NFS Notes - Debian debian should start all NFS server daemons once it detects changes to /etc/exports file. server:/etc/exports /share client(rw) # read/write /share client(ro) # read only - the default setting /share client(rw,sync|async) # if you do not want to trust the root acount of a client, # the following will distrust the root user of the client: /share client(rw,root_squash) # root_squash is default /share client(rw,no_root_squash) # root_squash is default server:/etc/hosts.allow portmap: ALL # all portmap: 192.168.1.0/255.255.255.0 # subnet (no hostnames) If you come back and change your /etc/exports file, the changes you make may not take effect immediately. You should run the command exportfs -ra to force nfsd to re-read the /etc/exports file. If you can't find the exportfs command, then you can kill nfsd with the -HUP flag (see the man pages for kill for details). The 'portmap' application must be setup on the server machine. Remote access to the portmap application is governed by the host's files: hosts.allow and hosts.deny. The command 'rpcinfo -p' can be used to test the configuration of these files. These applications must be installed and running on the NFS server: rpc.mountd - NFS mount daemon rpc.nfsd - NFS server process The portmapper operates on port 111 for both udp and tcp. The mound operates on ports 745 and 747 for tcp and udp respectively. You can check the ports with the 'rpcinfo -p' command. /usr/sbin/exportfs: #!/bin/sh killall -HUP /usr/sbin/rpc.mountd killall -HUP /usr/sbin/rpc.nfsd -------------------------------------------------------------------------------- client mount -o rsize=1024,wsize=1024 sapphire:/usr /mnt/tmp umount /mnt/tmp The 'rsize' and 'wsize' option arguments are "read-size" and "write-size" respectively. The default is 4096, and 8192 respectively. test write performance time dd if=/dev/zero of=/mnt/tmp/testfile bs=16k count=4096 test read performance time dd if=/mnt/tmp/testfile of=/dev/null bs=16k client:/etc/fstab server:/usr /mnt/tmp nfs rsize=1024,wsize=1024 0 0 server:/usr /mnt/tmp nfs rsize=1024,wsize=1024,hard,intr 0 0 You will most likely want to increase the block sizes in multiples of 1024 (eg. 1024, 2048, 3072, etc). The largest possible rsize and wsize block size in NFS version 2 is 16384. An rsize and wsize that is too large is not always immediately apparent. Incomplete file listings with 'ls' and no error messages or reading files fails mysteriously is a symptom of a block size that is too large. Linux 1.3+ kernels perform read-ahead for rsizes that are larger or equal to the machines page size. On the Intel platforms the page size is 4096. Read ahead will significantly increase the NFS read performance. Therefore, on Intel platforms, you will want a 4096 byte rsize if possible. Mounting errors and their meanings: mount: sapphire:/usr failed, reason given by server: Permission denied If you receive an error for permission denied, check your setup in the "/etc/exports" file. Make sure you ran the 'exportfs' command when you made the changes or when you correct your mistakes. mount clntudp_create: RPC: Program not registered Make sure that 'mountd' and 'nfsd' is running on the server. Also, check the 'hosts.allow' and 'hosts.deny' file configurations. -------------------------------------------------------------------------------- /etc/hosts.deny portmap:ALL Starting with nfs-utils 0.2.0, you can be a bit more careful by controlling access to individual daemons. It's a good precaution since an intruder will often be able to weasel around the portmapper. If you have a newer version of nfs-utils, add entries for each of the NFS daemons (see the next section to find out what these daemons are; for now just put entries for them in hosts.deny): lockd:ALL mountd:ALL rquotad:ALL statd:ALL /etc/hosts.allow portmap: 192.168.0.1 , 192.168.0.2 For recent nfs-utils versions, we would also add the following (again, these entries are harmless even if they are not supported): lockd: 192.168.0.1 , 192.168.0.2 mountd: 192.168.0.1 , 192.168.0.2 rquotad: 192.168.0.1 , 192.168.0.2 statd: 192.168.0.1 , 192.168.0.2