NetApp’s FAS series of storage arrays run a single operating system called Data ONTAP across all platforms – from the low end to the high end – though this operating system can run in one of two different modes. There’s the older “classic” mode, which the majority of FAS administrators are used to and which is now referred to as Data ONTAP 7-Mode, and there’s the new, scale-out mode that is simply called clustered Data ONTAP. While the two modes share similar administrative concepts and some similar commands, the two CLI operating environments are quite different in behaviors, structure, and feature sets. We’ll start by talking about 7-Mode.
Commands and Privilege Levels
Logging in (via SSH, telnet, or console) you are provided a simple administrative-level prompt:
mba-7m-1>
The prompt contains the hostname of the controller (“mba-7m-1”) followed by a “>” which indicates that you are in the normal administrative privilege level.
From here, you can see the available commands by simply typing “?”:
? flexcache options smtape
acpadmin fpolicy orouted snap
aggr fsecurity partner snaplock
arp ftp passwd snapmirror
autosupport halt ping snapvault
backup help ping6 snmp
bmc hostname pktt software
cdpd httpstat portset source
cf ic priority sp
charmap ifconfig priv stats
cifs ifgrp qtree storage
clone ifstat quota sysconfig
cna_flash igroup radius sysstat
config ipspace rdate system
coredump iscsi rdfile timezone
date key_manager reallocate traceroute
dcb keymgr reboot traceroute6
df license restore ucadmin
disk lock restore_backup ups
disk_fw_update logger revert_to uptime
dns logout rlm useradmin
download lun route version
du man routed vfiler
dump maxfiles rshstat vlan
echo mt sasadmin vmservices
ems nbtstat sasstat vol
environment ndmpcopy savecore vscan
exportfs ndmpd sectrace wcc
fcadmin ndp secureadmin wrfile
fcnic netdiag setup ypcat
fcp netstat sftp ypgroup
fcstat nfs shelfchk ypmatch
fcvi nfsstat sis ypwhich
file nis
This shows you all of the commands available for this administrator privilege level.
There are two additional privilege levels available: advanced and diag. You can change to these levels using the “priv set” command.
mba-7m-1> priv set advanced
Warning: These advanced commands are potentially dangerous; use
them only when directed to do so by NetApp
personnel.
mba-7m-1\*>
mba-7m-1\*> priv set diag
Warning: These diagnostic commands are for use by NetApp
personnel only.
mba-7m-1\*>
The asterisk after the hostname indicates that you are in either advanced or diag privilege mode. There’s no visual distinction between the two modes, but you can find out which one you are in by typing simply “priv”:
mba-7m-1\*> priv
diag
mba-7m-1\*>
More commands are available within the higher privilege levels than in the normal admin level.
Advanced:
/etc/rmt ftp nfsstat sldiag
? getXXbyYY nis sm_mon
acorn halt nv8 sm_mon_old
acpadmin hammer ontapi sm_not
aggr help options smb_hist
arp hostname orouted smtape
autosupport httpstat panic snap
availtime ic partner snaplock
backup if_addr_filter_info passwd snapmirror
blink_off ifconfig perf snapvault
blink_on ifgrp ping snmp
bmc ifinfo ping6 software
bootfs ifstat pktt source
bringhome ifstat_test portset sp
cdpd ifswitch priority statit
cf igroup priv stats
charmap inodepath ps storage
cifs ipspace qtree stsb
clone iscsi quota stty
cna_flash key_manager radius sum32
cna_flash_image_reset keymgr rdate sysconfig
cna_flash_image_set l2ping rdfile syslog
cna_flash_version led_off reallocate sysstat
com led_off_all reboot system
config led_on registry systemshell
coredump led_on_all restore tape_qual
cxgbtool led_on_off restore_backup test_lcd
date led_reset_all result timezone
dcb led_test revert_to toe
dd led_test_one rlm traceroute
df license rm traceroute6
disk lock rmt ucadmin
disk_fw_update log route ups
disk_list logger routed uptime
disk_stat logout rpc_stats useradmin
dns ls rshkill version
download lun rshstat vfiler
du mailbox rsm vif
dump man rtag vlan
echo maxfiles rtfo vmservices
ems mbstat sasadmin vol
environ mem_scrub_stats sasstat vscan
environment memerr savecore vstorage
exit mt scsi waffinity_stats
exportfs mv sectrace wafl
fcadmin nbtstat secureadmin wafl_backdoor_stats
fcnic ndmpcopy setup wafl_susp
fcp ndmpd sftp wcc
fcstat ndp sh wrfile
fcvi netdiag shelfchk ypcat
file netstat showfh ypgroup
flexcache nfs showfh4 ypmatch
fpolicy nfs_hist sis ypwhich
fsecurity
Diag:
/etc/rmt fcstat netstat sm_not
? fcvi nfs smb_hist
acorn file nfs_hist smf
acpadmin filersio nfsstat smtape
aggr flexcache nis snap
anvl fpolicy nm snaplock
arp fru_led nv snapmirror
autosupport fsecurity nv8 snapvault
availtime ftp ontapi snmp
backup gdb options software
blink_off getXXbyYY orouted source
blink_on halt panic sp
bmc hammer parityck spares_zero
bootargs help partner spinhi_stats
bootfs hostname passwd spinnp_replay
bringhome httpstat perf spinnp_replay_stats
cdpd ic ping stack
cf icbulk ping6 statit
ch if_addr_filter_info pktt stats
charmap ifconfig portset storage
cifs ifconfig_priv printflag stsb
clone ifgrp priority stty
cna ifinfo priv sum32
cna_flash ifstat prof sync
cna_flash_image_reset ifstat_test ps sysconfig
cna_flash_image_set ifswitch qtree syslog
cna_flash_version igroup quota sysstat
com inodepath radius system
config iomem raid_config systemshell
coredump ipspace rastrace tape_qual
ct_dump_t3 iscsi rdate tcp_client
ct_phy_read iswt rdfile tcp_server
ct_phy_read_t3 key_manager reallocate test_lcd
ct_phy_write keymgr reboot time
ct_phy_write_t3 kma_stats registry timezone
ct_reg_read kt restore toe
ct_reg_read_t3 l2ping restore_backup traceroute
ct_reg_write label result traceroute6
ct_reg_write_t3 labelmaint revert_to treecompare
ct_reset_t3 led_off rlm ttcp
ct_tpi_par led_off_all rm ucadmin
ct_tpi_read led_on rmt udp_client
ct_tpi_write led_on_all route udp_server
cxgbtool led_on_off route_priv ups
date led_reset_all routed uptime
dbg led_test rpc_stats useradmin
dcb led_test_one rshkill vdom
dd license rshstat version
debug lmgr_diag rsm vfiler
df lock rtag vif
disk log rtfo vlan
disk_fw_update log_fio sasadmin vm_stat
disk_list logger sasstat vmservices
disk_stat logout savecore vol
dns ls scsi vol_db
download lun sectrace vscan
du mailbox secureadmin vstorage
dump man sesdiag vtic
dumpblock maxfiles setflag waffinity_stats
dumpstack mbstat setup wafl
echo mem_scrub_stats sftp wafl_backdoor_stats
ems mem_stats sh wafl_cmd_restrictions
environ memerr shelfchk wafl_steal_stats
environment mkfile show_faults wafl_susp
exit mt showfh wafltop
export_stats mv showfh4 wcc
export_tbl_dump nbtstat signal wrfile
exportfs ndmpcopy sis xttcp
fcadmin ndmpd sldiag ypcat
fcmon ndp slist ypgroup
fcnic netdiag sm_mon ypmatch
fcp netmpstat sm_mon_old ypwhich
Typing either “priv set” without specifying a privilege level, or “priv set admin” will take you back to the default admin privilege level.
mba-7m-1\*> priv set
mba-7m-1>
Command Syntax and Help
You can see the syntax for a command by passing it the “-?” flag.
mba-7m-1> arp -?
usage: arp [-n]
arp [-n] -a
arp -d
arp -s [temp] [pub]
arp -F
Even better, administrative-level commands have a full manual (man) page available explaining the operation of the command in detail:
mba-7m-1> man arp
na_arp(1) na_arp(1)
NAME
na_arp - Address resolution display and control
SYNOPSIS
arp [-n] hostname
arp [-n] -a
arp -d hostname
arp -s hostname ether_address [ temp ] [ pub ]
DESCRIPTION
The arp command displays and modifies the tables that the
address resolution protocol uses to translate between
Internet and Ethernet addresses.
With no flags, arp displays the current ARP entry for
hostname. The host may be specified by name or by number,
using Internet dot notation.
OPTIONS
-a Displays all of the current ARP entries.
-d Deletes an entry for the host called hostname.
-n IP addresses are displayed instead of hostnames.
-s Creates an ARP entry for the host called hostname
with the Ethernet address ether_address. The Eth-
ernet address is given as six hex bytes separated
by colons. The entry not will be permanent if the
words following -s includes the keyword temp. Tem-
porary entries that consist of a complete Internet
address and a matching Ethernet address are flushed
from the arp table if they haven't been referenced
in the past 20 minutes. A permanent entry is not
flushed.
If the words following -s include the keyword pub,
the entry will be "published"; that is, this system
will act as an ARP server, responding to requests
for hostname even though the host address is not
its own.
HA CONSIDERATIONS
In takeover mode, each node in an HA pair maintains its
own ARP table. You can make changes to the ARP table on
the live node, or you can make changes to the ARP table on
the failed node using the arp command in partner mode.
However, the changes you make in partner mode are lost
after a giveback.
VFILER CONSIDERATIONS
When run from a vfiler context, (for example, via the
vfiler run command), arp operates on the concerned vfiler.
As currently all vfilers in an ipspace share an arp table,
arp operates on the arp table of the concerned vfiler's
ipspace.
SEE ALSO
na_ifconfig(1), na_partner(1), na_ipspace(1),
na_vfiler(1), RFC1483.
6 June 1998 na_arp(1)
Command Completion
In Data ONTAP 7-mode, commands cannot be tab-completed in the shell, nor can they be abbreviated as with some other shells. Each command needs to be fully specified in order for it to be recognized.
Navigation and Editing
Command-line editing and navigation utilizes the standard keystrokes and combination previously discussed in CLI Efficiency: Common Basics
While you can navigate through your previously-entered commands using the up and down arrows, or Ctrl+n and Ctrl+p, there is no “history” command to simply display the contents of that history.
You can enter multiple commands on the same command line by separating each command with a semi-colon. The commands will then be executed in order of entry.
mba-7m-1> echo "help"; echo "I'm being held prisoner"; echo "in a terminal emulator"
help
I'm being held prisoner
in a terminal emulator
Updated 20141130: Fixed formatting that had somehow gotten broken since original publication.
Data Center Digressions 