Which interface is external key manager communication using during boot?
Applies to
- ONTAP 9.7P9 and later
- External Key Manager (EKM)
Answer
ONTAP 9.7 at least 9.7P9 and all releases 9.8 and later
As a change introduced as part of the fix in Bug ID 1344819, any logical network interface (LIF) present in the admin SVM is available to use in the communication to the external key manager servers. Typically these are node-management and cluster-management LIFs.
Viewing admin SVM LIFs
cluster::> vserver show -type admin
cluster::> net int show -vserver <admin-vserver>
Notes:
- If multiple default gateways are in the admin vserver, the default gateway with the lower metric will be chosen
- Static route will force traffic over a specific default gateway
Previous ONTAP releases
The interface used for external key server reachability can be viewed with the security key-manager external boot-interfaces show command.
Additional Information