logo
Manual Pages
Table of Contents

NAME

na_vif - manage virtual network interface configuration

SYNOPSIS

vif create [ single | multi | lacp ] vif_name [ -b {rr|mac|ip|port} ] [ interface_list ] vif destroy vif_name vif delete vif_name interface_name vif add vif_name interface_list vif { favor | nofavor } interface vif status [ vif_name ] vif stat vif_name [ interval ] In the vif commands, vif_name stands for the name of a virtual interface. The name must be a string that is no longer than 15 characters and meets the following criteria:
-
It begins with a letter.
-
It does not contain a space.
-
It is not in use for another virtual interface.
Virtual interface names are case-sensitive.

DESCRIPTION

A virtual network interface is a mechanism that supports aggregation of network interfaces ("links") into one logical interface unit ("trunk"). Once created, a vif is indistinguishable from a physical network interface. You can inspect and modify statistical and configuration information using the ifconfig and netstat commands, among others. You can create a vif in one of three modes: multi, single or lacp. Multi-mode vifs are partly compliant with IEEE 802.3ad. Multi-mode vifs support static configuration but not dynamic aggregate creation. In multi-mode vif , all links are simultaneously active. This mode is only useful if all the links are connected to a switch that supports trunking/aggregation over multiple port connections. The switch must be configured to understand that all the port connections share a common media access control (MAC) address and are part of a single logical interface. Lacp vifs are completely compliant with IEEE 802.3ad. LACP protocol is used determine which of the underlying links can be aggregated. LACP protocol is also used to monitor the link status. If the configuration on both ends of the links are correct then all the interfaces of a vif are active. While the switch is responsible for determining how to forward incoming packets to the filer, the filer supports load balancing on the network traffic transmitted over a multi-mode/lacp vif. The user can choose from any of the following four methods:
-
IP based . The outgoing interface is selected on the basis of the filer and client's IP address
-
MAC based . The outgoing interface is selected on the basis of the filer and client's MAC address
-
Round-Robin . All the interfaces are selected on a round-robin basis.
-
Port based . The outgoing interface is selected on the basis of the transport layer connection 4-tuple. This includes the filer's IP and port number and the client's IP and port number. For traffic such as ICMP etc. only the souce and destination IP addresses are used.
Since the Round-Robin based load balancing policy may lead to out-of-order of packets, it should be used carefully. In single-mode, only one of the links is active at a time. No configuration is neccessary on the switch. If Data ONTAP detects a fault in the active link, an standby link of the vif, if available, is activated. Note that load balancing is not supported on single-mode vifs. Network interfaces belonging to a vif do not have to be on the same network card. With the vif command, you can also create second-level single or multi-mode vifs. For example, a subnetwork has two switches that are capable of trunking over multiple port connections. The filer has a two-link multi-mode vif to one switch and a two-link multi-mode vif to the second switch. You can create a second-level single-mode vif that contains both of the multi-mode vifs. When you configure the second-level vif using the .B ifconfig command, only one of the two multimode vif is brought up as the active link. If all the underlying interfaces in the active vif fail, the secondlevel vif activates it's standby vif. Please note that multi-level lacp vifs are not permitted. You can destroy a virtual interface only if you have configured it down using the ifconfig command.

OPTIONS

create
Creates a new instance of a virtual interface. If no mode is specified, the virtual interface is created in multi mode. If a list of interfaces is provided, the interfaces are configured and added to the virtual interface trunk. Load balancing is specified with the -b option.
- rr refers to Round-robin Load balancing.
-
ip refers to IP-based load balancing. The IP based load balancing is used as default for multi-mode vifs if none is specified by user.
- mac refers to MAC-based load balancing.
- port refers to port-based load balancing.
destroy
Destroys a previously created virtual interface. The interface must be configured down prior to invoking this option.
delete
Deletes the specified interface from a previously created virtual interface. The virtual interface must be configured down prior to invoking this option.
add
Adds a list of interfaces to an existing virtual interface trunk. Each interface corresponds to a single link in the trunk.
favor
designates the specified interface as active in a single-mode vif. When a single-mode vif is created, an interface is randomly selected to be the active interface. Use the favor command to override the random selection.
nofavor
If the specified interface is part of a single-mode vif, this command ensures that the link corresponding to this interface is not preferred when determining which link to activate.
status
Displays the status of the specified virtual interface. If no interface is specified, displays the status of all virtual interfaces.
stat
Displays the number of packets received and transmitted on each link that makes up the virtual interface. You can specify the time interval, in seconds, at which the statistics are displayed. By default, the statistics are displayed at a two-second interval.

FAULT DETECTION

The vif driver constantly checks each virtual interface and each link for status. Links issue two types of indications:
up
The link is receiving active status from its media access unit.
broken
The link is not receiving active status from its media access unit.
In the case of a link that is itself a vif interface, the media access unit refers to the collection of media access units of the underlying physical network interfaces. If any of the underlying media access units issues an up indication, the vif issues an up indication to the next higher level vif on its behalf. If all underlying physical network interfaces issue broken indications, the vif issues broken indication to the next level vif. If all the links in a vif are broken, the vif issues a system log message similar to this: Fri Oct 16 15:09:29 PDT [toaster: pvif_monitor]: vif0: all links are down If all links on a vif are broken and a link subsequently comes back up, the vif issues a system log message similar to this: Fri Oct 16 15:09:42 PDT [toaster: pvif_monitor]: vif0: switching to e3a In the case of lacp vifs, LACP frames are exchanged periodically. Failure to receive LACP frames within a specified time period is construed as a link failure and the corresponding link is marked down. In the case of single-mode vifs, broadcast frames are sent out of each interface periodically. Failure to receive these periodic frames provide a hint on the link status.

EXAMPLES

The following command creates a multi-mode vif vif0, with ip based load balancing, consisting of two links, e10 and e5: vif create multi vif0 -b ip e3a e3b The status option prints out results in the following form. Here is an example of the output for vif0: vif status
  default: transmit 'IP Load balancing', VIF Type 'multi_mode', fail 'log'
  vif0: 2 links, transmit 'none', VIF Type 'multi-mode' fail 'default'

  VIF Status     Up      Addr_set
          up:
          e10: state up, since 05Oct2001 17:17:15 (05:23:05)
                  mediatype: auto-1000t-fd-up
                  flags: enabled
                  input packets 2000, input bytes 12800
                  output packets 173, output bytes 1345
                  up indications 1, broken indications 0
                  drops (if) 0, drops (link) 0
                  indication: up at boot
                          consecutive 3, transitions 1
          broken:
          e5: state broken, since 05Oct2001 17:18:03 (00:10:03)
                  mediatype: auto-1000t-fd-down
                  flags: enabled
                  input packets 134, input bytes 987
                  output packets 20, output bytes 156
                  up indications 1, broken indications 1
                  drops (if) 0, drops (link) 0
                  indication: broken
                          consecutive 4, transitions 1
In this example, one of the vif0 links are is in the active (up) state. The second interface e5 is broken on detection of a link failure. vif0 is configured to transmit over multiple links and its failure behavior is the default (send errors to the system log). Links are in one of three states:
up
The link is active and is sending and receiving data (up).
down
The link is inactive but is believed to be operational (down).
broken
The link is inactive and is believed to be nonoperational ("broken").
In this example, the active link has been in the up state for 5 hours, 23 minutes, 5 seconds. The inactive link has been inactive for the last 10 minutes. Both links are enabled (flags: enabled), meaning that they are configured to send and receive data. During takeover, links can also be set to match the MAC address of the partner. The flags field is also used to indicate whether a link has been marked as favored. Links constantly issue either up or broken indications based on their interaction with the switch. The consecutive count indicates the number of consecutively received indications with the same value (in this example, up). The transitions count indicates how many times the indication has gone from up to down or from down to up. If vif0 is a link in a second-layer vif (for example, vif create vif2 vif0), an additional line is added to its status information: 
      trunked: vif2
The following example displays statistics about multi-mode vif vif0: vif stat vif0 
  Virtual interface (trunk) vif0
      e10                     e5
  In      Out             In      Out
  8637076 47801540        158     159
  1617    9588            0       0
  1009    5928            0       0
  1269    7506            0       0
  1293    7632            0       0
  920     5388            0       0
  1098    6462            0       0
  2212    13176           0       0
  1315    7776            0       0

CLUSTER CONSIDERATIONS

A virtual interface behaves almost identically to a physical network interface in the cluster. For the takeover of a partner to work properly, three things are required: 1. The local node must specify, using the partner option of the ifconfig command, the mapping of the partner's virtual interface. For example, to map the partner's vif2 interface to the local vif1 interface, the following command is required: ifconfig vif1 partner vif2 Note that the interface must be named, not the address. The mapping must be at the top-level trunk, if trunks are nested. You do not map link-by-link. 2. After takeover, the partner must "create" its virtual interface. Typically, this takes place in the /etc/rc file. For example: vif create vif2 e3a e3b When executed in takeover mode, the local node does not actually create a vif2 virtual interface. Instead, it looks up the mapping (in this example partner vif2 to local vif1) and initializes its internal data structures. The interface list (in this example, e3a and e3b) is ignored because the local node can have different mappings of devices for its vif1 trunk. 3. After the partner virtual interface has been initialized, it must be configured. For example: ifconfig vif2 `hostname`-vif2 Only the create, stat, and status options are enabled in partner mode. The create option does not create new vif in partner mode. Instead, it initializes internal data structures to point at the mapped local vif interface. The status and stat options reference the mapped vif . However, all links are printed using the local device names. When using multi vifs with clusters, connecting the vifs into a single switch constitutes a single point of failure. By adding a second switch and setting up two multimode vifs on each node in the cluster so that the multimode vifs on each node are connected to separate switches the vifs will continue to operate in the face of single switch failure. The following /etc/rc file sequence illustrates this approach:
  # configuration for node 1

  # first level multi vif:
  # attach e4a and e4b to Switch 1
  vif create multi vif0 e4a e4b

  # first level multi vif:
  # attach e4c and e4d to Switch 2
  vif create multi vif1 e4c e4d

  # second level single vif consisting of both
  # first level vifs; only one active at a time
  vif create single vif10 vif0 vif1

  # use vif0 unless it is unavailable
  vif favor vif0

  # configure the vif with an interface and partner
  ifconfig vif10 `hostname-vif10` partner vif10
The partner node is configured similarly; the favored first level interface in this case is the vif connected to "Switch 2".

NOTES

IEEE 802.3ad requires the speed of all underlying interfaces to be the same and in full-duplex mode. Additionally most switches do not support mixing 10/100 and GbE interfaces in a aggregate/trunk. Check the documentation that comes with your Ethernet switch or router on how to configure the Ethernet interfaces to be full-duplex. (Hint: Allow both ends of a link to auto-negotiate.)

LIMITATIONS

Though vifs interfaces can support upto sixteen links, the number of interfaces in an aggregate is limited by the switch.

SEE ALSO

na_ifconfig(1), na_netstat(1), na_sysconfig(1)
Table of Contents