NFS basics under Linux

NFS overview

NFS is the abbreviation of Network FileSystem, which was first developed by Sun. His biggest function is to make different machines, different operating systems
, share their own files (share file) through the network, so you can simply think of him as a file server. . This NFS Server allows your PC to mount the directory shared by the remote NFS host on the network to the local machine. Therefore, the local machine looks like the remote host's directory is like its own partition. The remote machine that gives you the share is the server, and your pc is the client.

The NFS protocol has been released since its inception, such as NFS V2 (rfc1094), NFS V3 (rfc1813), and the latest version is V4 (rfc3010).

V3 adds a lot of functions to V2. One of the important functions is to add the asynchronous write feature. Here is an introduction:

Can NFS V3 use asynchronous writes? This is an optional feature. The NFS V3 client sends an asynchronous write request to the server, and the server does not have to write data to the memory (stable) before replying to the client. The server can determine when to write data or aggregate multiple write requests together and process them, then write. The client can keep a copy of the data in case the server cannot write the data completely. When the client wants to release the copy, it passes the process to the server to ensure that each step is complete. Asynchronous writes enable the server to determine the best strategy for synchronizing data. Make the data arrive as close as possible to the arrival of the data. Compared with V2, such a mechanism can better achieve data buffering and more parallel (balance). The NFS V2 SERVER can no longer write any write requests before writing data to the memory.

So how is NFS implemented?

RPC Overview

Although NFS has its own protocol and port number used, when data transfer or other related information is delivered NFS uses a protocol called Remote Procedure Call (RPC) to assist in the operation of NFS itself.

When we use some services for remote connection, some information, such as the IP of the host, the port number of the service, and the PID of the corresponding service, need to be managed and corresponding. The work of these management ports corresponding to the service relevance is the task of this Remote Procedure Call, RPC.

The NFS service itself does not provide a protocol for data transfer, but NFS allows us to share files. The reason for this is that NFS uses some other related transport protocols. The protocol for these transmissions is to use the so-called RPC function. That is to say, NFS itself is a program that uses RPC. To put it more bluntly, NFS can also be regarded as an RPC server.

At the same time, it should be noted that in some situations, not only the server running NFS needs to activate the RPC service, but also the client machine that mounts the NFS partition, and also needs to activate RPC synchronously. The reason is that this can be done so that the server side and the client side can perform the program port correspondence by the RPC protocol. NFS mainly manages the shared directories, and as far as the data is passed, it will be directly lost to the RPC protocol.

So, what kind of daemons are needed to access the files on the server side, that is, the server side needs to provide NFS services. Which daemon programs are needed? From the previous discussion, we can know that the nfs server is actually an rpc server, so the daemon that provides nfs is the rpc daemon.

NFS Server RPC daemons

The client needs to access the nfs server file, the NFS server must have NFS service, and the NFS service is It is done by the following two background processes.

2, rpc.mountd: The main function of this daemon is to manage the NFS file system.

When the client successfully logs in to the host through rpc.nfsd, it can pass the file usage permission before it can use the file provided by the NFS server (that is, the -rwxrwxrwx and owner, group those permissions) ) the certification process. He will read the NFS configuration file /etc/exports to compare the permissions of the client. After passing this level, the client can obtain the permission to use the NFS file. (Note: This is also the place we use to manage the usage rights and security settings of the NFS shared directory).

To get NFS up and running externally, a total of two packages are required. They are:

1, nfs-utils: is to provide rpc.nfsd and rpc.mountd these two NFS daemons and other related documents and documentation, executable files, etc. This is the main package of NFS.

2, portmap: Improve port mapping.
As just mentioned, our NFS can actually be regarded as an RPC server program, and before we can activate any RPC server program, we need to do the mapping work of the port. The job is actually responsible for the "portmap" service. In other words, we need to activate portmap before activating any RPC server.

So what is the portmap doing? Just like the name of this service, it is the mapping of the port. For example: When the client tries to use the service provided by the RPC server, the client needs to obtain a port that can be connected to use the service provided by the RPC server. Therefore, the client will first talk to the portmap. Can you tell me, give me a port number, so I can contact RPC! 』, this time portmap will automatically inform the client of the port mapping managed by him, so that he can connect to the server.

So: "Activate portmap before activating NFS"

NFS client settings

Client-side Setting, in fact, is to say how the client should mount the host's directory, of course, using the mount directory, its syntax:

#mount -t nfs hostname(orIP):/directory /mountpoint

In order to worry about the program execution of the SUID privilege file that will be accidentally linked to the NFS side, root can mount the NFS shared directory in a more secure situation,

#mount -t Nfs -o nosuid,ro hostname:/directory /mountponit

Additional optional parameters for mount nfs:

1, HARD mount and SOFT MOUNT:

HARD:NFS CLIENT will continue to try to connect with SERVER (in the background, will not give any prompt information, some versions in Linux will still give some tips), until MOUNT.

SOFT: It will try to connect with SERVER in the foreground, which is the default connection method. The mount attempt is terminated when an error message is received and the relevant information is given.

Example: mount -F nfs -o hard 192.168.0.10:/nfs /nfs

For the question of whether to use hard or soft, it depends mainly on what information you access. For example, if you want to run X PROGRAM via NFS, you definitely don't want the system to output a lot of error messages due to some unexpected situations (such as the network speed becoming very slow, plugging in the network card plug, etc.). If you are using the HARD method at this time, the system will wait until it can re-establish connection with NFS SERVER to transfer information. In addition, if it is non-critical data, you can also use SOFT mode, such as FTP data, so that your session will not be suspended when the remote machine is temporarily connected or closed.