The cluster peer modify command modifies the attributes of a peering relationship. When you modify a peer relationship and specify -peer-addrs , all of the remote addresses must respond, must be intercluster addresses, and must belong to the remote cluster that is being modified; or the modification request is denied.

Parameters

-cluster <text> - Peer Cluster Name

Use this parameter to specify the peering relationship to modify by specifying the name of the peered cluster.

[-peer-addrs <Remote InetAddress>,…] - Remote Intercluster Addresses

Use this parameter to specify the names or IP addresses of the logical interfaces used for intercluster communication. Separate the addresses with commas. The list of addresses you provide replaces the existing list of addresses.

[-address-family {ipv4|ipv6}] - Address Family of Relationship

Use this parameter to specify the address family of the names specified with the peer-addrs parameter.

[-timeout <integer>] - Operation Timeout (seconds)

Use this parameter to specify a timeout value for peer communications. Specify the value in seconds.

[-auth-status-admin {no-authentication|revoked|use-authentication}] - Authentication Status Administrative

Use this parameter to adjust the authentication in use for the peer relationship. The defined values for this field are as follows.

no-authentication - The cluster peer relationship uses no authentication.
use-authentication - The cluster peer relationship is to be authenticated. After you use this value, you will be prompted for a passphrase to be used in determining a new authentication key, just as in the authenticated cluster peer create command or you can use the option generate-passphrase to automatically generate the passphrase.
revoked - The cluster peer relationship is no longer to be trusted. Peering communication with this cluster peer is suspended until the two clusters set their auth-status-admin attributes either both to no-authentication or both to use-authentication .

Changes should be reflected on both clusters involved in a peering relationship.

[-rpc-connect-timeout <integer>] - Timeout for RPC Connect (seconds)

Use this optional parameter to specify a timeout value for the RPC connect during peer communications. Specify the value in seconds.

[-update-ping-timeout <integer>] - Timeout for Update Pings (seconds)

Use this optional parameter to specify a timeout value for pings while updating remote cluster information. Specify the value in seconds. This parameter applies only to cluster peer relationships using the IPv4 protocol.

[-ipspace <IPspace>] - IPspace for the Relationship

Use this optional parameter to specify that cluster peering communication for this remote cluster is to be done using local intercluster LIFs that are on ports in the named IPspace.

[-generate-passphrase <true>] - Use System-Generated passphrase

Use this optional parameter along with -auth-status-admin option’s use-authentication to automatically generate the passphrase which can be used for cluster peer operation.

[-encryption-protocol-proposed {none|tls-psk}] - Encryption For Inter-Cluster Communication

Use this parameter to adjust the encryption of connections in use for the peer relationship. The defined values for this field are as follows.

tls-psk - Use TLS with a Pre-Shared Key.
none - Use no encryption.

Examples

This example modifies the peering relationship to use a new IP address in the remote cluster for intercluster communications and revoke authentication.

View existing cluster peer configuration using following command :

cluster1::> cluster peer show -instance
Peer Cluster Name: cluster2
              Remote Intercluster Addresses: cluster2-d2, 10.98.234.246
         Availability of the Remote Cluster: Available
                        Remote Cluster Name: cluster2
                        Active IP Addresses: 10.98.234.246, 10.98.234.243
                      Cluster Serial Number: 1-80-123456
                       Remote Cluster Nodes: cluster2-01, cluster2-02
                      Remote Cluster Health: true
                    Unreachable Local Nodes: -
             Address Family of Relationship: ipv4
       Authentication Status Administrative: use-authentication
          Authentication Status Operational: ok
                           Last Update Time: 02/05 21:05:41
               IPspace for the Relationship: Default
 Encryption for Inter-Cluster Communication: tls-psk

Modify the cluster peer configuration using following command :

cluster1::> cluster peer modify -cluster cluster2 -peer-addrs cluster2-d2,10.98.234.264 -auth-status-admin revoked
Warning: This will discard the authentication key.

Warning: You are removing authentication from the peering relationship with
  cluster "cluster2". Use the "cluster peer modify" command on
  cluster "cluster2" with the "-auth-status-admin
  no-authentication" parameter to complete authentication removal from
  the peering relationship.

Do you want to continue?{y|n}:y

The following example modifies the peering relationship to use authentication with -generate-passphrase option.

cluster1::> cluster peer modify -cluster cluster2
  -auth-status-admin use-authentication -generate-passphrase

Notice: Use the below system-generated passphrase in the "cluster peer modify"
command in the other cluster.
Passphrase: UCa+6lRVICXeL/gq1WrK7ShR
        Expiration Time: 6/7/2017 09:16:10 +5:30
        Peer Cluster Name: cluster2

Warning: make a note of the passphrase - it cannot be displayed again.

Until then, the operational authentication state of the relationship remains as "pending".

cluster1::> cluster peer offer show
                                                                               Allowed
Peer Cluster Name     Authentication Creation            Expiration          Vserver Peers
--------------------- -------------- ------------------- ------------------- --------------
cluster2              ok-and-offer   6/7/2017 08:16:10   6/7/2017 09:16:10   -

Modify cluster peer relationship in cluster2 with use-authentication option and use the auto-generated passphrase.

cluster2::> cluster peer modify -cluster cluster2 -auth-status-admin use-authentication

Notice: Use a auto-generated passphrase or choose a passphrase of 8 or more characters.
        To ensure the authenticity of the peering relationship, use a phrase or sequence
        of characters that would be hard to guess.

Enter the passphrase:
Confirm the passphrase:

cluster peer create

ONTAP 9.12.1 commands

cluster peer modify

Description

Parameters

Examples

Related Links