Put in remaining pages and wiki contents.

[ikiwiki.git] / docs / handbook / handbook-network-nfs.mdwn

\r
\r
## 19.6 NFS \r
\r
***Reorganized and enhanced by Tom Rhodes. Written by Bill Swingle. ***\r
\r
Among the many different file systems that DragonFly supports is the Network File System, also known as NFS. NFS allows a system to share directories and files with others over a network. By using NFS, users and programs can access files on remote systems almost as if they were local files.\r
\r
Some of the most notable benefits that NFS can provide are:\r
\r

* Local workstations use less disk space because commonly used data can be stored on a single machine and still remain accessible to others over the network.\r

* There is no need for users to have separate home directories on every network machine. Home directories could be set up on the NFS server and made available throughout the network.\r

* Storage devices such as floppy disks, CDROM drives, and ZIP drives can be used by other machines on the network. This may reduce the number of removable media drives throughout the network.\r
\r
### 19.6.1 How NFS Works \r
\r
NFS consists of at least two main parts: a server and one or more clients. The client remotely accesses the data that is stored on the server machine. In order for this to function properly a few processes have to be configured and running:\r
\r
The server has to be running the following daemons:\r
\r
[[!table  data="""
| Daemon | Description 
 nfsd | The NFS daemon which services requests from the NFS clients. 
 mountd | The NFS mount daemon which carries out the requests that [nfsd(8)](http://leaf.dragonflybsd.org/cgi/web-man?command#nfsd&section8) passes on to it. 
 portmap | The portmapper daemon allows NFS clients to discover which port the NFS server is using. |\r
"""]]\r
The client can also run a daemon, known as  **nfsiod** . The  **nfsiod**  daemon services the requests from the NFS server. This is optional, and improves performance, but is not required for normal and correct operation. See the [nfsiod(8)](http://leaf.dragonflybsd.org/cgi/web-man?command#nfsiod&section8) manual page for more information.\r
\r
### 19.6.2 Configuring NFS \r
\r
NFS configuration is a relatively straightforward process. The processes that need to be running can all start at boot time with a few modifications to your `/etc/rc.conf` file.\r
\r
On the NFS server, make sure that the following options are configured in the `/etc/rc.conf` file:\r
\r
    \r
    portmap_enable="YES"\r
    nfs_server_enable="YES"\r
    mountd_flags="-r"\r
\r
\r
`mountd` runs automatically whenever the NFS server is enabled.\r
\r
On the client, make sure this option is present in `/etc/rc.conf`:\r
\r
    \r
    nfs_client_enable="YES"\r
\r
\r
The `/etc/exports` file specifies which file systems NFS should export (sometimes referred to as ***share***). Each line in `/etc/exports` specifies a file system to be exported and which machines have access to that file system. Along with what machines have access to that file system, access options may also be specified. There are many such options that can be used in this file but only a few will be mentioned here. You can easily discover other options by reading over the [exports(5)](http://leaf.dragonflybsd.org/cgi/web-man?command#exports&section5) manual page.\r
\r
Here are a few example `/etc/exports` entries:\r
\r
The following examples give an idea of how to export filesystems, although the settings may be different depending on your environment and network configuration. For instance, to export the `/cdrom` directory to three example machines that have the same domain name as the server (hence the lack of a domain name for each) or have entries in your `/etc/hosts` file. The `-ro` flag makes the exported filesystem read-only. With this flag, the remote system will not be able to write any changes to the exported filesystem.\r
\r
    \r
    /cdrom -ro host1 host2 host3\r
\r
\r
The following line exports `/home` to three hosts by IP address. This is a useful setup if you have a private network without a DNS server configured. Optionally the `/etc/hosts` file could be configured for internal hostnames; please review [hosts(5)](http://leaf.dragonflybsd.org/cgi/web-man?command#hosts&section5) for more information. The `-alldirs` flag allows the subdirectories to be mount points. In other words, it will not mount the subdirectories but permit the client to mount only the directories that are required or needed.\r
\r
    \r
    /home  -alldirs  10.0.0.2 10.0.0.3 10.0.0.4\r
\r
\r
The following line exports `/a` so that two clients from different domains may access the filesystem. The `-maproot#root` flag allows the `root` user on the remote system to write data on the exported filesystem as `root`. If the `-maprootroot` flag is not specified, then even if a user has `root` access on the remote system, they will not be able to modify files on the exported filesystem.\r
\r
    \r
    /a  -maproot=root  host.example.com box.example.org\r
\r
\r
In order for a client to access an exported filesystem, the client must have permission to do so. Make sure the client is listed in your `/etc/exports` file.\r
\r
In `/etc/exports`, each line represents the export information for one filesystem to one host. A remote host can only be specified once per filesystem, and may only have one default entry. For example, assume that `/usr` is a single filesystem. The following `/etc/exports` would be invalid:\r
\r
    \r
    /usr/src   client\r
    /usr/ports client\r
\r
\r
One filesystem, `/usr`, has two lines specifying exports to the same host, `client`. The correct format for this situation is:\r
\r
    \r
    /usr/src /usr/ports  client\r
\r
\r
The properties of one filesystem exported to a given host must all occur on one line. Lines without a client specified are treated as a single host. This limits how you can export filesystems, but for most people this is not an issue.\r
\r
The following is an example of a valid export list, where `/usr` and `/exports` are local filesystems:\r
\r
    \r
    # Export src and ports to client01 and client02, but only\r
    # client01 has root privileges on it\r
    /usr/src /usr/ports -maproot=root    client01\r
    /usr/src /usr/ports               client02\r
    # The client machines have root and can mount anywhere\r
    # on /exports. Anyone in the world can mount /exports/obj read-only\r
    /exports -alldirs -maproot=root      client01 client02\r
    /exports/obj -ro\r
\r
\r
You must restart `mountd` whenever you modify `/etc/exports` so the changes can take effect. This can be accomplished by sending the HUP signal to the `mountd` process:\r
\r
    \r
    # kill -HUP `cat /var/run/mountd.pid`\r
\r
\r
Alternatively, a reboot will make DragonFly set everything up properly. A reboot is not necessary though. Executing the following commands as `root` should start everything up.\r
\r
On the NFS server:\r
\r
    \r
    # portmap\r
    # nfsd -u -t -n 4\r
    # mountd -r\r
\r
\r
On the NFS client:\r
\r
    \r
    # nfsiod -n 4\r
\r
\r
Now everything should be ready to actually mount a remote file system. In these examples the server's name will be `server` and the client's name will be `client`. If you only want to temporarily mount a remote filesystem or would rather test the configuration, just execute a command like this as `root` on the client:\r
\r
    \r
    # mount server:/home /mnt\r
\r
\r
This will mount the `/home` directory on the server at `/mnt` on the client. If everything is set up correctly you should be able to enter `/mnt` on the client and see all the files that are on the server.\r
\r
If you want to automatically mount a remote filesystem each time the computer boots, add the filesystem to the `/etc/fstab` file. Here is an example:\r
\r
    \r
    server:/home        /mnt    nfs     rw      0       0\r
\r
\r
The [fstab(5)](http://leaf.dragonflybsd.org/cgi/web-man?command#fstab&section5) manual page lists all the available options.\r
\r
### 19.6.3 Practical Uses \r
\r
NFS has many practical uses. Some of the more common ones are listed below:\r
\r

* Set several machines to share a CDROM or other media among them. This is cheaper and often a more convenient method to install software on multiple machines.\r

* On large networks, it might be more convenient to configure a central NFS server in which to store all the user home directories. These home directories can then be exported to the network so that users would always have the same home directory, regardless of which workstation they log in to.\r

* Several machines could have a common `/usr/ports/distfiles` directory. That way, when you need to install a port on several machines, you can quickly access the source without downloading it on each machine.\r
\r
### 19.6.4 Automatic Mounts with amd \r
\r
***Contributed by Wylie Stilwell. Rewritten by Chern Lee.***\r
\r
[amd(8)](http://leaf.dragonflybsd.org/cgi/web-man?command#amd&section8) (the automatic mounter daemon) automatically mounts a remote filesystem whenever a file or directory within that filesystem is accessed. Filesystems that are inactive for a period of time will also be automatically unmounted by  **amd** . Using  **amd**  provides a simple alternative to permanent mounts, as permanent mounts are usually listed in `/etc/fstab`.\r
\r
 **amd**  operates by attaching itself as an NFS server to the `/host` and `/net` directories. When a file is accessed within one of these directories,  **amd**  looks up the corresponding remote mount and automatically mounts it. `/net` is used to mount an exported filesystem from an IP address, while `/host` is used to mount an export from a remote hostname.\r
\r
An access to a file within `/host/foobar/usr` would tell  **amd**  to attempt to mount the `/usr` export on the host `foobar`.\r
\r
 **Example 19-1. Mounting an Export with amd** \r
\r
You can view the available mounts of a remote host with the `showmount` command. For example, to view the mounts of a host named `foobar`, you can use:\r
\r
    \r
    % showmount -e foobar\r
    Exports list on foobar:\r
    /usr                               10.10.10.0\r
    /a                                 10.10.10.0\r
    % cd /host/foobar/usr\r
\r
\r
As seen in the example, the `showmount` shows `/usr` as an export. When changing directories to `/host/foobar/usr`,  **amd**  attempts to resolve the hostname `foobar` and automatically mount the desired export.\r
\r
 **amd**  can be started by the startup scripts by placing the following lines in `/etc/rc.conf`:\r
\r
    \r
    amd_enable="YES"\r
\r
\r
Additionally, custom flags can be passed to  **amd**  from the `amd_flags` option. By default, `amd_flags` is set to:\r
\r
    \r
    amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map"\r
\r
\r
The `/etc/amd.map` file defines the default options that exports are mounted with. The `/etc/amd.conf` file defines some of the more advanced features of  **amd** .\r
\r
Consult the [amd(8)](http://leaf.dragonflybsd.org/cgi/web-man?command#amd&section8) and [amd.conf(5)](http://leaf.dragonflybsd.org/cgi/web-man?command=amd.conf&section=5) manual pages for more information.\r
\r
### 19.6.5 Problems Integrating with Other Systems \r
\r
***Contributed by John Lind.***\r
\r
Certain Ethernet adapters for ISA PC systems have limitations which can lead to serious network problems, particularly with NFS. This difficulty is not specific to DragonFly, but DragonFly systems are affected by it.\r
\r
The problem nearly always occurs when (DragonFly) PC systems are networked with high-performance workstations, such as those made by Silicon Graphics, Inc., and Sun Microsystems, Inc. The NFS mount will work fine, and some operations may succeed, but suddenly the server will seem to become unresponsive to the client, even though requests to and from other systems continue to be processed. This happens to the client system, whether the client is the DragonFly system or the workstation. On many systems, there is no way to shut down the client gracefully once this problem has manifested itself. The only solution is often to reset the client, because the NFS situation cannot be resolved.\r
\r
Though the ***correct*** solution is to get a higher performance and capacity Ethernet adapter for the DragonFly system, there is a simple workaround that will allow satisfactory operation. If the DragonFly system is the ***server***, include the option `-w#1024` on the mount from the client. If the DragonFly system is the ***client***, then mount the NFS filesystem with the option `-r1024`. These options may be specified using the fourth field of the `fstab` entry on the client for automatic mounts, or by using the `-o` parameter of the [mount(8)](http://leaf.dragonflybsd.org/cgi/web-man?command=mount&section=8) command for manual mounts.\r
\r
It should be noted that there is a different problem, sometimes mistaken for this one, when the NFS servers and clients are on different networks. If that is the case, make ***certain*** that your routers are routing the necessary UDP information, or you will not get anywhere, no matter what else you are doing.\r
\r
In the following examples, `fastws` is the host (interface) name of a high-performance workstation, and `freebox` is the host (interface) name of a DragonFly system with a lower-performance Ethernet adapter. Also, `/sharedfs` will be the exported NFS filesystem (see [exports(5)](http://leaf.dragonflybsd.org/cgi/web-man?command#exports&section5)), and `/project` will be the mount point on the client for the exported filesystem. In all cases, note that additional options, such as `hard` or `soft` and `bg` may be desirable in your application.\r
\r
Examples for the DragonFly system (`freebox`) as the client in `/etc/fstab` on `freebox`:\r
\r
    \r
    fastws:/sharedfs /project nfs rw,-r=1024 0 0\r
\r
\r
As a manual mount command on `freebox`:\r
\r
    \r
    # mount -t nfs -o -r=1024 fastws:/sharedfs /project\r
\r
\r
Examples for the DragonFly system as the server in `/etc/fstab` on `fastws`:\r
\r
    \r
    freebox:/sharedfs /project nfs rw,-w=1024 0 0\r
\r
\r
As a manual mount command on `fastws`:\r
\r
    \r
    # mount -t nfs -o -w=1024 freebox:/sharedfs /project\r
\r
\r
Nearly any 16-bit Ethernet adapter will allow operation without the above restrictions on the read or write size.\r
\r
For anyone who cares, here is what happens when the failure occurs, which also explains why it is unrecoverable. NFS typically works with a ***block*** size of 8 k (though it may do fragments of smaller sizes). Since the maximum Ethernet packet is around 1500 bytes, the NFS ***block*** gets split into multiple Ethernet packets, even though it is still a single unit to the upper-level code, and must be received, assembled, and ***acknowledged*** as a unit. The high-performance workstations can pump out the packets which comprise the NFS unit one right after the other, just as close together as the standard allows. On the smaller, lower capacity cards, the later packets overrun the earlier packets of the same unit before they can be transferred to the host and the unit as a whole cannot be reconstructed or acknowledged. As a result, the workstation will time out and try again, but it will try again with the entire 8 K unit, and the process will be repeated, ad infinitum.\r
\r
By keeping the unit size below the Ethernet packet size limitation, we ensure that any complete Ethernet packet received can be acknowledged individually, avoiding the deadlock situation.\r
\r
Overruns may still occur when a high-performance workstations is slamming data out to a PC system, but with the better cards, such overruns are not guaranteed on NFS ***units***. When an overrun occurs, the units affected will be retransmitted, and there will be a fair chance that they will be received, assembled, and acknowledged.\r