Skip to main content
NetApp Response to Russia-Ukraine Cyber Threat
In response to the recent rise in cyber threat due to the Russian-Ukraine crisis, NetApp is actively monitoring the global security intelligence and updating our cybersecurity measures. We follow U.S. Federal Government guidance and remain on high alert. Customers are encouraged to monitor the Cybersecurity and Infrastructure Security (CISA) website for new information as it develops and remain on high alert.
NetApp Knowledge Base

What are SMB Continuously Available (CA) Shares

Last Updated:



Applies to

  • ONTAP 9
  • Continuously Available (CA)


  • Continuously Available (CA) is a share property that, by using SMB3 scale-out, persistent handles, Witness, and transparent failover, allows file shares to be accessible during otherwise disruptive scenarios such as controller upgrades or failures.
ONTAP supports CA shares for both Hyper-V over SMB and SQL Server over SMB use cases.
  • CA Shares are supported in ONTAP 8.2 and later, supported for SMB shares for both Hyper-V virtual machine files or SQL Server system databases and user databases on volumes residing in Storage Virtual Machines (SVMs) with FlexVol volumes and FlexGroups (9.6+), while at the same time providing nondisruptive operations (NDOs) for both planned and unplanned events.
  • Nondisruptive operations for Hyper-V and SQL Server over SMB refers to the combination of capabilities that enable the application servers and the contained virtual machines or databases to remain online and to provide continuous availability during many administrative tasks
  • This includes both planned and unplanned downtime of the storage infrastructure.
  • Supported nondisruptive operations for application servers over SMB include the following:
    • Planned takeover and giveback
    • Unplanned takeover
    • ONTAP upgrade
    • Planned aggregate relocation (ARL)
    • LIF migration and failover
    • Planned volume move
  • Along with the release of SMB 3.0, Microsoft has released new protocols to provide the capabilities necessary to support nondisruptive operations for Hyper-V and SQL Server over SMB.
  • Data ONTAP uses these protocols when providing nondisruptive operations for application servers over SMB:
    • SMB 3.0
    • Witness
      • The Witness protocol provides enhanced client failover capabilities for SMB 3.0 continuously available shares
      • Witness facilitates faster failover because it bypasses the LIF failover recovery period
      • It notifies Hyper-V servers when a node is unavailable without needing to wait for the SMB 3.0 connection to time out
      • SMB Witness requires TCP 40001 to be unblocked.
What happens when CA Shares are utilized in an unsupported manner?
  • The most common issue that can arise from setting CA Share property on general SMB file share/home directory cifs shares incorrectly is performance-related
  • Due to performance issues, CA shares should not be used with workloads that create large amounts of metadata
  • Performance for workloads associated with traditional file shares is much better in non-scale out file server environments
  • SMB client performance may be impacted with regard to normal file operations, and may even be seen in other subsystems of ONTAP due to the extra internal overhead associated with locking mechanisms used with CA shares
  • Because CA Shares are not supported for normal file share use, share properties such as homedirectory, branchcache, access-based enumeration, or attribute caching should not be set
CA Shares are supported Metrocluster configurations, during switchover/switchback, what is the expected behavior?
  • MetroCluster is designed to be transparent and agnostic to any front-end application environment, and few if any changes are required for applications, hosts, and clients
  • Connection paths are identical before and after switchover, and most applications, hosts, and clients (NFS and SAN) do not need to reconnect or rediscover their storage but instead automatically resume
  • SMB applications, including SMB 3 with Continuous Availability shares, need to reconnect after a switchover or a switchback
  • This need is a limitation of the SMB protocol
  • For additional information, see NetApp TR-4705
Once the "continuously-available" share property is removed, how do you ensure sessions are no longer utilizing it?
  • To confirm which sessions are utilizing CA, use the combination of these two commands:  
  • Continuously-Available is negotiated on the initial client connection and remembered for the duration of that session connection
  • Once that property is removed, that does not apply to existing connections
  • Clients that have negotiated Continuously-Available will have to be reconnected to force it to connect without it
  • To be absolutely sure that the clients connect without CA share capability, a client reboot may be required
  • vserver cifs session show  


  • vserver cifs session file show


  • Due to 1097331 we changed the default CA share output if no open files are present from YES to NO
  • If you are on a version prior to a fix for 1097331, verify if #open files are greater than zero before attributing to a CA connection.
Active IQ System Risk Detection
  • For customers who have enabled AutoSupport™ on their storage systems, the Active IQ Portal provides detailed System Risk reports at the customer and site and system levels
  • The reports show systems that have specific risks as well as severity levels and mitigation action plans
  • You may be reading this article as a result of one of those alerts
  • If CA Share is detected on cifs shares on your system, please ensure that it’s under the currently supported use cases

ONTAP supports CA shares for both Hyper-V over SMB and SQL Server over SMB use cases, and NOT for general SMB file share/home directory CIFS shares

  • Because ONTAP cannot discern what client connections are from Hyper-V or SQL over SMB versus normal file operations, we have implemented At-Risk Signature (ARS) to warn customers of CA share usage

If you have performed diligence in ensuring proper use cases are deployed in your environment for CA shares, you may ignore these warnings.

Scan to view the article on your device