FreeBSD 13
1
2
3
|
nfs_server_enable="YES"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
|
1
2
|
V4:
/www/exchange /www/spaces/sayboy /www/spaces/ccgirl /www/spaces/licorne -mapall=april:transfer -network 192.168.2.0 -mask 255.255.255.0
|
1
2
3
|
# service nfsd restart
# /etc/rc.d/mountd onereload
# showmount -e
|
Ubuntu 24.04.01 LTS Server
1
2
3
4
5
6
7
|
$ sudo apt install nfs-kernel-server
$ sudo cat /proc/fs/nfsd/versions
$ nfsstat -s
$ sudo systemctl enable/disable nfs-server
$ sudo systemctl start/stop/restart/statussud nfs-server
|
Enabling NFS v4
1
|
$ sudo vim /etc/nfs.conf
|
1
2
3
4
5
|
[nfsd]
vers4=y
vers4.0=n
vers4.1=n
vers4.2=n
|
1
|
$ sudo vim /ect/exports
|
NFSv2 and NFSv3
1
|
/nfs/nfsshare hostname1(rw,sync,no_subtree_check) hostname2(ro,sync,no_subtree_check)
|
rw – grant write permissions.
ro – provides read-only access.
sync – synchronous access mode.
async – means that you don’t need to wait for confirmation of writing on the disk (it improves NFS performance, but reduces reliability).
1
|
/nfs/nfsshare 192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
|
root_squash - Map requests from uid/gid 0 to the anonymous uid/gid.
no_root_squash – allows the root user to get access to the NFS directory from a client (usually not recommended).
no_all_squash – enables user authentication, all_squash – allows accessing NFS share under an anonymous user.
no_subtree_check – disables a check that a user accessed a file in the directory (subtree_check is used by default).
1
|
/nfs/nfsshare 192.168.2.0/24(rw,sync,no_subtree_check,anonuid=1001,anongid=1000)
|
anonuid, anongid – map NFS user/group to the specified local user/group (UID or GID).
NFSv4
1
2
|
/srv/nfs4 gss/krb5i(rw,sync,fsid=0,crossmnt,no_subtree_check)
/srv/nfs4/homes gss/krb5i(rw,sync,no_subtree_check)
|
crossmnt – This option is similar to nohide but it makes it possible for clients to move from the filesystem marked with crossmnt to exported filesystems mounted on it.
fsid=0 – NFS server needs to be able to identify each filesystem that it exports. For NFSv4 server, there is a distinguished filesystem which is the root of all exported filesystem. This is specified with fsid=root or fsid=0 both of which mean exactly the same thing.
Export the file systems
1
2
3
|
$ sudo exportfs -a
$ sudo exportfs -arv
$ sudo exportfs -auv
|
-a Export or unexport all directories.
-r Reexport all directories
-u Unexport one or more directories.
-v Be verbose. When exporting or exporting, show what’s going on. When displaying the current export list, also display the list of export options.
1
2
3
4
|
$ showmount -a 192.168.1.1
$ showmount -d 192.168.1.1
$ showmount -e 192.168.1.1
$ showmount -v 192.168.1.1
|
-a List mounts in the format hostname:directory, where hostname is the name of the client and directory is the root directory of the mounted file system.
-d Only to list the directories mounted.
-e To print the list of exported filesystems
-v Get the version of the showmount command/package
Ubuntu 24.04.01 LTS Client
1
2
|
$ sudo apt update && sudo apt upgrade
$ sudo apt install nfs-common
|
1
|
$ sudo showmount -e 192.168.1.3
|
1
2
3
|
$ sudo mount -t nfs -o vers=4 192.168.1.3:/nfs/nfsshare /mnt
$ sudo umount /mnt
|
Ubuntu 22.04 LTS Server
1
2
3
4
5
6
7
8
9
10
11
12
13
|
$ sudo apt update && sudo apt upgrade
$ sudo hostnamectl set-hostname nfs-server.example.com --static
$ sudo apt -y install nfs-kernel-server
$ sudo systemctl enable --now nfs-server
$ sudo systemctl disable --now nfs-server
$ sudo apt autoremove nfs-server -y
$ sudo systemctl status nfs-server
$ sudo cat /proc/fs/nfsd/versions
$ nfsstat -m
$ nfsstat -s
|
Ubuntu 22.04 LTS Client
1
2
|
$ sudo mount 192.168.2.4:/home/beth/conservation /nfs/conservation
$ sudo mount 192.168.2.4:/home/beth/collection /nfs/collection
|
1
2
|
$ sudo vim /etc/fstab
192.168.0.132:/var/nfs/example /nfs/example nfs auto,nofail,noatime,nolock,intr,tcp,actimeo=1800 0 0
|
1
2
|
$ sudo umount -a
$ sudo mount -a
|
CentOS 7 & 8 Server
If you want to use NFSv4.1/4.2 only, you don’t need to run rpcbind.
1
2
3
4
5
6
7
|
$ sudo dnf install nfs-utils
$ sudo apt install nfs-common
$ sudo cat /proc/fs/nfsd/versions
$ sudo dnf install rpcbind
$ sudo systemctl start rpcbind && systemctl enable rpcbind
$ sudo systemctl start nfs-server && systemctl enable nfs-server
|
1
2
3
|
$ sudo vim /etc/nfs.conf
$ sudo vim /etc/nfsmount.conf
$ sudo systemctl start/status/stop/enable/disenable nfs-server
|
1
2
3
4
5
6
|
$ sudo mkdir -p /nfs/{aa,bbb,cccc}
$ sudo mount --bind /home/aaron /nfs/aa
$ sudo mount --bind /www/hoho /nfs/bbb
$ sudo mount --bind /tmp /nfs/ccc
$ sudo vim /etc/fstab
|
Export the file systems
1
|
$ sudo vim /etc/exports
|
1
2
3
|
/nfs/aaa 192.168.2.0/24 (rw,sync,all_squash,anonuid=1001,anongid=1000)
/nfs/bbb 192.168.2.0/24 (ro,sync,all_squash,anonuid=1001,anongid=1000)
/nfs/ccc 192.168.2.0/24 (ro,sync,all_squash,anonuid=1001,anongid=1000)
|
CentOS 7 Client
1
2
3
|
$ sudo yum -y install nfs-utils
$ sudo systemctl enable rpcbind
$ sudo systemctl start rpcbind
|
1
2
3
4
5
|
$ sudo showmount -v 显示版本号
$ sudo showmount -e localhost 显示此IP地址分享出来的目录
$ sudo showmount -e 192.168.1.1
$ sudo showmount -a 显示本地挂载的文件资源情况
$ sudo showmount -d
|
1
2
3
|
# mkdir /nfs_database
# chmod 777 /nfs_database
# mount -t nfs 192.168.2.100:/nfs_database /nfs_database
|
Debian
1
|
# apt-get install nfs-kernel-server
|
Windows 10 Client
1
2
3
|
> showmount -e 192.168.1.3
> umount V:\
> umount -f -a
|
Windows Key + R to open the Run dialog, type “optionalfeatures”, and press Enter.
enable the list “Services for NFS” > “Client for NFS”.
Windows Key + R to open the Run dialog, type “regedit”, and press Enter.
New > QWORD (64-bit) Value
1
2
3
|
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default]
"AnonymousGid"="1108"
"AnonymousUid"="1109"
|
Windows Key + R to open the Run dialog, type “power shell”, and press Enter.
1
2
|
New-ItemProperty HKLM:\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default -Name AnonymousUID -Value 1109 -PropertyType "DWord"
New-ItemProperty HKLM:\SOFTWARE\Microsoft\ClientForNFS\CurrentVersion\Default -Name AnonymousGID -Value 1108 -PropertyType "DWord"
|
Firewall
UFW
IPTables
1
2
3
4
|
$ sudo iptables -t filter -A INPUT -p tcp --dport 2049 -j ACCEPT
$ sudo iptables -t filter -A INPUT -p tcp --dport 20048 -j ACCEPT
$ sudo service iptables save
$ sudo service iptables restart
|
Firewalld
1
2
3
4
5
|
$ sudo firewall-cmd --permanent --add-port=111/tcp
$ sudo firewall-cmd --permanent --add-port=20048/tcp
$ sudo firewall-cmd --permanent --add-service=nfs
$ sudo firewall-cmd --zone=public --permanent --add-service={rpc-bind,mountd,nfs}
$ sudo firewall-cmd --reload
|
Notes
CEE-1999-0554
1
|
$ sudo vim /etc/hosts.allow
|
1
|
$ sudo vim /etc/hosts.deny
|
Transmission speed optimization
1
2
3
4
5
6
7
|
$ time dd if=/dev/zero of=/tmp/testfile.dat bs=8k count=16384
$ time dd if=/dev/zero of=/tmp/testfile.dat bs=16k count=16384
$ time dd if=/dev/zero of=/tmp/testfile.dat bs=32k count=16384
$ time dd if=/tmp/testfile.dat of=/dev/null bs=8k
$ time dd if=/tmp/testfile.dat of=/dev/null bs=16k
$ time dd if=/tmp/testfile.dat of=/dev/null bs=32k
|
1
|
$ sudo vim /etc/nfsmount.conf
|
1
2
3
4
5
6
7
8
|
# Maximum Read Size (in Bytes)
# Rsize=8k
#
# Maximum Write Size (in Bytes)
# Wsize=8k
#
# Maximum Server Block Size (in Bytes)
# Bsize=8k
|