Mounting options in linux

Common NFS mount options in Linux

It is important to know the parameters used while mounting the NFS mount points on clients. It is particularly important to know them if you are facing a performance issue or a functional issue with the NFS mount point. Below is the list of options used while mounting NFS mount points as shown in the syntax below.

rw (read/write) / ro (read-only)

– Use rw for data that users need to modify. In order for you to mount a directory read/write, the NFS server must export it read/write.
– Use ro for data you do not want users to change. A directory that is automounted from several servers should be read-only, to keep versions identical on all servers.
– the default is rw.

suid / nosuid

– Specify suid if you want to allow mounted programs that have setuid permission to run with the permissions of their owners, regardless of who starts them. If a program with setuid permission is owned by root, it will run with root permissions, regardless of who starts it.
– Specify nosuid to protect your system against setuid programs that may run as root and damage your system.
– the default is suid.

hard / soft

– Specify hard if users will be writing to the mounted directory or running programs located in it. When NFS tries to access a hard-mounted directory, it keeps trying until it succeeds or someone interrupts its attempts. If the server goes down, any processes using the mounted directory hang until the server comes back up and then continue processing without errors. Interruptible hard mounts may be interrupted with CTRL-C or kill (see the intr option, later).
– Specify soft if the server is unreliable and you want to prevent systems from hanging when the server is down. When NFS tries to access a soft-mounted directory, it gives up and returns an error message after trying retrans times (see the retrans option, later). Any processes using the mounted directory will return errors if the server goes down.
– Default is hard

intr / nointr

– Specify intr if users are not likely to damage critical data by manually interrupting an NFS request. If a hard mount is interruptible, a user may press [CTRL]-C or issue the kill command to interrupt an NFS mount that is hanging indefinitely because a server is down.
– Specify nointr if users might damage critical data by manually interrupting an NFS request, and you would rather have the system hang while the server is down than risk losing data between the client and the server.
– The default is intr.

fg (foreground) / bg (background)

– Specify fg for directories that are necessary for the client machine to boot or operate correctly. If a foreground mount fails, it is retried again in the foreground until it succeeds or is interrupted. All automounted directories are mounted in the foreground; you cannot specify the bg option with automounted directories.
– Specify bg for mounting directories that are not necessary for the client to boot or operate correctly. Background mounts that fail are re-tried in the background, allowing the mount process to consider the mount complete and go on to the next one. If you have two machines configured to mount directories from each other, configure the mounts on one of the machines as background mounts. That way, if both systems try to boot at once, they will not become deadlocked, each waiting to mount directories from the other. The bg option cannot be used with automounted directories.
– The default is fg.

devs / nodevs

– Specify devs if you are mounting device files from a server whose device files will work correctly on the client. The devs option allows you to use NFS-mounted device files to read and write to devices from the NFS client. It is useful for maintaining a standard, centralized set of device files, if all your systems are configured similarly.
– Specify nodevs if device files mounted from a server will not work correctly for reading and writing to devices on the NFS client. The nodevs option generates an error if a process on the NFS client tries to read or write to an NFS-mounted device file.
– The default is devs.

timeo=n

– The timeout, in tenths of a second, for NFS requests (read and write requests to mounted directories). If an NFS request times out, this timeout value is doubled, and the request is retransmitted. After the NFS request has been retransmitted the number of times specified by the retrans option (see below), a soft mount returns an error, and a hard mount retries the request. The maximum timeo value is 30 (3 seconds).
– Try doubling the timeo value if you see several servers not responding messages within a few minutes. This can happen because you are mounting directories across a gateway, because your server is slow, or because your network is busy with heavy traffic.
– Default is timeo=7

retrans=n

– The number of times an NFS request (a read or write request to a mounted directory) is retransmitted after it times out. If the request does not succeed after n retransmissions, a soft mount returns an error, and a hard mount retries the request.
– Increase the retrans value for a directory that is soft-mounted from a server that has frequent, short periods of downtime. This gives the server sufficient time to recover, so the soft mount does not return an error.
– The default is retrans=4.

retry=n

– The number of times the NFS client attempts to mount a directory after the first attempt fails. If you specify intr, you can interrupt the mount before n retries. However, if you specify nointr, you must wait until n retries have been made, until the mount succeeds, or until you reboot the system.
– If mounts are failing because your server is very busy, increasing the retry value may fix the problem.
– The default is retry=1.

rsize=n

– The number of bytes the NFS client requests from the NFS server in a single read request.
– If packets are being dropped between the client and the server, decrease rsize to 4096 or 2048. To find out whether packets are being dropped, issue the “nfsstat -rc” command at the HP-UX prompt. If the timeout and retrans values returned by this command are high, but the badxid number is close to zero, then packets are being dropped somewhere in the network.
– The default is rsize=8192.

wsize=n

– The number of bytes the NFS client sends to the NFS server in a single write request.
– If packets are being dropped between the client and the server, decrease wsize to 4096 or 2048. To find out whether packets are being dropped, issue the “nfsstat -rc” command at the HP-UX prompt. If the timeout and retrans values returned by this command are high, but the badxid number is close to zero, then packets are being dropped somewhere in the network.
– The default is wsize=8192.

O (Overlay mount)

– Allows the file system to be mounted over an existing mount point, making the underlying file system inaccessible. If you attempt to mount a file system over an existing mount point without the -O option, the mount will fail with the error device busy.
– Caution: Using the -O mount option can put your system in a confusing state. The -O option allows you to hide local data under an NFS mount point without receiving any warning. Local data hidden beneath an NFS mount point will not be backed up during regular system backups.
– On HP-UX, the -O option is valid only for NFS-mounted file systems. For this reason, if you specify the -O option, you must also specify the -F nfs option to the mount command or the nfs file system type in the /etc/fstab file.
– The default value is not specified for the parameter.

remount

– If the file system is mounted read-only, this option remounts it read/write. This allows you to change the access permissions from read-only to read/write without forcing everyone to leave the mounted directory or killing all processes using it.
– The Default value is not specified for this parameter.

– If specified, this option prevents the NFS client from caching attributes for the mounted directory.
– Specify noac for a directory that will be used frequently by many NFS clients. The noac option ensures that the file and directory attributes on the server are up to date, because no changes are cached on the clients. However, if many NFS clients using the same NFS server all disable attribute caching, the server may become overloaded with attribute requests and updates. You can also use the actimeo option to set all the caching timeouts to a small number of seconds, like 1 or 3.
– If you specify noac, do not specify the other caching options.
– The Default value is not specified for this parameter.

nocto

– If specified, this option suppresses fresh attributes when opening a file.
– Specify nocto for a file or directory that never changes, to decrease the load on your network.
– The Default value is not specified for this parameter.

acdirmax=n

– The maximum number of seconds a directory’s attributes are cached on the NFS client. When this timeout period expires, the client flushes its attribute cache, and if the attributes have changed, the client sends them to the NFS server.
– For a directory that rarely changes or that is owned and modified by only one user, like a user’s home directory, you can decrease the load on your network by setting acdirmax=120 or higher.
– The Default value is acdirmax=60.

acdirmin=n

– The minimum number of seconds a directory’s attributes are cached on the NFS client. If the directory is modified before this timeout expires, the timeout period is extended by acdirmin seconds.
– For a directory that rarely changes or that is owned and modified by only one user, like a user’s home directory, you can decrease the load on your network by setting acdirmin=60 or higher.
– The Default value is acdirmin=30.

acregmax=n

– The maximum number of seconds a file’s attributes are cached on the NFS client. When this timeout period expires, the client flushes its attribute cache, and if the attributes have changed, the client sends them to the NFS server.
– For a file that rarely changes or that is owned and modified by only one user, like a file in a user’s home directory, you can decrease the load on your network by setting acregmax=120 or higher.
– The Default value is acregmax=60.

actimeo=n

– Setting actimeo to n seconds is equivalent to setting acdirmax, acdirmin, acregmax, and acregmin to n seconds.
– Set actimeo=1 or actimeo=3 for a directory that is used and modified frequently by many NFS clients. This ensures that the file and directory attributes are kept reasonably up to date, even if they are changed frequently from various client locations.
– Set actimeo=120 or higher for a directory that rarely or never changes.
– If you set the actimeo value, do not set the acdirmax, acdirmin, acregmax, or acregmin values.
– The default value is not set for this parameter.

vers=n

– The version of the NFS protocol to use. By default, the local NFS client will attempt to mount the file system using NFS version 3. If the NFS server does not support version 3, the file system will be mounted using version 2.
– If you know that the NFS server does not support version 3, specify vers=2, and you will save time during the mount, because the client will not attempt to use version 3 before using version 2.
– The default value for the parameter is vers=3.

grpid

– Forces a newly created file in the mounted file system to inherit the group ID of the parent directory.
– By default, a newly created file inherits the effective group ID of the calling process, unless the GID bit is set on the parent directory. If the GID bit is set, the new file inherits the group ID of the parent directory.
– The default value is not set for this parameter.

Источник

NFS mount options | NFS exports options | Beginners Guide

Table of Contents

In this article we will learn about most used NFS mount options and NFS exports options with examples. I have tried to be as simple as possible in my examples so that even a beginner to Linux can understand these and then make a decision to use the respective NFS mount and export options in his/her setup.

There are two types of permissions which can be implemented between NFS Server and Client

1. NFS Server Side (NFS Exports Options)
2. NFS Client side (NFS Mount Options)

Let us jump into the details of each type of permissions. I have already configured a NFS server and client to demonstrate about NFS mount options and NFS exports options as this is a pre-requisite to this article.

NFS Exports Options

NFS exports options are the permissions we apply on NFS Server when we create a NFS Share under /etc/exports

Below are the most used NFS exports options in Linux

NFS exports options example with secure vs insecure

• With secure the port number from which the client requests a mount must be lower than 1024.
• The secure permission is on by default.
• To turn it off, specify insecure instead

Below I have shared /nfs_shares folder on the NFS Server

As you see by default NFS exports options takes secure

In such case the client will be forced to use port number less than 1024 to access the NFS shares. Here as you see client is using port 867 to access the share.

To allow client any available free port use insecure in the NFS share

Next re-export your shares

Verify the NFS Share permissions

So now a client is free to use any port. Using insecure does not mean that you are forcing a client to use port higher than 1024, a client can still use a port value lesser than 1024, it is just that now the client will also be allowed to connect to NFS server with higher port numbers which are considered insecure.

NFS exports options example with ro vs rw

I believe the naming syntax explains the definition here.

• ro means read-only access to the NFS Share
• rw means read write access to the NFS Share

But what if you share a directory as read-only but mount the NFS share as read-write?

In the below example I have shared /nfs_shares with read-only permission

List the available shares

But on the NFS Client, I will mount the NFS Share with read write permission

Verify if the mount was successful. As you see the NFS share is mounted as read write

Let us try to create a file in our NFS mount point on the client

So I hope this is clear, if a directory is shared as read only then you will not be allowed to perform any write operation on that directory, even if you mount the share using read write permission.

root_squash vs no_root_squash

• If you read the text carefully, the text itself explains the meaning of the parameter.
• Here, squash literally means to squash (destroy) the power of the remote root user or don’t squash the power of the remote root user
• root_squash prevents remote root users from having superuser (root) privileges on remote NFS-mounted volumes.
• no_root_squash allows root user on the NFS client host to access the NFS-mounted directory with the same rights and privileges that the superuser would normally have.

NFS exports options root_squash example

Let us understand root_squash with some examples:

I have a directory /nfs_shares with 700 permission on my NFS Server. So only user owner is allowed to read, write and execute in this directory

Now this directory is shared va NFS Server using /etc/exports. I have given read write permission and all other permissions are set to default

Re-export the shares

List the shared directories

On the Client I will mount the NFS Share to /mnt

Next let me try to navigate to the NFS mount point

Here since we have used default NFS exports options, the NFS share will be mounted as nobody user.
Also we had given 700 permission for /nfs_shares which means no permission for » others « so » nobody » user is not allowed to do any activity in /nfs_shares

Next I will give read and execute permission to others for /nfs_shares on the NFS Server

Now I will be allowed to navigate inside the mount point

but since there is no write permission, even root user will not be allowed to write inside /mnt

Next I will also give write access to /nfs_shares (so now others have full access to /nfs_shares )

Now I should be allowed to write inside /mnt (where /nfs_shares is mounted)

As expected the we were able to create a file and this file is created with nobody user and group permission as we are using root_squash on the NFS Share

NFS exports options no_root_squash example

Next let’s see the the behaviour of no_root_squash

I will update the NFS exports options on NFS Server to use no_root_squash

Re-export the shares

List the properties of the NFS Shares on the NFS Server

On the NFS client now if I create a new file

So the new file is created with root permission.

This should prove the fact that the NFS share is accessed as root user with no_root_squash .

Understanding all_quash vs no_all_squash

• all_squash will map all User IDs (UIDs) and group IDs (GIDs) to the anonymous user.
• all_squash is useful for NFS-exported public FTP directories, news spool directories
• By default no_all_squash is applied to the NFS Shares

Understanding sync vs aysnc

• With sync reply to requests are done only after the changes have been committed to stable storage
• While async allows the NFS server to violate the NFS protocol and reply to requests before any changes made by that request have been committed to stable storage
• Using aysnc option usually improves performance, but at the cost that an unclean server restart (i.e. a crash) can cause data to be lost or corrupted.

NFS Mount Options with mount

NFS Mount Options are the ones which we will use to mount a NFS Share on the NFS Client.

Below are the most used NFS mount options we are going to understand in this article with different examples.

Hard Mount vs Soft Mount

• By default all the NFS Shares are mounted as hard mount
• With hard mount if a NFS operation has a major timeout, a «server not responding» message is reported and the client continues to try indefinitely
• With hard mount there are chances that a client performing operations on NFS Shares can get stuck indefinitiley if the NFS server becomes un-reachable
• Soft mount allows client to timeout the connection after a number of retries specified by retrams=n

NFS mount options hard mount example

In this NFS mount point example, I will mount my NFS share using hard mount

Check the share properties to make sure hard mount is implemented.

Next I will create a small script to write to NFS Shares and also print on screen so we know the progress or the script:

Next I executed the script on client node

During the execution after «4» was printed, I stopped the nfs-server service

On Client node I started getting these messages in /var/log/messages

Then I started NFS Server service after which the client was able to establish the connection with NFS server

And our script on client node again started to write on the NFS Share

So we see there was no data loss with hard mount

Advantage and Disadvantage of NFS Hard Mount

• The demerit of hard mount is that this will consume more resources on your system, as your client will hold the write process until the NFS server is UP.
• This can be used in mission critical systems where data is more important to make sure the data is not lost while writing to NFS Shares

NFS mount options Soft Mount example

Let us also examine the behaviour with NFS Soft Mount in our NFS mount options example»

First I will un-mount the NFS Share. Although I could also do a remount but let’s keep it simple.

Then I will do a soft mount along with some more values such as retrans=2 and timeo=60
So the client will transmit two packets at an interval of 60 seconds before announcing the NFS Server as unreachable

Verify the NFS Mount Options on the client

Next we will again execute our script

Here I have stopped the nfs-server service to make my server unreachable.

In couple of seconds we start getting the below alarms in /var/log/messages which is similar to hard mount

But the script continues to execute even if it fails to write on the NFS Shares

Advantage and Disadvantage of NFS Soft Mount

• So this can lead to data loss in real time environment.
• Although in this example if I start the nfs-server , the server would be reachable again and the client will again start writing to the NFS share but while the time our NFS Server was un-reachable, that data would be lost.
• So in production environment where data is important, it is recommended to use hard mount as preferred NFS mount options.

Define NFS version while mounting NFS Share

• You can explicitly define the NFS version you wish to use to mount the NFS Share.
• RHEL/CentoS 7/8 by default support NFSv3 and NFSv4 (unless you have explicitly disabled either of them).
• So the client has an option to define the NFS version it wants to use to connect to the NFS Server
• You can use nfsvers=n to define the NFS version

For example:
To mount NFS Share using NFSv4

Similarly to mount NFS Share using NFSv3

Recommended NFS Mount Options

Use wsize and rsize mount option

• There is no ‘default’ value for rsize and wsize . The ‘ default ‘ is to use the largest value that both the client and server support.
• If rsize / wsize is not specified in the mount options, the client will query the server and will use the largest size that both support.
• If rsize / wsize is specified in the mount options and it exceeds the maximum value that either the client or server support, the client will use the largest size that both support.
• However based on your system resources and requirement, you can choose to define your own rsize and wsize value

You can define your own wsize and rsize using

Verify the new properties

For more details on the supported maximum read and write size with different Red Hat kernels check
What are the default and maximum values for rsize and wsize with NFS mounts?

Use intr mount option

• When a process makes a system call, the kernel takes over the action.
• During the time that the kernel is handling the system call, the process may not have control over itself.
• When there’s an error, however, it can be quite a nuisance.
• Because of this, NFS has an option to mount file systems with the interruptible flag (the intr option), which allows a process that is waiting on an NFS request to give up and move on.
• In general, unless you have reason not to use the intr option, it is usually a good idea to do so.

Using bg and fg NFS mount options

• I wouldn’t blindly recommend this and it mostly depends on your use case.
• These options can be used to select the retry behavior if a mount fails.
• The bg option causes the mount attempts to be run in the background.
• The fg option causes the mount attempt to be run in the foreground.
• The default is fg , which is the best selection for file systems that must be available. This option prevents further processing until the mount is complete.
• bg is a good selection for noncritical file systems because the client can do other processing while waiting for the mount request to be completed.

NFS Mount Options with Fstab

If you mount a share using mount command then the changes will be intact only for the current session and post reboot you will have to again mount the NFS share

To make persistent changes you must create a new entry in /etc/fstab with the NFS share details. In /etc/fstab you can define any additional NFS mount options for the share path

For example:
In this NFS mount options example I will mount /nfs_shares path as soft mount, NFSv3, timeout value of 600 and retrans value of 5

Save and exit the /etc/fstab file

Next execute mount -a to mount all the paths from /etc/fstab

Lastly I hope the steps from the article to understand NFS Exports Options and NFS Mount Options on Linux was helpful. So, let me know your suggestions and feedback using the comment section.

Related Searches: nfs mount options performance, linux nfs mount options example, nfs exports options example, nfs client options, nfs unix commands, linux mount options

Related Posts

Didn’t find what you were looking for? Perform a quick search across GoLinuxCloud

If my articles on GoLinuxCloud has helped you, kindly consider buying me a coffee as a token of appreciation.

For any other feedbacks or questions you can either use the comments section or contact me form.

Thank You for your support!!

Источник