaimable: Approximately 47108 Kbytes would
be freed.
snap delta (provides the rate of change)

system> snap delta vol0
Volume vol0
working...
From Snapshot To
kB changed Time
Rate(kB/hour)
------------------------------------------------------nightly.0
AFS
46932
0d 23:00 3911.000
nightly.1
nightly.0 16952
1d 00:00 4237.705
nightly.2
nightly.1 16952
1d 00:00 4237.705
48
SNAP RECLAIMABLE AND SNAP DELTA

The snap delta command displays the rate of change of data between Snapshot copies.
snap delta [ vol_name [ snap ] [ snap ]]
When you use the snap delta command without any arguments, it displays the rate of change of data
between Snapshot copies for all volumes in the systemor in the case of in the case of snap delta A,
all aggregates. If you specify a volume, the rate of change of data is displayed for that particular volume. You
can make the query more specific by specifying the beginning and ending Snapshot copies to display the rate
of change between them for a specific volume. If you dont specify an ending snapshot copy, the rate of
change of data between the beginning Snapshot copy and the Active File System is displayed.
The rate of change information is displayed in two tables. In the first table, each row displays the differences
between two successive Snapshot copies. The first row displays the differences between the youngest
snapshot copy in the volume and the Active File System. Each subsequent row displays the difference
between the next older snapshot copy and the previous Snapshot copy, stepping through all of the Snapshot
copies in the volume until the information for the oldest Snapshot copy is displayed. Each row displays the
names of the two Snapshot copies that are being compared, the amount of data that changed between them,
how long the first snapshot copy that is listed has been in existence, and how fast the data changed between
the two Snapshot copies.
The second table shows the summarized rate of change for the volume between the oldest Snapshot copy and
the Active File System.
12 - 48
Snapshot Automatic Delete

The autodelete option determines when (or if)
Snapshot copies are automatically deleted. This option
is set at the volume level.
system> snap autodelete vol [on|off|show|reset]
If autodelete is enabled, then options are available:

system> snap autodelete vol option value
Options
commitment
trigger
target_free_space
delete_order
defer_delete
prefix
Value
try, disrupt
volume, snap_reserve, space_reserve
1-100
oldest_first, newest_first
scheduled, user_created, prefix, none
<string>
SNAPSHOT AUTOMATIC DELETE
12 - 49
49
Using snap autodelete: commitment

A snap autodelete will delete Snapshot
copies based upon the commitment criterion:
The user can protect certain kinds of Snapshot copies
from deletion.
The commitment option maybe either:
try
Deletes snapshot copies that are not being used by any
data mover, recovery, or clones that are not locked.
disrupt
Deletes snapshot copies that are locked by applications that
move data (such as the SnapMirror application), dump data, and
restore data (mirror and dumps are aborted).
USING SNAP AUTODELETE: COMMITMENT
12 - 50
50
Using snap autodelete: trigger

A snap autodelete occurs when the trigger
criterion is met:
volume
The volume is nearly full (98%)
snap_reserve
The Snapshot copy reserve is full
space_reserve
The space that is reserved is nearly full (useful for
volumes with fractional_reserve < 100)
USING SNAP AUTODELETE: TRIGGER
12 - 51
51
Using target_free_space
A snap autodelete stops when the free
space in the trigger criteria reaches a userspecified percentage.
This percentage is controlled by the value of
target_free_space.
The default percentage is 20%.
USING TARGET_FREE_SPACE
12 - 52
52
Using snap autodelete: order

The order in which Snapshot copies are
deleted is specified by the delete_order
option, which defines the age order.
If the value is set to:
oldest_first
Delete oldest Snapshot copies first.
newest_first
Delete newest Snapshot copies first.
USING SNAP AUTODELETE: ORDER
12 - 53
53
Using snap autodelete: defer_delete

The defer_delete option defines the order for
deletion.
If the value is set to:
scheduled
Delete the scheduled Snapshot copies last (identified by the
scheduled Snapshot naming convention).
user_created
Delete the administrator-created Snapshot copies last.
prefix
Delete the Snapshot copies with names that match the prefix
string last.
The prefix option value pair is considered only when

defer_delete is set to prefix.
Otherwise, it is ignored
USING SNAP AUTODELETE: DEFER_DELETE
12 - 54
54
NetApp System Manager: Monitoring
The space that is

consumed
in the volume
NETAPP SYSTEM MANAGER: MONITORING
12 - 55
55
Module Summary
Describe the function of Snapshot copies
Explain the benefits of Snapshot copies
Identify and execute Snapshot commands
Create and delete Snapshot copies
Configure and modify Snapshot options
Explain the importance of the .snapshot directory
Describe how Snapshot technology allocates disk
space for volumes and aggregates
Schedule Snapshot copies
Configure and manage the Snapshot copy reserve
MODULE SUMMARY
12 - 56
56
Exercise
Module 12: Snapshot Copies
EXERCISE
12 - 57

What is a Snapshot copy?
What are some of the NetApp products that
are based on Snapshot technology?
What are some of the Snapshot commands?
What is the Snapshot schedule syntax?
12 - 58
58
Space Management
Module 13
SPACE MANAGEMENT
13 - 1
Data ONTAP 7-Mode Administration: Space Management
Module Objectives
List storage efficiency techniques available within
the Data ONTAP operating system
State factors that impact space consumption in the
Describe how and when a volume consumes
space from its containing aggregate
Explain how to guarantee writes for a file
Discuss how the Data ONTAP operating system
can provide more space to a full volume
State deduplication and compression techniques
available in the Data ONTAP operating system
MODULE OBJECTIVES
13 - 2
Factors
FACTORS
13 - 3
Compounding Effect of Storage Efficiency

Unchecked Data Growth
SATA Drives and Flash Cache
Storage
Costs
RAID-DP Technology
Thin Provisioning
Snapshot Technology
Capacity Requirements
2011 NetApp, Inc. All rights reserved.NetApp Confidential - Limited Use
COMPOUNDING EFFECT OF STORAGE EFFICIENCY

NetApp provides a number of storage efficiency technologies that can dramatically reduce storage costs and
still provide the capacity that you need to meet an ever growing demand.
13 - 4
Full and Thin Provisioning of Volumes

Administrators have flexibility to manage their storage
systems by allocating volumes as:
Full provisioning of volumes (space guarantee)
Requires space to be reserved for the volume within the
aggregate at the volumes creation
Uses default allocation
Cannot overcommit an aggregate
Simplifies storage management
Thin provisioning of volumes (no space guarantee)

Does not require space to be reserved for the volume within
the aggregate at the volumes creation
Enables more aggressive allocation
Can overcommit an aggregate
Requires complex storage management
FULL AND THIN PROVISIONING OF VOLUMES
13 - 5
Space Reservations
Within a volume, whether it uses full provisioning or thin
provisioning, all files, whether a LUN or a NAS file, can:
Have space reservations (default for LUNs)
Requires reserving space within the volume so that the entire
file can be overwritten, even if blocks are retained by a
Snapshot copy
Writes to the file succeed
Requires simpler management
Not have space reservations (default for NAS file)

Does not require reserving space within the volume
Writes to the file might fail
Requires active space monitoring
See the SAN Fundamentals on Data ONTAP Webbased course for more information on LUN reservations
SPACE RESERVATIONS
13 - 6
Volume Space
Guarantee
VOLUME SPACE GUARANTEE
13 - 7
Space Guarantees
Space guarantee is an attribute of a volume that is reserved in (or
set aside from) the containing aggregate.
Space guarantee parameters:
volume (default): Reserves the FlexVol volumes total size within its
containing aggregate and allows for space-reserved or nonspacereserved files.
File (not recommended): Enables the creation of a spaceguaranteed file total size within its containing nonspace-reserved
FlexVol volume.
none: Does not reserve any space for the FlexVol volume within its
containing aggregate, and allows for only nonspace-guaranteed files
Space guarantee can be set:

At the volumes creation:
system> vol create vol1 -s volume aggr1 5GB
On existing volumes:
system> vol options vol1 guarantee none
SPACE GUARANTEES
13 - 8
NetApp System Manager: Guarantees
To configure
volumes
NETAPP SYSTEM MANAGER: GUARANTEES
13 - 9
Space Guarantee Example: Aggregate

Create a five-disk aggregate:
system> aggr create aggr1 5
aggr1
df -Ag aggr1
Active
File
System
(AFS)
Total
Used
Avail
AFS (95%)
85
85
SSR (5%)
Snapshot
Reserve
(SSR)
Icon
Description
aggr1
36-GB disk
SPACE GUARANTEE EXAMPLE: AGGREGATE
13 - 10
10
Space Guarantee Example: Volume

Create a 30-GB volume:
system> vol create vol1 aggr1 30g
aggr1
df g vol1
Total
Used
Avail
AFS (80%)
24
24
SSR (20%)
Total
Used
Avail
AFS (95%)
85
30
54
SSR (5%)
df Ag aggr1
Icon
Description
aggr1
36-GB disk
Default is volume
space guarantee
SPACE GUARANTEE EXAMPLE: VOLUME
13 - 11
vol1
11
Space Guarantee Example: None Volume

Create a 30-GB vol2:
aggr1
system> vol create vol2 -s none aggr1 30g
df -g vol2
Total
Used
Avail
AFS (80%)
24
24
SSR (20%)
Total
Used
Avail
AFS (95%)
85
30
54
SSR (5%)
df Ag aggr1
Icon
Description
aggr1
36-GB disk
vol2
With a space
guarantee of none
SPACE GUARANTEE EXAMPLE: NONE VOLUME
13 - 12
vol1
12
Space Guarantee Example: Write in Vol2

Write 24 GB to vol2
aggr1
Space taken from aggregate when written
df -g vol2
Total
Used
Avail
AFS (80%)
24
24
SSR (20%)
Total
Used
Avail
AFS (95%)
85
54
30
SSR (5%)
df Ag aggr1
Icon
Description
aggr1
36-GB disk
vol2
With a space
guarantee of none
SPACE GUARANTEE EXAMPLE: WRITE IN VOL2
13 - 13
vol1
13
File Space Reservation
FILE SPACE RESERVATION
13 - 14
14
File Types
Within volumes, files can be either:
Normal: The size of the file represents the
amount of data within the file.
foo
Physical data
Sparse: The size of the file is greater than the

amount of data within the file.
foo2
FILE TYPES
13 - 15
15
File Type Example: File Volume

Create a 30-GB vol3:
aggr1
system> vol create vol3 -s file aggr1 30g
df g vol3
vol3
Total
Used
Avail
AFS (80%)
24
24
SSR (20%)
Total
Used
Avail
AFS (95%)
85
54
30
SSR (5%)
df Ag aggr1
Icon
Description
aggr1
36-GB disk
vol2
With file
space guarantee
FILE TYPE EXAMPLE: FILE VOLUME
13 - 16
vol1
16
File Type Example: Normal File

Create a 10-GB file:
aggr1
# dd if=/dev/zero of=foo bs=1k count=10g
df g vol3
foo
vol3
Total
Used
Avail
AFS (80%)
24
10
14
SSR (20%)
Total
Used
Avail
AFS (95%)
85
64
20
SSR (5%)
df -Ag aggr1
Icon
Description
aggr1
36-GB disk
vol2
With file
space guarantee
FILE TYPE EXAMPLE: NORMAL FILE
13 - 17
vol1
17
File Type Example: Sparse File

Create a 10-GB sparse file:
aggr1
# dd if=/dev/zero of=foo2 bs=1k count=0 seek=10g
df g vol3
foo
Total
Used
Avail
AFS (80%)
24
10
14
SSR (20%)
Total
Used
Avail
AFS (95%)
85
74
10
SSR (5%)
df Ag aggr1
Icon
Description
aggr1
36-GB disk
vol3
foo2
vol2
With file
space guarantee
FILE TYPE EXAMPLE: SPARE FILE
13 - 18
vol1
18
Solutions for Full

Volumes
SOLUTIONS FOR FULL VOLUMES
13 - 19
19
Solutions for Full Volumes

If a volume fills up (because of Snapshot copies,
active file system data, or both) an administrator
can:
Delete Snapshot copies manually or automatically
Expand the volume
Manage active file system data if the blocks are not
part of a Snapshot copy
Implement deduplication, provided that there is enough
space to turn on deduplication
SOLUTIONS FOR FULL VOLUMES
13 - 20
20
Snapshot Automatic Delete

Snapshot automatic delete determines when (or if)
Snapshot copies are automatically deleted. This option
is set at the volume level:
snap autodelete vol [on|off|show|reset]
If autodelete is enabled, then options are available:

system> snap autodelete vol option value
Options
commitment
trigger
target_free_space
delete_order
defer_delete
prefix
Value
try, disrupt
volume, snap_reserve, space_reserve
1-100
oldest_first, newest_first
scheduled, user_created, prefix, none
<string>
SNAPSHOT AUTOMATIC DELETE
13 - 21
21
Volume Autosize
You might want to grow the volume.
The vol autosize command determines if a
volume should grow when it is nearly full.
Set at volume level
Possible values:
On
Increment size (default 5% of original size)
Maximum size (default 120% of original size)
Off
system> vol autosize vol [-m size[k|m|g|t]]
[-i size[k|m|g|t]] [on|off|reset]
VOLUME AUTOSIZE
13 - 22
22
Administrators Choice
Administrators can choose which procedure to
employ first:
snapshot auto delete
vol autosize
Use the volume option:
try_first
Possible values:
snap_delete
volume_grow (default)
Example:
vol options vol try_first snap_delete
ADMINISTRATORS CHOICE
13 - 23
23
Deduplication
DEDUPLICATION
13 - 24
24

Storage
Costs
RAID-DP
Thin Provisioning
Snapshot Technology
Deduplication

Deduplication provides another level of storage efficiency.
13 - 25
25
Deduplication
NetApp deduplication:
20:1 or greater for backup
Integrated with the Data
ONTAP operating system:
NetApp Deduplication
General-purpose volume
deduplication
Identifies and removes
redundant data blocks
Application agnostic:
Before
After
Primary storage
Backup data
Archival data
Service: Runs as a
background process and is
transparent to any client
26
DEDUPLICATION
Deduplication can be thought of as the process of unduplicating data. The term deduplication was first
coined by database administrators many years ago as a way of describing the process of removing duplicate
records after two databases had been merged.
In the context of disk storage, deduplication refers to any algorithm that searches for duplicate data objects
(for example, blocks, chunks, files) and discards those duplicates. When duplicate data is detected, it is not
retained, but instead a data pointer is modified so that the storage system references an exact copy of the
data object that is already stored on disk. This deduplication feature works well with datasets that have a lot of
duplicated date (for example, full backups).
When NetApp deduplication is configured, it runs as a background process that is transparent to any client
that accesses data from a storage system. This feature allows a reduction of storage costs by reducing the
actual amount of data that is stored over time. For example, if a 100-GB full backup is made on the first night,
and then a 5-GB change in the data occurs during the next day, the second nightly backup only needs to store
the 5 GB of changed data. This amounts to a 95% spatial reduction on the second backup. A full backup can
yield more than a 90% spatial reduction with incremental backups averaging about 30% of the time. With
nonbackup scenarios, such as with virtual machine images, gains of up to 40% space savings can be realized.
To estimate your own savings, please visit the NetApp deduplication calculator at
http://www.dedupecalc.com.
13 - 26
Deduplication in Action
presentation.ppt
= Identical blocks
Original file
20 blocks
With NetApp deduplication,

30 total blocks
presentation.ppt
Identical file
20 blocks
Without NetApp deduplication,

70 total blocks
presentation.ppt
Edited file
10 blocks added
27
DEDUPLICATION IN ACTION
In this example, one user creates a PowerPoint presentation (presentation.ppt) that is 20 blocks in size. This
presentation is then copied to another location by another user. Finally, a third user copies the presentation to
a third location and edits the file, adding 10 blocks.
When these files are stored on a storage system with deduplication configured, the original presentation file is
saved, but the second copy (because it is identical to the original) merely references the original files location
on the storage system. The third location of the presentation file is not completely duplicated. Because the
third user edited the file, the edits are saved to the storage system, but all unedited blocks are referenced back
to the original file.
With NetApp deduplication, 30 blocks are used to store a total of 70 blocks worth of data. This is a 58%
space savings.
13 - 27
NetApp Deduplication: Internals

Initialization (only necessary
on a pre-existing volume)
Gather
Gatherer File
Gathering
qsort
qsort
...
qsort
Merge Sort
Sorting
Fingerprint
File
28
NETAPP DEDUPLICATION: INTERNALS

Typically, when deduplication is enabled on a volume, data already exists on the volume. NetApp
deduplication scans the existing blocks in the flexible volume and creates a fingerprint file. A fingerprint is a
combination of a calculated value and the block location (that is, [fingerprint value, block location]).
To create the fingerprint file, an administrator runs the sis start -s command. During this phase, a
gatherer process identifies all existing files, generates fingerprints, and places them in a gatherer file. The
results are a 32-bytes-per-fingerprint record, which represents 0.8% overhead.
The gatherer process passes the fingerprint information to a Fingerprint Manager, which sorts the fingerprints
by using quick sort and merge sort techniques (qsort and Merge Sort in the figure). New fingerprints are
then written to the fingerprint file.
Over time, the fingerprint file might accrue a number of stale entries due to files being deleted or moved to
another volume. After 20% of the entries become stale, a stale remover phase occurs, to purge the fingerprint
file of outdated records.
13 - 28

Byte-by-byte comparison
Count file update
Update inode
Sort by Inode
Update Inode
Duplicate
Entry File
qsort
qsort
...
Block Ref
Count File
qsort
Merge Sort
Fingerprint
File
29

Duplicates are identified during the merge sort process. Identified duplicate records are sorted by inode, and
then duplicate blocks are eliminated by the block sharing engine, one after the other, in the order of the inode
number.
Fingerprints are used to find potential duplicate blocks, but data comparison is always done before duplicates
are eliminated. After the block has been identified as a true duplicate, indirect blocks are updated by pointing
to the already existing data block. The reference count metadata is incremented. The duplicate block, having
no inode or indirect blocking to it (that is, a refcount value of 0), is considered free by the WAFL (Write
Anywhere File Layout) file system.
13 - 29

Block Write
Log New FPs
Change
Log File
Change
Log File
Fingerprint
File
30

When new write requests come in to the storage system, a new fingerprint is calculated and is written to a
change log in the flexible volume metadata.
13 - 30

Block Write
Log New FPs
Change
Log File
qsort
qsort
...
Change
Log File
qsort
Merge Sort
Fingerprint
File
31

The change log is then sorted by the Fingerprint Manager, and the new fingerprints are merged into the
fingerprint file. While the first change log is being processed, all new data that is written to the storage system
is fingerprinted, and the change logs fingerprint is written to a second change log file.
13 - 31

Block Write
Count file update
Update inode
Log New FPs
Change
Log File
Change
Log File
Sort by Inode
Update Inode
Duplicate
Entry File
qsort
qsort
...
Block Ref
Count File
qsort
Merge Sort
Fingerprint
File
32

Duplicates are then identified and sorted by inode. After a byte-by-byte comparison to verify that the blocks
are truly duplicate, indirect blocks are updated by pointing to the already existing data block. The reference
count metadata is updated. The duplicate block, having no inode or indirect blocking to it (that is refcount
value of 0), is considered free by the WAFL file system.
13 - 32

Block Write
Log New FPs
Change
Log File
Change
Log File
Fingerprint
File
SIS Check
33

For maintenance, a storage administrator can run the sis check command, which verifies the integrity of
the fingerprint file. This verification is automatically triggered by the deduplication operation when 20% of
fingerprint entries become stale.
13 - 33
NetApp Deduplication: Stages

Initialization (only necessary
on pre-existing volume)
Block Write
Gather
Count file update
Update inode
Log New FPs
Change
Log File
Gatherer File
Change
Log File
Sort by Inode
Update Inode
Gathering
Duplicate
Entry File
qsort
qsort
...
qsort
Block Ref
Count File
Deduplicating
Merge Sort
Sorting
Fingerprint
File
SIS Check
Checking
34
NETAPP DEDUPLICATION: STAGES

NetApp deduplication eliminates duplicated data through sharing across files. This can be summarized in
three back stages:
Gathering or initialization
Sorting
Deduplicating files
In addition, a checking stage verifies the integrity of the fingerprint file.
13 - 34
Configuration Overview
License it:
system> license add license
Turn it on:
system> sis on vol
Deduplicate existing data:

system> sis start s vol
Schedule when to deduplicate or run manually:

system> sis config [-s schedule] vol
system> sis start vol
For maintenance:
system> sis status [-l] vol
system> sis check
View the space savings:

system> df s vol
35
CONFIGURATION OVERVIEW
To configure NetApp deduplication, you must first license it on the storage system. Use the license add
command to perform this task. Next, you must use the sis on command to turn it on for the volume that
you want to deduplicate.
If data already exists on the storage system volume that you want to deduplicate, run the sis start -s
command on the volume. This command scans the file system to collect fingerprints of each data block and
sorts the fingerprints to identify duplicate blocks. Each fingerprint entry maps a fingerprint value to the
location of a disk block: [fingerprint value, block location]. This data structure enables you to query blocks
based on block contents.
You can use the sis config command to configure the system to run the deduplication process at a
particular time. The storage administrator can then run the sis start command to process fingerprints that
are present in the change log (because they were recorded when data was written to disk). During this step,
new duplicate blocks are eliminated, and a list of new fingerprints is added to the database. You can perform
this step manually by running the sis start command, or the step can be triggered automatically by a
scheduled deduplication process.
The storage administrator can view sis status to verify the status of the deduplication operation and use
df -s to view the amount of space savings.
NOTE: When files are removed, the fingerprints are not automatically purged. Stale fingerprints are purged
after a certain threshold is reached, or when a sis check command is run explicitly on the volume.
13 - 35
Configuring Deduplication
system> sis on /vol/vol1
SIS for "/vol/vol1" is enabled.
Already existing data could be processed by running
"sis start -s /vol/vol1".
system> sis start -s /vol/vol1

The file system will be scanned to process existing
data in /vol/vol1.
This operation may initialize related existing
metafiles.
Are you sure you want to proceed with scan (y/n)? y
Fri Nov 10 11:42:58 EST [wafl.scan.start:info]:
Starting SIS volume scan on volume vol1.
The SIS operation for "/vol/vol1" is started.
36
CONFIGURING DEDUPLICATION
Here is an example of turning on deduplication on a volume named vol1.
Next, the storage administrator scans the volume to identify current space savings and adds the existing datas
fingerprint records to the fingerprint database by using the sis start -s command.
13 - 36
Verifying Deduplication
system> sis status /vol/vol1
Path
/vol/vol1
Enabled
State
Active
Status
12 GB
Progress
Scanned
system> sis status /vol/vol1

Path
/vol/vol1
State
Enabled
Status
Idle
Progress
Idle for 00:01:26
system> df -s /vol/vol1
Filesystem
/vol/vol1
used
20568268
saved
3768732
%saved
15%
37
VERIFYING DEDUPLICATION
Here, the storage administrator uses the sis status command to confirm the initialization scan progress
that was started with the sis start -s command. When the system is idle, the amount of time that the
process has been idle appears in response to the sis status command. Finally, a storage administrator can
verify the amount of savings by using the df -s command.
13 - 37
The sis status Command: Stages

system> sis status
Gathering
Sorting
Deduplicating
Checking
Path
State
/vol/vol1
Enabled
Path
State
/vol/vol1
Enabled
Status Progress
Active
25 MB Scanned
Status Progress
Active
25 MB Searched
Path
State
/vol/vol1
Enabled
Status Progress
Path
State
/vol/vol1
Enabled
Active
30 MB Verified
Enabled
Active
10% Merged
Active
40 MB (20%) done
Status Progress
OR
/vol/vol1
38
THE SIS STATUS COMMAND: STAGES

The sis status command displays different messages, depending on stage of the deduplication process
that is occurring on the storage system. This example shows the four basic stages and the associated progress
messages.
13 - 38
Scheduling Deduplication
Default schedule:
system> sis on /vol/vol1
system> sis status
/vol/vol1
sun-sat@0
To configure a schedule:
system>
system>
system>
system>
sis
sis
sis
sis
config
config
config
config
-s
-s
s
s
- /vol/vol1
23@sun-fri /vol/vol1
auto /vol/vol1
sat@6 /vol/vol1
Verify:
system> vol status
Volume
State
Status
Options
Vol0
online
raid_dp, flex root
Vol1
online
raid_dp, flex sis
The sis keyword is

listed in the output
for deduplication
volumes.
39
SCHEDULING DEDUPLICATION
By default, deduplication occurs at midnight every day. You can configure the schedule by using the
sis config command.
You can specify the schedule (-s) parameter in one of four ways:
1. Specify "-" to specify that there should be no scheduled deduplication operation on the flexible volume.
2. List the hours, and enter the @ sign separator, followed by the day list.
3. Specify auto to indicate that deduplication should run on the flexible volume whenever there are 20%
new fingerprints in the change log.
4. List the days, and enter the @ sign separator, followed by the hours list.
13 - 39
NetApp System Manager: Deduplication

Start
deduplication
Deduplication
license is added
NETAPP SYSTEM MANAGER: DEDUPLICATION
13 - 40
40
Deduplication Volume Limits

Platform
System
Memory
2040
3040
3050
3070
3140
3160
3170
3210
3240
3270
6030
6040
6070
6080
6210
6240
6280
4GB
4GB
4GB
8GB
4GB
8GB
16GB
5GB
8GB
20GB
16GB
16GB
32GB
32GB
24GB
48GB
96GB
Data ONTAP
Data ONTAP Data ONTAP Data ONTAP
Data ONTAP 8.0.0
Data ONTAP 8.0.0
8.0.0
8.0.1
8.0.1
8.0.1
Max Flex Vol Size
Max Dense Total
Max Dense
Max Flex Vol Max Dense Vol Max Dense
(TB)
Data (TB)
Vol Size (TB)
Size (TB)
Size (TB)
Total Data (TB)
30
35
35
50
50
50
100
3
4
3
16
4
16
16
19
20
19
32
20
32
32
80
80
100
100
16
16
16
16
32
32
32
32
30
35
35
50
50
50
100
50
50
70
80
80
100
100
100
100
100
16
16
16
16
16
16
16
16
16
16
16
16
16
16
16
16
16
32
32
32
32
32
32
32
32
32
32
32
32
32
32
32
32
32
41
DEDUPLICATION VOLUME LIMITS

In the Data ONTAP 7.3.x operating system, the volume limits are:
Platform System
Data ONTAP Data ONTAP Data ONTAP
Memory
7.3.0
7.3.0
7.3.0
Max Flex vol Max dense Max dense
size (TB)
vol size (TB) total data (TB)
R200
2020
2050
3020
3050
3040
3140
3210
3070
3160
3240
3170
6030
6040
3270
6070
6080
13 - 41
6GB
1GB
2GB
2GB
3GB
4GB
4GB
5GB
8GB
8GB
8GB
16GB
16GB
16GB
20GB
32GB
32GB
16
7
16
16
16
16
16
4
0.5
1
1
2
3
3
20
16.5
17
17
18
19
19
16
16
6
6
22
22
16
16
16
10
10
10
26
26
26
16
16
16
16
32
32
Data ONTAP Data ONTAP Data

7.3.1 +
7.3.1 +
ONTAP
Max Flex vol Max dense 7.3.1 +
size (TB)
vol size (TB) Max dense
total data
(TB)
16
7
16
16
16
16
16
16
16
16
16
16
16
16
16
16
16
4
1
2
2
3
4
4
4
16
16
16
16
16
16
16
16
16
20
17
18
18
19
20
20
20
32
32
32
32
32
32
32
32
32
Compression
COMPRESSION
13 - 42
42

Storage
Costs
RAID-DP Technology
Thin Provisioning
Snapshot Technology
Deduplication
Data Compression
13 - 43
43
Typical Storage Savings

80%
Compression Only
Dedupe Only
Dedupe + Compression
70%
Storage Savings
60%
50%
40%
30%
20%
10%
0%
Use Cases
Results may vary
TYPICAL STORAGE SAVINGS

These are sample savings that were achieved with internal and customer testing. Actual customer savings are
highly dependent on the data type and data layout.
13 - 44
Compression Requirements
Compression requires:
Data ONTAP 8.0.1 7-Mode operating system or later
Formal NetApp approval with written agreement
(Policy Variance Request or PVR)
Implementation:
Add a free compression and deduplication license
Enable compression for each FlexVol volume
FlexVol volumes in 64-bit aggregates only
16 TB maximum size
Enable deduplication (even if using compression

only)
COMPRESSION REQUIREMENTS
13 - 45
45
Total Storage Efficiency Effect

Storage
Costs
RAID-DP Technology
Thin Provisioning
Snapshot Technology
Deduplication
Compression
Thin Replication
Virtual Copies
The Effect of
NetApp Storage Efficiency
46
TOTAL STORAGE EFFICIENCY EFFECT

NetApp provides numerous storage efficiencies to reduce storage costs while still providing the capacity that
is needed.
THIN REPLICATION
Thin replication using NetApp SnapMirror. You can now improve network bandwidth efficiency up to 70%
to existing storage and network efficiencies achieved with SAN thin replication. Thin replication can
efficiently replicate production data and, with FlexClone copies, provide multiple, instant copies for disaster
recovery, decision support, business intelligence analysis, or to support a development and test environment
all with minimal overhead.
VIRTUAL COPIES
Storage administration can save up to 80% using writable virtual copies called FlexClone. See Module 12 for
more information.
13 - 46
Module Summary
List storage efficiency techniques available within the
State factors that impact space consumption in the
Describe how and when a volume consumes space
from its containing aggregate
Explain how to guarantee writes for a file
Discuss how the Data ONTAP operating system can
provide more space to a full volume
State deduplication and compression techniques
available in the Data ONTAP operating system
MODULE SUMMARY
13 - 47
47
Exercise
Module 13: Space Management
EXERCISE
13 - 48

What is a fully provisioned volume?
What is a thin-provisioned volume?
Why would you use thin-provisioned volumes?
13 - 49
49
High Availability
Module 14
HIGH AVAILABILITY
14 - 1
Data ONTAP 7-Mode Administration: High Availability
Module Objectives
Describe high-availability (HA) solutions
Discuss how high availability increases the
reliability of storage
Define HA controller configuration
Describe the three modes of HA operation with
an HA pair
Analyze how high availability affects client
protocols during failover and giveback
operations
MODULE OBJECTIVES
14 - 2
HA Spectrum
High availability is the process of providing
solutions that increase storage
resiliency.
Loss
of a
Building
Loss
of a
Loss Shelf
of a
Cable
Loss
of a
Site
Loss
of a
Controller
NetApp solutions
help you overcome all of these
business continuity problems.
HA SPECTRUM
14 - 3
Loss
of a
Region
Loss of a Cable
Use shelf multipathing to protect against loss of
a cable.
Loss
of a
Building
Loss
of a
Loss Shelf
of a
Cable
Loss
of a
Site
Loss
of a
Controller
LOSS OF A CABLE
14 - 4
Loss
of a
Region
Shelf Multipathing
3
A single cable
creates a
potential
vulnerability
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
0c
0d
LINK LINK
LINK
LINK
1Gb ELP
X2
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
Adding a second
cable provides
availability even
if a single cable
fails.
LINK LINK
0b
4Gb 2Gb
A
B
ESH4
4Gb 2Gb
1Gb ELP
Multipathing provides:
1. Increased availability
2. Increased throughput
SHELF MULTIPATHING
14 - 5
Loss of a Shelf
Implement SyncMirror software to protect
against the loss of a shelf (a mirrored
implementation).
Loss
of a
Building
Loss
of a
Loss Shelf
of a
Cable
Loss
of a
Site
Loss
of a
Controller
LOSS OF A SHELF
14 - 6
Loss
of a
Region
SyncMirror Software
Can be configured:
In an HA pair (the most common configuration)
In a stand-alone storage system
Divides disks into two pools
Pool0 becomes plex0
plex1
plex0
/vol
Data within
the aggregate
Pool1 becomes plex1
aggr1
/vol
/vol0
/etc
/vol0
Mirrored data
within the aggregate
/etc
SYNCMIRROR SOFTWARE
SyncMirror protects against data loss by maintaining two copies of the data contained in the aggregate, one
in each plex. Any data loss due to disks failure in one plex is repaired by the undamaged data in the other
plex.
14 - 7
Hardware Disk Ownership

When disk ownership is hardware-based, disks are
assigned to a pool based on the slot that the shelf is
connected to.
DISCONNECT AC POWER
CORD BEFORE REMOVAL
PROPERLY SHUT DOWN SYSTEM BEFORE OPENING CHASSIS.
e0a
e0b
RLM
e0c
e0d
e0a
e0b
RLM
e0c
e0d
0d
FC
0d
0e
LVD SCSI
0e
LVD SCSI
AC
AC
status
status
A
B
X2
X2
Pool0
1Gb 2Gb 4Gb
SHELF
ID
ESH4
4Gb 2Gb
1Gb ELP
A
B
X2
Pool1
1Gb 2Gb 4Gb
SHELF
ID
NOTE: Data ONTAP

8.0 does not support
hardware-based disk
ownership.
FC
0c
X2
Pool0 - 0a and 0b
and HBAs attached
to slots 1-2
0c
ESH4
0b
1Gb ELP
0b
FC
4Gb 2Gb
FC
0a
PCI 4
DISCONNECT AC POWER
CORD BEFORE REMOVAL
Pool1 - 0c and 0d
and HBAs attached
to slots 3-4
ESH4
0a
PCI 2
1Gb ELP
Console
PCI 3
4Gb 2Gb
Console
PCI 1
ESH4
4Gb 2Gb
1Gb ELP
HARDWARE DISK OWNERSHIP

NOTE: Data ONTAP 8.0 does not support hardware disk ownership.
14 - 8
Software Disk Ownership

Software disk ownership-enabled systems must assign
disks to specific pools.
Administrators can assign
disks to pools:
3
e0b
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0d
LINK
4Gb 2Gb
1Gb ELP
ESH4
X2
X2
ESH4
Pool1
1Gb 2Gb 4Gb
SHELF
ID
1Gb ELP
A
B
X2
X2
Pool0
1Gb 2Gb 4Gb
SHELF
ID
ESH4
4Gb 2Gb
1Gb ELP
SOFTWARE DISK OWNERSHIP
14 - 9
0c
LINK LINK
4Gb 2Gb
NOTE: Disks in different pools

must be on different loops or
shelves.
0b
LINK
ESH4
e0a
1Gb ELP
4Gb 2Gb
system> disk assign

{disk_list...}[-p pool]
...
disk_list is the list of device
IDs of unassigned disks
pool is either 0 or 1
system> disk assign
0a.46 -p 1
Implementing Mirrored Aggregates

To implement SyncMirror software:
1. Add the (no-cost) syncmirror_local
license.
2. Verify that the disks are in the correct pools.
3. Reboot the system.
To create a new mirrored aggregate:
system> aggr create aggr m number_of_disks
To add a mirror to an existing aggregate:

system> aggr mirror aggr
Double the
number of
needed
disks
10
IMPLEMENTING MIRRORED AGGREGATES

system> aggr create myMirror -m 6
Aggregate myMirror (online, raid_dp, mirrored) (block checksums)
Plex /myMirror/plex0 (online, normal, active, pool0)
RAID group /myMirror/plex0/rg0 (normal)
RAID Disk Device HA SHELF BAY CHAN Pool Type RPM
--------- ------ ------------- ---- ---- ---- ----dparity
0a.18
0a
1
2
FC:A
0 FCAL 15000...
parity
0a.19
0a
1
3
FC:A
0 FCAL 15000...
data
0a.20
0a
1
4
FC:A
0 FCAL 15000...
Plex /myMirror/plex1 (online, normal, active, pool1)
RAID group /myMirror/plex1/rg0 (normal)
RAID Disk Device HA SHELF BAY CHAN Pool Type RPM
--------- ------ ------------- ---- ---- ---- ----dparity
0b.32
0b
2
0
FC:A
1 FCAL 15000...
parity
0b.33
0b
2
1
FC:A
1 FCAL 15000...
data
0b.34
0b
2
2
FC:A
1 FCAL 15000...
system> aggr status
Aggr State
Status
Options
myMirror online
raid_dp, aggr
mirrored 32-bit
aggr0 online
raid_dp, aggr
root
32-bit
14 - 10
Shelf and Disk Failure

In this example, if the
shelf that has pool0
fails, the data is still
available from pool1.
e0b
e0c
e0d
e0e
0a
e0f
LINK
X2
Pool0
1Gb 2Gb 4Gb
SHELF
ID
4Gb 2Gb
0c
LINK LINK
0d
LINK
1Gb ELP
ESH4
ESH4
4Gb 2Gb
X2
Pool1
1Gb 2Gb 4Gb
SHELF
ID
1Gb ELP
A
B
ESH4
4Gb 2Gb
1Gb ELP
SHELF AND DISK FAILURE
14 - 11
0b
LINK
X2
LINK LINK
X2
LINK
ESH4
e0a
1Gb ELP
4Gb 2Gb
Nondisruptive shelf
replacement (NDSR) is
now available in Data
ONTAP 7.3.2 and later.
If multiple disks fail in
an aggregate, data is
still available from the
alternate pool.
11
Administrator Maintenance of Mirrors

Split a mirror aggregate
Rejoin a split aggregate
Remove a plex from a mirror aggregate
Compare plexes of a mirrored aggregate
NOTE: For more information about SyncMirror
software, please see the High Availability Webbased courses.
ADMINISTRATOR MAINTENANCE OF MIRRORS
14 - 12
12
Loss of a Controller
Use an HA controller configuration to protect
against loss of a controller.
Loss
of a
Building
Loss
of a
Loss Shelf
of a
Cable
Loss
of a
Site
Loss
of a
Controller
LOSS OF A CONTROLLER
14 - 13
Loss
of a
Region
13
HA Controller Configuration
X3149A
X3149A
4
LNK
system
LNK
ACT
ACT
5
INT LNK
INT LNK
LNK
LNK
ACT
e0c
e0d
e0e
0a
e0f
0b
LINK
0c
LINK LINK
0d
e0a
e0b
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
4Gb 2Gb
1Gb ELP
A
B
X2
X2
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
e0c
LINK
LINK
ESH4
LINK LINK
1Gb ELP
LINK
X2
e0b
1Gb 2Gb 4Gb
SHELF
ID
e0a
4Gb 2Gb
system2
ACT
ESH4
4Gb 2Gb
1Gb ELP
A
B
ESH4
4Gb 2Gb
1Gb ELP
Each controller is connected to its own disk shelves.

Each controller is connected to the other controllers disk shelves.
Storage controllers are connected through an interconnect.
If a storage controller fails, the surviving partner serves the data of
the failed controller.
14
HA CONTROLLER CONFIGURATION
In an HA configuration, the controllers of two storage systems (nodes) are connected to each other either
directly or through switches.
The nodes are connected to each other through a cluster adapter or NVRAM adapter, which allows one node
to serve data to the disks on its partner if the partner node fails. Each node continually monitors its partner,
mirroring data for the partners NVRAM.
14 - 14
Benefits of HA Controller Configuration

X3149A
X3149A
4
LNK
system
LNK
ACT
ACT
5
INT LNK
INT LNK
LNK
LNK
ACT
e0c
e0d
e0e
0a
e0f
0b
LINK
0c
LINK LINK
0d
e0a
e0b
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
4Gb 2Gb
1Gb ELP
A
B
X2
X2
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
e0c
LINK
LINK
ESH4
LINK LINK
1Gb ELP
LINK
X2
e0b
1Gb 2Gb 4Gb
SHELF
ID
e0a
4Gb 2Gb
system2
ACT
ESH4
4Gb 2Gb
1Gb ELP
A
B
ESH4
4Gb 2Gb
1Gb ELP
Fault tolerance
Nondisruptive software upgrades
Nondisruptive hardware maintenance
15
BENEFITS OF HA CONTROLLER CONFIGURATION

HA configurations provide fault tolerance and the ability to perform nondisruptive upgrades and maintenance:
Fault tolerance: When one node fails or becomes impaired, a takeover occurs and the partner node
continues to serve the data of the failed node.
Nondisruptive software upgrades: When you halt one node and allow takeover, the partner node
continues to serve data for the halted node, allowing you to upgrade the halted node. For more
information about nondisruptive software upgrades, see the Data ONTAP Upgrade Guide.
Nondisruptive hardware maintenance: When you halt one node and allow takeover, the partner node
continues to serve data for the halted node, allowing you to replace or repair hardware on the halted node.
14 - 15
Requirements for High Availability

Architecture compatibility
Disk and disk shelf compatibility
Installed cluster interconnect adapters and
cables (some systems have the cluster
interconnect built-in to the backplane)
Nodes attached to the same networks
The same software licensed and enabled
16
REQUIREMENTS FOR HIGH AVAILABILITY

The number of disks in a standard HA configuration must not exceed the maximum configuration capacity. In
addition, the total amount of storage attached to each node must not exceed the capacity of a single node.
To determine your maximum configuration capacity, see the System Configuration Guide at
http://now.netapp.com/NOW/knowledge/docs/hardware/hardware_index.shtml.
NOTE: When a failover occurs, the takeover node temporarily serves data from all the storage in the HA
configuration. When the single-node capacity limit is less than the total HA configuration capacity limit, the
total disk space in a cluster can be greater than the single-node capacity limit. It is acceptable for the takeover
node to temporarily serve more than the single-node capacity would normally allow, as long as it does not
own more than the single-node capacity.
Disks and disk-shelf compatibility
Both Fibre Channel (FC) and SATA storage types are supported in standard HA configurations, if the two
storage types are not mixed on the same loop.
A node can have exclusively FC storage and the partner node can have exclusively SATA storage.
Cluster interconnect adapters and cables must be installed.
Nodes must be attached to the same network and the network interface cards must be configured
correctly.
System features such as CIFS, NFS, or SyncMirror software must be licensed and enabled on both nodes.
14 - 16
Partner Communication
In an HA controller configuration, partners
communicate through the interconnect with a
heartbeat.
The system state is written to disk in a mailbox.
Data not committed to disk is written to the local
and partner nonvolatile RAM (NVRAM).
17
PARTNER COMMUNICATION
To ensure that each node in an HA controller configuration maintains the correct and current status of its
partner node, heartbeat information and node status are stored on each node in the mailbox disks.
Mailbox disks are a redundant set of disks used in coordinating takeover and giveback operations. If one node
stops functioning, the surviving partner node uses the information on the mailbox disks to perform takeover
processing, which creates a virtual storage system.
If an interconnect failure occurs, the mailbox heartbeat information prevents an unnecessary failover from
occurring. Moreover, if the HA configuration information that is stored on the mailbox disks is not
synchronized during boot, the HA controller nodes automatically resolve the situation. The FAS system
failover process is extremely robust, preventing split-brain issues from occurring.
14 - 17
HA Controllers and NVRAM

Each node reserves half
of the total NVRAM for
the partners data.
During takeover, the
surviving partner
performs the down
systems reads and
writes using the mirror
nonvolatile log (NVLOG).
NVRAM During Normal Mode

Storage System
Storage System 2
Storage
System
NVLOG
Storage
System 2
NVLOG
Storage
System 2
NVLOG
(mirror)
Storage
System
NVLOG
(mirror)
18
HA CONTROLLERS AND NVRAM

The Data ONTAP operating system uses the WAFL (Write Anywhere File Layout) file system to manage
data processing and NVRAM to guarantee data consistency before committing writes to disks. If the storage
controller experiences a power failure, the most current data is protected by the NVRAM, and file system
integrity is maintained.
In an HA controller environment, each node reserves half of the total NVRAM size for the partner nodes
data, to ensure that exactly the same data exists in NVRAM on both storage controllers. Therefore, only half
of the NVRAM in the high-availability controller is dedicated to the local node. If failover occurs, when the
surviving node takes over the failed node, all WAFL checkpoints stored in NVRAM are flushed to disk. The
surviving node then combines the split NVRAM.
How the Interconnect Works
The interconnect adapters are critical components in an HA controller configuration. The Data ONTAP
operating system uses these adapters to transfer system data between the partner nodes, which maintains data
synchronization in the NVRAM on both controllers. Other critical information is also exchanged through the
interconnect adapters, including the heartbeat signal, system time, and details about temporary disk
unavailability due to pending disk-firmware updates.
14 - 18
Configuring High Availability

1. License controller failover on both systems:
system> license add xxxxxx
system2> license add xxxxxx
2. Reboot both systems:

system> reboot
system2> reboot
3. Enable the service on one of the two systems:

system> cf enable
4. Check the status on that system:

system> cf status
19
CONFIGURING HIGH AVAILABILITY

To add the license, enter the following command on both node consoles for each required license:
license add xxxxxx
where xxxxxx is the license code you received for the feature
To reboot both nodes, enter the following command:
reboot
To enable the license, enter the following command on the local node console:
cf enable
To verify that controller failover is enabled, enter the following command on each node console:
cf status
14 - 19
Setting Matching Node Options

1. Analyze the option values for both nodes.
2. Verify that the option values are the same.
3. Correct any mismatched option values.
This table lists parameters that must match:
Parameter
Value
Date
date, rdate
NDMP
NDMP (on or off)
Published route table
route
Route
routed (on or off)
Time zone
timezone
20
SETTING MATCHING NODE OPTIONS

Because some Data ONTAP options must match on both the local and partner node, use the options
command on both nodes and ensure that the options match.
STEPS
1. View and note the values of the options on the local and partner nodes, using the following command on
each console:
options
The current option settings for the node are displayed on the console. Output similar to the following is
displayed:
autosupport.doit TEST
autosupport.enable on
2. Verify that the options with comments in parentheses are set to the same value for both nodes. The
comments are as follows:
Value might be overwritten in takeover

Same value required in local+partner
Same value in local+partner recommended
3. Correct any mismatched options using the following command:

options option_name option_value.
14 - 20
Normal Operation
X3149A
X3149A
4
LNK
system
LNK
ACT
ACT
5
INT LNK
INT LNK
LNK
LNK
ACT
e0c
e0d
e0e
0a
e0f
0b
LINK
0c
LINK LINK
0d
e0a
e0b
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
4Gb 2Gb
1Gb ELP
A
B
X2
X2
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
e0c
LINK
LINK
ESH4
LINK LINK
1Gb ELP
LINK
X2
e0b
1Gb 2Gb 4Gb
SHELF
ID
e0a
4Gb 2Gb
system2
ACT
ESH4
4Gb 2Gb
1Gb ELP
A
B
ESH4
4Gb 2Gb
1Gb ELP
Each storage controller handles its own storage requests.
NORMAL OPERATION
14 - 21
21
Takeover Operation
X3149A
X3149A
4
LNK
system
e0e
0a
e0f
0b
0c
LINK LINK
0d
e0a
e0b
e0c
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
4Gb 2Gb
1Gb ELP
A
B
X2
X2
ESH4
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
e0d
LINK
LINK
1Gb ELP
LINK LINK
X2
e0d
LINK
LINK
system2
ACT
1Gb 2Gb 4Gb
SHELF
ID
e0c
LNK
ACT
4Gb 2Gb
e0b
5
INT LNK
system2
e0a
ACT
5
INT LNK
LNK
LNK
ACT
ESH4
4Gb 2Gb
A
B
ESH4
1Gb ELP
4Gb 2Gb
1Gb ELP
system> cf takeover
The surviving partner has two identities, each of which can only
access its own volumes and networks.
You can access the failed node using console commands.
22
TAKEOVER OPERATION
When a takeover occurs, the functioning partner node takes over the functions and disk drives of the failed
node by creating an emulated storage system that:
Assumes the identity of the failed node
Accesses the failed nodes disks and serves its data to clients
The partner node maintains its own identity and its own primary functions, but also handles the added
functionality of the failed node through the emulated node.
14 - 22
Events That Trigger Takeover

A node undergoes a software or system failure that
leads to a panic
A node undergoes a system failure (for example, a
loss of power) and cannot reboot
A mismatch occurs between the disks that each node
believes it owns
A network interface that is configured to support
failover becomes unavailable
A node cannot send heartbeat messages to its partner
and no other mechanism is available
A node is halted (such as with the halt command)
A takeover is manually initiated
EVENTS THAT TRIGGER TAKEOVER
14 - 23
23
The partner command

1. Access the failed storage controller:
system(takeover)> partner
system2/system>
failed_controller/takeover_controller
2. Execute commands as needed.

NOTE: Some commands are unavailable in partner mode.
3. Return to the prompt of the takeover system:

system2/system> partner
system(takeover)>
THE PARTNER COMMAND
14 - 24
24
Giveback Operation
X3149A
X3149A
4
LNK
system
e0e
0a
e0f
0b
0c
LINK LINK
0d
e0b
e0c
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
0d
LINK LINK
LINK
LINK
4Gb 2Gb
1Gb ELP
A
B
X2
X2
ESH4
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
e0d
LINK
LINK
1Gb ELP
LINK LINK
e0a
X2
e0d
LINK
LINK
system2
ACT
1Gb 2Gb 4Gb
SHELF
ID
e0c
LNK
ACT
4Gb 2Gb
e0b
5
INT LNK
system2
e0a
ACT
5
INT LNK
LNK
LNK
ACT
ESH4
4Gb 2Gb
A
B
ESH4
1Gb ELP
4Gb 2Gb
1Gb ELP
system> cf giveback
The cf giveback command terminates the emulated node.
The failed node resumes normal operation.
The HA configuration resumes normal operation.
25
GIVEBACK OPERATION
When a failed node is repaired and functioning again, execute the cf giveback command, which
terminates the emulated node on the partner. The failed node resumes serving its own data and the HA
configuration resumes normal operation. Each node is ready to take over for its partner if the partner fails.
14 - 25
Delete the Storage System
If the storage system was

previously managed as a
standalone system by NetApp
System Manager, the storage
system must be deleted and
then added again after high
availability is configured.
DELETE THE STORAGE SYSTEM
14 - 26
26
Enable HA
You cannot currently enable high availability from
NetApp System Manager so you must enable it from the
command-line interface:
1. License controller failover (cf):
system2> license add xxxxxx
2. Reboot:
system> reboot
system2> reboot
3. Enable controller failover:

system> cf enable
4. Check status:
system> cf status
ENABLE HA
14 - 27
27
Add HA Systems
When you add one of the

storage systems to NetApp
System Manager, the
partner is automatically
identified.
ADD HA SYSTEMS
14 - 28
28
View the HA Pair
The HA pair
HA
configuration
problems
VIEW THE HA PAIR
14 - 29
29
Verify Licenses
Verify that the storage

systems licenses match
the partners licenses.
VERIFY LICENSES
14 - 30
30
Add First Partner IP Address
Configure an IP address to
take over the partners IP
and enablethe interface.
ADD FIRST PARTNER IP ADDRESS
14 - 31
31
Add Second Partner IP Address
Perform the same task for

the other partner; remember
to enable the interface.
32
ADD SECOND PARTNER IP ADDRESS

The following table lists the three types of interface configurations that you can enable in an HA pair.
Interface type
Description
Shared
This type of interface supports both the local and partner nodes.
It contains both the local node and partner node IP addresses.
During takeover, it supports the identity of both nodes.
Dedicated
This type of interface only supports the node in which it is installed.

It contains the local node IP address only and does not participate in
network communication beyond local node support during takeover.
It is paired with a standby interface.
Standby
This type of interface is on the local node, but only contains the IP
address of the partner node. It is paired with a dedicated interface
14 - 32
Verify the Configuration
You fixed the HA

configuration problems
VERIFY THE CONFIGURATION
14 - 33
33
Perform a Takeover
To configure HA
To perform a takeover
PERFORM A TAKEOVER
14 - 34
34
Use the Takeover Wizard
USE THE TAKEOVER WIZARD
14 - 35
35
Complete the Takeover
COMPLETE THE TAKEOVER
14 - 36
36
Perform a Giveback
To perform a giveback
PERFORM A GIVEBACK
14 - 37
37
Complete the Giveback
Giveback
complete
COMPLETE THE GIVEBACK
14 - 38
38
Failover Effects on Client Connections

I/O requests are suspended during the
takeover and giveback period.
For clients and applications that use NFSv3,
NFSv4, HTTP, Fibre Channel (FC), or iSCSI
protocols, connections can usually be resumed
when the takeover or giveback process is
complete.
For CIFS (SMB 1.0 and SMB 2.0), sessions are
lost.
Stateful clients and applications canand
usually doattempt to re-establish the session.
FAILOVER EFFECTS ON CLIENT CONNECTIONS
14 - 39
39
Negotiated Failover
Data ONTAP allows failover to occur with failure of one or
more network interfaces to ensure continual client interaction
To enable negotiated failover (NFO):
Off by default
system> options
cf.takeover.on_network_interface_failure on
To configure policy for marked network interface cards

(NICs):
system> options
cf.takeover.on_network_interface_failure.policy
{all_nics | any_nics}
To mark a NIC to participate in NFO:

system> ifconfig <interface> nfo
Set on both systems

in an HA pair
To unmark a NIC and prevent it from participating in NFO:

system> ifconfig <interface> -nfo
NEGOTIATED FAILOVER
To enable negotiated failover for failed network interfaces, you must explicitly enable the
cf.takeover.on_network_interface_failure option, set the failover policy, and mark each
interface that can trigger a negotiated failover (NFO).
NOTE: The cf.takeover.on_network_interface_failure.policy option must be set
manually on both of the controllers in an HA pair:
all_nics: All interfaces marked for failover must fail before takeover will occur.
any_nic: Any interface marked for failover will trigger a high-availability takeover.
The cf.takeover.on_network_interface_failure option is not the primary defense against a
network switch becoming a single point of failure. This option should only be considered when a single-mode
vif or second-level vif cannot be used. Controller failover is disruptive to CIFS clients and can be disruptive
to NFS clients that use soft mounts. In contrast, interface group (or virtual interface in Data ONTAP 7.3)
failover is completely nondisruptive and is therefore the preferred method. Also note that negotiated failover
is being used increasingly in MultiStore environments.
14 - 40
HA Best Practices
Test failover and giveback operations before
placing HA controllers into production.
Monitor:
The performance of the network
The performance of disks and storage shelves
CPU utilization of both controllers, in order to
ensure that neither exceeds 50%
Enable AutoSupport.
NOTE: For more information about high availability, please see
the High Availability Web-based course.
41
HA BEST PRACTICES
General best practices require comprehensive testing of all mission-critical systems before introducing them
into a production environment. HA controller testing should include takeover and giveback, or functional
testing as well as performance evaluation. Extensive testing validates planning.
Monitor network connectivity and stability.
Unstable networks not only affect total takeover and giveback times, they adversely affect all devices on the
network in various ways. NetApp storage controllers are typically connected to the network to serve data, so
if the network is unstable, the first symptom is degradation of storage-controller performance and availability.
Client service requests are retransmitted many times before reaching the storage controller, appearing to the
client as slow responses from the storage controller. In a worst-case scenario, an unstable network can cause
communication to time-out, and the storage controller appears to be unavailable.
During takeover and giveback operations in an HA controller environment, storage controllers attempt to
connect to numerous types of servers on the network, including DNS, Network Information Service (NIS),
Lightweight Directory Access Protocol (LDAP), and application servers, as well as Windows domain
controllers. If these systems are unavailable or the network is unstable, the storage controller continues to try
to establish communications, which delays takeover and giveback times.
14 - 41
Loss of a Building
Stretch MetroCluster configuration protects
against local issues, such as loss of
power in a building.
Loss
of a
Building
Loss
of a
Loss Shelf
of a
Cable
Loss
of a
Site
Loss
of a
Controller
LOSS OF A BUILDING
14 - 42
Loss
of a
Region
42
Stretch MetroCluster
Building 1
Building 2
X3149A
X3149A
system
LNK ACT
system2
LNK ACT
INT LNK
INT LNK
LNK ACT
LNK ACT
0a
e0f
0b
LINK
e0e
LINK
LINK LINK
1Gb ELP
4Gb 2Gb
1Gb ELP
X2
X2
ESH4
1Gb 2Gb 4Gb
A
B
ESH4
4Gb 2Gb
1Gb ELP
System:
Pool 1
0c
LINK LINK
0d
LINK
X2
System2:
Pool 0
1Gb 2Gb 4Gb

SHELF
ID
0b
LINK
ESH4
4Gb 2Gb
1Gb ELP
X2
4Gb 2Gb
0a
e0f
1Gb 2Gb 4Gb

SHELF
ID
ESH4
SHELF
ID
e0d
X2
X2
X2
ESH4
System2:
Pool 1
e0c
LINK
1Gb 2Gb 4Gb

SHELF
ID
e0b
LINK
LINK
1Gb ELP
System:
Pool 0
LINK LINK
e0a
4Gb 2Gb
LINK LINK
0d
1Gb ELP
LINK
0c
X2
e0e
ESH4
e0d
1Gb ELP
e0c
4Gb 2Gb
e0b
ESH4
e0a
4Gb 2Gb
A
B
ESH4
4Gb 2Gb
1Gb ELP
Stretch MetroCluster configuration expands high availability

up to 500m.
See the High Availability Web-based course for more information.
STRETCH METROCLUSTER
14 - 43
43
Loss of a Site
Fabric-attached MetroCluster protects against
the loss of sites.
Loss
of a
Building
Loss
of a
Loss Shelf
of a
Cable
Loss
of a
Site
Loss
of a
Controller
LOSS OF A SITE
14 - 44
Loss
of a
Region
44
Fabric-Attached MetroCluster
Site 1
Site 2
X3149A
X3149A
LNK ACT
system
LNK ACT
system2
INT LNK
INT LNK
LNK ACT
LNK ACT
e0a
e0b
e0c
e0d
e0e
0a
e0f
0b
LINK
LINK
LINK LINK
0c
LINK LINK
0d
e0c
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
3
4
X2
X2
A
B
ESH4
1Gb ELP
System:
Pool 1
X2
X2
X2
1Gb ELP
ESH4
1
4Gb 2Gb
ESH4
1Gb ELP
1Gb 2Gb 4Gb

SHELF
ID
4Gb 2Gb
1Gb 2Gb 4Gb

SHELF
ID
4Gb 2Gb
X2
X2
X2
1Gb ELP
1Gb 2Gb 4Gb

SHELF
ID
ESH4
ESH4
4Gb 2Gb
System2:
Pool 0
1Gb ELP
1Gb ELP
ESH4
4Gb 2Gb
4Gb 2Gb
ESH4
1Gb ELP
LINK
4Gb 2Gb
1Gb 2Gb 4Gb
0d
LINK
Long
Haul FC
SHELF
ID
System2:
Pool 1
e0b
LINK
LINK
Switch 1
Switch 2
System:
Pool 0
e0a
A
B
ESH4
4Gb 2Gb
1Gb ELP
Fabric-attached MetroCluster expands high availability up to 100 km.

See the High Availability Web-based course for more information.
FABRIC-ATTACHED METROCLUSTER
14 - 45
45
Loss of a Region
The SnapMirror product family can be
implemented to protect against the
loss of entire regions.
Loss
of a
Building
Loss
of a
Loss Shelf
of a
Cable
Loss
of a
Site
Loss
of a
Controller
LOSS OF A REGION
14 - 46
Loss
of a
Region
46
SnapMirror Product Family
X3149A
X3149A
LNK ACT
system
LNK ACT
system2
INT LNK
INT LNK
LNK ACT
LNK ACT
e0c
e0d
e0e
0a
e0f
LINK
LINK LINK
0d
e0a
e0b
e0d
e0e
0a
e0f
LINK
0b
0c
LINK
LINK
LINK
LINK LINK
LINK LINK
0d
LINK
LINK
1Gb ELP
ESH4
A
B
X2
X2
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
e0c
4Gb 2Gb
LINK LINK
0c
1Gb ELP
LINK
0b
X2
e0b
1Gb 2Gb 4Gb
SHELF
ID
1Gb ELP
ESH4
ESH4
4Gb 2Gb
e0a
4Gb 2Gb
4Gb 2Gb
1Gb ELP
The SnapMirror product family allows you to mirror volumes and

qtrees.
See the NetApp Protection Software Administration ILT course for
more information.
SNAPMIRROR PRODUCT FAMILY
14 - 47
47
Multiple HA Techniques in Combination

Inter-connect
Steps
system2
system
0a 0b
0c 0d
0a 0b
1. Connect cluster
interconnect cables
0c 0d
2. Connect intershelf disk

cables
3. Connect primary path

from the storage system
to the first shelves
4. Connect standby path

5. Connect the redundant

primary path from the
storage systems

standby path from the
storage systems
NOTE: Example shows DS14 FC shelves. Cabling will be different for SAS shelves.
48
MULTIPLE HA TECHNIQUES IN COMBINATION

The HA techniques described do not have to be used in isolation; often they are combined. The example in
this slide shows multipathing high-availability controller configuration, referred to as MPHA.
14 - 48
Module Summary
Describe HA solutions
Discuss how high availability increases the
reliability of storage
Define HA controller configuration
Describe the three modes of HA operation with
an HA pair
Analyze the effect on client protocols during
failover and giveback operations
MODULE SUMMARY
14 - 49
49
Exercise
Module 14: High Availability
EXERCISE
14 - 50

What are the three modes of operation for an
HA controller configuration?
What is the purpose of using an HA controller
configuration?
What happens during a takeover?
True or False:
Options must be set the same on both nodes.
The license must be set the same on both
nodes.
Both nodes must have the same number of
disks.
Both nodes must be part of the same domain.
14 - 51
51
Virtualization
Solutions
Module 15
VIRTUALIZATION SOLUTIONS
15 - 1
Data ONTAP 7-Mode Administration: Virtualization Solutions
Module Objectives
List the virtualization vendors that the Data
ONTAP operating system supports
Illustrate virtualization solutions
Describe how to virtualize a storage controller
using MultiStore software
Configure MultiStore software
Assign client protocols on MultiStore software
MODULE OBJECTIVES
15 - 2
Virtualization and NetApp Solutions

NetApp provides premium storage solutions for
virtual infrastructures.
Virtualization storage client
VMware cloud, server, and
desktop
NetApp, VMware, and Cisco
FlexPod for VMware
Microsoft Hyper-V
Citrix server and desktop
vFiler
vFiler
vFiler
MultiStore
Virtualization storage
controllers: MultiStore software
VIRTUALIZATION AND NETAPP SOLUTIONS
15 - 3
ApplicationBased Silos
IT as a Service
(ITaaS)
Internal Cloud
Zones of
Virtualization
Consolidate
Centralize
Standardize
Virtualize
External
Cloud Services
Self-Service
Automate
Storage architecture has evolved. First, there were application-based silos with separate physical servers and
storage. Then VMware began a movement to virtualize these silos. Virtualization might begin in one
department at a company, but over time much of the company was virtualized and consolidated.
But consolidation is limited, generally by backup or compliance restrictions. Share infrastructure is now
increasing, such as IT as a service (or ITaaS), which is an internal cloud of resources available. External
service providers (external clouds) also meet a market need by standardizing, automating, and providing selfservice computing and storage resources.
15 - 4
NetApp and VMware
NETAPP AND VMWARE
15 - 5
NetApp and VMware Solutions

Enterprise Desktop
Management
VMware
Products
VMware View
NetApp
Solutions
FlexClone software
Deduplication
SnapManager for Virtual
Infrastructure (SMVI)
Cloud Platform
Management
vSphere
Thin provisioning SAN

FlexClone software
Deduplication
SMVI
NETAPP AND VMWARE SOLUTIONS
15 - 6
NetApp and VMware Cloud Solutions

vSphere
No Reboot
Seamless Cutover
VM
VM
VM
Fault Tolerance
VMware ESXi
VM
VM
Fault Tolerance
VMware ESXi
VM
VM VM
VMware ESXi
NetApp technology provides a foundation for

successful cloud deployments
NETAPP AND VMWARE CLOUD SOLUTIONS

NetApp and VMware cloud solutions provide these advantages:
15 - 7
Fault tolerance
Support for FCoE
SAN multipath I/O support
Support for 10 Gigabit Ethernet (GbE) storage networking
vNetwork distributed switch (network configuration can be done across multiple VMs and then applied to
individual VMs)
Service Console and VMkernel support for IPv6
SnapManager for Virtual Infrastructure
VM1 VM2
Virtual
Server
Administrator
VM3 VM4
Restores
Replication
vCenter
The storage administrator

sets and controls policy
The virtual server
administrator is delegated
to run data management
for virtual infrastructure
API
SMVI
POLICIES
VM1
VM2
VM3
VM4
VMDK VMDK VMDK VMDK
Storage Pool
Storage
Administrator
Policy-based
management of:
Snapshot copy
creation
Primary Site
SMVI is coordinated with

Virtual Center
VM-aware Snapshot
technology
VM locality
SNAPMANAGER FOR VIRTUAL INFRASTRUCTURE

SMVI co-exists with Virtual Center and communicates with Virtual Center using the API when providing
requests to ESX Servers for ESX Server VMs.
Virtual Center communicates with ESX Servers for all management functions, and uses resident agents in the
ESX Servers.
SMVI uses Data ONTAP APIs to schedule Snapshot copy creation and SnapRestore functions on NetApp
platforms, as well as invoking the SnapMirror product family for replication of the Snapshot copies.
Replication of Snapshot copies can be directed at a disaster recovery site.
Snapshot copies are always created at data-store levels, but restores can be done at the level of individual
VMs.
15 - 8
SMVI Automates Snapshot Replication
VM1 VM2
Virtual
Server
Administrator
VM3 VM4
VM1 VM2 VM5
vCenter
API
SMVI
POLICIES
VM1
VM2
VM3
VM4
VMDK VMDK VMDK VMDK
Storage Pool
Primary Site
VM1
VM5
Storage Pool
Disaster Recovery Site
SMVI AUTOMATES SNAPSHOT REPLICATION
15 - 9
VM2
VMDK VMDK VMDK
Disaster Recovery Automation

SRM
VM1 VM2
Virtual
Server
Administrator
SRM
VM3 VM4
VM1 VM2 VM5
Site
Failure
vCenter
Confirm?
Site Recovery
Manager (SRM)
helps automate
disaster recovery
(DR)
VM1
VM2
VM3
VM4
VM1
VMDK VMDK VMDK VMDK
Storage Pool
Primary Site
VM2
VM5
VMDK VMDK VMDK

SnapMirror
Storage Pool
10
DISASTER RECOVERY AUTOMATION

The SnapMirror product family uses Snapshot copies and SnapRestore technology to quickly and efficiently
replicate data between sites.
Other solutions are often deployed only on the most critical applications, but the SnapMirror product family is
flexible enough and simple enough to use in various ways across all applications. Because the solution uses
application-aware Snapshot copies, application consistency is maintained.
In a VMware environment, the SnapMirror product family is integrated with VMware Site Recovery Manager
(SRM), which manages VMs and ESX Servers across sites.
Note that VMware does not provide the capability to directly copy virtual servers to a remote location, so
VMware recommends using storage-based replication for both virtual servers and data.
15 - 10
Testing Disaster Recovery Automation

SRM
VM1 VM2
Virtual
Server
Administrator
SRM
VM3 VM4
VM1 VM2 VM5
vCenter
Test
disaster
recovery
With NetApp
FlexClone Software,
VM1
VM2
VM3
VM4
administrators can
VMDK VMDK VMDK VMDK
test the disaster
recovery automation
Storage Pool
of SRM to ensure
reliability
Primary Site
VM1
VM2
VM5
VMDK VMDK VMDK

SnapMirror
Storage Pool
11
TESTING DISASTER RECOVERY AUTOMATION

NOTE: NetApp recommends using FlexClone software to nondisruptively test the disaster recovery site. For
more information, contact your NetApp Professional Services specialist.
15 - 11
Integrated Storage Virtualization

Traditional Array
NetApp Array
Primary Storage
Double Disk
Data Protection
VMware DiskBased Backup
VMware SRM and

Offsite Backup Data
Add disaster recovery and offsite storage of disk-to-disk backup data.

12
INTEGRATED STORAGE VIRTUALIZATION

NetApp storage systems use NetApp deduplication and Snapshot technology to provide savings. In this
example, the competitor solution requires 61 disks and 3 arrays, where the NetApp solution uses 22 disks and
2 arrays.
15 - 12
FlexPod
Cisco UCS
B-Series
Cisco UCS Manager
Cisco Nexus
Family Switches
NetApp FAS
10 GE and FCoE
Complete Bundle
A shared infrastructure for a wide range of

environments and applications
Features
Complete data center in a single
rack
Performance-matched stack
Step-by-step deployment guides
Solutions guide for multiple

environments
Multiple classes of computing and
storage supported in a single
FlexPod
Centralized management: NetApp
OnCommand and Cisco UCS
Manager
13
FLEXPOD
FlexPod is the best infrastructure foundation supporting both virtualized and nonvirtualized workloads using
Cisco Unified Computing System (UCS), Cisco Nexus (servers and network), and NetApp FAS (storage). It
provides the best unified computing, networking, and storage.
The FlexPod solution is based on three key capabilities:
Low Risk: As a validated, simplified data center solution and a cooperative support model, FlexPod
provides a safe and proven journey to virtualization and toward the cloud.
Business agility from flexible IT: FlexPod scales to fit a variety of use cases and environments, such as
SAP, Exchange 2010, SQL, VDI, and Secure Multi-Tenancy (SMT).
Reduced TCO from higher data center efficiency: FlexPod decreases the number of operational
processes, reduces energy consumption, and maximizes resources.
15 - 13
FlexPod for VMware

VMware vSphere
VMware vSphere Enterprise Plus

VMware vCenter Standard
Cisco Unified Fabric
2 Cisco Nexus 5548 with fabric services

(per 3 FlexPod configurations)
2 Cisco Nexus 1010 and 1000V
Cisco UCS Platform
2 Cisco UCS 6120XP Fabric Interconnect

3 Cisco UCS 5108 Blade Server Chassis
9 Cisco UCS B-250 M2 plus VIC
6 Cisco UCS B-200 M2 plus VIC
NetApp FAS3210A
4 NetApp DS2246 450-GB SAS shelves

2 256-GB flash cache
2 10-Gbps IP interfaces
4 4-Gbps Fibre Channel interfaces
NetApp complete bundle
1 Rack Data Center Solution

30 Westmere CPUs (180 cores)
2 TB server memory (up to 4 TB)
40-Gbps interconnect (4x 10 GE)
512-GB SSD storage cache
42 TB storage
1 Enterprise IT Infrastructure
For an organization of 1500 users with a

mixed workload of the following (and with
headroom for more applications):
VMware View 4.5 (MS Windows 7)
MS Exchange 2010
MS SharePoint 2010
MS SQL Server 2008 R2
Two classes of computing

support dense memory and
general virtualized workloads
14
FLEXPOD FOR VMWARE

The base FlexPod configuration has a FAS3210A and supports up to 1,500 users for these four popular
workloads simultaneously:
Virtual desktop infrastructure (VDI)
Microsoft Exchange
Microsoft SharePoint
SQL Server
The configuration also provides sufficient headroom for additional applications. The storage array can be
replaced by a larger (or smaller) system, and blade configuration can also be tuned to specific workload
requirements, yet FlexPod retains its integrity and single architecture. You can scale up either using a
standard FlexPod each time or by scaling individual components. Regardless of the number of FlexPods or
the capacity in each layer of the infrastructure, resources are always managed as one pool, rather than for
individual FlexPods.
15 - 14
Maximize Server and Storage Utilization

VM-to-Volume View of Server and Storage
SQLSRV2
VM3 VM4
VM5 VM6 VM7 VM8
Virtual Server
Administrator
Billing 1
VM1 VM2
SQLSRV1
SANscreen VM Insight
Storage Pool
CIS200S
NTAP01
CIS200H
Storage
Administrator
15
MAXIMIZE SERVER AND STORAGE UTILIZATION

In a virtualized environment (or a physical environment), NetApp storage systems provide unique capabilities
that enable different IT teams to perform automated data management tasks from their tools.
SANscreen VM Insight enables discovery of the cross-domain view. It allows you to track and report all
changes and be proactive about showing the implication of the changes on the services you expect to deliver.
In other words, SANscreen VM Insight allows you to track where redundant paths have been removed.
Service Insight allows you to proactively manage your environment and quickly identify and resolve latent
quality problems. VM Insight provides visibility for connections between VMs (virtual machines) and
allocated volumes. This visibility allows both the server and storage teams to enable more effective
forecasting, planning, and chargeback.
VM Insight also helps you improve storage utilization and reduce storage consumption caused by VM sprawl.
It does so by giving you tools to use to identify VMs and associated storage that are no longer in use or are
being underutilized.
15 - 15
SANscreen VM Insight
Continuous visibility: End-to-end visibility and change

management for virtual server storage services
Continuous validation
Virtual servers storage services
Impact analysis for moving images between physical servers
Impact analysis for transitioning to a virtual server environment
SANSCREEN VM INSIGHT
15 - 16
16
SANscreen Storage Management Software
SANscreen
Storage
Management
Software
Identifies ESX
Server Load
SANSCREEN STORAGE MANAGEMENT SOFTWARE
15 - 17
17
Continuing NetApp VMware Education

Review these courses at NetApp University:
VMware vSphere 4: Whats New
Design and Implement VMware Solutions on
NetApp Storage
SAN Implementation Workshop
SANscreen Implementation
CONTINUING NETAPP VMWARE EDUCATION
15 - 18
18
NetApp and Microsoft
NETAPP AND MICROSOFT
15 - 19
19
Microsoft Virtualized Infrastructure

VM1 VM2 VM1 VM2
Virtual Server
Administrator
SCOM
SCVMM
Hyper-V
SCOM
Key feature of Windows Server

2008
System Center Operations Manager

(formerly MOM)
Previously codenamed Viridian
Microsoft system management framework
Hypervisor-based technology
SCVMM
Systems Center Virtual Machine Manager
Management for hybrid hypervisor
environments
20
MICROSOFT VIRTUALIZED INFRASTRUCTURE

Features such as deduplication, thin provisioning, cloning, multiprotocol, and RAID-DP have a
compounding effect on the level of efficiency and flexibility achieved in a Microsoft virtualized environment.
Many customers that currently use a direct-attached storage (DAS) topology are concerned about the costs
associated with transitioning to virtualized network storage. Yet they want to realize the benefits of quick
migration and high-availability support that are provided by Hyper-V and require a network storage topology.
By using cost-effective and flexible NetApp storage solutions, customers can maximize their investment in
their Microsoft virtualized environments.
15 - 20
Simplified Management with NetApp

VM1 VM2 VM1 VM2
Virtual Server
Administrator
SCOM
SCVMM
Storage Pool
NetApp
ApplianceWatch
Plug-in
NetApp extends Microsoft environments by including best-in-class data

protection, storage efficiency, and flexibility.
Provide integrated storage management:
SCOM integration for monitoring and storage provisioning
Application-centric backups with SnapManager management software
running in VMs
SIMPLIFIED MANAGEMENT WITH NETAPP
15 - 21
21
Continuing NetApp Microsoft Education

Review these courses at NetApp University:
Design and Implement Hyper-V Solutions on
NetApp Storage
CONTINUING NETAPP MICROSOFT EDUCATION
15 - 22
22
NetApp and Citrix
NETAPP AND CITRIX
15 - 23
23
Citrix Virtualization Solutions

Enterprise Desktop Enterprise Server
Management
Management
Citrix
Products
XenDesktop
NetApp
Solutions
FlexClone software
Deduplication
SMVI
XenServer
Thin-provisioning SAN
Deduplication
SMVI
CITRIX VIRTUALIZATION SOLUTIONS
15 - 24
24
NetApp and Citrix XenDesktop
Clients
and Web
Disaster
Recovery Site
Desktop Broker
VM VM VM
VM
VM
VM VM VM
Storage Pool
VM
VM
VM
VM
Storage Pool
CIFS
and NFS
NETAPP AND CITRIX XENDESKTOP

NetApp and Citrix provide the following advantages:
Unified VM and user storage

Deduplication and thin provisioning support
Zero-cost desktop clones
Desktop boot accelerator
VM-aware array-based backup
Single desktop cloning
Disaster recovery replication
Support for immutablewrite once, read many (WORM)storage
15 - 25
25
NetApp Adapter in XenServer 5.5
XenCenter
NetApp
Adapter
XA1 XA2 XA1 XA2

VM1 VM2 VM1 VM2
One-click storage
integration for server
administrators
Management of NetApp
storage:
Fast Snapshot creation and
cloning
Fast backup and recovery
Storage Pool
Data protection (RAID-DP)

Data deduplication
Thin provisioning
26
NETAPP ADAPTER IN XENSERVER 5.5

NetApp and Citrix co-developed the XenServer integrated adaptor to enable server administrators to manage
NetApp storage directly from the XenCenter console.
The NetApp integrated storage adaptor for Citrix XenServer enables server administrators to increase
productivity by managing common storage functions within the XenCenter console.
NetApp solutions provide instant storage provisioning and cloning of XenServer VMs, accelerating testing
and development or production from weeks to minutes.
15 - 26
Continuing NetApp Citrix Education

Review this course at NetApp University:
Design and Implement Citrix Solutions on NetApp

Storage
CONTINUING NETAPP CITRIX EDUCATION
15 - 27
27
Controller
Virtualization
CONTROLLER VIRTUALIZATION
15 - 28
28
MultiStore Software
MultiStore Software
vFiler0
vFiler1
vFiler2
29
MULTISTORE SOFTWARE
MultiStore software provides these benefits:
Consolidation and ease of management: Application service providers can consolidate your the storage
needs. You can maintain domain infrastructure while providing multidomain storage consolidation. You
can reduce management costs while offering independent, domain-specific storage management.
Security: Security is one of the key concerns when storage is consolidated either within an organization
or by an application service provider. Different vFiler units can have different security systems within
the same storage system.
Delegation of management: vFiler unit administrators can have different access rights than storage
system administrators.
Disaster recovery and data migration: MultiStore software enables you to migrate or back up data from
one storage system to another without extensively reconfiguring the destination storage system.
15 - 29
Enabling MultiStore Software
MultiStore Software
Once MultiStore is licensed,

the default vFiler is visible
vFiler0
Initially, this owns all
resources; then it
owns any resources
not owned by other
vFiler units
30
ENABLING MULTISTORE SOFTWARE

The vFiler unit limit (the number of vFiler units that you can create on this storage system, including vFiler0)
is set to a default value between 3 and 11, depending on the memory capacity of the host storage system.
15 - 30
IPspace
10.x.x.x
Allows
non-unique
network routing
to separate
vFiler units
Default
IPspace
e0a
e0b
0a
0b
0c
0d
10.x.x.x
MultiStore Software
e0a
e0b
e0c
vFiler0
vFiler1
vFiler2
default
spaceB
spaceC
Routing
table
Routing
table for B
Routing
table for C
system> ipspace create spaceB

system> ipspace assign spaceB e0b
Could be
physical, an
interface group,
or a VLAN
Interface
must be down
to assign with
no address
31
IPSPACE
An IPspace defines a distinct IP address space in which vFiler units can participate. IP addresses defined for
an IPspace are applicable only within that IPspace. A distinct routing table is maintained for each IPspace. No
cross-IPspace traffic is routed.
15 - 31
Configuring Storage for a vFiler Unit
MultiStore Software
vFiler0
Create the storage needed

for the vFiler unit
system> vol create vf1 aggr1 1000g
32
CONFIGURING STORAGE FOR A VFILER UNIT

As the physical storage system administrator, if you need to manage storage resources that belong to a vFiler
unit, but you do not have administrative access to the vFiler unit, you can temporarily move the vFiler unit's
resources or temporarily destroy the vFiler unit.
15 - 32
Creating a vFiler Unit
MultiStore Software
vFiler0
vFiler1
Create the new
vFiler unit
If no IPspace is given,
the command uses the
default IPspace
system> vfiler create vFiler1 -s spaceB

-i 10.10.10.20 /vol/vf1
33
CREATING A VFILER UNIT

You must meet these conditions before you can create a vFiler unit:
You must create at least one unit of storage (qtrees or volumes, traditional or flexible) before creating the
vFiler unit.
The storage unit that contains the vFiler unit configuration information must be writable; it must not be a
read-only file system, such as the destination volume or qtree in a SnapMirror relationship.
The IP address used by the vFiler unit must not be configured when you create the vFiler unit.
15 - 33
vFiler Start
To start a vFiler unit:
system> vfiler start vFiler1
10.x.x.x
e0a
e0b
0a
0b
0c
0d
MultiStore Software
e0b
vFiler0
vFiler1
spaceB
After vFiler1 is started and its

underlying interface is configured, it
can receive packets from clients
Routing
table for B
34
VFILER START
You can start a vFiler unit that is in the stopped state; after a vFiler unit starts, it is in running state and can
receive packets from clients.
15 - 34
Configure Networking for the vFiler
e0a
e0b
0a
0b
0c
0d
10.x.x.x
MultiStore Software
e0b
vFiler0
Configure the interface
to the vFiler IP address
vFiler1
spaceB
Routing
table for B
Add the commands

to the vFiler0 /etc/rc
directory to persist
across a reboot
Assign the
default route
system> ifconfig e0b 10.10.10.20 up

system> vfiler run vFiler1 route add default 10.10.10.1
35
CONFIGURE NETWORKING FOR THE VFILER

Because vFiler units in the same IPspace share one routing table, you can manipulate the routing table by
entering the route command from the host storage system.
15 - 35
vFiler Management
To learn more about running
commands on vFiler1, display
the vFiler1 help:
10.x.x.x
e0a
e0b
0a
0b
0c
0d
system> vfiler run vFiler1 ?
To assign a protocol to
a vFiler unit:
1. License the protocol on
the storage system
2. Assign the protocol to a
vFiler unit
system> vfiler allow
vFiler1 proto=cifs
proto=iscsi
MultiStore Software
e0b
vFiler0
vFiler1
NFS
CIFS
iSCSI
spaceB
Routing
table for B
CIFS
iSCSI
36
VFILER MANAGEMENT
By default, a vFiler unit can use the protocols for the host storage system. You can select the protocols that
you want to allow on the vFiler units.
15 - 36
vFiler Context
To access vFiler1:
system> vfiler context vFiler1
vFiler1@system>
10.x.x.x
e0a
e0b
0a
0b
0c
0d
To configure vFiler1:
1. Since we are allowing
CIFS, setup CIFS services
2. Since we are allowing
iSCSI, configure iSCSI
services
MultiStore Software
e0b
vFiler0
vFiler1
NFS
CIFS
iSCSI
spaceB
Routing
table for B
CIFS
iSCSI
VFILER CONTEXT
15 - 37
37
MultiStore Integrations
Providing
disaster recovery
Providing
data migration
MultiStore Software
vFiler0
vFiler1
SnapMirror
(discussed in Module 14)
vFiler2
SnapVault
(discussed in Module 16)
38
MULTISTORE INTEGRATIONS
MultiStore software integrates into the SnapMirror product family and into SnapVault software:
Snapmirror Product Family
The SnapMirror product for mirroring volumes and qtrees has been integrated to work with vFiler technology
after the SnapMirror product family is licensed on the source and destination storage systems. You can enter
SnapMirror commands from the default storage system (vFiler0) or from a specific non-default vFiler unit.
SnapMirror commands entered from the default storage system can be used to affect or display information
about all of the non-default vFiler units on the host storage system. SnapMirror commands entered from a
non-default vFiler unit only affect or display information about that specific unit.
For backward compatibility, the default storage system (vFiler0) can operate on all volumes and qtrees, even
if they are owned by other vFiler units.
If vFiler unit storage volumes and qtrees are mirrored by vFiler0, the SnapMirror relationship will be reflected
only on vFiler0.
Snapvault Software
After SnapVault software is licensed on the source and destination storage units, the SnapVault product for
backing up volumes and qtrees is integrated to work with vFiler technology. See the MultiStore Management
Guide for more information.
15 - 38
vFiler Disaster Recovery

system
system2
MultiStore
Software
vFiler0
vFiler1
Providing
disaster recovery
MultiStore
Software
vFiler0
vFiler1
system2> vfiler dr configure vFiler1@system

NOTE: These steps are abbreviated; see
the support site for more information.
39
VFILER DISASTER RECOVERY

You can prepare for recovery from a potential disaster by creating a backup vFiler unit that can be used for
disaster recovery.
Before a disaster occurs, you can safeguard information by creating vFiler units on the destination storage
system that remain inactive unless a disaster occurs. You should perform checks to ensure that the storage
system and network are ready.
The vFiler dr configure command uses the Data ONTAP SnapMirror feature as its underlying
technology.
Multiple paths can be set from the source to the destination storage systems in the SnapMirror product family.
The -a option of the vfiler dr configure command enables you to set multiple paths for the
configuration operation. See the MultiStore Management Guide for more information.
15 - 39
vFiler Migration
system
system2
MultiStore
Software
vFiler0
vFiler1
Providing
data migration
MultiStore
Software
vFiler0
vFiler1
system2> vfiler migrate start vFiler1@system

NOTE: These steps are abbreviated; see
the support site for more information.
40
VFILER MIGRATION
If heavy traffic to one vFiler unit is affecting the performance of its host node, and its high-availability
configuration partner is lightly loaded, you can transfer ownership of the vFiler unit to the partner.
Transferring ownership allows you to balance load processing on the two nodes without copying data.
When you migrate a vFiler unit, you move it from the remote storage system to the local storage system. You
initiate migration on the destination storage system, which will host the vFiler unit after the migration. Add a
static route entry, if required, because the static routing information will not be carried to the destination
storage system.
Migration across storage systems enables workload management. Migration automatically destroys the source
vFiler unit and activates the destination, which starts serving data to its clients automatically. Only the
configuration is destroyed on the source, not the data.
See the MultiStore Management Guide for more information.
15 - 40
Data Motion for vFiler Servers

With Data Motion, no planned
downtime is needed for
ON
ON
24/7
Storage
StoragePool
Pool
vFiler1
Data
Data
Data
Storage capacity expansion

Scheduled maintenance outages
Hardware refreshes
Software upgrades
Data Motion
Mirrors a vFiler unit to another
storage system
Allows cut over to completely
non-disruptively move a vFiler
unit and all its data to a new
storage system
NetApp Data Motion

41
DATA MOTION FOR VFILER SERVERS

NetApp Data Motion provides true data mobility to storage infrastructure without affecting the availability of
client applications. Without Data Motion, lifecycle management tasks such as system maintenance, hardware
refreshes, and software upgrades require planned outages and affect the ability of a company to provide
continuous access to data.
With the increasing need to optimize service levels, it is also important to dynamically balance system
performance without compromising transaction performance or integrity. NetApp Data Motion allows clients
to always stay connected to their data, even as it is moved to a new physical location.
15 - 41
vFiler Stop and Destroy

To stop a vFiler unit:
system> vfiler stop vFiler1
10.x.x.x
e0a
e0b
0a
0b
0c
0d
To destroy a vFiler unit:

system> vfiler stop vFiler1
system> vfiler destroy
vFiler1
Resources for the
destroyed vFiler unit return
to vFiler0.
Destroying a vFiler unit does
not destroy any user data.
MultiStore Software
e0b
vFiler0
vFiler1
spaceB
Routing
table for B
42
VFILER STOP AND DESTROY

You can stop a vFiler unit if you need to troubleshoot vFiler unit problems or destroy the vFiler unit. After
you stop a vFiler unit, the vFiler unit can no longer receive packets from clients. The stopped state is not
persistent across reboots; after you reboot the storage system the vFiler unit resumes automatically. If iSCSI
is licensed on the storage system, stopping a vFiler unit stops iSCSI packet processing for that vFiler unit.
You can start a vFiler unit that is in the stopped state; after a vFiler unit starts, it is in running state and can
receive packets from clients.
15 - 42
Module Summary
List the virtualization vendors that the Data
ONTAP operating system supports
Illustrate virtualization solutions
Describe how to virtualize a storage controller
using MultiStore software
Configure MultiStore software
Assign client protocols on MultiStore software
MODULE SUMMARY
15 - 43
43
Exercise
Module 15: Virtualization Solutions
EXERCISE
15 - 44

How does NetApp make management of
virtualization solutions easier?
What is MultiStore software?
What is the main command that is used to
configure MultiStore software?
15 - 45
45
Backup and
Recovery Methods
Module 16
BACKUP AND RECOVERY METHODS
16 - 1
Data ONTAP 7-Mode Administration: Backup and Recovery Methods
Module Objectives
List the methods available to back up and
recover data
Use ndmpcopy to process full and incremental
data transfers
Discuss dump and restore
Describe, enable, and configure Network Data
Management Protocol (NDMP) on a storage
system
MODULE OBJECTIVES
16 - 2
Backup and Recovery Spectrum

Back up to Local Storage
Recover files
Recover aggregate, volume, or single file
Back up to Local or Remote Storage
Recover volume, qtrees, or directories
Back up to Remote Storage
Recover qtrees, directories, or files
Back up to Local or Remote Tape

Recover directories or files
Back up with Third-Party Tools
BACKUP AND RECOVERY SPECTRUM
16 - 3
Snapshot Copies
Recover files
Administrators can back up and

recover files quicklyalmost
instantaneouslywith Snapshot
copies.
Snapshot copies do not replace
standard backups to other
media locations.
Data Center
SNAPSHOT COPIES
16 - 4
Snapshot Copy and SnapRestore Software

Recover aggregate, volume, or single file
Use Snapshot copies to backup locally

Use SnapRestore data recovery software to revert a
file system to any specified Snapshot copy or restores
a single file from a Snapshot copy.
Restores files, volumes, and aggregates quickly online
Works from multiple recovery points
Provides an easy recovery process based on a single
command input
Requires the snaprestore license code
SNAPSHOT COPY AND SNAPRESTORE SOFTWARE

SnapRestore data recovery software enables you to quickly revert a local volume or a file on a storage
system to the state it was in when a particular Snapshot copy was created. In most cases, reverting a file or
volume is much faster than restoring files from tape or copying files from a Snapshot copy to the active file
system.
You use SnapRestore to recover from data corruption. If a primary storage system application corrupts data
files in a volume, you can revert the volume or specified files in the volume to a Snapshot copy created before
the data corruption. You can also use SnapRestore data recovery software if you are testing a volume or file
and want to restore that volume or file to pretest conditions.
You must purchase and install the snaprestore license code to enable and use the SnapRestore service.
16 - 5
ndmpcopy Command
Recover volume, qtrees, or directories
Used to transfer data between storage systems
that support NDMPv3 or NDMPv4
system> ndmpd on
Data Center
Can carry out full and incremental transfers

Limits incremental transfers to a maximum
of two levels (one full and up to two incremental
levels)
Works only for transfers between systems using
the Data ONTAP operating system
Syntax:
system> ndmpcopy [options]
source_host:source_path
destination_host:destination_path
NDMPCOPY COMMAND
The ndmpcopy command enables you to transfer file system data between storage systems that support
Network Data Management Protocol verison 3, NDMPv3, or NDMPv4, and the UNIX file system (UFS)
dump format.
Using the ndmpcopy command, you can perform both full and incremental data transfers. However,
incremental transfers can have no more than two levels (one full and no more than two incremental levels).
You can transfer full or partial volumes, qtrees, or directories, but not individual files.
To copy data within a storage system or between storage systems using ndmpcopy, use the following
command from the source or the destination system, or from a storage system that is not the source or the
destination:
system> ndmpcopy [options] source_hostname:source_path
destination_hostname:destination_path
In this command, source_hostname and destination_hostname can be host names or IP addresses. If
destination_path does not specify a volume (or specifies a nonexistent volume), the root volume is used.
16 - 6
SnapVault Software
Back up to Remote Storage
SnapVault software is
Data Center
embedded NetApp
FAS1
software for disk-todisk backup and
FAS2
archiving
Administrators can
back up and recover:
Primary
Qtrees
Directories on storage
not produced by
NetApp
Central
Repository
SnapVault
SnapVault
Storage Systems
Non NetApp
Storage
Open
Systems
SnapVault
Secondary
Storage System
7
SNAPVAULT SOFTWARE
SnapVault software is a disk-based storage backup feature of the Data ONTAP operating system. SnapVault
software enables you to back up data stored on multiple storage systems to a central, secondary storage
system quickly and efficiently as read-only Snapshot copies.
If data is lost or corrupted on a storage system, you can restore backed-up data from the SnapVault secondary
system with less downtime and uncertainty than is associated with conventional tape backup and restore
operations.
Additionally, users who want to restore their own data may do so without the intervention of a system
administrator. The SnapVault secondary system may be configured with NFS exports and CIFS shares to let
users copy files from Snapshot copies to the correct locations.
16 - 7
Tape Dumps and Restores

Recover directories or files

support:
Data Center
Classic tape backup and

recovery
Virtual Tape Library (VTL)
Tape
System
TAPE DUMPS AND RESTORES
16 - 8
VTL
System
8
Backup Command Examples

Verify attached tape drives:
system> sysconfig -t
Dump vol0 to a local tape (no rewind):

system> dump 0ufbB nrst0a 63 2097151 /vol/vol0
Restore vol0 from a local tape:

system> restore rf rst0a
Investigate the backup status:

system> backup status
ID
-0
1
State
----------ACTIVE
RESTARTABLE
Type
---NDMP
dump
Device
-----urst0a
Start Date
-----------Nov 28 00:22
Nov 29 00:22
Level
----0
1
Path
--------/vol/vol0/
/vol/vol1/
NOTE: See the Data Protection Tape Backup and Recovery Guide
for more information.
BACKUP COMMAND EXAMPLES

See the Data Protection Tape Backup and Recovery Guide for your version of the Data ONTAP operating
system for more information.
16 - 9
Dump and Restore Format

The Data ONTAP dump adheres to Solaris
ufsdump.
Dump format:
Phases 1 and 2: Build a map of files and directories,
and collect file history and attribute information
Phase 3: Dump data to tape, specifically directory
entries
Phase 4: Dump files
Phase 5: Dump access control lists (ACLs)
Restore format:
Phase I: Restore directories
Phase II: Restore files
DUMP AND RESTORE FORMAT
16 - 10
10
Dump and Restore Event Logs

Event logging is off by default; to enable event
logging, execute this command:
system> options backup.log.enable {off|on}
Event log files

Stored in the /etc/log/backup log file
Rotated once a week
Saved for up to six weeks
Event log message format:

type timestamp identifier event (event_info)
DUMP AND RESTORE EVENT LOGS
16 - 11
11
The NDMP Standard

Back up with Third-Party Tools
NDMP is an open standard that allows backup

applications to control native backup and
recovery functions on NetApp storage systems
and other NDMP servers.
NDMP-compliant backup applications interact
with the ndmpd process on the storage system.
NDMP requests from backup applications
prompt the storage system to invoke native
dump and restore commands to initiate
backups and restores.
13
THE NDMP STANDARD

NDMP is an open standard for centralized control of data management across an enterprise. NDMP enables
backup software vendors to provide support for NetApp storage systems without having to port client code.
An NDMP-compliant solution separates the flow of backup and restore control information from the flow of
data to and from the backup media. These solutions invoke the native dump and restore features of the Data
ONTAP operating system. The solutions back up data from, and restore data to, NetApp storage systems.
NDMP also provides low-level control of tape devices and media changers.
Data protection services provided by backup applications that support NDMP offer a number of advantages:
Sophisticated scheduling of data protection operations across multiple storage systems

Media management and tape inventory management services that eliminate or minimize manual tape
handling during data protection operations
Support for data catalog services that simplify the process of locating specific recovery data; Direct
Access Recovery optimizes access to specific data from large backup tape sets
Support for multiple topology configurations, allowing efficient sharing of secondary storage resources
(tape library) through the use of three-way network data connections
16 - 12
NDMP Support Matrix

Partner
Product
Last Version Certified

6.0, 6.5 & 7.0 with Data ONTAP 7.2.2, 7.2.3 and 7.3.3
6.5 & 7.0 with Data ONTAP 7.3, 7.3.1, 7.3.2 and 7.3.3
Symantec NetBackup
6.5 & 7.0 with Data ONTAP 10.0.3 and 10.0.4
6.5 & 7.0 with Data ONTAP 8.0 7-Mode and Data ONTAP 8.0 Cluster-mode
5.51 and 6.1 with Data ONTAP 7.3, 7.3.1 and 7.3.2
5.5 with Data ONTAP 7.2.2 and 7.2.3
IBM
Tivoli Storage Manager
5.5.2 with Data ONTAP 10.0.3 and 10.0.4
6.1 with Data ONTAP 8.0 7-Mode and Data ONTAP 8.0 Cluster-mode
6.1 and 6.2 with Data ONTAP 7.3.3
6.1 with Data ONTAP 7.2
7.0 with Data ONTAP 7.3, 7.3.1 and 7.3.2
Simpana 8.0 with Data ONTAP 7.3, 7.3.1,7.3.2 and 7.3.3
CommVault Simpana
Simpana 8.0 with Data ONTAP 10.0.3 and 10.0.4
Simpana 8.0 with Data ONTAP 8.0 7-Mode and Data ONTAP 8.0 Cluster-Mode
10.3.0.2.0 with Data ONTAP 7.3
Oracle
Oracle Secure Backup
10.1.0.3 with Data ONTAP 7.1.1.1 and 7.2.1
7.1.1 with Data ONTAP 7.0
7.4.5 with Data ONTAP 7.2
8.0U2 and NDMP 7.0.6 with Data ONTAP 7.2.3
BakBone
NetVault
NVBU 8.5 with Data ONTAP 8.0 7-Mode
NVBU 8.5.2 with Data ONTAP 7.3.3
Syncsort
BackupExpress
3.2.1 with Data ONTAP 7.3.3 and Data ONTAP 8.0 7-Mode
Atempo
Time Navigator
NOTE: This is an
incomplete list.
14
NDMP SUPPORT MATRIX

Solutions based on NDMP can centrally manage and control backup and recovery of highly distributed data
while minimizing network traffic. These solutions can direct a NetApp storage system to back itself up to a
locally attached tape drive without sending the backup data over the network. NDMP-based solutions are
designed to assure data protection and efficient restoration in the event of data loss. The solutions include
many control and management featuressuch as discovery, configuration, scheduling, media management,
tape library control, and a user interfacethat are not available using the native dump and restore
commands for NetApp storage systems.
In 1996, NetApp partnered with Intelliguard to create NDMP. Since then, the two companies have promoted
the industry standardization of NDMP.
In the compatibility matrix in the figure above, key backup vendors and their NDMP solutions are listed. To
obtain a complete list of third-party NDMP backup applications and software versions, see the online
documentation on the NOW (NetApp on the Web) online service and support site.
NDMP third-party solutions provide:
Central management and control of highly distributed data

Local backup of NetApp storage systems (without sending data over the network)
Control of robotics in tape libraries
Data protection in a mixed server environment with UNIX, Windows Server, and NetApp storage
systems
Investment protection with established backup strategies
For more information about these and other NDMP Certification products, please see www.netapp.com.
16 - 13
NDMP Terminology and Components

NDMP client
The NDMP client is a backup application.
NDMP clients submit requests to an NDMP
server, and then receive replies and status back
from the NDMP server.
NDMP server
The NDMP server is a process or service that
runs on the NetApp storage system.
The NDMP server processes requests from
NDMP clients, and then returns reply and status
information back to the NDMP client.
15
NDMP TERMINOLOGY AND COMPONENTS

In the following definitions, the primary system performs the NDMP data service and the secondary system
performs the NDMP tape service.
Data management application: An application that controls the NDMP session. The data management
application is also called the backup application. Examples are Veritas NetBackup and EMC
NetWorker.
NDMP service: A service that provides data service, tape service, and SCSI service.
Control connection: A bidirectional TCP/IP connection that carries NDMP messages encoded in external
data representation standard (XDR) between the data management application and the NDMP server. The
control connection is analogous to an NDMP session on the storage system.
Data connection: A connection between two NDMP systems that carries a data stream either internal to the
NetApp storage system (local) or by means of TCP/IP (remote).
Data service: An NDMP service that transfers data between the primary storage system (where the data
resides on disks) and the data connection.
Tape service: An NDMP service that transfers data between the secondary storage and the data connection,
allowing the data management application to manipulate and access secondary storage.
16 - 14
Typical NDMP Backup Session

1.
Data management application Host
Control Messages
Data Connection
DMA
Payload Data
Notifications, file history, log messages
Content
Index
TCP/IP
TCP/IP
IP Network
NDMP
Data
Service
NDMP
Tape
Service
TCP/IP, IPC
2.
Primary
Storage
System
3.
Secondary
Storage
System
16
TYPICAL NDMP BACKUP SESSION

The figure above represents a data protection topology in which data is backed up from storage system
(primary) to storage system (secondary) to tape. In this topology, the backup operation is driven by a data
management application host (NDMP client) designed by number 1 in the figure.
The data management application opens connections to, and activates NDMP services in, both storage
systems, designed by numbers 2 and 3.
Control messages to the services configure the services and create a data connection between them. More
control messages initiate and start backups; the data service creates the payload (backup image) and writes it
to the data connection, where the tape service receives it.
Log messages and notifications are sent from the services to the data management application.
16 - 15
NDMP Connection Information

NDMP uses a TCP/IP connection to a
dedicated port.
NDMP does not require a CIFS, NFS, HTTP,
Fibre Channel (FC), or iSCSI protocol license.
The storage system listens for NDMP requests
on port 10000 when ndmpd is enabled.
All messages are encoded using external data
representation (XDR) standard (see RFC 1014
for more information).
NDMP CONNECTION INFORMATION
16 - 16
17
Using Tape Devices with NDMP

Can be attached through a NetApp storage system
Backup Server
NDMP Server
NDMP Control Connection
Tape Drive
Tape Drive
Robot
Can be attached through a backup server

Backup Server
NDMP Server
NDMP Control Connection
Tape Drive
Tape Drive
Robot
NOTE: When sharing a tape device with a backup
server, always attach and configure the device through

the backup server.
18
USING TAPE DEVICES WITH NDMP

When using NDMP, a storage system can read from or write to the following devices:
Stand-alone tape drives or tapes in a tape library that is attached to the storage system
Tape drives or tape libraries attached to the workstation that runs the backup application
Tape drives or tape libraries attached to a workstation or storage system on your network
NDMP-enabled tape libraries attached to your network
NOTE: To use NDMP to manage your tape library, you must set the tape stacker autoload setting to off.
Otherwise, the system wont allow media-changer operations to be controlled by the NDMP backup
application.
Naming Conventions for Tape Libraries
The following names are used to refer to tape libraries: mcn or /dev/mcn; sptn or /dev/sptn. Tape libraries can
also be aliased to worldwide names (WWNs).
Use these commands with tape libraries:
To view the tape libraries that are recognized by the system, use sysconfig m.
To display the names currently assigned to libraries on the storage system, use storage show mc.
To display the aliases of tape drives, use storage show tape.
For more information about tape aliasing and tape commands, see the Data ONTAP Data Protection Tape
Backup and Recovery Guide on the NOW site.
16 - 17
Enabling and Configuring NDMP

1. Enable NDMP (disabled by default):
system> ndmpd on
system> options ndmpd.enable on
2. Specify the NDMP version (which must match

backup application):
system> ndmpd version {2|3|4}
3. Configure access (no access by default):

system> options ndmpd.access
4. Configure NDMP authorization methods:

system> options ndmpd.authtype
Choices are challenge, plain text, or

challenge,plain text
Management of SnapVault and SnapMirror
software requires challenges
19
ENABLING AND CONFIGURING NDMP

To enable a storage system for basic management by an NDMP backup application, you must enable the
storage systems NDMP support, and specify the configured NDMP version of the backup application, host
IP address, and authentication method.
To prepare a storage system for NDMP management, complete these steps:
1. Enable the NDMP service:
system> options ndmpd.enable on
When you disable ndmpd, the storage system continues to process all requests for sessions already
established, but rejects new sessions.
2. Specify the NDMP version to support on the storage system. This version must match the version
configured on the NDMP backup application server:
system> ndmpd version {2|3|4}
Data ONTAP supports NDMP versions 2, 3, and 4 (4 is the default value).
The storage system and the backup application must agree on a version of NDMP to be used for each
NDMP session.
3. If you want to specify a restricted set of NDMP backup-application hosts that can connect to the storage
system, set the following option:
system> options ndmpd.access {all|legacy | host[!]=hosts |
if[!]=interfaces}
4. Specify the authentication method by which users are allowed to start NDMP sessions with the storage
system. This setting must include an authentication type supported by the NDMP backup application:
system> options ndmpd.authtype
{challenge|plaintext|challenge,plaintext}
The challenge authentication method is generally the preferred, and more secure, authentication method.
Challenge is the default type. With the plaintext authentication method, the login password is transmitted as
clear text.
16 - 18
Enabling and Configuring NDMP

5. To create the local account:
system> useradmin user add backup_user
6. To set the NDMP password length:
system> options ndmpd.password_length {8|16}
7. To generate an encoded NDMP password:

system> ndmpd password backup_user
8. To enable the NDMP connection log:
system> options ndmpd.connectlog.enabled

{off|on}
9. To include or exclude files with ctime

changed from incremental dumps:
system> options ndmpd.ignore_ctime.enabled
{off|on}
20
ENABLING AND CONFIGURING NDMP

To prepare a storage system from using NDMP management, complete the following steps:
5. If you have operators without root privileges on the storage system that will be carrying out tape-backup
operations through the NDMP backup application, then add a new backup user to the Backup Operators
useradmin group list:
system> useradmin user add backup_user -g Backup Operators
6. Specify an 8-character or 16-character NDMP password length (the default value is 16):
system> options ndmpd.password_length
7. Generate an NDMP password for the new user:
system> ndmpd password backup_user
NOTE: If you change the password to your regular storage system account, repeat this procedure to
obtain your new system-generated, NDMP-specific password.
8. Enable logging of NDMP connection attempts with the storage system:
system>options ndmpd.connectlog.enabled on
This enables the Data ONTAP operating system to log NDMP connection attempts in the /etc/messages
file. These entries can help you determine if and when authorized or unauthorized users are attempting to
start NDMP sessions. The default for this option is off.
9. Include or exclude files when the changed timestamp (ctime) value changed from incremental dumps
according to your backup requirements:
system>options ndmpd.ignore_ctime.enabled {on|off}
When this option is on, users can exclude files with the ctime value changed from system storage
incremental dumps, because other processes (like virus scanning) often alter the ctime of files. When this
option is off, backups on the storage system include all files with a change or modified time later than the
last dump in the previous level dump.
16 - 19
NDMP Status and Sessions

Displaying NDMP status and session
information
To determine if a session is operating as

expected:
system> ndmpd status [session_number]
To debug an NDMP session if there are

problems:
system> ndmpd probe [session_number]
Terminating NDMP sessions
To terminate a specific session:

system> ndmpd kill session_number
To terminate all NDMP sessions:

system> ndmpd killall
21
NDMP STATUS AND SESSION INFORMATION

To display NDMP session information, use the ndmpd status command:
system>ndmpd status [session]
The session variable is the specific session number you want the status of, from 0 to 99. To display the status
of all current sessions, leave session blank.
16 - 20
Module Summary
List the methods available to back up and
recover data
Use ndmpcopy to process full and incremental
data transfers
Discuss dump and restore
Describe, enable, and configure NDMP on a
storage system
MODULE SUMMARY
16 - 21
22
Exercise
Module 16: Backup and Recovery
Methods
EXERCISE
16 - 22

What can you recover using SnapRestore
technology?
What is NDMP?
What are the NetApp disk-to-disk backup and
recovery methods?
What are some limitations of ndmpcopy?
16 - 23
24
Data Collection
Tools
Module 17
DATA COLLECTION TOOLS
17 - 1
Data ONTAP 7-Mode Administration: Data Collection Tools
Module Objectives
Use the sysstat, stats, and statit
commands
Describe the factors that affect RAID performance
Execute commands to collect data about write and
reads throughputs
Execute commands to verify the operation of
hardware, software, and network components
Identify commands and options used to obtain
configuration and status
MODULE OBJECTIVES
17 - 2
System Health
Performance problems can originate from
multiple sources. To avoid some of these
problems, check or monitor the following:
Disk configuration
Disk status
Read and write performance
RAID configuration
Connectivity configuration
Performance measures
SYSTEM HEALTH
Good performance results when hardware, software, and communication protocols work together at optimal
limits. Failure or underperformance of one element affects the other elements. Therefore, monitor your system
and use NetApp command tools to adjust the system. Correct adjustments reduce latency, improve data
throughput, and allow you to achieve optimal performance.
17 - 3
Disk Status
DISK STATUS
17 - 4
Disk Status
Monitor disks:
shelfchk
sasadmin
led_on diskid and led_off diskid
(priv set advanced command)
Storage Health Monitor:

Is a simple storage system management service
Is automatically initiated during system boot
Provides background monitoring of individual disk
performance
Detects impending disk problems before they actually
occur
disk shm_stats (priv set advanced command)
DISK STATUS
To verify that host adaptors on a storage appliance are communicating with Fibre Channel (FC) disk shelves,
use the shelfchk command. The command prompts you to verify whether specified LEDs are on or off.
Because you must be able to see the LEDs, enter the command from a console near the shelves.
Checking Disk LED Function
To verify that LEDs are working on all disks, run the led_on and led_off tests. To use these commands,
you must be operating in advanced mode.
NOTE: The led_on and led_off tests can also be used to identify the address where disks are located.
To verify that LEDs are working on all disks, complete the following steps:
1.
2.
3.
4.
5.
17 - 5
To set command privileges to advanced, run priv set advanced.

To turn on LEDs on a specific disk, run led_on [device_name].
Locate the disk on the shelf and verify that the LEDs are lit.
To turn off the device LEDs, enter led_off [device_name].
To return command privileges back to the basic administration mode, enter priv set admin.
Syslog Messages
shm: disk has reported a predicted
failure (PFA) event: disk XX,
serial_number XXXX
shm: link failure detected, upstream
from disk: id XX, serial_number XXXXX
shm: disk I/O completion times too long:
disk XX, serial number XXXXX
shm: possible link errors on disk: id
XX, serial number XXXXX
shm: disk returns excessive recovered
errors: disk XX, serial number XXXXX
shm: intermittent instability on the
loop that is attached to Fibre Channel
adapter: id XXX, name XXXXX
SYSLOG MESSAGES
shm: disk has reported a predicted failure (PFA) event: disk XX,
serial_number XXXX
Description: The disk's internal error processing and logging algorithm computation results exceed an
internally set threshold. The disk will likely fail in a matter of hours.
shm: link failure detected, upstream from disk: id XX, serial_number
XXXXX
Description: An FC disk (or cable, if disks are in different disk shelves) might be malfunctioning, causing an
open loop condition. This results in a synchronization loss of more than 100 milliseconds for the downstream
disk that reported the problem as a link failure.
shm: disk I/O completion times too long: disk XX, serial number XXXXX
Description: Either the disk is old and slow, or it is internally recovering errors and taking too long to
complete an I/O. This message also indicates that there are too many I/O timeouts and retries on the disk. The
disk might also be frequently returning the Command Aborted status. All these issues can produce a low datathroughput rate for this specific disk and a reduction in overall system performance.
shm: possible link errors on disk: id XX, serial number XXXXX
Description: One of a group of four FC disks in a disk shelf (or any connecting cable) might be
malfunctioning. This results in a large number of invalid cyclic redundancy check (CRC) frames and data
under-runs on the loop. The invalid CRC and under-run count has crossed the specified threshold several
times.
17 - 6
shm: disk returns excessive recovered errors: disk XX, serial number
XXXXX
Description: Either the disk has found media or hardware errors (unrecovered errors), or it has internally
recovered a large number of errors. The disk might also be returning a Command Aborted status. The errors
returned have exceeded the bit error rate specified by the disk vendor.
shm: intermittent instability on the loop that is attached to Fibre
Channel adapter: id XXX, name XXXXX
Description: An FC adapter, attached disk shelf, disk, cable, or connector might have caused instability on
the FC-AL loop, which resulted in I/O completion rates below a set threshold.
17 - 7
Read and Write

Performance
READ AND WRITE PERFORMANCE
17 - 8
Read Performance
The Data ONTAP operating system is
optimized for write performance.
Read performance can decrease over time,
although efficient use of cache can offset some
disk performance issues.
To administrate read performance:
To measure optimization level:
system> reallocate measure [vol | file]
To optimize a system for read performance:

system> reallocate start pathname
READ PERFORMANCE
The WAFL (Write Anywhere File Layout) file system does the following to optimized write performance:
Writes adjacent blocks in files that are adjacent on the disk, whenever possible. As the file system grows,
blocks may not be written on an immediately adjacent disk, but the blocks will still be close.
Reserves 10% of the disk space to increase the probability of blocks being available at or near optimal
locations.
Manages interleaved writes much better than other file systems, because it does not immediately allocate
date to the write. By holding the write data in system memory until a consistency point (CP) is generated,
the WAFL file system can allocate a lot of write data from a particular file into contiguous blocks.
Minimizes the impact of write performance with the write anywhere" allocation scheme, which
minimizes disk-seeks for writes.
Write optimization can lead to decreased file and LUN read performance as the file system ages, because files
are written to the best place on the disks for write performance. As the WAFL file system expands, fewer
options are available for writing blocks, so the system may have to write to blocks that are not immediately
adjacent on the disk. You can help prevent problems by using flexible volumes and the autosize volume
option. In addition, the WAFL file system uses built-in, multiple-read cache algorithms to offset any potential
performance degradation.
NOTE: Reallocation is covered in detail in the Data ONTAP Performance course.
17 - 9
Write Performance Commands

Use these commands to research write performance:
Command
Function
sysstat
Displays system-wide real-time statistics

for an interval (in seconds)
stats
Displays system-wide real-time

performance data averaged over an
interval (in seconds)
statit
Displays collected disk utilization
WRITE PERFORMANCE COMMANDS

When planning a drive configuration that optimizes write performance, base your choices on thorough
knowledge of current system performance, user needs, and resource constraints.
17 - 10
Write Performance: sysstat Command

system> sysstat -c 10 -s 5
CPU NFS CIFS HTTP Net kB/s Disk kB/s Tape kB/s Cache
in
out read write read write age
2% 0
0
0
0
0
9
23
0
0
>60
0% 0
0
0
0
0
0
0
0
0
>60
5% 0
0
0
0
0
21
27
0
0
>60
1% 0
0
0
0
0
0
0
0
0
>60
5% 0
0
0
0
0
20
28
0
0
>60
1% 0
0
0
0
0
0
0
0
0
>60
4% 0
0
0
0
0
21
26
0
0
>60
1% 0
0
0
0
0
0
0
0
0
>60
5% 0
0
0
0
0
22
27
0
0
>60
0% 0
0
0
0
0
0
0
0
0
>60
-Summary Statistics (10 samples 5.0 secs/sample)
CPU NFS CIFS HTTP Net kB/s Disk kB/s Tape kB/s Cache
in
out read write read write age
Min
0%
0
0
0
0
0
0
0
0
0
>60
Avg
2%
0
0
0
0
0
9
13
0
0
>60
Max
5%
0
0
0
0
0
22
28
0
0
>60
10
WRITE PERFORMANCE: SYSSTAT COMMAND

The best command for viewing system utilization is sysstat [interval], for which interval is the
incremental interval in seconds (the default is every 15 seconds). The sysstat command resembles a
speedometer for your storage systemit allows you to view real-time activity per second.
The statistics displayed by the sysstat command should help you answer questions such as:
Is the system usage steady or does it fluctuate?
Is the CPU percentage high without corresponding I/O activity?
Interpreting sysstat Results
The sysstat command output includes:
CPU: An average of the usage percentage of the busiest CPUs

NOTE: The sysstat M command displays statistics for each CPU in a multiprocessor system.
NFS: The number of NFS operations per second.
CIFS: The number of CIFS operations per second.
HTTP: The number of HTTP operations per second.
Net KB/s in and Net KB/s out: The kilobytes per second of data requested from the network as a
read or write. This is the network traffic displayed in KBps, which tells you how much network traffic the
storage appliance is processing, how constant that traffic is, and if the system is exceeding its network
traffic limitations.
Disk KB/s read and Disk KB/s write: The disk read and write activity. Disk reads occur if
data is not cached. Ideally, disk writes should occur every 10 seconds.
Cache age: The age, in minutes, of the oldest read-only blocks in the buffer cache (which is not
relevant when diagnosing performance issues).
17 - 11
Performance Counters
Counters are organized in an object-instancecounter hierarchy.
Counters are collected from Counter Manager.
The stats command allows users to look at any
object-instance and the corresponding counter (and
supports preset files).
volume
vol1
avg_latency:53.18us
vol2
avg_latency:53.18us
PERFORMANCE COUNTERS
17 - 12
11
Counter Manager
Third-Party Tools
Data
Archive
SNMP
AutoSupport
Ops.
Mgr.
Windows
Perfmon
Clients
New and
Enhanced
CLI
Existing
PerformanceC
ommands
Zephyr APIs
SMB calls
Windows
Perfmon
Support
Counter Manager (CM)
Performance Counters
12
COUNTER MANAGER
Counter Manager is a thin layer built into the Data ONTAP architecture that provides a single view of Data
ONTAP performance counters and a standard performance API set for all clients. Clients include Manage
ONTAP, the AutoSupport support tool, Windows perfmon, SNMP, and the command-line interface.
The Purpose of Counter Manager
Counter Manager was introduced in Data ONTAP 6.5. It provides a complete set of performance metrics that
supply statistics for you to use when analyzing configuration mistakes.
Counter Manager provides an infrastructure to:
Improve customer and internal performance monitoring
Provide simple performance problem diagnoses
Enhance existing sizing processes
Provide capacity planning capabilities
For a complete list of the performance counters available in Data ONTAP, look in the Operations Manager
documentation for Performance Objects and Counters.
17 - 13
stats Command Syntax

The stats command lets you collect or view
statistical data on a storage system.
The stats command can be run in one of
three ways:
Single: current counter values are displayed
stats show
Repeating: counter values are displayed
multiple times at a fixed interval
stats show i 1
Period: counters are gathered over a single
period of time and then displayed
stats start then stats stop
13
STATS COMMAND SYNTAX

stats list objects
stats list instances [object_name]
stats list counters [-p preset]|[object_name]
stats explain counters [object_name][counter_name]
stats show [-n num][-i interval][-o path] [-I identifier]
[-d delimeter][-p preset][-r | -c][object_def]
stats start [-p preset][-I identifier][object_def]
stats stop [-p preset][-I identifier][-r] [-c] [-o path_name]
17 - 14
stats Command Example 1

system> stats list objects
system> stats list instances
qtree
aggregates
iscsi
fcp
volume
lun
flexvol1/users
flexvol2/home
aggr1
vol0
iscsi
fcp
vol0
flexvol1
flexvol2
flexvol3
clone1
/vol/clone1/lun1 : C4/phnu0DG6S
/vol/flexvol3/lun1 : C4/phnu0AbVV
/vol/flexvol2/lun1 : C4/phnu0Ab3S
/vol/flexvol1/lun1 : C4/phnu0AaWl
target
nfsv3
cifs
ifnet
processor
system
disk
vtic
iswta
nfs
cifs
e0
e7a
e7b
processor0
processor1
processor2
processor3
system
20:00:00:0c:50:a3:c7:1
20:00:00:0c:50:a3:b5:0
20:00:00:0c:50:a3:66:f
20:00:00:0c:50:a3:6b:5
20:00:00:0c:50:a3:69:8
STATS COMMAND EXAMPLE 1
17 - 15
14

system> stats list counters qtree
system> stats list counters volume
system> stats explain counters

qtree nfs_ops
system> stats explain counters volume

write_ops
qtree
volume
flexvol1/users
flexvol2/home
vol0
flexvol1
clone1
nfs_ops
cifs_ops
Counters for object name: qtree

Name: nfs_ops
Description: Number of NFS
operations per second to the qtree
Properties: rate
Unit: per_sec
total_ops
avg_latency
read_ops
read_data
read_latency
write_ops
write_data
write_latency
other_ops
other_latency
Counters for object name:

volume
Name: write_ops
Description: Number of writes
per second to the volume
Properties: rate
Unit: per_sec
17 - 16
15

disk
20:00:00:0c:50:a3:c7:1
20:00:00:0c:50:a3:b5:0
20:00:00:0c:50:a3:66:f
20:00:00:0c:50:a3:6b:5
20:00:00:0c:50:a3:69:8
total_transfers
user_reads
user_writes
cp_reads
guaranteed_reads
guaranteed_writes
user_read_chain
user_write_chain
cp_read_chain
guarenteed_read_chain
guarenteed_write_chain
user_read_blocks
user_write_blocks
cp_read_blocks
guarenteed_read_blocks
guarenteed_write_blocks
user_read_latency
user_write_latency
cp_read_latency
guarenteed_read_latency
guarenteed_write_latency
disk_busy
system> stats show disk:*:*

disk:20:00:00:0c:50:a3:c7:11:total_transfers:0/s
disk:20:00:00:0c:50:a3:c7:11:user_reads:0/s
disk:20:00:00:0c:50:a3:c7:11:user_writes:0/s
disk:20:00:00:0c:50:a3:c7:11:cp_reads:0/s
disk:20:00:00:0c:50:a3:c7:11:guaranteed_reads:0/s
disk:20:00:00:0c:50:a3:c7:11:guaranteed_writes:0/s
disk:20:00:00:0c:50:a3:c7:11:user_read_chain:0
disk:20:00:00:0c:50:a3:67:5a:user_read_chain:0
disk:20:00:00:0c:50:a3:67:5a:user_write_chain0
In the sample above, we are listing stats for all the disks
system>stats show disk:20::00::00::0c::50::a3::6b::58:disk_busy
disk:20:00:00:0c:50:a3:6b:58:disk_busy:0%
system>
Note: The disk instance name contains colons, therefore it

must de-referenced by using the colon twice
In the sample above, we are listing a specific counter for a disk instance
16

NOTE: The command storage show disk a shows the worldwide name for a specific disk in your
system.
17 - 17
Preset sysstat.xml File

#cat /etc/stats/preset/sysstat.xml
<?xml version = "1.0" ?>

<preset orientation="column"
print_instance_names="false"
catenate_instances="true" >
<object name="SYSTEM">
system> stats show -p sysstat -i 1

CPU
NFS
CIFS
HTTP
Net in Net out Disk rea Disk wri
%
/s
/s
/s
KB/s
KB/s
KB/s
KB/s
0
0
0
0
0
0
0
0
1
0
0
0
0
1
48
268
0
0
0
0
1
0
0
0
2
0
34
0
924
23
0
0
<counter name="cpu_busy">
<width>4</width>
<title>CPU</title>
</counter>
<counter name="nfs_ops">
<width>6</width>
<title>NFS</title>
</counter>
<counter name="cifs_ops">
<width>6</width>
<title>CIFS</title>
</counter>
</object>
</preset>
You can create customized XML files

that display only the statistics that are
important to you
17
PRESET SYSSTAT.XML FILE

The stats command supports preset configurations that contain commonly used combinations of statistics
and formats. Specify the preset to use with the -p command-line argument. For example:
stats show -p sysstat
Each preset is stored in a file, the /etc/stats/preset directory of the root volume. This directory
contains a few template files that may be customized.
17 - 18
Client-Side Tools: Perfmon

The Windows perfmon utility:
Connects to the storage

system from Window Server
2003
Requires that CIFS be
licensed and running on the
storage system
Receives output from the
stats command and graphs
the data
To view the Add Counters
screen, in the Performance
window, click the plus sign
(+).
NOTE: Does not work with
Windows Server 2008 and higher
18
CLIENT-SIDE TOOLS: PERFMON

The perfmon performance monitoring tool is integrated into the Microsoft Windows operating system. If you
use storage systems in a Windows environment, you can use perfmon to access many of the counters and
objects available through the Data ONTAP stats command. This feature currently does not work with
Windows Server 2008 and higher.
Using perfmon to access system performance statistics
To use perfmon to access storage system performance statistics, you must specify the name or IP address of
the storage system as the counter source. The lists of performance objects and counters reflect the objects and
counters available from the Data ONTAP operating system.
NOTE: The default sample rate for perfmon is once per second. Depending on which counters you choose to
monitor, that sample rate could cause some performance degradation on the storage system. If you want to use
perfmon to monitor storage system performance, change the sample rate to once per 10 seconds. You can
change the sample rate using the System Monitor Properties.
17 - 19
RAID Configuration
RAID CONFIGURATION
17 - 20
19
RAID Groups
aggr0
aggr1
rg0
aggr2
rg0
rg0
rg1
20
RAID GROUPS
The relationship between aggregates and RAID groups has these characteristics:
Each aggregate has at least one RAID group, and each RAID group belongs to only one aggregate.
When a new aggregate is created, a new RAID group is also created with two parity disks and at least one
data disk.
When disks are added that exceed the specified or maximum RAID group size, new RAID groups are
automatically created for an aggregate.
You can increase or decrease RAID group size using the aggr options aggr_name raidsize
option.
17 - 21
RAID Group Size and Composition

Poor RAID configuration choices:
Unnecessary use of multiple RAID groups
Mixed disk sizes
RAID groups with wide variations in capacity
RAID groups with only one or two data disks
each
RAID groups with a number of disks larger
than the default
21
RAID GROUP SIZE AND COMPOSITION

When you configure the storage system, you must effectively change the number of drives and RAID groups.
Although write performance can benefit from more drives, any change might be masked by the effect of
NVRAM and the efficient manner in which the WAFL file system manages write operations. Configuring
multiple RAID groups in a volume should not impact performance. However, improper configuration can
significantly impact performance.
For best results when configuring RAID, use the default RAID group and then follow the guidelines in
Technical Report 3437, Storage Best Practices and Resiliency Guide at
http://www.netapp.com/us/library/technical-reports/tr-3437.html.
17 - 22
Initial RAID Group Configuration

Limit the number of disks in a RAID group to
the recommended number
Ensure that each RAID group in an aggregate
has approximately the same capacity
Ensure that each RAID group in an aggregate
has at least three data disks
Use disks of the same size within a RAID
group to optimize write performance
Use the RAID-DP feature of Data ONTAP to
protect against disk failures
INITIAL RAID GROUP CONFIGURATION
17 - 23
22
Adding Disks to Existing RAID Groups

Add RAID groups when the applied load is
stressing the drives in the current array.
Add RAID groups and disks before the file
system or aggregate is 80% to 90% full.
Add disks in groups.
Plan data expansion so that at least several
data disks are used for each RAID group.
23
ADDING DISKS TO EXISTING RAID GROUPS

The maximum RAID group size is 28 (26 data disks and two parity disks when using RAID-DP technology)
for SAS and FC disks and 16 for SATA disks. When creating an aggregate, if you do not specify a RAID
group size, the system uses the default.
Considerations for sizing RAID groups
To configure an optimum RAID group size for an aggregate, you must make trade-offs. You must decide
which feature of the aggregate is most important to youspeed of recovery, assurance against data loss, or
maximization of data storage space.
In most cases, the default RAID group size is the best size for your RAID groups. However, you can change
the maximum size of those groups.
17 - 24
Monitoring
Connectivity
MONITORING CONNECTIVITY
17 - 25
24
Monitor Connectivity
Media Access Control (MAC)
ifconfig
ifstat
arp
TCP/IP
ifconfig
/etc/rc and /etc/hosts
ping
netstat r
netdiag
Protocols
nfsstat
cifs stat
nbtstat
25
MONITOR CONNECTIVITY
Connectivity problems can arise with functions at the Media Access Control (MAC), TCP/IP, and protocol
layers. At the MAC level, you can use the commands in this table to view connectivity statistics and settings:
SAMPLE COMMAND
ifstat a
ifstat ns1
RESULT
The ifstat a command displays status information for all

interfaces. To view status information about a specific interface, enter
ifstat interface_name for each interface (for example,
ifstat ns1).
If the number of collisions, CRCs, or runt frames is high, there may be
a problem with the media type or card.
The arp command displays the contents of the Address Resolution
Protocol (ARP) table (hostname and IP address) so that you can modify
the table. The command can also help you identify duplicate MAC
addresses.
arp
arp a
arp -d
arp s
17 - 26
The arp -a command displays all current contents of the table.

The arp -d command deletes or flushes a bad MAC address from the
ARP table.
The arp -s command adds a new entry to the ARP table.
Performance Measures
PERFORMANCE MEASURES
17 - 27
26
Measuring NFS Performance

Use this option: nfs.per_client_stats.enable [on|off].
Disable the option when you are not using nfsstat l.
This display shows the breakdown on this mountpoint of lookups,
reads, writes, and all operations. The average deviation and the
settings for retransmissions of each type also are displayed.
Data ONTAP NFS Output Command: nfsstat -l
Round-trip
response times
for specific NFS
operations are
displayed.
system> nfsstat -l
172.17.25.13
sherlock
172.17.25.16
watson
172.17.25.18
hudson
172.17.230.7
conan
172.17.230.8
baker
172.17.230.9
moriarty
175.17.230.10 doyle
NFSOPS
NFSOPS
NFSOPS
NFSOPS
NFSOPS
NFSOPS
NFSOPS
=
=
=
=
=
=
=
2943506
3553686
2738083
673247l
202614527
1006881
1185
(90%)
( 2%)
( 1%)
( 3%)
( 1%)
( 0%)
( 0%))
27
MEASURING NFS PERFORMANCE

You can track the performance of each NFS server by routinely collecting statistics in the background across
all subnets. One of the most important ways to measure performance is to capture response times for NFS
operations, such as writes, reads, lookups, and get attributes, so the data can be analyzed by the server and the
file system.
You can obtain statistics for NFS operations by server (where the storage system is the NFS server) by
enabling the per-client stats option and running nfsstat -l. After you establish site-specific
baseline measurements, you can compare your systems performance against optimum benchmark
configurations, or against the systems own performance at different times.
Any changes from the baseline can indicate problems that require further analysis.
To measure NFS performance, use the sysstat and nfsstat commands:
To display real-time NFS operations every second on your console, enter sysstat 1, or view the
output using NetApp System Manager.
To focus the output on counters related to response times on Solaris NFS clients, run nfsstat -m.
To reset statistics and counters to zero, use nfsstat -z.
17 - 28
Measuring CIFS Performance

This number is the total number of
operations since smb_hist
statistics were last reset.
This column represents

millisecond (ms) timestamps
for operations.
Analyzing smb_hist output

CIFS request time processing: (46457) - milliseconds units
0ms
1ms
2ms
3ms
4ms
5ms
6ms
7ms
13175
17752
5111
664
451
478
570
568
<16ms
<24ms
<32ms
<40ms
<48ms
<56ms
<64ms
unused
4039
2309
569
165
61
21
10
Every other row displays the number of

operations that took place in the interval in
the row above it. In this example, 13,715
operations happened in less than 0.5 ms.
The time interval window lies halfway between

the values for adjacent columns. In this
example, 165 operations occurred in the
window from 36 ms to 44 ms.
28
MEASURING CIFS PERFORMANCE

You can use the sysstat and smb_hist commands to measure CIFS performance.
Enter the sysstat 1 command to display CIFS operations per second on the console or use NetApp
System Manager.
For CIFS throughput statistics, follow the steps below to set advanced command privileges. Click the
command-line interface window to step through the process:
1.
2.
3.
4.
Enter smb_hist z to zero the counters.

Wait long enough to get a good sample.
Enter smb_hist to view CIFS statistics generated since the reset.
Review the first section of output.
In the first part of this example smb_hist output, 13,715 operations occurred in less than 0.5 milliseconds
(ms), 17,752 operations occurred in the window from 0.5 ms to 1.5 ms, and 5,111 operations occurred in the
window from 1.5 ms to 2.5 ms. In normal situations, as the interval window gets larger, the number of
operations that take that long decreases to zero.
17 - 29
The statit Command

Is an advanced-mode command used for
detailed analysis of system performance
Gathers per-second statistics averaged over
the length of time it runs in the background
Shows statistics representing all physical and
some logical objects on the storage system
Collects data that usually represents rates at
which things happen
THE STATIT COMMAND
17 - 30
29
Using the statit Command

To obtain statistics using the statit command,
complete these steps:
1. Enter advanced privilege mode:
priv set advanced
2. Start collecting statistics:
statit b
3. After the necessary amount of time to capture the

desired functionalitys statistics, run:
statit e n
4. To return to normal admin privilege mode, run:
priv set admin
USING THE STATIT COMMAND
17 - 31
30
Sections of the statit Command Report
CPU
Multiprocessor
CSMP domain switches
Miscellaneous
WAFL (Write Anywhere File Layout)
RAID
Network interface
Disk
Aggregate
Spares and other disks
FCP
iSCSI
Tape
SECTIONS OF THE STATIT COMMAND REPORT
17 - 32
31
CPU Statistics
CPU Statistics
506.934263 time (seconds)
275.044317 system time
23.412966 rupt time
251.466451 non-rupt system time
271.837944 idle time
439.543653 time in CP
21.837230 rupt time in CP
100 %
54 %
5 % (7022 rupts x 0 usec/rupt
50 %
44 %
92 % 100 %
5 % (132 rupts x 0 sec/rupt)
CPU STATISTICS
The first section of the statit statistics report provides CPU statistics.
In this example:
275.044317 system time

54%:
Shows the percentage of time the CPUs were busy.
23.412966 rupt time
5% (7022 rupts x 0 usec/rupt):
Shows the number of interrupts received when the CPU ran at interrupt level.
271.837944 idle time
44%:
Shows the percentage of time the CPUs executed the idle loop.
439.543653 time in CP
92% to 100%:
Shows the percentage of time the system was in a CP, flushing data to disk.
17 - 33
32
Multiprocessor Statistics
Multiprocessor Statistics (per second)
cpu0
cpu1
total
sk switches
1378.09
46.82
1424.91
hard switches
1175.27
29.15
1204.42
domain switches
103.89
16.08
119.96
CP rupts
nonCP rupts
nonCP rupt usec
Idle
0.00
0.00
0.00
100.00
0.00
100.00
0.00
0.00
0.00
1000000.00
1000000.00
2000000.00
kahuna
0.00
0.00
0.00
network
0.00
0.00
0.00
storage
0.00
0.00
0.00
exempt
0.00
0.00
0.00
raid
0.00
0.00
0.00
target
0.00
0.00
0.00
netcache
0.00
0.00
0.00
netcache2
0.00
0.00
0.00
33
MULTIPROCESSOR STATISTICS
The second section of the statistics report includes multiprocessor statistics for multiple CPUs.
17 - 34
Miscellaneous Statistics
Miscellaneous Statistics (per second)
175680.88
0.00
50215.09
101387.45
46074.00
23517.69
23517.69
0.00
16477.97
hard context switches
0.00
CIFS operations
102220.83
network KB received
76757.23
disk KB read
0.00
NVRAM KB written
0.00
WAFL bufs given to clients
0.00
no checksum - partial buffer
iSCSI operations
NFS operations
HTTP operations
network KB transmitted
disk KB written
nolog KB written
checksum cache hits(0%)
FCP operations
34
MISCELLANEOUS STATISTICS
The miscellaneous section of the statistics report includes rates (or counts) for many operations. The statistics
from this section that are most likely to be of interest to you are:
NFS, CIFS, and HTTP operations

Network KB received and transmitted
Disk KB read and written
FCP and iSCSI operations
17 - 35
WAFL Rates
WAFL Statistics (per second)
47.29
213379.74
28896.85
38058.36
910.79
11436.80
1778.91
20.76
0.01
0.00
0.00
0.00
0.00
0.00
49323.58
93731410.56
0.00
name cache hits

( 99%)
buf hash hits
( 87%)
inode cache hits
( 100%)
buf cache hits
( 62%)
blocks read
chains read-ahead
blocks speculative read-ahead
stripes written
wafl_timer generated CP
wafl_avail_bufs generated CP
full NV-log generated CP
flush generated CP
deferred back-to-back CP
low mbufs generated CP
non-restart messages
next nvlog nearly full msecs
nvlog full susp msecs
0.39
31023.74
0.00
23119.68
23551.76
63.04
16734.62
0.00
0.00
0.00
0.00
0.00
0.00
0.17
862.70
0.00
1429632
name cache misses

(
1%)
buf hash misses
(
13%)
inode cache misses
(
0%)
buf cache misses
(
38%)
blocks read-ahead
dummy reads
blocks written
blocks over-written
snapshot generated CP
dirty_blk_cnt generated CP
back-to-back CP
sync generated CP
container-indirect-pin CP
low datavecs generated CP
IOWAIT suspends
dirty buffer susp msecs
buffers
35
WAFL RATES
The WAFL section of the statistics report displays WAFL rates (or counts). The statistics from this section
that are most likely to be of interest to you are:
All cache hits and misses
Inode cache hits and misses
Per-second rates for all the CP types
All cache hits and misses and inode cache hits and misses provide information about read performance. It is
generally better to have more hits than misses. However, you should consider many factors when analyzing
these numbers. For example, a file that is only read once, such as a backup application file, does not reside in
cache.
17 - 36
Network Interface Statistics

Network Interface Statistics (per second)
iface
e0
e9
e6
vh
side
recv
xmit
recv
xmit
recv
xmit
recv
xmit
bytes
171.69
115.22
0.00
0.00
0.00
0.00
0.00
0.00
packets
2.55
1.42
0.00
0.00
0.00
0.00
0.00
0.00
multicasts
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
errors
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
collisions
0.00
0.00
0.00
0.00
0.00
0.00
0.00
0.00
36
NETWORK INTERFACE STATISTICS

The Network Interface section of the statistics report provides network interface statistics, including rates for:
Packets and bytes transmitted and received

Transmit and receive errors
Collisions
17 - 37
Disk Statistics
Disk Statistics (per second)
ut% is the percent of time the disk was busy.
xfers is the number of data transfer commands issued per second.
xfers = ureads + writes + cpreads + greads + gwrites
chain is the average number of 4K blocks per command.
usecs is the average disk round trip time per 4K block.
disk
ut% xfers ureads--chain-usecs writes--chain-usecs cpreads-chain-usecs
/vol0/plex0/rg0:
8a.16
5
3.69
0.57
1.00
94500 ...
8a.21
4
3.12
0.57
1.00
39500 ...
37
DISK STATISTICS
The Disk section of the statistics report provides statistics for each drive. Some of the column headings are
defined at the top of the screen.
Beginning with the fourth column of data, the report uses hyphens in the column headings to group related
information. For example, user reads and the associated chain and round-trip times are linked in the heading
ureads--chainusecs.
The following list defines some of the column headings on the Disk Statistics report:
disk: indicates which drives are included in the statistics

ut%: shows the drive utilization averaged per second, as in the percent of elapsed time that the driver had
a request outstanding; utilization rates of more than 80% suggest an I/O bottleneck
xfers: shows the total number of transfers, or reads and writes, averaged per second; most drives are
capable of 50 to 100 I/O operations per second
17 - 38
Aggregate and Other Disk Statistics

Aggregate statistics:
Minimum 0 0.00 0.00 0.00 0.00 0.00 0.00
Mean 1 0.28 0.00 0.28 0.00 0.00 0.00
Maximum 5 3.69 0.57 3.12 0.00 0.00 0.00
Spares and other disks:

8b.16 2 1.70 1.70 1.00 10167 0.00 .... . 0.00 .... . 0.00 .... . 0.00 ..
8b.17 0 0.00 0.00 .... . 0.00 .... . 0.00 .... . 0.00 .... . 0.00 .... .
8b.18 0 0.00 0.00 .... . 0.00 .... . 0.00 .... . 0.00 .... . 0.00 .... .
AGGREGATE AND OTHER DISK STATISTICS

This section of the report displays aggregate, spares, and other disk statistics.
17 - 39
38
FC, iSCSI, and Tape Operations

FCP Statistics (per second)
0.00 FCP Bytes recv 0.00 FCP Bytes sent
0.00 FCP ops
iSCSI Statistics (per second)
0.00 iSCSI Bytes recv 0.00 iSCSI Bytes xmit
0.00 iSCSI ops
Interrupt Statistics (per second)

2000.15 Clock 3.97 Fast Enet
47.68 FCAL 4.54 int_22
3.41 FCAL 2059.75 total
FCP, ISCSI, AND TAPE OPERATIONS

The last three sections of the report display statistics on FC, iSCSI, and tape operations.
17 - 40
39
Other Resources
For more information about data collection and performance,
see the Data ONTAP Performance Analysis course, in which
you learn to:
Use the recommended methodology to compare performance
data and performance analysis information
Monitor performance using performance tools and establish a
baseline of expected throughput and response times for storage
systems under planned and increasing workloads
Perform capacity planning by monitoring performance and
comparing baseline information over time to determine when a
storage system will reach maximum capacity
Tune protocols such as CIFS, NFS, and SAN for optimal
performance (including locating resources with tuning guidelines
for database scenarios)
Perform bottleneck analysis
OTHER RESOURCES
17 - 41
40
Module Summary
Use the sysstat, stats, and statit
commands
Describe the factors that affect RAID performance
Execute commands to collect data about write and
read throughputs
Execute commands to verify the operation of
hardware, software, and network components
Identify commands and options used to obtain
configuration and status
MODULE SUMMARY
17 - 42
41
Exercise
Module 17: Data Collection Tools
EXERCISE
17 - 43

Which command or commands can you use to
display disk utilization?
monitor connectivity?
help detect impending disk problems before
they occur?
17 - 44
43
Data ONTAP
Upgrades
Module 18
DATA ONTAP UPGRADES
18 - 1
Data ONTAP 7-Mode Administration: Data ONTAP Upgrades
Module Objectives
Access the NetApp Support site for the following
documents:
Data ONTAP Upgrade Guide
Data ONTAP Release Notes
Collect data for installation using a configuration worksheet

Describe how to perform Data ONTAP software upgrades
and reboots
Configure a storage system using the setup command
MODULE OBJECTIVES
18 - 2
Boot Sequence
BOOT SEQUENCE
18 - 3
Boot Sequence
When the boot sequence starts, a user may
press any key to abort and go to the firmware
prompt:
CFE version 1.2.0 based on Broadcom CFE: 1.0.35
Copyright (C) 2000,2001,2002,2003 Broadcom Corporation.
Portions Copyright (C) 2002,2003 Network Appliance Corporation.
CPU type 0x1040102: 600MHz

Total memory: 0x20000000 bytes (512MB)
Starting AUTOBOOT press any key to abort...
Loading: 0xffffffff80001000/8659992 Entry at 0xffffffff80001000
BOOT SEQUENCE
18 - 4
Data ONTAP Booting

There are two possible firmware prompts:
CFE>
LOADER>
From the prompt, a user may perform several tasks:

View or set environmental variables
Boot the storage system
boot_ontap
boot_primary
boot_backup
boot_diags
Netboot the storage system
Supported in Data ONTAP 7.3

Partial supported in Data ONTAP 8.0.1 7-Mode
Other tasks are beyond the scope of this course.

DATA ONTAP BOOTING

You can boot the storage system with the following boot options from the boot environment prompt (which
can be CFE> or LOADER>, depending on your storage system model):
boot_ontap: boots the current Data ONTAP software release stored on the boot device (such as the
CompactFlash card). By default, the storage system automatically boots this release if you do not select
another option from the basic menu.
boot_primary: boots the Data ONTAP release stored on the boot device as the primary kernel. This
option overrides the firmware AUTOBOOT_FROM environment variable if it is set to a value other than
PRIMARY.
By default, the boot_ontap and boot_primary commands load the same kernel.
boot_backup: boots the backup Data ONTAP release from the boot device. The backup release is
created during the first software upgrade to preserve the kernel that shipped with the storage system. It
provides a known good release from which you can boot the storage system if it fails to automatically
boot the primary image.
netboot: boots from a Data ONTAP version stored on a remote HTTP or TFTP server.
Netboot enables you to:
18 - 5
Boot an alternative kernel if the boot device becomes damaged

Upgrade the boot kernel for several devices from a single server
boot_diags: boots Data ONTAP into a special diagnostic kernel that can be used to troubleshoot
hardware problems.
Displaying the Boot Menu

As the storage system boots, press Ctrl-C to
display the special boot menu on the console:
CFE version 1.2.0 based on Broadcom CFE: 1.0.35
Copyright (C) 2000,2001,2002,2003 Broadcom Corporation.
Portions Copyright (C) 2002,2003 Network Appliance Corporation.
CPU type 0x1040102: 600MHz
Total memory: 0x20000000 bytes (512MB)
Starting AUTOBOOT press any key to abort...

Loading: 0xffffffff80001000/8659992 Entry at 0xffffffff80001000
NetApp Data ONTAP Release 8.0 7-Mode
Copyright (C) 1992-2009 NetApp.
All rights reserved.
*******************************
*
*
* Press Ctrl-C for Boot Menu. *
*
*
*******************************
Data ONTAP 8.0 7-Mode is shown; Data ONTAP 7.3.x is similar.

DISPLAYING THE BOOT MENU
18 - 6
Boot Menu in Data ONTAP 7.3

As the storage system boots, the special boot
menu allows you to control the booting
sequence:
Special boot options menu will be available.
NetApp Release 7.3.2
(1) Normal boot.
(2) Boot without /etc/rc.
(3) Change password.
(4) Initialize all disks.
(4a)Same as option 4, but create a flexible root volume.
(5) Maintenance mode boot.
BOOT MENU IN DATA ONTAP 7.3
18 - 7
Boot Menu in Data ONTAP 8.0

The boot menu looks like this:
Boot Menu will be available.
Please choose one of the following:
(1) Normal Boot.

(2) Boot without /etc/rc.
(3) Change password.
(4) Clean configuration and initialize all disks.
(5) Maintenance mode boot.
(6) Update flash from backup config.
(7) Install new software first.
(8) Reboot node.
Selection (1-8)?
BOOT MENU IN DATA ONTAP 8.0

The boot menu for DATA ONTAP 8.0 gives you more choices than the DATA ONTAP 7.3 menu:
18 - 8
Choice 4 initializes all of the disks and creates a FlexVol root volume.
Choice 5 allows administrators to enter maintenance mode, where they can perform aggregate and disk
operations.
Choice 6 allows administrators to update the boot device card from a backup configuration.
Choice 7 allows administrators to install new software on a V-Series system.
Choice 8 reboots the storage system.
Boot Sequence: Normal Booting

If you do not press Ctrl-C while the storage system is
booting (or if you select Normal boot), the system:
1. Loads the Data ONTAP kernel into physical memory
from a CompactFlash card
2. Checks the root volume on the physical disk
...
Wed Apr 7 20:53:00 GMT [mgr.boot.reason_ok:notice]: System rebooted.
CIFS local server is running.
system> Wed Apr 7 20:53:01 GMT [console_login_mgr:info]: root logged
in from console
Wed Apr 7 20:53:23 GMT [NBNS03:info]: All CIFS name registrations
complete for local server
system>
BOOT SEQUENCE: NORMAL BOOTING
18 - 9
Boot Sequence: Configuration Files

As the storage system boots and the Data ONTAP
kernel is loaded, it reads these configuration and
system files from the /etc directory:
/etc/rc file (boot initialization)
/etc/registry file (option configurations)
/etc/hosts file (local name resolution)
Wed Apr 7 20:52:50 GMT [fmmbx_instanceWorke:info]: Disk 0b.18 is a
primary mailbox disk
...Loading Volume vol0
Wed Apr 7 20:52:53 GMT [rc:notice]: The system was down for 64 seconds
Wed Apr 7 20:52:54 GMT [dfu.firmwareUpToDate:info]: Firmware is up-todate on all disk drives
Wed Apr 7 20:52:58 GMT [ltm_services:info]: Ethernet e0a: Link up
add net default: gateway 10.32.91.1
Wed Apr 7 20:53:00 GMT [mgr.boot.floppy_done:info]: NetApp Release 8.0
boot complete.
BOOT SEQUENCE: CONFIGURATION FILES
18 - 10
10
Data ONTAP Upgrades

NetApp pre-installs the Data ONTAP operating
system on all shipped storage systems.
When a new version of the operating system
becomes available, you can upgrade in one of
these ways:
Single-system upgrade
High-availability nondisruptive upgrade (NDU)
Fresh install
Always check the NetApp Support site Data

ONTAP Upgrade Advisor for current information.
11
DATA ONTAP UPGRADES

The Data ONTAP operating system is pre-installed on all systems. If you want to upgrade the existing version
you should review the considerations for each type of upgrade.
If systems will be decommissioned and then put to a new use, you should perform a fresh install. For
example, if you upgrade your hardware and want to send the old hardware to another division within the
company, perform a fresh install on the old hardware to remove all data, allowing the new owner to start with
clean hardware.
Usually administrators want to upgrade the existing system. Upgrading an existing single system is easy, but
requires enough downtime for a reboot. High-availability configurations allow administrators to use a rolling
upgrade approach to ensure that the upgrade is nondisruptive.
18 - 11
Data ONTAP Upgrade Advisor
Upgrade Advisor is available on the My AutoSupport site

12
DATA ONTAP UPGRADE ADVISOR

NetApp provides a tool called Upgrade Advisor to customers that have a SupportEdge Standard contract. This
tool ensures that all storage systems have met the requirements for upgrading to the current release and
generates an upgrade plan to help you perform the upgrade steps. Upgrade Advisor may be found on the
NetApp Support site.
For you to be able to use the Upgrade Advisor tool, your system must have a valid support contract and must
be configured to send AutoSupport messages to NetApp.
Your first step in any upgrade process should be to use Data ONTAP Upgrade Advisor.
18 - 12
Upgrade Procedures
UPGRADE PROCEDURES
18 - 13
13
Configuration Worksheet
eng_router
NetApp1
10.10.10.1
OurDomain
Joey
10.10.10.100
GMT
Bldg. 1
10.10.10.200
en_US
adminhost
10.10.10.20
e0
10.10.10.30
255.255.255.0
10.10.10.100
Administrator
vif1
4
nollip
e4a,e4b,e4c,e4d
CONFIGURATION WORKSHEET
18 - 14
14
Single-System Upgrade Steps

1. Review your current system hardware and licenses.
2. Review all necessary documentation, including the Data
ONTAP Upgrade Guide and Data ONTAP Release Notes,
for the destination version of the Data ONTAP operating
system.
3. Review the NetApp Support Bugs Online site for known
installation and upgrade problems.
4. Obtain the Data ONTAP upgrade image.
5. Generate an AutoSupport e-mail (not necessary in Data
ONTAP 7.2.4 or later).
6. Install the software and download the new version to the
boot device card.
7. Reboot the system.
8. Verify the installation.
15
SINGLE-SYSTEM UPGRADE STEPS

Perform these steps to upgrade a system to Data ONTAP 8.0. Although the steps are simple, you should
create a plan and test it before upgrading any production systems. You should also review your plan with
NetApp Professional Services.
The steps are as follows:
1. Review your current system hardware and licenses to ensure that you know what you currently have.
2. Review all necessary documentation, including the Data ONTAP Upgrade Guide and Data ONTAP
Release Notes for the destination version of Data ONTAP.
3. Review the NetApp Support Bugs Online site for any known installation and upgrade problems.
4. Obtain the Data ONTAP upgrade image from the NetApp Support site.
5. Generate an AutoSupport e-mail (not necessary in Data ONTAP 7.2.4 or later).
6. Use the software command to install the software and download the new version of the Data ONTAP
operating system to the boot device card.
NOTE: the firmware is automatically upgraded with the operating system.
7. When you are ready, reboot the system.
8. When the system is running, verify the installation.
18 - 15
Single-System Upgrade: Step 1

Review your current system hardware and
licenses:
Use the sysconfig a command to display a
hardware inventory of the system.
Use the version command to check your version
of the Data ONTAP operating system.
Use the version b command to check the
current version of the firmware.
Use the license command to see your current
licenses.
16
SINGLE-SYSTEM UPGRADE: STEP 1

Review your current hardware and software to ensure that your records are current. Because the system will
be down at least long enough for a reboot, consider if there is any new hardware that you want to upgrade at
the same time.
18 - 16

Review all necessary documentation, including:
Data ONTAP Upgrade Guide for the destination
version of the Data ONTAP operating system
Data ONTAP Release Notes for the destination
version of the Data ONTAP operating system

Review all documentation prior to upgrading.
18 - 17
17

Review the NetApp Support Bugs Online site for
any known installation and upgrade problems.
18

By reviewing Bugs Online on the NetApp Support site, you can research any known bugs and either learn
how to fix them or choose to upgrade to a different release that will not cause a problem.
18 - 18

Obtain the Data ONTAP upgrade image for the
appropriate storage system.

Data ONTAP images are available from the NetApp Support site.
18 - 19
19
ZIP and TGZ Formats

NetApp has released two different formats of
Data ONTAP 8.0 and later versions:
The ZIP format is for use when upgrading from
Data ONTAP 7.3.
The TGZ format is for use when doing a fresh
install or when performing incremental updates
after Data ONTAP 8.0.
20
ZIP AND TGZ FORMATS

When upgrading from the Data ONTAP 7G operating system, you will need to use the .zip package. After
you are running Data ONTAP 8.0, for future upgrades you will need to use the .tgz package.
18 - 20

Generate an AutoSupport e-mail (automated):
system> options autosupport.doit
starting_upgrade_from_7.3_to_8.0
NOTE: You do not need to perform this step

manually any longersince Data ONTAP 7.2.4, the
notification has been sent automatically.
21

This AutoSupport notification includes a record of the system status just prior to upgrade. It saves
troubleshooting information that you can use if a problem occurs during the upgrade process. This notification
has been sent automatically since Data ONTAP 7.2.4.
18 - 21

Use the software command to install the
software and download the latest version to the
boot device card:
From the storage system prompt, enter the command to
extract and install Data ONTAP system files from the
upgrade package
Specify the correct system
files for an upgrades

system> software update
http://10.254.134.39/image.zip -d -r
The download command can take as long as

60 minutes to complete.
system> download
Verify that the boot device card has been

updated:
+60
min
system> version -b
22

In this software command, http://10.254.134.39/image.zip is an example. Use the URL and
file name that applies in your environment.
You can use the following options with the software command:
d: This option prevents the system from automatically performing the download command, which
updates the boot device card. The command can take a lot of time to run, during which you do not have
access to the prompt. For this reason, some administrators use the d option and then issue the
download command separately, at a time convenient for them.
r: This option prevents the system from rebooting automatically.
NOTE: the software install option has been deprecated in favor of the software update option
for upgrades. Other methods of installation, such as using setup.exe from a CIFS share or a .tar file, are no
longer supported. These files will not be available for Data ONTAP 8.0.
18 - 22

Reboot the system:
Use the reboot command to halt a system and
automatically reboot it:
system> reboot [t interval]
Use the halt command to shut down a storage

system and boot at the firmware prompt:
system> halt [t interval]
Then run the boot_ontap command at the

prompt:
CFE> boot_ontap
LOADER> boot_ontap
23

When you reboot the storage system, it reboots in normal mode by default. You can also invoke a boot menu
that allows you to reboot in alternative modes for the following reasons: to correct configuration problems, to
recover a lost password, to correct certain disk configuration problems, or to restore configuration information
back to the boot device card.
Use the version command to see the version of the Data ONTAP operating system that is running. The b
option displays the contents of the boot device file system. Keep in mind that after the reboot, background
processes may still be working to fully upgrade your system. The Data ONTAP operating system continues to
function and can serve data to clients while these background processes are completing the upgrade.
18 - 23

Verify the installation:
Administrators can use the version or sysconfig
command to verify the new version of the Data
ONTAP operating system that is running.
24

Administrators can use the version command to see the version of the Data ONTAP operating system that
is running. The b option displays the contents of the boot device file system. Keep in mind that after the
reboot, background processes may still be working to fully upgrade your system. The Data ONTAP operating
system continues to function and can serve data to clients while these background processes are completing
the upgrade.
18 - 24
Nondisruptive Upgrades
X3149A
X3149A
4
LNK
system
LNK
ACT
ACT
5
INT LNK
INT LNK
LNK
LNK
ACT
e0c
e0d
e0e
0a
e0f
LINK
0b
0c
LINK LINK
0d
e0a
e0b
e0d
e0e
0a
e0f
LINK
LINK
LINK LINK
0b
0c
LINK LINK
0d
LINK
LINK
4Gb 2Gb
1Gb ELP
A
B
X2
X2
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
e0c
LINK
LINK
ESH4
LINK LINK
1Gb ELP
LINK
X2
e0b
1Gb 2Gb 4Gb
SHELF
ID
e0a
4Gb 2Gb
system2
ACT
ESH4
4Gb 2Gb
1Gb ELP
A
B
ESH4
4Gb 2Gb
1Gb ELP
Nondisruptive upgrades (NDUs) include:

Disk and shelf firmware updates
Data ONTAP updates
For more information, please see the High Availability Webbased course.
25
NONDISRUPTIVE UPGRADES
A nondisruptive upgrade, or NDU, is a mechanism that uses high-availability storage controller technology to
minimize client disruption during an upgrade. This procedure allows each of the two nodes in a highavailability pair to be upgraded individually to a newer version of the Data ONTAP operating system and
firmware.
When you perform an NDU, you upgrade three key areas:
Shelf firmware
Disk firmware
The Data ONTAP operating system and storage controller firmware (BIOS)
18 - 25
Storage Controller NDU

Before you attempt to perform a storage controller NDU:
Review all necessary documentation for the destination
version of the Data ONTAP operating system:

Review the NetApp Support Bugs Online site for any known
installation and upgrade problems.
Validate the high-availability controller configuration.
Remove all failed disks to allow giveback operations to
succeed.
Upgrade disk and shelf firmware, as discussed earlier in
this module.
Verify that system loads are within the acceptable range
(less than 50% on each system).
STORAGE CONTROLLER NDU
18 - 26
26
NDU Process: Step-by-Step

Data ONTAP 7.3.1 Data ONTAP 8.0
Data ONTAP 7.3.1 Data ONTAP 8.0

X3149A
X3149A
4
LNK
system
LNK
ACT
ACT
5
INT LNK
INT LNK
LNK
LNK
ACT
e0c
e0d
e0e
0a
e0f
LINK
0b
0c
LINK LINK
0d
e0a
e0b
e0c
e0d
0a
e0f
0b
LINK
LINK
LINK LINK
0c
0d
LINK LINK
LINK
LINK
4Gb 2Gb
1Gb ELP
A
B
X2
X2
X2
X2
ESH4
1Gb 2Gb 4Gb
SHELF
ID
e0e
LINK
LINK
ESH4
LINK LINK
1Gb ELP
LINK
1Gb 2Gb 4Gb
SHELF
ID
e0b
4Gb 2Gb
e0a
system2
ACT
ESH4
4Gb 2Gb
A
B
ESH4
1Gb ELP
4Gb 2Gb
1Gb ELP
Both storage systems start with an older Data ONTAP version.

1. Install and download the new Data ONTAP version on both systems.
2. Reboot the first system. The second system will take over for the first.
3. Give back to the first system and then reboot the second system.
4. Give back to the second system. Both systems now run the new version.
27
NDU PROCESS: STEP-BY-STEP

1. After you have prepared for the storage controller NDU, initiate the process by installing the new version
of the Data ONTAP operating system on both systems.
2. Then reboot the first system, allowing the high-availability configuration to fail over to the second
system.
NOTE: In Data ONTAP 8.0, takeovers and givebacks have been dramatically improved. For example,
takeovers and givebacks should take less than 60 seconds for all SAN Fibre Channel and iSCSI
configurations for systems with up to 10,000 Snapshot copies.
3. After the first system has rebooted, verify the new installation and then have the partner perform the
giveback. After both systems are running again, reboot the second system and fail over to the first system.
4. Give back to the second system.
Notice that the difference between an NDU and a single-system upgrade is in the reboot process. In this case,
you only reboot one system at a time. For this reason, an NDU is sometimes called a rolling upgrade.
SOURCE
RELEASE
UPGRADE
REVERT
NDU UPGRADE
7.2.x
7-Mode
Yes
Yes
No
7.3.x
7-Mode
Yes
Yes
Yes
18 - 27
Fresh Installs of Data ONTAP

1. Install and download the Data ONTAP operating
system on the boot device drive (boot device).
2. Interrupt the reboot and choose one of these options
from the boot menu:
For Data ONTAP 8.0.x 7-Mode, choose this option:
(4) Clean configuration and initialize all

disks
For Data ONTAP 7.3.x, choose one of these two

option:
(4) Initialize all disks.

(4a)Same as option 4, but create a flexible
root volume.
3. After the system boots, continue with normal setup.

28
FRESH INSTALLS OF DATA ONTAP

You have already reviewed the single-system upgrade process and the NDU process for a high-availability
configuration. You may also want to perform a fresh install. Because a fresh install requires removing all of
your data, this type of installation is the least-often used. It allows you to decommission a system and prepare
the system for other uses.
To perform a fresh installation of the Data ONTAP operating system, follow these steps:
Step 1: Install the Data ONTAP operating system on the boot device, which is the boot device drive.
Step 2: Choose to create the root as a FlexVol volume (traditional volumes are not supported). The system
should boot. In 7-Mode, this should be almost identical to 7.3.x.
Step 3: Continue with the normal setup.
For more information, see the Data ONTAP 8.0 System Administration Guide.
18 - 28
Setup
SETUP
18 - 29
29
Using the setup Script

1. The script runs automatically during initial
system configuration.
2. Use the configuration worksheet to prepare to
use the script.
3. Run the script at any time to change the
existing configuration.
4. Reboot for the changes to take effect, or run
this command:
system> source /etc/rc
USING THE SETUP SCRIPT
18 - 30
30
The setup Script: Part 1

system> setup
The setup command will rewrite the /etc/rc, /etc/exports,
/etc/hosts, /etc/hosts.equiv, /etc/dgateways, /etc/nsswitch.conf,
and /etc/resolv.conf files, saving the original contents of
these files in .bak files (e.g. /etc/exports.bak).
Are you sure you want to continue? [yes] y
NetApp Release Release 8.0.1 7-Mode
System ID: 0101173126 (system); partner ID: 0101169724 (system2)
System Serial Number: 1056850 (system)
System Rev: C0
System Storage Configuration: Single-Path HA
slot 0: System Board
Processors:
4
Processor type:
Intel Xeon
Memory Size:
4096 MB
...
Data ONTAP 8.0.1 7-Mode is shown; Data ONTAP 7.3.x is similar.

31
THE SETUP SCRIPT: PART 1

The setup script installs new versions of /etc/rc, /etc/hosts, /etc/exports,
/etc/resolv.conf, /etc/hosts.equiv, and /etc/dgateways to reflect the new configuration.
When setup is complete, the new configuration does not take effect until the storage system is rebooted. You
can reconfigure a storage system any time by typing setup at the console prompt (this is not recommended
unless you are performing a new installation).
If a reconfiguration is performed, the old contents of these six configuration files are saved in rc.bak,
hosts.bak, exports.bak, resolv.conf.bak, hosts.equiv.bak, and dgateways.bak.
In the script content later in this module, empty brackets ([ ]) indicate that there is no default setting for the
question. When the brackets have a value, the displayed value is the default.
18 - 31

Please enter the new hostname [system]:
Do you want to configure interface groups? [n]:
Please enter the IP address for Network Interface e0a [10.254.134.36]:
Please enter the netmask for Network Interface e0a [255.255.252.0]:
Should interface e0a take over a partner IP address during failover?
[n]:
Please enter media type for e0a {100tx-fd, tp-fd, 100tx, tp, auto
(10/100/1000)} [auto]:
Please enter flow control for e0a {none, receive, send, full} [full]:
Do you want e0a to support jumbo frames? [n]:
... e0b, e0c, and e0d interfaces as well ...

Would you like to continue setup through the web interface? [n]:
18 - 32
32

Please enter the name or IP address of the default gateway
[10.254.132.1]:
The administration host is given root access to the filer's
/etc files for system administration. To allow /etc root access
to all NFS clients enter RETURN below.
Please enter the name or IP address of the administration host:
Please enter timezone [GMT]:
Where is the filer located? []:
What language will be used for multi-protocol files (Type ? for
list)?:
language not set
18 - 33
33

Do you want to run DNS resolver? [n]: y
Please enter DNS domain name [development.netappu.com]:
You may enter up to 3 nameservers
Please enter the IP address for first nameserver [10.254.132.10]:
Do you want another nameserver? [y]:
Please enter the IP address for alternate nameserver [10.254.134.25]:
Do you want another nameserver? [n]:
Do you want to run NIS client? [n]:
The initial aggregate currently contains 3 disks; you may add
more
disks to it later using the "aggr add" command.
Now type 'reboot' for changes to take effect.
18 - 34
34
Checking the Storage Systems Status

system> version
NetApp Release 8.0.1
system> sysconfig -v
NetApp Release Release 8.0.1 7-Mode
System ID: 0101173126 (system); partner ID: 0101169724 (system2)
System Serial Number: 1056850 (system)
System Rev: C0
System Storage Configuration: Single-Path HA
slot 0: System Board
Processors:
4
Processor type:
Intel Xeon
Memory Size:
4096 MB
...
system> license
...
cf
not licensed
Data ONTAP 8.0.1 7-Mode is shown; Data ONTAP 7.3.x is similar.

35
CHECKING THE STORAGE SYSTEMS STATUS

You can verify your software version by using the sysconfig or sysconfig -v command, or by using
the version command. One way to verify the software version on the disks is to change to the /etc/boot
directory and then view the link to which that directory points.
Firmware Version
There are two primary ways to verify your firmware version: use sysconfig v or use halt on the
storage system and type version from the OK prompt. Ensure that the firmware version on your system is
what it should be and that you have the current version of the firmware for your platform.
Licenses
Use the license command to verify that all licenses are listed for your storage appliance. The licenses that
are displayed in the autosupport log are encrypted versions of the actual licenses.
18 - 35
Configuration of a Storage System

The config command allows administrators to
back up the systems configuration information.
The backup file maybe used for:
Restoring the system configuration if disasters
or emergencies occur
Cloning an existing system to a new system
Files are stored in the /etc/configs directory.
CONFIGURATION OF A STORAGE SYSTEM
18 - 36
36
Storage System Configuration Commands

To back up a system configuration:
system> config dump 12_25_2010
To restore a system configuration:
The convention
is to use
the current date
of the dump
system> config restore 12_25_2010

system> reboot
To clone a system configuration:

system2> config clone system root:password
Remote system
to clone
Remote system
user name and
password
37
STORAGE SYSTEM CONFIGURATION COMMANDS

NOTE: Adding -v to the config command causes the Data ONTAP operating system to also back up or
restore volume-specific configurations. See the System Administration Guide for the appropriate Data
ONTAP version for more information.
18 - 37
Module Summary
Access the NetApp Support site for the following

documents:
Collect data for installation using a configuration
worksheet
Describe how to perform Data ONTAP software
upgrades and reboots
Configure a storage system using the setup
command
MODULE SUMMARY
18 - 38
38
Exercise
Module 18: Data ONTAP Upgrades
EXERCISE
18 - 39

What is the name of the worksheet that you
can use to help you set up your storage
system?
Which command simplifies Data ONTAP
upgrades?
18 - 40
40
Final Words
Module 19
FINAL WORDS
19 - 1
Data ONTAP 7-Mode Administration: Final Words
Module Objectives
Recall major areas of this course
Identify available resources
MODULE OBJECTIVES
19 - 2
ApplicationBased Silos
Zones of
Virtualization
Consolidate
Centralize
IT as a Service
(ITaaS)
Internal Cloud
Standardize
Virtualize
External
Cloud Services
Self-Service
Automate
19 - 3
Unified Storage
NFS
Corporate
LAN
iSCSI
CIFS
FCoE
FC
NAS
SAN
NetApp FAS
UNIFIED STORAGE
19 - 4
Data ONTAP Operating System
7-Mode
ClusterMode
Data
ONTAP
GX
DATA ONTAP OPERATING SYSTEM
19 - 5
NetApp System Manager Features

Windows integration
Discovery and setup
of storage systems
NAS provisioning
LUN provisioning
CIFS and NFS configuration
ISCSI and Fibre Channel (FC) configuration
Management of storage systems
Streamlined HA pair configuration
Windows system tray notification
NETAPP SYSTEM MANAGER FEATURES
19 - 6
Storage Objects:
Aggregates
Plexes
RAID groups
Disks
aggr1
plex0
rg0
rg1
...
--------- ------ ------------- ---- ---parity
0a.24
0a
1
8
FC:A
0...
data
0a.25
0a
1
9
FC:A
0...
system>
19 - 7
Performance Gains with Flexible Volumes

I/O performance:
Spindle-sharing makes
total aggregate
performance available to
all volumes.
Space utilization:
Vol 1
Vol 2
Free
Vol 3
Vol 4
There is no preallocation of free

space.
Free space is
available for use by
other volumes or new
volumes.
PERFORMANCE GAINS WITH FLEXIBLE VOLUMES
19 - 8
Storage System Access

Exercise careful attention when you set up
administrative access.
Limit who has administrative access
Limit where administrators can gain access
To secure your system:
Ensure a secure configuration

Manage user logins
Communicate securely with the storage system
Guard physical access
NOTE: Data ONTAP 8.0 operating
system and later default more secure
settings than previous versions
STORAGE SYSTEM ACCESS
19 - 9
Role-Based Access Control

Role-based access control (RBAC) is a mechanism for
managing a set of capabilities that an administrator can
perform on a storage system.
Follow these steps to implement RBAC:
Create a role with specific capabilities.

Create a group with one or more assigned roles.
Create one or more users that are assigned to one or more
groups.
Groups
Roles
Capabilities
ROLE-BASED ACCESS CONTROL
19 - 10
10
Interface Groups
Interface groups enable trunking of one or more
Ethernet interfaces (IEEE 802.3ad link
aggregation).
Trunks are called vitural interfaces or vifs

Trunks are called interface groups or ifgroups
Types:
Single-mode
Multimode
e0a
e0b
e0c
e0d
e0e
0a
e0f
LINK LINK
0d
LINK
10-Gb Optical
Interfaces
Interface Group
Interface Group
0
0c
LINK LINK
LINK
1-Gb Copper
Interfaces
INTERFACE GROUPS
19 - 11
0b
LINK
LINK
11
Exported Resources Overview

Storage System
vol0
flexvol1
data_files
etc
eng_files
home
misc_files
Network Connection
Client1
Client2
EXPORTED RESOURCES OVERVIEW
19 - 12
12
CIFS
Clients
Member Server
Domain Controller
Machine
Accounts
CIFS
19 - 13
Directory
Machine name
13
SAN
Initiator
Application
File System
SCSI Driver
Target
SAN Services
WAFL (Write Anywhere File Layout)
IP
SAN
LUN
SAN
19 - 14
FC
SAN
14
Snapshot Copies
Active Data
Snapshot
File X
File X
Disk Blocks
The active version of file X is now composed of blocks A, B, and C.

The Snapshot version of file X remains composed of blocks A, B, and C.
The WAFL file system automatically moves active data to a new
consistent state.
SNAPSHOT COPIES
19 - 15
15
Multiple HA Techniques in Combination

Inter-connect
Steps
system2
system
0a 0b
0c 0d
0a 0b
1. Connect cluster
interconnect cables
0c 0d
2. Connect intershelf disk

cables
3. Connect primary path

4. Connect standby path


primary path from the
storage systems

standby path from the
storage systems
NOTE: Example shows DS14 FC shelves. Cabling will be different for SAS shelves.
16
MULTIPLE HA TECHNIQUES IN COMBINATION

The HA techniques described do not have to be used in isolation; often they are combined. The example in
this slide shows multipathing high-availability controller configuration, referred to as MPHA.
19 - 16
Virtualization and NetApp Solutions

NetApp provides premium storage solutions for
virtual infrastructures.
Virtualization storage client
VMware cloud, server, and
desktop
NetApp, VMware, and Cisco
FlexPod for VMware
Microsoft Hyper-V
Citrix server and desktop
vFiler
vFiler
vFiler
MultiStore
Virtualization storage
controllers: MultiStore software
VIRTUALIZATION AND NETAPP SOLUTIONS
19 - 17
17
Additional Data ONTAP Resources

Education
Accelerated NCDA Boot Camp

NetApp Protection Software Administration
Data ONTAP Performance Analysis
SAN Fundamentals on Data ONTAP
Web sites
NetApp Support (support.netapp.com)
NetApp (www.netapp.com)
ADDITIONAL DATA ONTAP RESOURCES
19 - 18
18
Thank You!
Please complete an evaluation.
THANK YOU!
19 - 19
WAFL Internals
Appendix A
WAFL INTERNALS
A-1
Data ONTAP 7-Mode Administration: WAFL Internals
Module Objectives
Describe how data is structure within a WAFL
(Write Anywhere File Layout) file system on a
traditional volume
Explain how data is structure within a WAFL
file system in a flexible volume on a 32-bit
aggregate
aggregate
MODULE OBJECTIVES
A-2
WAFL Structure
WAFL STRUCTURE
A-3
WAFL File System

Is the file system in the Data ONTAP operating
system
Stores metadata in files and uses a buffer tree
structure
Allows the Data ONTAP operating system to write
metadata files and blocks anywhere on disk
(Write Anywhere File Layout)
Is more flexible than traditional file systems,
because metadata is not in fixed locations on disk,
with the exception of the root inode
WAFL FILE SYSTEM
A-4
WAFL Block Structure

The WAFL file system organizes data into blocks.
Use the vol status -b command to verify block
size.
system> vol status -b
Volume Block Size (bytes) Vol Size (blocks) FS Size (blocks)
------ ------------------ ----------------- ---------------vol0
4096
7058256
7058256
WAFL BLOCK STRUCTURE
A-5
WAFL Structure
The WAFL file system is structured into volumes:
Aggregate
vol1
vol1
WAFL STRUCTURE
A-6
WAFL File System and Inodes

WAFL organizes some metadata into inodes.
An inode:
Is a collection of information about a file or
directory
Holds information including:
Time and date stamp

Size
UNIX permissions
Windows access control list (ACL)
Has 192 bytes of data

Is placed in an inode file (inofile)
WAFL FILE SYSTEM AND INODES
A-7
WAFL Structure: Volinfo and Fsinfo Blocks

Every volume has a root inode, which is the
starting point of the inode tree.
Root inode
volinfo
block 2
volinfo
block 1
Aggregate
vol1
fsinfo
block
0
Active
file system
...
vol1
fsinfo
block
255
Snapshot
definitions
WAFL STRUCTURE: VOLINFO AND FSINFO BLOCKS

The root inode consists of volinfo blocks 1 and 2. These blocks, in turn, can point to up to 256 fsinfo blocks:
1 for the Active File System (AFS) and 255 for each possible Snapshot copy.
A-8
WAFL Structure: Inofile

Inode information is held in the inode file
(inofile), a hidden system file.
Root inode
0
Aggregate
192-byte inode
...
20 21 Inode file
Blocks of 4096-byte
each
vol1
vol1
WAFL STRUCTURE: INOFILE
A-9
Level 0
For files that are less than 65 bytes, the data is
stored within the inode file.
Root inode
0
Aggregate
Small file inode

...
4-KB block
20
Inode file
Small file data

inside the
192-byte inode
vol1
vol1
LEVEL 0
A - 10
10
Level 1 In Traditional Volumes

For files that are greater than 64 bytes, but less
than or equal to 64 KB, a level-1 inode structure
is used.
32-bit pointers
Root inode
File inode
20
...
0 1
...
Inode file
15
4 bytes
vol1
Direct
Data Block
Direct
Data Block
Direct
Data Block
vol1
4-KB block
11
LEVEL 1 IN TRADITIONAL VOLUMES

With traditional volumes, there are a maximum of sixteen level-1 pointers. Pointers are connected by Physical
Block Numbers (PBNs) and Volume Block Numbers (VBNs).
A - 11
Traditional Volume Data Structure
Disk
Physical
Block
Number
(PBN)
500 block
number
Volume
Block
Number
(VBN)
500 block
number
Traditional
Volume
TRADITIONAL VOLUME DATA STRUCTURE
A - 12
12
Level 1 In 32-Bit Aggregates

For files that are greater than 64 bytes but less than
or equal to 32 KB, a level-1 inode structure is used.
Root inode
0
32-Bit Aggregate
File inode
20
...
0
...
32-bit pointers
Inode file
7
2x4
bytes*
vol1
*NOTE: 2 x 4 bytes, because
the physical and virtual VBNs
are separate
Direct
Data Block
Direct
Data Block
Direct
Data Block
vol1
4-KB block
13
LEVEL 1 IN 32-BIT AGGREGATES

With level 1 inodes in 32-bit flexible volumes, there are only 8 pointers. Eight-byte pointers connect a fourbyte Physical Virtual Block Number (PvBN) to a four-byte Virtual Volume Block Number (vVBN).
A - 13
Flexible Volume Data Structure
Aggregate
Disk
PvBN
456 block
number
vol1
vVBN
500 block
number
vol2
vVBN
500 block
number
Disk
PvBN
123 block
number
Physical Virtual Block Number (PvBN)

Virtual Volume Block Number (vVBN)
FLEXIBLE VOLUME DATA STRUCTURE
A - 14
14

For files that are greater than 64 bytes but less than
or equal to 16 KB, a level-1 inode structure is used.
Root inode
0
File inode
Inode file
20
...
0
64-bit pointers
...
2x8
bytes
64-Bit Aggregate
vol1
Direct
Data Block
Direct
Data Block
vol1
4-KB block
15

Within level 1 inodes in 64-bit flexible volumes, there are only 4 pointers at the first level. Each sixteen-byte
pointers connect a PvBN to a vVBN: eight-byte PvBN and eight-byte vVBN.
A - 15
Level 2 in Traditional Volumes

For files that are greater than 64 KB, but less than or
equal to 64 MB, a level-2 inode structure is used.
Root inode
0
...
Direct
Data Block
...
1023
32-bit pointers
Inode file
20
...
0 1
vol1
File inode
Up to 16
indirect
blocks
15
Direct
Data Block
...
1023
Direct
Data Block
vol1
16
LEVEL 2 IN TRADITIONAL VOLUMES

Within level-2 inodes of traditional volumes, there are a maximum of 1024 possible pointers associated with
each level 1 pointer.
A - 16
Level 2 in 32-Bit Aggregates

For files that are greater than 32 KB but less than or
Root inode
0
...
...
511
32-bit pointers
Inode file
20
...
0
32-Bit Aggregate
File inode
Up to 8
indirect
blocks
...
511
vol1
Direct
Data Block
Direct
Data Block
Direct
Data Block
vol1
17

Within level-2 inodes of 32-bit flexible volumes, there are a maximum of 1024 pointers associated with each
level-1 pointer.
A - 17

For files that are greater than 16 KB, but less than or
Root inode
0
...
64-bit pointers
Inode file
20
...
0
64-Bit Aggregate
File inode
...
255
Up to 4
indirect
blocks
...
255
vol1
Direct
Data Block
Direct
Data Block
Direct
Data Block
vol1
18

Within level-2 inodes of 64-bit flexible volumes, there are a maximum of 512 pointers associated with each
level-1 pointer.
A - 18
Directories
Each directory inode points to at least one 4-KB block
that holds the metadata for the block.
Root inode
Directory inode
Inode file
4-KB block
Aggregate
vol1
Entries Chunks
An array of entries containing

128 rows of 12 bytes
An array of 160 sixteenbyte name chunks
vol1
19
DIRECTORIES
Each directory block is divided into two primary portions: an array of entries and an array of name chunks.
The entry array for each directory block contains 128 rows, each currently 12 bytes long. The rest of the
WAFL (Write Anywhere File Layout) block contains the array of 160 name chunks, each 16 bytes long.
Entries contain a file ID, a generation number, and a pointer to related name chunks. If the NFS name of a
storage object in the directory is longer than 16 characters, it uses multiple name chunks from that directory
block.
Directory entries often have three names: one for NFS, another for DOS 8.3 compatibility, and a third for
Unicode naming. Unicode and NFS names can't be merged, because NFS is case-sensitive and CIFS is not. If
a file has multiple names, each name uses a separate name chunk. Some Unicode character sets use two bytes
per character, in which case the Unicode name will need a name chunk per 8 characters. After all the name
chunks in a directory block are used, the WAFL file system uses another directory block, even though there
are still entry slots available. The same holds true when you use fill all of the name slots for NFS
environments with short names. Finally, two files with the same name are not allowed in the same directory.
A - 19
Module Summary
Now that you have completed this module, you
should be able to:
file system on a traditional volume
Explain how data is structure within a WAFL
aggregate
aggregate
MODULE SUMMARY
A - 20
20
Shells
Appendix B
SHELLS
B-1
Data ONTAP 7-Mode Administration: Shells
Module Objectives
Distinguish between administration and system
shells
Enable the diagnostic account
Log in to the system shell
MODULE OBJECTIVES
B-2
Shells
Data ONTAP 8.0 7-Mode has two shells:
Administration shell
Allows normal operations at privileged levels
Is configured using priv set
System shell
Is used for low-level diagnostic purposes
Should only be used by customers under
guidance of technical support
SHELLS
The system shell provides a powerful run-time environment, which has proven useful in the field for
diagnosing problems with GX deployments. The Data ONTAP 7G operating system does not have this
option, but in a clustered Data ONTAP configuration, many common mode features reside in the FreeBSD
ecosystem and kernel. Those common-mode features include EMS, the AutoSupport support tool, Network
Data Management Protocol (NDMP), environmental policy, and ntpd. The FreeBSD shell is accessible from
both Data ONTAP 8.0 7-Mode and Data ONTAP 8.0 Cluster-Mode of operation.
System shell access is not available through network protocols, such as Remote Shell (RSH), Secure Shell
(SSH), and Telnet. Shell access is restricted to console sessions invoked on either the serial port or Remote
LAN Module (RLM), and is intended for internal development as well as in-field serviceability.
B-3
System Shell Access

Only a diagnostic user may access the system
shell, and the diagnostic account is predefined,
but disabled by default. Therefore, to perform
lower-level diagnostics, you must:
1. Enable the diagnostic account.
2. Access the system shell.
SYSTEM SHELL ACCESS
B-4
1. Enable the Diagnostic Account

1. Change to the advanced privileged level:
2. Unlock the diagnostic account:

system*> useradmin diaguser unlock
3. Set the diagnostic account password:

system*> useradmin diaguser password
Please enter a new password:
Please enter it again:
4. Verify the diagnostic account:
Enter the
password
twice
system*> useradmin diaguser show

Name: diag
Info Account for access to systemshell
Locked: no
1. ENABLE DIAGNOSTIC ACCOUNT
B-5
2. Access the System Shell

1. Change to the advanced privileged level:
2. Enter the system shell:

system*> systemshell
Data ONTAP/i386 (nodename) (ttyp0)

login: diag
Password:
Enter the
password
system%
3. Exit the system shell:

system% exit
logout
system*>
2. ACCESS THE SYSTEM SHELL
B-6
Operations at the System Shell

The following operations may be performed at
the system shell:
whoami
ps
top
uname -a
Commands that technical support requests
7-Mode administrators do not normally need to

access the FreeBSD system shell, and should
use it only under the direction of technical
support.
OPERATIONS AT THE SYSTEM SHELL

Access to the FreeBSD level is documented and available to customers.
Follow this FAQ:
Q: Can I run scripts on BSD to gather data?
A: Dont do this for Data ONTAP 8.0 7-Mode. Currently, many WAFL (Write Anywhere File Layout)
processes run separately from the BSD platform and data retrieved from BSD does not provide a
reliable view of system performance.
Q: Can I restart daemons without rebooting?
A: No. Please contact technical support.
Q: Do I need to access the system shell on a day-to-day basis?
A: No, Data ONTAP 8.0 administrators do not need this feature for normal operations.
B-7
Module Summary
Distinguish between administration and system
shells
Enable the diagnostic account
Log in to the system shell
MODULE SUMMARY
B-8

Data ONTAP 7-Mode Administration. StudentGuide PDF

Uploaded by

Copyright:

Available Formats

Data ONTAP 7-Mode Administration. StudentGuide PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Data ONTAP 7-Mode Administration. StudentGuide PDF

Uploaded by

Copyright:

Available Formats

What is the purpose of this guide?

What is the purpose of this guide?

What are the steps to enable the diagnostic account?

What are the steps to enable the diagnostic account?

Data ONTAP 7-Mode

Data ONTAP 7-Mode Administration

RESTRICTED RIGHTS LEGEND

Data ONTAP 7-Mode Administration: Welcome

Data ONTAP 7-Mode Administration: Welcome

DATA ONTAP 7-MODE ADMINISTRATION

Data ONTAP 7-Mode Administration: Welcome

Logistics and Safety

2011 NetApp, Inc. All rights reserved.

LOGISTICS AND SAFETY

Data ONTAP 7-Mode Administration: Welcome

Data ONTAP 7-Mode Administration: Welcome

Course Agenda: Days 1 and 2

2011 NetApp, Inc. All rights reserved.

COURSE AGENDA: DAYS 1 AND 2

Data ONTAP 7-Mode Administration: Welcome

Course Agenda: Days 3, 4 and 5

Network File System

Backup and Recovery Methods

2011 NetApp, Inc. All rights reserved.

COURSE AGENDA: DAYS 3, 4 AND 5

Data ONTAP 7-Mode Administration: Welcome

NetApp University Information Sources

NetApp University Support

2011 NetApp, Inc. All rights reserved.

NETAPP UNIVERSITY INFORMATION SOURCES

Data ONTAP 7-Mode Administration: Welcome

Command names, daemon names, and option

Bold monospaced font

Words or characters that are typed, for example:

2011 NetApp, Inc. All rights reserved.

Data ONTAP 7-Mode Administration: Welcome

NETAPP STORAGE ENVIRONMENT

Data ONTAP 7-Mode Administration: NetApp Storage Environment

Data ONTAP 7-Mode Administration: NetApp Storage Environment

Terms and Acronyms Used in This Course

Access control list

Common Internet File System

The operating system for NetApp storage systems

Host bus adapter (FC)

High availability (formerly active-active controller configuration)

Network File System

Network Information Service

Remote LAN Module

Storage area network

Storage engines, heads, or CPU modules

Controller or storage appliance

Virtual Tape Library

2011 NetApp, Inc. All rights reserved.

TERMS AND ACRONYMS USED IN THIS COURSE

Data ONTAP 7-Mode Administration: NetApp Storage Environment

NetApp and the

2011 NetApp, Inc. All rights reserved.

NETAPP AND THE STORAGE INDUSTRY

Data ONTAP 7-Mode Administration: NetApp Storage Environment