Skip to main content

NetApp Commandline Cheatsheet



NetApp Commandline Cheatsheet
This is a quick and dirty NetApp commandline cheatsheet on most of the common commands used, this is not extensive so check out the man pages and NetApp documentation. I will be updating this document as I become more familar with the NetApp application.
Server
Startup and Shutdown
Boot Menu
1) Normal Boot.
2) Boot without /etc/rc.
3) Change password.
4) Clean configuration and initialize all disks.
5) Maintenance mode boot.
6) Update flash from backup config.
7) Install new software first.
8) Reboot node.
Selection (1-8)?
  • Normal Boot - continue with the normal boot operation
  • Boot without /etc/rc - boot with only default options and disable some services
  • Change Password - change the storage systems password
  • Clean configuration and initialize all disks - cleans all disks and reset the filer to factory default settings
  • Maintenance mode boot - file system operations are disabled, limited set of commands
  • Update flash from backup config - restore the configuration information if corrupted on the boot device
  • Install new software first - use this if the filer does not include support for the storage array
  • Reboot node - restart the filer
startup modes
  • boot_ontap - boots the current Data ONTAP software release stored on the boot device
  • boot primary - boots the Data ONTAP release stored on the boot device as the primary kernel
  • boot_backup - boots the backup Data ONTAP release from the boot device
  • boot_diags - boots a Data ONTAP diagnostic kernel
Note: there are other options but NetApp will provide these as when necessary
shutdown
halt [-t <mins>] [-f]
-t = shutdown after minutes specified
-f = used with HA clustering, means that the partner filer does not take over
restart
reboot [-t <mins>] [-s] [-r] [-f]

-t = reboot in specified minutes
-s = clean reboot but also power cycle the filer (like pushing the off button)
-r = bypasses the shutdown (not clean) and power cycles the filer
-f = used with HA clustering, means that the partner filer does not take over
System Privilege and System shell
Privilege
priv set [-q] [admin | advanced]
Note: by default you are in administrative mode

-q = quiet suppresses warning messages
Access the systemshell
## First obtain the advanced privileges
priv set advanced

## Then unlock and reset the diag users password
useradmin diaguser unlock
useradmin diaguser password

## Now you should be able to access the systemshell and use all the standard Unix
## commands
systemshell
login: diag
password: ********
Licensing and Version
licenses (commandline)
## display licenses
license

## Adding a license
license add <code1> <code2>
## Disabling a license
license delete <service>
Data ONTAP version
version [-b]

-b = include name and version information for the primary, secondary and diagnostic kernels and the firmware
Useful Commands
read the messages file
rdfile /etc/messages
write to a file
wrfile -a <file> <text>

# Examples
wrfile -a /etc/test1 This is line 6 # comment here
wrfile -a /etc/test1 "This is line \"15\"."
System Configuration
General information
sysconfig
sysconfig -v
sysconfig -a (detailed)
Configuration errors
sysconfig -c
Display disk devices
sysconfig -d
sysconfig -A
Display Raid group information
sysconfig -V
Display arregates and plexes
sysconfig -r
Display tape devices
sysconfig -t
Display tape libraries
sysconfig -m
Environment Information
General information
environment status
Disk enclosures (shelves)
environment shelf [adapter]
environment shelf_power_status
Chassis
environment chassis all
environment chassis list-sensors
environment chassis Fans
environment chassis CPU_Fans
environment chassis Power
environment chassis Temperature
environment chassis [PS1|PS2]
Fibre Channel Information
Fibre Channel stats
fcstat link_status
fcstat fcal_stat
fcstat device_map
SAS Adapter and Expander Information
Shelf information
sasstat shelf
sasstat shelf_short
Expander information
sasstat expander
sasstat expander_map
sasstat expander_phy_state
Disk information
sasstat dev_stats
Adapter information
sasstat adapter_state
Statistical Information
System
stats show system
Processor
stats show processor
Disk
stats show disk
Volume
stats show volume
LUN
stats show lun
Aggregate
stats show aggregate
FC
stats show fcp
iSCSI
stats show iscsi
CIFS
stats show cifs
Network
stats show ifnet




Storage
Storage Commands
Display
storage show adapter
storage show disk [-a|-x|-p|-T]
storage show expander
storage show fabric
storage show fault
storage show hub
storage show initiators
storage show mc
storage show port
storage show shelf
storage show switch
storage show tape [supported]
storage show acp

storage array show
storage array show-ports
storage array show-luns
storage array show-config
Enable
storage enable adapter
Disable
storage disable adapter
Rename switch
storage rename <oldname> <newname>
Remove port
storage array remove-port <array_name> -p <WWPN>
Load Balance
storage load balance
Power Cycle
storage power_cycle shelf -h
storage power_cycle shelf start -c <channel name>
storage power_cycle shelf completed

Disks
Disk Information
Disk name
This is the physical disk itself, normally the disk will reside in a disk enclosure, the disk will have a pathname like 2a.17 depending on the type of disk enclosure
  • 2a = SCSI adapter
  • 17 = disk SCSI ID
Any disks that are classed as spare will be used in any group to replace failed disks. They can also be assigned to any aggregate. Disks are assigned to a specific pool.
Disk Types
Data
holds data stored within the RAID group
Spare
Does not hold usable data but is available to be added to a RAID group in an aggregate, also known as a hot spare
Parity
Store data reconstruction information within the RAID group
dParity
Stores double-parity information within the RAID group, if RAID-DP is enabled

Disk Commands
Display
disk show
disk show <disk_name>

disk_list

sysconfig -r
sysconfig -d
## list all unnassigned/assigned disks
disk show -n
disk show -a
Adding (assigning)
## Add a specific disk to pool1 the mirror pool
disk assign <disk_name> -p 1

## Assign all disk to pool 0, by default they are assigned to pool 0 if the "-p"
## option is not specififed
disk assign all -p 0
Remove (spin down disk)
disk remove <disk_name>
Reassign
disk reassign -d <new_sysid>
Replace
disk replace start <disk_name> <spare_disk_name>
disk replace stop <disk_name>

Note: uses Rapid RAID Recovery to copy data from the specified file system to the specified spare disk, you can stop this process using the stop command
Zero spare disks
disk zero spares
fail a disk
disk fail <disk_name>
Scrub a disk
disk scrub start
disk scrub stop
Sanitize
disk sanitize start <disk list>
disk sanitize abort <disk_list>
disk sanitize status
disk sanitize release <disk_list>

Note: the release modifies the state of the disk from sanitize to spare. Sanitize requires a license.
Maintanence
disk maint start -d <disk_list>
disk maint abort <disk_list>
disk maint list
disk maint status

Note: you can test the disk using maintain mode
swap a disk
disk swap
disk unswap

Note: it stalls all SCSI I/O until you physically replace or add a disk, can used on SCSI disk only.
Statisics
disk_stat <disk_name>
Simulate a pulled disk
disk simpull <disk_name>
Simulate a pushed disk
disk simpush -l
disk simpush <complete path of disk obtained from above command>

## Example
ontap1> disk simpush -l
The following pulled disks are available for pushing:
v0.16:NETAPP__:VD-1000MB-FZ-520:14161400:2104448

ontap1> disk simpush v0.16:NETAPP__:VD-1000MB-FZ-520:14161400:2104448

Aggregates
Aggregate States
Online
Read and write access to volumes is allowed
Restricted
Some operations, such as parity reconstruction are allowed, but data access is not allowed
Offline
No access to the aggregate is allowed
Aggregate Status Values
32-bit
This aggregate is a 32-bit aggregate
64-bit
This aggregate is a 64-bit aggregate
aggr
This aggregate is capable of contain FlexVol volumes
copying
This aggregate is currently the target aggregate of an active copy operation
degraded
This aggregate is contains at least one RAID group with single disk failure that is not being reconstructed
double degraded
This aggregate is contains at least one RAID group with double disk failure that is not being reconstructed (RAID-DP aggregate only)
foreign
Disks that the aggregate contains were moved to the current storage system from another storage system
growing
Disks are in the process of being added to the aggregate
initializing
The aggregate is in the process of being initialized
invalid
The aggregate contains no volumes and none can be added. Typically this happend only after an aborted "aggr copy" operation
ironing
A WAFL consistency check is being performewd on the aggregate
mirror degraded
The aggregate is mirrored and one of its plexes is offline or resynchronizing
mirrored
The aggregate is mirrored
needs check
WAFL consistency check needs to be performed on the aggregate
normal
The aggregate is unmirrored and all of its RAID groups are functional
out-of-date
The aggregate is mirrored and needs to be resynchronized
partial
At least one disk was found for the aggregate, but two or more disks are missing
raid0
The aggrgate consists of RAID 0 (no parity) RAID groups
raid4
The agrregate consists of RAID 4 RAID groups
raid_dp
The agrregate consists of RAID-DP RAID groups
reconstruct
At least one RAID group in the aggregate is being reconstructed
redirect
Aggregate reallocation or file reallocation with the "-p" option has been started on the aggregate, read performance will be degraded
resyncing
One of the mirror aggregates plexes is being resynchronized
snapmirror
The aggregate is a SnapMirror replica of another aggregate (traditional volumes only)
trad
The aggregate is a traditional volume and cannot contain FlexVol volumes.
verifying
A mirror operation is currently running on the aggregate
wafl inconsistent
The aggregate has been marked corrupted; contact techincal support
Aggregate Commands
Displaying
aggr status
aggr status -r
aggr status <aggregate> [-v]
Check you have spare disks
aggr status -s
Adding (creating)
## Syntax - if no option is specified then the defult is used
aggr create <aggr_name> [-f] [-m] [-n] [-t {raid0 |raid4 |raid_dp}] [-r raid_size] [-T disk_type] [-R rpm>] [-L] [-B {32|64}] <disk_list>

## create aggregate called newaggr that can have a maximum of 8 RAID groups
aggr create newaggr -r 8 -d 8a.16 8a.17 8a.18 8a.19
## create aggregated called newfastaggr using 20 x 15000rpm disks
aggr create newfastaggr -R 15000 20

## create aggrgate called newFCALaggr (note SAS and FC disks may bge used)
aggr create newFCALaggr -T FCAL 15
Note:
-f = overrides the default behavior that does not permit disks in a plex to belong to different disk pools
-m = specifies the optional creation of a SyncMirror
-n = displays the results of the command but does not execute it
-r = maximum size (number of disks) of the RAID groups for this aggregate
-T = disk type ATA, SATA, SAS, BSAS, FCAL or LUN
-R = rpm which include 5400, 7200, 10000 and 15000
Remove(destroying)
aggr offline <aggregate>
aggr destroy <aggregate>
Unremoving(undestroying)
aggr undestroy <aggregate>
Rename
aggr rename <old name> <new name>
Increase size
## Syntax
aggr add <aggr_name> [-f] [-n] [-g {raid_group_name | new |all}] <disk_list>

## add an additonal disk to aggregate pfvAggr, use "aggr status" to get group name
aggr status pfvAggr -r
aggr add pfvAggr -g rg0 -d v5.25

## Add 4 300GB disk to aggregate aggr1
aggr add aggr1 4@300
offline
aggr offline <aggregate>
online
aggr online <aggregate>
restricted state
aggr restrict <aggregate>
Change an aggregate options
## to display the aggregates options
aggr options <aggregate>

## change a aggregates raid group
aggr options <aggregate> raidtype raid_dp

## change a aggregates raid size
aggr options <aggregate> raidsize 4
show space usage
aggr show_space <aggregate>
Mirror
aggr mirror <aggregate>
Split mirror
aggr split <aggregate/plex> <new_aggregate>
Copy from one agrregate to another
## Obtain the status
aggr copy status

## Start a copy
aggr copy start <aggregate source> <aggregate destination>

## Abort a copy - obtain the operation number by using "aggr copy status"
aggr copy abort <operation number>

## Throttle the copy 10=full speed, 1=one-tenth full speed
aggr copy throttle <operation number> <throttle speed>
Scrubbing (parity)
## Media scrub status
aggr media_scrub status
aggr scrub status

## start a scrub operation
aggr scrub start [ aggrname | plexname | groupname ]

## stop a scrub operation
aggr scrub stop [ aggrname | plexname | groupname ]

## suspend a scrub operation
aggr scrub suspend [ aggrname | plexname | groupname ]

## resume a scrub operation
aggr scrub resume [ aggrname | plexname | groupname ]
Note: Starts parity scrubbing on the named online aggregate. Parity scrubbing compares the data disks to the
parity disk(s) in their RAID group, correcting the parity disk’s contents as necessary. If no name is
given, parity scrubbing is started on all online aggregates. If an aggregate name is given, scrubbing is
started on all RAID groups contained in the aggregate. If a plex name is given, scrubbing is started on
all RAID groups contained in the plex.
Look at the following system options:
raid.scrub.duration 360
raid.scrub.enable on
raid.scrub.perf_impact low
raid.scrub.schedule
Verify (mirroring)
## verify status
aggr verify status

## start a verify operation
aggr verify start [ aggrname ]

## stop a verify operation
aggr verify stop [ aggrname ]

## suspend a verify operation
aggr verify suspend [ aggrname ]

## resume a verify operation
aggr verify resume [ aggrname ]
Note: Starts RAID mirror verification on the named online mirrored aggregate. If no name is given, then
RAID mirror verification is started on all online mirrored aggregates. Verification compares the data in
both plexes of a mirrored aggregate. In the default case, all blocks that differ are logged, but no changes
are made.
Media Scrub
aggr media_scrub status

Note: Prints the media scrubbing status of the named aggregate, plex, or group. If no name is given, then
status is printed for all RAID groups currently running a media scrub. The status includes a
percent-complete and whether it is suspended.
Look at the following system options:

raid.media_scrub.enable on
raid.media_scrub.rate 600
raid.media_scrub.spares.enable on

Volumes
Volume States
Online
Read and write access to this volume is allowed.
Restricted
Some operations, such as parity reconstruction, are allowed, but data access is not allowed.
Offline
No access to the volume is allowed.
Volume Status Values
access denied
The origin system is not allowing access. (FlexCache volumes
only.)
active redirect
The volume's containing aggregate is undergoing reallocation (with the -p option specified). Read performance may be reduced while the volume is in this state.
connecting
The caching system is trying to connect to the origin system. (FlexCache volumes only.)
copying
The volume is currently the target of an active vol copy or snapmirror operation.
degraded
The volume's containing aggregate contains at least one degraded RAID group that is not being reconstructed after single disk failure.
double degraded
The volume's containing aggregate contains at least one degraded RAID-DP group that is not being reconstructed after double disk failure.
flex
The volume is a FlexVol volume.
flexcache
The volume is a FlexCache volume.
foreign
Disks used by the volume's containing aggregate were moved to the current storage system from another storage system.
growing
Disks are being added to the volume's containing aggregate.
initializing
The volume's containing aggregate is being initialized.
invalid
The volume does not contain a valid file system.
ironing
A WAFL consistency check is being performed on the volume's containing aggregate.
lang mismatch
The language setting of the origin volume was changed since the caching volume was created. (FlexCache volumes only.)
mirror degraded
The volume's containing aggregate is mirrored and one of its plexes is offline or resynchronizing.
mirrored
The volume's containing aggregate is mirrored.
needs check
A WAFL consistency check needs to be performed on the volume's containing aggregate.
out-of-date
The volume's containing aggregate is mirrored and needs to be resynchronized.
partial
At least one disk was found for the volume's containing aggregate, but two or more disks are missing.
raid0
The volume's containing aggregate consists of RAID0 (no parity) groups (array LUNs only).
raid4
The volume's containing aggregate consists of RAID4 groups.
raid_dp
The volume's containing aggregate consists of RAID-DP groups.
reconstruct
At least one RAID group in the volume's containing aggregate is being reconstructed.
redirect
The volume's containing aggregate is undergoing aggregate reallocation or file reallocation with the -p option. Read performance to volumes in the aggregate might be degraded.
rem vol changed
The origin volume was deleted and re-created with the same name. Re-create the FlexCache volume to reenable the FlexCache relationship. (FlexCache volumes only.)
rem vol unavail
The origin volume is offline or has been deleted. (FlexCache volumes only.)
remote nvram err
The origin system is experiencing problems with its NVRAM. (FlexCache volumes only.)
resyncing
One of the plexes of the volume's containing mirrored aggregate is being resynchronized.
snapmirrored
The volume is in a SnapMirror relationship with another volume.
trad
The volume is a traditional volume.
unrecoverable
The volume is a FlexVol volume that has been marked unrecoverable; contact technical support.
unsup remote vol
The origin system is running a version of Data ONTAP the does not support FlexCache volumes or is not compatible with the version running on the caching system. (FlexCache volumes only.)
verifying
RAID mirror verification is running on the volume's containing aggregate.
wafl inconsistent
The volume or its containing aggregate has been marked corrupted; contact technical support .
General Volume Operations (Traditional and FlexVol)
Displaying
vol status
vol status -v (verbose)
vol status -l (display language)
Remove (destroying)
vol offline <vol_name>
vol destroy <vol_name>
Rename
vol rename <old_name> <new_name>
online
vol online <vol_name>
offline
vol offline <vol_name>
restrict
vol restrict <vol_name>
decompress
vol decompress status
vol decompress start <vol_name>
vol decompress stop <vol_name>
Mirroring
vol mirror volname [-n][-v victim_volname][-f][-d <disk_list>]
Note:
Mirrors the currently-unmirrored traditional volume volname, either with the specified set of disks or with the contents of another unmirrored traditional volume victim_volname, which will be destroyed in the process.

The vol mirror command fails if either the chosen volname or victim_volname are flexible volumes. Flexible volumes require that any operations having directly to do with their containing aggregates be handled via the new aggr command suite.
Change language
vol lang <vol_name> <language>
Change maximum number of files
## Display maximum number of files
maxfiles <vol_name>

## Change maximum number of files
maxfiles <vol_name> <max_num_files>
Change root volume
vol options <vol_name> root
Media Scrub
vol media_scrub status [volname|plexname|groupname -s disk-name][-v]

Note: Prints the media scrubbing status of the named aggregate, volume, plex, or group. If no name is given, then
status is printed for all RAID groups currently running a media scrub. The status includes a
percent-complete and whether it is suspended.
Look at the following system options:

raid.media_scrub.enable on
raid.media_scrub.rate 600
raid.media_scrub.spares.enable on
FlexVol Volume Operations (only)
Adding (creating)
## Syntax
vol create vol_name [-l language_code] [-s {volume|file|none}] <aggr_name> size{k|m|g|t}
## Create a 200MB volume using the english character set
vol create newvol -l en aggr1 200M

## Create 50GB flexvol volume
vol create vol1 aggr0 50g
additional disks
## add an additional disk to aggregate flexvol1, use "aggr status" to get group name
aggr status flexvol1 -r
aggr add flexvol1 -g rg0 -d v5.25
Resizing
vol size <vol_name> [+|-] n{k|m|g|t}

## Increase flexvol1 volume by 100MB
vol size flexvol1 + 100m
Automatically resizing
vol autosize vol_name [-m size {k|m|g|t}] [-I size {k|m|g|t}] on

## automatically grow by 10MB increaments to max of 500MB
vol autosize flexvol1 -m 500m -I 10m on
Determine free space and Inodes
df -Ah
df -I
Determine size
vol size <vol_name>
automatic free space preservation
vol options <vol_name> try_first [volume_grow|snap_delete]
Note:
If you specify volume_grow, Data ONTAP attempts to increase the volume's size before deleting any Snapshot copies. Data ONTAP increases the volume size based on specifications you provided using the vol autosize command.

If you specify snap_delete, Data ONTAP attempts to create more free space by deleting Snapshot copies, before increasing the size of the volume. Data ONTAP deletes Snapshot copies based on the specifications you provided using the snap autodelete command.
display a FlexVol volume's containing aggregate
vol container <vol_name>
Cloning
vol clone create clone_vol [-s none|file|volume] -b parent_vol [parent_snap]

vol clone split start
vol clone split stop
vol clone split estimate
vol clone split status
Note: The vol clone create command creates a flexible volume named clone_vol on the local filer that is a clone of a "backing" flexible volume named par_ent_vol. A clone is a volume that is a writable snapshot of another volume. Initially, the clone and its parent share the same storage; more storage space is consumed only as one volume or the other changes.
Copying
vol copy start [-S|-s snapshot] <vol_source> <vol_destination>
vol copy status

vol copy abort <operation number>
vol copy throttle <operation_number> <throttle value 10-1>
## Example - Copies the nightly snapshot named nightly.1 on volume vol0 on the local filer to the volume vol0 on remote ## filer named toaster1.
vol copy start -s nightly.1 vol0 toaster1:vol0
Note: Copies all data, including snapshots, from one volume to another. If the -S flag is used, the command copies all snapshots in the source volume to the destination volume. To specify a particular snapshot to copy, use the -s flag followed by the name of the snapshot. If neither the -S nor -s flag is used in the command, the filer automatically creates a distinctively-named snapshot at the time the vol copy start command is executed and copies only that snapshot to the destination volume.

The source and destination volumes must either both be traditional volumes or both be flexible volumes. The vol copy command will abort if an attempt is made to copy between different volume types.

The source and destination volumes can be on the same filer or on different filers. If the source or destination volume is on a filer other than the one on which the vol copy start command was entered, specify the volume name in the filer_name:volume_name format.
Traditional Volume Operations (only)
adding (creating)
vol|aggr create vol_name -v [-l language_code] [-f] [-m] [-n] [-v] [-t {raid4|raid_dp}] [-r raidsize] [-T disk-type] -R rpm] [-L] disk-list

## create traditional volume using aggr command
aggr create tradvol1 -l en -t raid4 -d v5.26 v5.27

## create traditional volume using vol command
vol create tradvol1 -l en -t raid4 -d v5.26 v5.27

## Create traditional volume using 20 disks, each RAID group can have 10 disks
vol create vol1 -r 10 20
additional disks
vol add volname[-f][-n][-g <raidgroup>]{ ndisks[@size]|-d <disk_list> }

## add another disk to the already existing traditional volume
vol add tradvol1 -d v5.28
splitting
aggr split <volname/plexname> <new_volname>
Scrubing (parity)
## The more new "aggr scrub " command is preferred

vol scrub status [volname|plexname|groupname][-v]

vol scrub start [volname|plexname|groupname][-v]
vol scrub stop [volname|plexname|groupname][-v]

vol scrub suspend [volname|plexname|groupname][-v]
vol scrub resume [volname|plexname|groupname][-v]

Note: Print the status of parity scrubbing on the named traditional volume, plex or RAID group. If no name is provided, the status is given on all RAID groups currently undergoing parity scrubbing. The status includes a percent-complete as well as the scrub’s suspended status (if any).
Verify (mirroring)
## The more new "aggr verify" command is preferred

## verify status
vol verify status

## start a verify operation
vol verify start [ aggrname ]

## stop a verify operation
vol verify stop [ aggrname ]

## suspend a verify operation
vol verify suspend [ aggrname ]

## resume a verify operation
vol verify resume [ aggrname ]
Note: Starts RAID mirror verification on the named online mirrored aggregate. If no name is given, then
RAID mirror verification is started on all online mirrored aggregates. Verification compares the data in
both plexes of a mirrored aggregate. In the default case, all blocks that differ are logged, but no changes
are made.

FlexCache Volumes
FlexCache Consistency

Delegations
You can think of a delegation as a contract between the origin system and the caching volume; as long as the caching volume has the delegation, the file has not changed. Delegations are used only in certain situations.

When data from a file is retrieved from the origin volume, the origin system can give a delegation for that file to the caching volume. Before that file is modified on the origin volume, whether due to a request from another caching volume or due to direct client access, the origin system revokes the delegation for that file from all caching volumes that have that delegation.

Attribute cache timeouts
When data is retrieved from the origin volume, the file that contains that data is considered valid in the FlexCache volume as long as a delegation exists for that file. If no delegation exists, the file is considered valid for a certain length of time, specified by the attribute cache timeout.

If a client requests data from a file for which there are no delegations, and the attribute cache timeout has been exceeded, the FlexCache volume compares the file attributes of the cached file with the attributes of the file on the origin system.

write operation proxy
If a client modifies a file that is cached, that operation is passed back, or proxied through, to the origin system, and the file is ejected from the cache.

When the write is proxied, the attributes of the file on the origin volume are changed. This means that when another client requests data from that file, any other FlexCache volume that has that data cached will re-request the data after the attribute cache timeout is reached.

FlexCache Status Values

access denied
The origin system is not allowing FlexCache access. Check the setting of the flexcache.access option on the origin system.
connecting
The caching system is trying to connect to the origin system.
lang mismatch
The language setting of the origin volume was changed since the FlexCache volume was created.
rem vol changed
The origin volume was deleted and re-created with the same name. Re-create the FlexCache volume to reenable the FlexCache relationship.
rem vol unavail
The origin volume is offline or has been deleted.
remote nvram err
The origin system is experiencing problems with its NVRAM.
unsup remote vol
The origin system is running a version of Data ONTAP that either does not support FlexCache volumes or is not compatible with the version running on the caching system.
FlexCache Commands

Display
vol status
vol status -v <flexcache_name>

## How to display the options available and what they are set to
vol help options
vol options <flexcache_name>
Display free space
df -L
Adding (Create)
## Syntax
vol create <flexcache_name> <aggr> [size{k|m|g|t}] -S origin:source_vol

## Create a FlexCache volume called flexcache1 with autogrow in aggr1 aggregate with the source volume vol1
## on storage netapp1 server
vol create flexcache1 aggr1 -S netapp1:vol1
Removing (destroy)
vol offline < flexcache_name>
vol destroy <flexcache_name>
Automatically resizing
vol options <flexcache_name> flexcache_autogrow [on|off]
Eject file from cache
flexcache eject <path> [-f]
Statistics
## Client stats
flexcache stats -C <flexcache_name>

## Server stats
flexcache stats -S <volume_name> -c <client>

## File stats
flexcache fstat <path>







FlexClone Volumes
FlexClone Commands
Display
vol status
vol status <flexclone_name> -v

df -Lh
adding (create)
## Syntax
vol clone create clone_name [-s {volume|file|none}] -b parent_name [parent_snap]

## create a flexclone called flexclone1 from the parent flexvol1
vol clone create flexclone1 -b flexvol1
Removing (destroy)
vol offline <flexclone_name>
vol destroy <flexclone_name>
splitting
## Determine the free space required to perform the split
vol clone split estimate <flexclone_name>

## Double check you have the space
df -Ah

## Perform the split
vol clone split start <flexclone_name>

## Check up on its status
vol colne split status <flexclone_name>

## Stop the split
vol clone split stop <flexclone_name>
log file
/etc/log/clone

The clone log file records the following information:
• Cloning operation ID
• The name of the volume in which the cloning operation was performed
• Start time of the cloning operation
• End time of the cloning operation
• Parent file/LUN and clone file/LUN names
• Parent file/LUN ID
• Status of the clone operation: successful, unsuccessful, or stopped and some other details
Deduplication
Deduplication Commands
start/restart deduplication operation
sis start -s <path>

sis start -s /vol/flexvol1

## Use previous checkpoint
sis start -sp <path>
stop deduplication operation
sis stop <path>
schedule deduplication
sis config -s <schedule> <path>

sis config -s mon-fri@23 /vol/flexvol1

Note: schedule lists the days and hours of the day when deduplication runs. The schedule can be of the following forms:
  • day_list[@hour_list]
    If hour_list is not specified, deduplication runs at midnight on each scheduled day.
  • hour_list[@day_list]
    If day_list is not specified, deduplication runs every day at the specified hours.
  • • -
    A hyphen (-) disables deduplication operations for the specified FlexVol volume.
enabling
sis on <path>
disabling
sis off <path>
status
sis status -l <path>
Display saved space
df -s <path>
QTrees
QTree Commands
Display
qtree status [-i] [-v]

Note:
The -i option includes the qtree ID number in the display.
The -v option includes the owning vFiler unit, if the MultiStore license is enabled.
adding (create)
## Syntax - by default wafl.default_qtree_mode option is used
qtree create path [-m mode]

## create a news qtree in the /vol/users volume using 770 as permissions
qtree create /vol/users/news -m 770
Remove
rm -Rf <directory>
Rename
mv <old_name> <new_name>
convert a directory into a qtree directory
## Move the directory to a different directory
mv /n/joel/vol1/dir1 /n/joel/vol1/olddir

## Create the qtree
qtree create /n/joel/vol1/dir1

## Move the contents of the old directory back into the new QTree
mv /n/joel/vol1/olddir/* /n/joel/vol1/dir1

## Remove the old directory name
rmdir /n/joel/vol1/olddir
stats
qtree stats [-z] [vol_name]

Note:
-z = zero stats
Change the security style
## Syntax
qtree security path {unix | ntfs | mixed}
## Change the security style of /vol/users/docs to mixed
qtree security /vol/users/docs mixed
Quotas
Quota Commands
Quotas configuration file
/mroot/etc/quotas
Example quota file
##                                                  hard limit | thres |soft limit
##Quota Target            type                      disk  files| hold  |disk  file
##-------------           -----                     ----  -----  ----- ----- ----
*                    tree@/vol/vol0           -     -      -     -     -     # monitor usage on all qtrees in vol0
/vol/vol2/qtree      tree                    1024K  75k    -     -     -     # enforce qtree quota using kb
tinh                 user@/vol/vol2/qtree1   100M   -      -     -     -     # enforce users quota in specified qtree
dba                  group@/vol/ora/qtree1   100M   -      -     -     -     # enforce group quota in specified qtree

# * = default user/group/qtree
# - = placeholder, no limit enforced, just enable stats collection

Note: you have lots of permutations, so checkout the documentation   
Displaying
quota report [<path>]
Activating
quota on [-w] <vol_name>

Note:
-w = return only after the entire quotas file has been scanned
Deactivitating
quota off [-w] <vol_name>
Reinitializing
quota off [-w] <vol_name>
quota on [-w] <vol_name>
Resizing
quota resize <vol_name>

Note: this commands rereads the quota file
Deleting
edit the quota file

quota resize <vol_name>
log messaging
quota logmsg
LUNs, igroups and LUN mapping
LUN configuration
Display
lun show
lun show -m
lun show -v
Initialize/Configure LUNs, mapping
lun setup
Note: follow the prompts to create and configure LUN's
Create
lun create -s 100m -t windows /vol/tradvol1/lun1
Destroy
lun destroy [-f] /vol/tradvol1/lun1
Note: the "-f" will force the destroy
Resize
lun resize <lun path> <size>
lun resize /vol/tradvol1/lun1 75m
Restart block protocol access
lun online /vol/tradvol1/lun1
Stop block protocol access
lun offline /vol/tradvol1/lun1
Map a LUN to an initiator group
lun map /vol/tradvol1/lun1 win_hosts_group1 0
lun map -f /vol/tradvol1/lun2 linux_host_group1 1

lun show -m
Note: use "-f" to force the mapping
Remove LUN mapping
lun show -m
lun offline /vol/tradvol1
lun unmap /vol/tradvol1/lun1 win_hosts_group1 0
Displays or zeros read/write statistics for LUN
lun stats /vol/tradvol1/lun1
Comments
lun comment /vol/tradvol1/lun1 "10GB for payroll records"
Check all lun/igroup/fcp settings for correctness
lun config_check -v
Manage LUN cloning
# Create a Snapshot copy of the volume containing the LUN to be cloned by entering the following command
snap create tradvol1 tradvol1_snapshot_08122010
# Create the LUN clone by entering the following command
lun clone create /vol/tradvol1/clone_lun1 -b /vol/tradvol1/tradvol1_snapshot_08122010 lun1
Show the maximum possible size of a LUN on a given volume or qtree
lun maxsize /vol/tradvol1
Move (rename) LUN
lun move /vol/tradvol1/lun1 /vol/tradvol1/windows_lun1
Display/change LUN serial number
lun serial -x /vol/tradvol1/lun1
Manage LUN properties
lun set reservation /vol/tradvol1/hpux/lun0
Configure NAS file-sharing properties
lun share <lun_path> { none | read | write | all }
Manage LUN and snapshot interactions
lun snap usage -s <volume> <snapshot>
igroup configuration
display
igroup show
igroup show -v
igroup show iqn.1991-05.com.microsoft:xblade
create (iSCSI)
igroup create -i -t windows win_hosts_group1 iqn.1991-05.com.microsoft:xblade
create (FC)
igroup create -i -f windows win_hosts_group1 iqn.1991-05.com.microsoft:xblade
destroy
igroup destroy win_hosts_group1
add initiators to an igroup
igroup add win_hosts_group1 iqn.1991-05.com.microsoft:laptop
remove initiators to an igroup
igroup remove win_hosts_group1 iqn.1991-05.com.microsoft:laptop
rename
igroup rename win_hosts_group1 win_hosts_group2
set O/S type
igroup set win_hosts_group1 ostype windows
Enabling ALUA
igroup set win_hosts_group1 alua yes

Note: ALUA defines a standard set of SCSI commands for discovering and managing multiple paths to LUNs on Fibre Channel and iSCSI SANs. ALUA enables the initiator to query the target about path attributes, such as primary path and secondary path. It also enables the target to communicate events back to the initiator. As long as the host supports the ALUA standard, multipathing software can be developed to support any array. Proprietary SCSI commands are no longer required.
iSCSI commands
display
iscsi initiator show
iscsi session show [-t]
iscsi connection show -v
iscsi security show
status
iscsi status
start
iscsi start
stop
iscsi stop
stats
iscsi stats
nodename
iscsi nodename

# to change the name
iscsi nodename <new name>
interfaces
iscsi interface show

iscsi interface enable e0b
iscsi interface disable e0b
portals
iscsi portal show

Note: Use the iscsi portal show command to display the target IP addresses of the storage system. The storage system's target IP addresses are the addresses of the interfaces used for the iSCSI protocol
accesslists
iscsi interface accesslist show

Note: you can add or remove interfaces from the list
Port Sets
display
portset show
portset show portset1
igroup show linux-igroup1
create
portset create -f portset1 SystemA:4b
destroy
igroup unbind linux-igroup1 portset1
portset destroy portset1
add
portset add portset1 SystemB:4b
remove
portset remove portset1 SystemB:4b
binding
igroup bind linux-igroup1 portset1
igroup unbind linux-igroup1 portset1
FCP service
display
fcp show adapter -v
daemon status
fcp status
start
fcp start
stop
fcp stop
stats
fcp stats -i interval [-c count] [-a | adapter]
fcp stats -i 1
target expansion adapters
fcp config <adapter> [down|up]

fcp config 4a down
target adapter speed
fcp config <adapter> speed [auto|1|2|4|8]
fcp config 4a speed 8
set WWPN #
fcp portname set [-f] adapter wwpn
fcp portname set -f 1b 50:0a:09:85:87:09:68:ad
swap WWPN #
fcp portname swap [-f] adapter1 adapter2
fcp portname swap -f 1a 1b
change WWNN
# display nodename
fcp nodename

fcp nodename [-f]nodename
fcp nodename 50:0a:09:80:82:02:8d:ff
Note: The WWNN of a storage system is generated by a serial number in its NVRAM, but it is stored ondisk. If you ever replace a storage system chassis and reuse it in the same Fibre Channel SAN, it is possible, although extremely rare, that the WWNN of the replaced storage system is duplicated. In this unlikely event, you can change the WWNN of the storage system.
WWPN Aliases - display
fcp wwpn-alias show
fcp wwpn-alias show -a my_alias_1
fcp wwpn-alias show -w 10:00:00:00:c9:30:80:2
WWPN Aliases - create
fcp wwpn-alias set [-f] alias wwpn

fcp wwpn-alias set my_alias_1 10:00:00:00:c9:30:80:2f
WWPN Aliases - remove
fcp wwpn-alias remove [-a alias ... | -w wwpn]
fcp wwpn-alias remove -a my_alias_1
fcp wwpn-alias remove -w 10:00:00:00:c9:30:80:2




Snapshotting and Cloning
Snapshot and Cloning commands
Display clones
snap list
create clone
# Create a LUN by entering the following command
lun create -s 10g -t solaris /vol/tradvol1/lun1
# Create a Snapshot copy of the volume containing the LUN to be cloned by entering the following command
snap create tradvol1 tradvol1_snapshot_08122010
# Create the LUN clone by entering the following command
lun clone create /vol/tradvol1/clone_lun1 -b /vol/tradvol1/lun1 tradvol1_snapshot_08122010
destroy clone
# display the snapshot copies
lun snap usage tradvol1 tradvol1_snapshot_08122010
# Delete all the LUNs in the active file system that are displayed by the lun snap usage command by entering the following command
lun destroy /vol/tradvol1/clone_lun1
# Delete all the Snapshot copies that are displayed by the lun snap usage command in the order they appear
snap delete tradvol1 tradvol1_snapshot_08122010
clone dependency
vol options <vol_name> <snapshot_clone_dependency> on
vol options <vol_name> <snapshot_clone_dependency> off
Note: Prior to Data ONTAP 7.3, the system automatically locked all backing Snapshot copies when Snapshot copies of LUN clones were taken. Starting with Data ONTAP 7.3, you can enable the system to only lock backing Snapshot copies for the active LUN clone. If you do this, when you delete the active LUN clone, you can delete the base Snapshot copy without having to first delete all of the more recent backing Snapshot copies.

This behavior in not enabled by default; use the snapshot_clone_dependency volume option to enable it. If this option is set to off, you will still be required to delete all subsequent Snapshot copies before deleting the base Snapshot copy. If you enable this option, you are not required to rediscover the LUNs. If you perform a subsequent volume snap restore operation, the system restores whichever value was present at the time the Snapshot copy was taken.
Restoring snapshot
snap restore -s payroll_lun_backup.2 -t vol /vol/payroll_lun
splitting the clone
lun clone split start lun_path

lun clone split status lun_path
stop clone splitting
lun clone split stop lun_path
delete snapshot copy
snap delete vol-name snapshot-name

snap delete -a -f <vol-name>
disk space usage
lun snap usage tradvol1 mysnap
Use Volume copy to copy LUN's
vol copy start -S source:source_volume dest:dest_volume

vol copy start -S /vol/vol0 filerB:/vol/vol1
The estimated rate of change of data between Snapshot copies in a
volume
snap delta /vol/tradvol1 tradvol1_snapshot_08122010
The estimated amount of space freed if you delete the specified
Snapshot copies
snap reclaimable /vol/tradvol1 tradvol1_snapshot_08122010
File Access using NFS
Export Options
actual=<path>
Specifies the actual file system path corresponding to the exported file system path.
anon=<uid>|<name>
Specifies the effective user ID (or name) of all anonymous or root NFS client users that access the file system path.
nosuid
Disables setuid and setgid executables and mknod commands on the file system path.
ro | ro=clientid
Specifies which NFS clients have read-only access to the file system path.
rw | rw=clientid
Specifies which NFS clients have read-write access to the file system path.
root=clientid
Specifies which NFS clients have root access to the file system path. If you specify the root= option, you must specify at least one NFS client identifier. To exclude NFS clients from the list, prepend the NFS client identifiers with a minus sign (-).
sec=sectype
Specifies the security types that an NFS client must support to access the file system path. To apply the security types to all types of access, specify the sec= option once. To apply the security types to specific types of access (anonymous, non-super user, read-only, read-write, or root), specify the sec= option at least twice, once before each access type to which it applies (anon, nosuid, ro, rw, or root, respectively).
security types could be one of the following:
none
No security. Data ONTAP treats all of the NFS client's users as anonymous users.
sys
Standard UNIX (AUTH_SYS) authentication. Data ONTAP checks the NFS credentials of all of the
NFS client's users, applying the file access permissions specified for those users in the NFS server's /etc/passwd file. This is the default security type.
krb5
Kerberos(tm) Version 5 authentication. Data ONTAP uses data encryption standard (DES) key
encryption to authenticate the NFS client's users.
krb5i
Kerberos(tm) Version 5 integrity. In addition to authenticating the NFS client's users, Data
ONTAP uses message authentication codes (MACs) to verify the integrity of the NFS client's remote procedure requests and responses, thus preventing "man-in-the-middle" tampering.
krb5p
Kerberos(tm) Version 5 privacy. In addition to authenticating the NFS client's users and verifying data integrity, Data ONTAP encrypts NFS arguments and results to provide privacy.
Examples
rw=10.45.67.0/24
ro,root=@trusted,rw=@friendly
rw,root=192.168.0.80,nosuid
Export Commands
Displaying
exportfs
exportfs -q <path>
create
# create export in memory and write to /etc/exports (use default options)
exportfs -p /vol/nfs1
# create export in memory and write to /etc/exports (use specific options)
exportsfs -io sec=none,rw,root=192.168.0.80,nosuid /vol/nfs1

# create export in memory only using own specific options
exportsfs -io sec=none,rw,root=192.168.0.80,nosuid /vol/nfs1
remove
# Memory only
exportfs -u <path>

# Memory and /etc/exportfs
exportfs -z <path>
export all
exportfs -a
check access
exportfs -c 192.168.0.80 /vol/nfs1
flush
exportfs -f
exportfs -f <path>
reload
exportfs -r
storage path
exportfs -s <path>
Write export to a file
exportfs -w <path/export_file>
fencing
# Suppose /vol/vol0 is exported with the following export options:

-rw=pig:horse:cat:dog,ro=duck,anon=0

# The following command enables fencing of cat from /vol/vol0
exportfs -b enable save cat /vol/vol0

# cat moves to the front of the ro= list for /vol/vol0:

-rw=pig:horse:dog,ro=cat:duck,anon=0
stats
nfsstat

File Access using CIFS
Useful CIFS options
change the security style
options wafl.default_security_style {ntfs | unix | mixed}
timeout
options cifs.idle_timeout time
Performance
options cifs.oplocks.enable on

Note: Under some circumstances, if a process has an exclusive oplock on a file and a second process attempts to open the file, the first process must invalidate cached data and flush writes and locks. The client must then relinquish the oplock and access to the file. If there is a network failure during this flush, cached write data might be lost.
CIFS Commands
useful files
/etc/cifsconfig_setup.cfg
/etc/usermap.cfs
/etc/passwd
/etc/cifsconfig_share.cfg


Note: use "rdfile" to read the file
CIFS setup
cifs setup

Note: you will be prompted to answer a number of questions based on what requirements you need.
start
cifs restart
stop
cifs terminate

# terminate a specific client
cifs terminate <client_name>|<IP Address>
sessions
cifs sessions
cifs sessions <user>
cifs sessions <IP Address>

# Authentication
cifs sessions -t

# Changes
cifs sessions -c

# Security Info
cifs session -s
Broadcast message
cifs broadcast * "message"
cifs broadcast <client_name> "message"
permissions
cifs access <share> <user|group> <permission>

# Examples
cifs access sysadmins -g wheel Full Control
cifs access -delete releases ENGINEERING\mary
Note: rights can be Unix-style combinations of r w x - or NT-style "No Access", "Read", "Change", and "Full Control"
stats
cifs stat <interval>
cifs stat <user>
cifs stat <IP Address>
create a share
# create a volume in the normal way
# then using qtrees set the style of the volume {ntfs | unix | mixed}
# Now you can create your share
cifs shares -add TEST /vol/flexvol1/TEST -comment "Test Share " -forcegroup workgroup -maxusers 100
change share characteristics
cifs shares -change sharename {-browse | -nobrowse} {-comment desc | - nocomment} {-maxusers userlimit | -nomaxusers} {-forcegroup groupname | -noforcegroup} {-widelink | -nowidelink} {-symlink_strict_security | - nosymlink_strict_security} {-vscan | -novscan} {-vscanread | - novscanread} {-umask mask | -noumask {-no_caching | -manual_caching | - auto_document_caching | -auto_program_caching}

# example
cifs shares -change <sharename> -novscan
home directories
# Display home directories
cifs homedir

# Add a home directory
wrfile -a /etc/cifs_homedir.cfg /vol/TEST

# check it
rdfile /etc/cifs_homedir.cfg

# Display for a Windows Server
net view \\<Filer IP Address>

# Connect
net use * \\192.168.0.75\TEST

Note: make sure the directory exists
domain controller
# add a domain controller
cifs prefdc add lab 10.10.10.10 10.10.10.11
# delete a domain controller
cifs prefdc delete lab

# List domain information
cifs domaininfo
# List the preferred controllers
cifs prefdc print

# Restablishing
cifs resetdc
change filers domain password
cifs changefilerpwd
Tracing permission problems
sectrace add [-ip ip_address] [-ntuser nt_username] [-unixuser unix_username] [-path path_prefix] [-a]
#Examples
sectrace add -ip 192.168.10.23
sectrace add -unixuser foo -path /vol/vol0/home4 -a
# To remove
sectrace delete all
sectrace delete <index>

# Display tracing
sectrace show

# Display error code status
sectrace print-status <status_code>
sectrace print-status 1:51544850432:32:78

File Access using FTP
Useful Options
Enable
options ftpd.enable on
Disable
options ftpd.enable off
File Locking
options ftpd.locking delete
options ftpd.locking none

Note: To prevent users from modifying files while the FTP server is transferring them, you can enable FTP file locking. Otherwise, you can disable FTP file locking. By default, FTP file locking is disabled.
Authenication Style
options ftpd.auth_style {unix | ntlm | mixed}
bypassing of FTP traverse checking
options ftpd.bypass_traverse_checking on
options ftpd.bypass_traverse_checking off

Note: If the ftpd.bypass_traverse_checking option is set to off, when a user attempts to access a file using FTP, Data ONTAP checks the traverse (execute) permission for all directories in the path to the file. If any of the intermediate directories does not have the "X" (traverse permission), Data ONTAP denies access to the file. If the ftpd.bypass_traverse_checking option is set to on, when a user attempts to access a file, Data ONTAP does not check the traverse permission for the intermediate directories when determining whether to grant or deny access to the file.
Restricting FTP users to a specific directory
options ftpd.dir.restriction on
options ftpd.dir.restriction off
Restricting FTP users to their home directories or a default directory
options ftpd.dir.override ""
Maximum number of connections
options ftpd.max_connections n
options ftpd.max_connections_threshold n
idle timeout value
options ftpd.idle_timeout n s | m | h
anonymous logins
options ftpd.anonymous.enable on
options ftpd.anonymous.enable off

# specify the name for the anonymous login
options ftpd.anonymous.name username

# create the directory for the anonymous login
options ftpd.anonymous.home_dir homedir
FTP Commands
Log files
/etc/log/ftp.cmd
/etc/log/ftp.xfer

# specify the max number of logfiles (default is 6) and size
options ftpd.log.nfiles 10
options ftpd.log.filesize 1G

Note: use rdfile to view
Restricting access
/etc/ftpusers

Note: using rdfile and wrfile to access /etc/ftpusers
stats
ftp stat

# to reset
ftp stat -z
File Access using HTTP
HTTP Options
enable
options httpd.enable on
disable
options httpd.enable off
Enabling or disabling the bypassing of HTTP traverse checking
options httpd.bypass_traverse_checking on
options httpd.bypass_traverse_checking off

Note: this is similar to the FTP version
root directory
options httpd.rootdir /vol0/home/users/pages
Host access
options httpd.access host=Host1 AND if=e3
options httpd.admin.access host!=Host1
HTTP Commands
Log files
/etc/log/httpd.log

# use the below to change the logfile format
options httpd.log.format alt1

Note: use rdfile to view
redirects
redirect /cgi-bin/* http://cgi-host/*
pass rule
pass /image-bin/*
fail rule
fail /usr/forbidden/*
mime types
/etc/httpd.mimetypes

Note: use rdfile and wrfile to edit
interface firewall
ifconfig f0 untrusted
stats
httpstat [-dersta]

# reset the stats
httpstat -z[derta]
Network Interfaces
Display
ifconfig -a
ifconfig <interface>
IP address
ifconfig e0 <IP Address>
ifconfig e0a <IP Address>

# Remove a IP Address
ifconfig e3 0
subnet mask
ifconfig e0a netmask <subnet mask address>
broadcast
ifconfig e0a broadcast <broadcast address>
media type
ifconfig e0a mediatype 100tx-fd
maximum transmission unit (MTU)
ifconfig e8 mtusize 9000
Flow control
ifconfig <interface_name> <flowcontrol> <value>

# example
ifconfig e8 flowcontrol none
Note: value is the flow control type. You can specify the following values for the flowcontrol option:

none - No flow control
receive - Able to receive flow control frames
send - Able to send flow control frames
full - Able to send and receive flow control frames

The default flowcontrol type is full.
trusted
ifconfig e8 untrusted

Note: You can specify whether a network interface is trustworthy or untrustworthy. When you specify an interface as untrusted (untrustworthy), any packets received on the interface are likely to be dropped.
HA Pair
ifconfig e8 partner <IP Address>

## You must enable takeover on interface failures by entering the following commands:
options cf.takeover.on_network_interface_failure enable
ifconfig interface_name {nfo|-nfo}
nfo — Enables negotiated failover
-nfo — Disables negotiated failover
Note: In an HA pair, you can assign a partner IP address to a network interface. The network interface takes over this IP address when a failover occurs
Alias
# Create alias
ifconfig e0 alias 192.0.2.30

# Remove alias
ifconfig e0 -alias 192.0.2.30
Block/Unblock protocols
# Block
options interface.blocked.cifs e9
options interface.blocked.cifs e0a,e0b

# Unblock
options interface.blocked.cifs ""
Stats
ifstat
netstat

Note: there are many options to both these commands so I will leave to the man pages
bring up/down an interface
ifconfig <interface> up
ifconfig <interface> down
Routing
default route
# using wrfile and rdfile edit the /etc/rc file with the below
route add default 192.168.0.254 1

# the full /etc/rc file will look like something below
hostname netapp1
ifconfig e0 192.168.0.10 netmask 255.255.255.0 mediatype 100tx-fd
route add default 192.168.0.254 1
routed on
enable/disable fast path
options ip.fastpath.enable {on|off}

Note:
on — Enables fast path
off — Disables fast path
enable/disable routing daemon
routed {on|off}

Note:
on — Turns on the routed daemon
off — Turns off the routed daemon
Display routing table
netstat -rn
route -s
routed status
Add to routing table
route add 192.168.0.15 gateway.com 1



Hosts and DNS
Hosts
# use wrfile and rdfile to read and edit /etc/hosts file , it basically use the sdame rules as a Unix
# hosts file
nsswitch file
# use wrfile and rdfile to read and edit /etc/nsswitch.conf file , it basically uses the same rules as a
# Unix nsswitch.conf file
DNS
# use wrfile and rdfile to read and edit /etc/resolv.conf file , it basically uses the same rules as a
# Unix resolv.conf file

options dns.enable {on|off}

Note:
on — Enables DNS
off — Disables DNS
Domain Name
options dns.domainname <domain>
DNS cache
options dns.cache.enable
options dns.cache.disable

# To flush the DNS cache
dns flush

# To see dns cache information
dns info
DNS updates
options dns.update.enable {on|off|secure}
Note:
on — Enables dynamic DNS updates
off — Disables dynamic DNS updates
secure — Enables secure dynamic DNS updates
time-to-live (TTL)
options dns.update.ttl <time>
# Example
options dns.update.ttl 2h

Note: time can be set in seconds (s), minutes (m), or hours (h), with a minimum value of 600 seconds
and a maximum value of 24 hour
VLAN
Create
vlan create [-g {on|off}] ifname vlanid

# Create VLANs with identifiers 10, 20, and 30 on the interface e4 of a storage system by using the following command:
vlan create e4 10 20 30
# Configure the VLAN interface e4-10 by using the following command
ifconfig e4-10 192.168.0.11 netmask 255.255.255.0
Add
vlan add e4 40 50
Delete
# Delete specific VLAN
vlan delete e4 30

# Delete All VLANs on a interface
vlan delete e4
Enable/Disable GRVP on VLAN
vlan modify -g {on|off} ifname
Stat
vlan stat <interface_name> <vlan_id>

# Examples
vlan stat e4
vlan stat e4 10
Interface Groups
Create (single-mode)
# To create a single-mode interface group, enter the following command:
ifgrp create single SingleTrunk1 e0 e1 e2 e3
# To configure an IP address of 192.168.0.10 and a netmask of 255.255.255.0 on the singlemode interface group SingleTrunk1
ifconfig SingleTrunk1 192.168.0.10 netmask 255.255.255.0
# To specify the interface e1 as preferred
ifgrp favor e1
Create ( multi-mode)
# To create a static multimode interface group, comprising interfaces e0, e1, e2, and e3 and using MAC
# address load balancing
ifgrp create multi MultiTrunk1 -b mac e0 e1 e2 e3
# To create a dynamic multimode interface group, comprising interfaces e0, e1, e2, and e3 and using IP
# address based load balancing
ifgrp create lacp MultiTrunk1 -b ip e0 e1 e2 e3
Create second level intreface group
# To create two interface groups and a second-level interface group. In this example, IP address load
# balancing is used for the multimode interface groups.
ifgrp create multi Firstlev1 e0 e1
ifgrp create multi Firstlev2 e2 e3
ifgrp create single Secondlev Firstlev1 Firstlev2
# To enable failover to a multimode interface group with higher aggregate bandwidth when one or more of
# the links in the active multimode interface group fail
options ifgrp.failover.link_degraded on
Note: You can create a second-level interface group by using two multimode interface groups. Secondlevel interface groups enable you to provide a standby multimode interface group in case the primary multimode interface group fails.
Create second level intreface group in a HA pair
# Use the following commands to create a second-level interface group in an HA pair. In this example,
# IP-based load balancing is used for the multimode interface groups.

# On StorageSystem1:
ifgrp create multi Firstlev1 e1 e2
ifgrp create multi Firstlev2 e3 e4
ifgrp create single Secondlev1 Firstlev1 Firstlev2

# On StorageSystem2 :
ifgrp create multi Firstlev3 e5 e6
ifgrp create multi Firstlev4 e7 e8
ifgrp create single Secondlev2 Firstlev3 Firstlev4

# On StorageSystem1:
ifconfig Secondlev1 partner Secondlev2

# On StorageSystem2 :
ifconfig Secondlev2 partner Secondlev1
Favoured/non-favoured interface
# select favoured interface
ifgrp nofavor e3
# select a non-favoured interface
ifgrp nofavor e3
Add
ifgrp add MultiTrunk1 e4
Delete
ifconfig MultiTrunk1 down
ifgrp delete MultiTrunk1 e4

Note: You must configure the interface group to the down state before you can delete a network interface
from the interface group
Destroy
ifconfig ifgrp_name down
ifgrp destroy ifgrp_name
Note: You must configure the interface group to the down state before you can delete a network interface
from the interface group
Enable/disable a interface group
ifconfig ifgrp_name up
ifconfig ifgrp_name down
Status
ifgrp status [ifgrp_name]
Stat
ifgrp stat [ifgrp_name] [interval]
Diagnostic Tools
Useful options
Ping thottling
# Throttle ping
options ip.ping_throttle.drop_level <packets_per_second>

# Disable ping throttling
options ip.ping_throttle.drop_level 0
Forged IMCP attacks
options ip.icmp_ignore_redirect.enable on

Note: You can disable ICMP redirect messages to protect your storage system against forged ICMP redirect attacks.
Useful Commands
netdiag
The netdiag command continuously gathers and analyzes statistics, and performs diagnostic tests. These diagnostic tests identify and report problems with your physical network or transport layers and suggest remedial action.
ping
You can use the ping command to test whether your storage system can reach other hosts on your network.
pktt
You can use the pktt command to trace the packets sent and received in the storage system's network.

Comments

Post a Comment

Popular posts from this blog

  Issue with Aria Automation Custom form Multi Value Picker and Data Grid https://knowledge.broadcom.com/external/article?articleNumber=345960 Products VMware Aria Suite Issue/Introduction Symptoms: Getting  error " Expected Type String but was Object ", w hen trying to use Complex Types in MultiValue Picker on the Aria for Automation Custom Form. Environment VMware vRealize Automation 8.x Cause This issue has been identified where the problem appears when a single column Multi Value Picker or Data Grid is used. Resolution This is a known issue. There is a workaround.  Workaround: As a workaround, try adding one empty column in the Multivalue picker without filling the options. So we can add one more column without filling the value which will be hidden(there is a button in the designer page that will hide the column). This way the end user will receive the same view.  
Post a Comment
Read more

57 Tips Every Admin Should Know

Active Directory 1. To quickly list all the groups in your domain, with members, run this command: dsquery group -limit 0 | dsget group -members –expand 2. To find all users whose accounts are set to have a non-expiring password, run this command: dsquery * domainroot -filter “(&(objectcategory=person)(objectclass=user)(lockoutTime=*))” -limit 0 3. To list all the FSMO role holders in your forest, run this command: netdom query fsmo 4. To refresh group policy settings, run this command: gpupdate 5. To check Active Directory replication on a domain controller, run this command: repadmin /replsummary 6. To force replication from a domain controller without having to go through to Active Directory Sites and Services, run this command: repadmin /syncall 7. To see what server authenticated you (or if you logged on with cached credentials) you can run either of these commands: set l echo %logonserver% 8. To see what account you are logged on as, run this command: ...
Post a Comment
Read more
  The Guardrails of Automation VMware Cloud Foundation (VCF) 9.0 has redefined private cloud automation. With full-stack automation powered by Ansible and orchestrated through vRealize Orchestrator (vRO), and version-controlled deployments driven by GitOps and CI/CD pipelines, teams can build infrastructure faster than ever. But automation without guardrails is a recipe for risk Enter RBAC and policy enforcement. This third and final installment in our automation series focuses on how to secure and govern multi-tenant environments in VCF 9.0 with role-based access control (RBAC) and layered identity management. VCF’s IAM Foundation VCF 9.x integrates tightly with enterprise identity providers, enabling organizations to define and assign roles using existing Active Directory (AD) groups. With its persona-based access model, administrators can enforce strict boundaries across compute, storage, and networking resources: Personas : Global Admin, Tenant Admin, Contributor, Viewer Projec...
Post a Comment
Read more