ONTAP 9.12.1 commands

50←PDF
  • ONTAP 9.12.1 commands(CA08871-263en.pdf)
  • network interface service-policy create

    Create a new service policy

    Availability: This command is available to cluster administrators at the advanced privilege level.

    Description

    The network interface service-policy create command creates a new service policy with a list of included services. LIFs can reference this policy to control the list of services that they are able to transport on their network. Services can represent applications accessed by a LIF as well as applications served by this cluster.

    Parameters

    -vserver <vserver name> - Vserver

    Use this parameter to specify the name of the Vserver on which the service policy will be created.

    -policy <text> - Policy Name

    Use this parameter to specify the name of service policy to be created.

    [-services <LIF Service Name>,…​] - Included Services

    Use this parameter to specify a list of services that should be included in this policy.

    [-allowed-addresses <IP Address/Mask>,…​] - Allowed Addresses

    Use this parameter to specify a list of subnet masks for addresses that are allowed to access the services in this policy. Use the value 0.0.0.0/0 to represent the wildcard IPv4 address and ::/0 to represent the wildcard IPv6 address.

    Examples

    The following example shows the creation of a service policy with no initial services.

    cluster1::> network interface service-policy create -vserver cluster1 -policy empty
    
    cluster1::> network interface service-policy show -vserver cluster1
    Vserver   Policy                     Service: Allowed Addresses
    --------- -------------------------- ----------------------------------------
    cluster1
              default-intercluster       intercluster-core: 0.0.0.0/0
                                         management-https: 0.0.0.0/0
    default-management         management-core: 0.0.0.0/0
                                         management-autosupport: 0.0.0.0/0
                                         management-ssh: 0.0.0.0/0
                                         management-https: 0.0.0.0/0
    default-route-announce     management-bgp: 0.0.0.0/0
    empty                      -
    
    4 entries were displayed.

    The following example shows the creation of a new service policy with a specified service list.

    cluster1::> network interface service-policy create -vserver cluster1 -policy custom -services intercluster-core,management-ssh
    
    cluster1::> network interface service-policy show -vserver cluster1
    Vserver   Policy                     Service: Allowed Addresses
    --------- -------------------------- ----------------------------------------
    cluster1
              custom                     intercluster-core: 0.0.0.0/0
                                         management-ssh: 0.0.0.0/0
    default-intercluster       intercluster-core: 0.0.0.0/0
                                         management-https: 0.0.0.0/0
    default-management         management-core: 0.0.0.0/0
                                         management-autosupport: 0.0.0.0/0
                                         management-ssh: 0.0.0.0/0
                                         management-https: 0.0.0.0/0
    default-route-announce     management-bgp: 0.0.0.0/0
    empty                      -
    
    5 entries were displayed.
    Top of Page