Skip to content

Managing Network-Attached Storage with NFS

What is Network File System (NFS)

Network File System (NFS) is a distributed file system protocol developed by Sun Microsystems in 1984. It allows a user on a client computer to access files over a network much like local storage is accessed. NFS is a protocol used for sharing files between Unix systems, though it can also be used with other operating systems.

Key Features

  • File Sharing: Enables files to be shared across multiple users over a network.
  • Transparency: Users can access remote files as if they were on their local machine.
  • Access Control: Uses permissions and access control lists to manage user access to files.
  • Scalability: Can handle large amounts of data and many users efficiently.

How NFS Works

  1. Server Setup: An NFS server exports directories to be shared.
  2. Client Mounting: NFS clients mount these directories to their local filesystem.
  3. Access: Clients can read and write to the mounted directories as if they were local.

Common Use Cases

  • Centralized Storage: Used in environments where centralized storage and data management are necessary.
  • Home Directories: Commonly used for providing home directories to users on a network.
  • Shared Applications: Applications that need to be shared among different users on a network.

Advantages

  • Simplicity: Easy to set up and use.
  • Flexibility: Can be used in various network environments.
  • Performance: Optimized for performance in a networked environment.

Disadvantages

  • Security: NFS can be less secure than other file sharing methods without proper configuration.
  • Latency: Network latency can affect performance.
  • Compatibility: While primarily used with Unix-based systems, compatibility with other operating systems might require additional configuration.

NFS Versions

  • NFSv2: The original version, which uses UDP.
  • NFSv3: Improved performance and reliability, also uses UDP or TCP.
  • NFSv4: Adds stateful operations, better security features, and uses TCP only.

UDP (User Datagram Protocol) UDP is a communication protocol used across the Internet. It is a connectionless protocol that allows data to be sent without establishing a connection between the sender and receiver.

TCP (Transmission Control Protocol) TCP is a communication protocol that provides reliable, ordered, and error-checked delivery of data between applications. It establishes a connection before data is transmitted and ensures data integrity.

Security Considerations

  • Firewall Configuration: Ensure proper firewall settings to allow NFS traffic.
  • Export Options: Use secure options like rw, sync, no_root_squash, and no_subtree_check carefully.
  • Authentication: Consider using Kerberos for secure authentication.

Accessing Exported NFS Directories

The Network File System (NFS) is a protocol that Linux, UNIX, and similar operating systems use as their native network file system. NFS supports native Linux permissions and file-system attributes.

  • Default: Red Hat Enterprise Linux 9 uses NFS version 4.2 by default.
  • Supported: Both NFSv3 and NFSv4 are fully supported.
    • NFSv3 uses TCP or UDP transport.
    • NFSv4 uses only TCP.

Methods for Mounting NFS Exports

NFS clients can mount exported directories in several ways: 1. Manually using the mount command. 2. Persistently at boot by configuring entries in the /etc/fstab file. 3. On demand using automounter methods (autofs service or systemd.automount facility).

Installing Necessary Tools

To manually mount or automount NFS directories, install the nfs-utils package: 

[root@host ~]# dnf install nfs-utils

Querying Exported NFS Directories

  • NFSv3: Uses the showmount command. 
    [root@host ~]# showmount --exports server
  • NFSv4: Mount the root (/) of the server's export tree. 
    [root@host ~]# mkdir /mountpoint
[root@host ~]# mount server:/ /mountpoint
[root@host ~]# ls /mountpoint

What Does it Mean by Server's Exported NFS Directories?

When we talk about a server's exported NFS directories, we are referring to the directories on the NFS server that are made available (or "exported") for clients to access over the network. These directories are specified in the server's NFS configuration and can be accessed by NFS clients that have the appropriate permissions.

Manually Mounting Exported NFS Directories

Create a local mount point if it does not exist: 

[root@host ~]# mkdir /mountpoint
Mount the NFS export: 
[root@host ~]# mount -t nfs -o rw,sync server:/export /mountpoint
- -t nfs: Specifies the NFS file-system type. - -o rw,sync: Mount options for read/write access and synchronous transactions.

Persistently Mounting Exported NFS Directories

Edit the /etc/fstab file to add a mount entry: 

[root@host ~]# vim /etc/fstab
...
server:/export  /mountpoint  nfs  rw  0 0
Mount using the mount point: 
[root@host ~]# mount /mountpoint

Unmounting Exported NFS Directories

Unmount an NFS export: 

[root@host ~]# umount /mountpoint
If the device is busy: 
[root@host ~]# lsof /mountpoint
Gracefully close processes or force unmount: 
[root@host ~]# umount -f /mountpoint

Questions and Answers

Q: What is NFS and why is it used?

A: NFS (Network File System) is a protocol that allows different systems to share files over a network. It is used because it supports native Linux permissions and file-system attributes, making it ideal for Linux and UNIX systems.

Q: How do I install the necessary tools to use NFS?

A: Install the nfs-utils package using the following command: 

[root@host ~]# dnf install nfs-utils

Q: How can I see what directories are exported by an NFSv3 server?

A: Use the showmount --exports server command to query the available exports.

Q: How do I mount an NFSv4 export?

A: Create a mount point and mount the root of the server's export tree: 

[root@host ~]# mkdir /mountpoint
[root@host ~]# mount server:/ /mountpoint

Q: How can I mount an NFS export manually?

A: Use the mount command: 

[root@host ~]# mount -t nfs -o rw,sync server:/export /mountpoint

Q: How do I make an NFS mount persistent across reboots?

A: Edit the /etc/fstab file to include the mount entry: 

[root@host ~]# vim /etc/fstab
...
server:/export  /mountpoint  nfs  rw  0 0

Q: What should I do if I can't unmount an NFS export because it's busy?

A: Use the lsof command to identify the processes using the mount point and close them. If necessary, use umount -f to force the unmount.

Q: How do I know which version of NFS I am using?

A: You can check the version of NFS being used by looking at the configuration of your NFS server or by using the nfsstat command on the client to display NFS statistics, which include the version number.

Q: Can I mount an NFS export from a Windows server?

A: Yes, you can mount shared directories from Microsoft Windows systems using the Server Message Block (SMB) or Common Internet File System (CIFS) protocols. The mounting options are protocol-specific and depend on your Windows Server or Samba Server configuration.

Q: What are the differences between NFSv3 and NFSv4?

A: - NFSv3: Can use TCP or UDP, uses the rpcbind service, and requires port 111 for RPC communication. - NFSv4: Uses only TCP, does not use the rpcbind service, has a more secure and simplified structure, and includes features like stateful protocol, stronger security (Kerberos), and better performance over WANs.

Q: What are some common mount options used with NFS?

A: Some common mount options include: - rw: Mount the filesystem read-write. - ro: Mount the filesystem read-only. - sync: Synchronous writes. - noexec: Do not allow execution of binaries on the mounted filesystem. - nosuid: Do not allow set-user-identifier or set-group-identifier bits to take effect. - nodev: Do not interpret character or block special devices on the filesystem.

Q: How do I handle permission issues when mounting an NFS export?

A: Ensure that the user IDs (UIDs) and group IDs (GIDs) match on both the NFS client and server. You can use the anonuid and anongid options in the NFS server's export configuration to map anonymous users to a specific UID and GID.

Q: What is the autofs service and how does it work with NFS?

A: autofs is a service that automatically mounts and unmounts file systems as needed. It uses a set of configuration files to control the mount points and the file systems to be mounted. When a file system is not in use, autofs can unmount it to save system resources.

Q: What is the systemd.automount facility and how is it used with NFS?

A: The systemd.automount facility is a method for automatically mounting file systems on demand using systemd. It creates an automount unit that listens for access to a specified directory and mounts the file system when access is detected.

Q: How can I troubleshoot NFS mount issues?

A: Common troubleshooting steps include: - Checking the network connection between the NFS client and server. - Verifying that the NFS server is exporting the directory and that the client has permission to mount it. - Using the showmount command to see if the exports are available. - Checking the /etc/fstab configuration for errors. - Reviewing system logs (/var/log/messages or journalctl) for relevant error messages.

Q: How can I improve NFS performance?

A: Some tips for improving NFS performance include: - Using the appropriate NFS version (NFSv4 typically offers better performance and security). - Tuning NFS mount options (e.g., rsize, wsize, noatime). - Ensuring the network connection is fast and reliable. - Using dedicated network interfaces for NFS traffic. - Adjusting server-side configurations, such as increasing the number of NFS threads.

Q: What are the security considerations when using NFS?

A: Security considerations for NFS include: - Using NFSv4, which has better security features than NFSv3. - Configuring firewall rules to restrict access to NFS services. - Using Kerberos authentication for secure NFS mounts. - Ensuring proper permissions and ownership of exported directories. - Regularly updating NFS software to address security vulnerabilities.