Skip to main content
NetApp Knowledge Base

Which interface is external key manager communication using during boot?

Last Updated:

Applies to

  • ONTAP 9.7P9 and later
  • External Key Manager (EKM)


ONTAP 9.7 at least 9.7P9 and all releases 9.8 and later

As a change introduced as part of the fix in Bug ID 1344819, any logical network interface (LIF) present in the admin SVM is available to use in the communication to the external key manager servers.  Typically these are node-management and cluster-management LIFs.

Viewing admin SVM LIFs
cluster::> vserver show -type admin
cluster::> net int show -vserver <admin-vserver>
  • If multiple default gateways are in the admin vserver, the default gateway with the lower metric will be chosen
  • Static route will force traffic over a specific default gateway
Previous ONTAP releases

The interface used for external key server reachability can be viewed with the security key-manager external boot-interfaces show command.

Additional Information



NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.