Network Filesystem (NFS)

NFS (Network File System) is basically developed for sharing of files

and folders between Linux/Unix systems by Sun Microsystems in 1980.
It allows you to mount your local file systems over a network and
remote hosts to interact with them as they are mounted locally on the
same system.
With the help of NFS, we can set up file sharing between Unix to Linux
system and Linux to Unix system.

Benefits of NFS :

NFS allows local access to remote files.

It uses standard client/server architecture for file sharing between
all *nix based machines.
With NFS it is not necessary that both machines run on the same OS.
With the help of NFS we can configure centralized storage solutions.
Users get their data irrespective of physical location.
No manual refresh needed for new files.
Newer version of NFS also supports acl, pseudo root mounts.
Can be secured with Firewalls and Kerberos.

NFS Services :

It's a System V-launched service. The NFS server package includes

three facilities, included in the portmap and nfs-utils packages.

portmap : It maps calls made from other machines to the correct RPC
service (not required with NFSv4).
nfs: It translates remote file sharing requests into requests on the
local file system.
rpc.mountd: This service is responsible for mounting and unmounting of
file systems

Important Files for NFS Configuration

/etc/exports : It's a main configuration file of NFS, all exported

files and directories are defined in this file at the NFS Server end.
/etc/fstab : To mount a NFS directory on your system across the
reboots, we need to make an entry in /etc/fstab.
/etc/sysconfig/nfs : Configuration file of NFS to control on which
port rpc and other services are listening.
 Setup and Configure NFS Mounts on Linux Server

To setup NFS mounts, we’ll be needing at least two Linux/Unix

machines. Here in this tutorial, I’ll be using two servers.

NFS Server: IP-192.168.56.103

NFS Client : IP-192.168.0.101

We need to install NFS packages on our NFS Server as well as on NFS

Client machine. We can install it via “yum” (Red Hat Linux)

[root@server~]# yum install nfs-utils

root@server ~]# rpm -qa | grep nfs

nfs-utils-1.3.0-0.48.el7.x86_64
nfs4-acl-tools-0.3.3-15.el7.x86_64
libnfsidmap-0.25-17.el7.x86_64

[root@client~]# yum install nfs-utils

root@client ~]# rpm -qa | grep nfs

nfs-utils-1.3.0-0.48.el7.x86_64
nfs4-acl-tools-0.3.3-15.el7.x86_64
libnfsidmap-0.25-17.el7.x86_64

To start nfs Service in Server

[root@server ~]# systemctl start nfs.service

To enable nfs Service in server at boot time :

[root@server ~]# systemctl enable nfs.service

Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-
server.service to /usr/lib/systemd/system/nfs-server.service.
[root@server ~]#

To start nfs Service in client

[root@client ~]# systemctl start nfs.service

To enable nfs Service in client at boot time :

[root@client ~]# systemctl enable nfs.service

Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-
server.service to /usr/lib/systemd/system/nfs-server.service.
[root@client ~]#

In Server and in Client Machine Check Port 2049 and 111 should be
open. If Firewall is enabled ,Both the port should be opened

[root@server etc]# netstat -antup |grep 2049

tcp 0 0 0.0.0.0:2049 0.0.0.0:*
LISTEN -
tcp6 0 0 :::2049 :::*
LISTEN -
udp 0 0 0.0.0.0:2049 0.0.0.0:*
-
udp6 0 0 :::2049 :::*
-
[root@server etc]# netstat -antup |grep 111
tcp 0 0 0.0.0.0:111 0.0.0.0:*
LISTEN 1/systemd
tcp6 0 0 :::111 :::*
LISTEN 1/systemd
udp 0 0 0.0.0.0:111 0.0.0.0:*
2922/rpcbind
udp6 0 0 :::111 :::*
2922/rpcbind
[root@server etc]#

If Port 111 and 2049 is not open at client -server open Port

[root@server etc]# firewall-cmd --zone=public --permanent --add-

port=111/tcp
[root@server etc]# firewall-cmd --zone=public --permanent --add-
port=2049/tcp
[root@server etc]# firewall-cmd --reload

[root@client etc]# firewall-cmd --zone=public --permanent --add-

port=111/tcp
[root@client etc]# firewall-cmd --zone=public --permanent --add-
port=2049/tcp
[root@client etc]# firewall-cmd --reload
In Server-client Machine Add Following service to firewall.

[root@server ~]# firewall-cmd --permanent --add-service=nfs

[root@server ~]# firewall-cmd --permanent --add-service=mountd
[root@server ~]# firewall-cmd --permanent --add-service=rpc-bind
[root@server ~]# firewall-cmd --reload

[root@client ~]# firewall-cmd --permanent --add-service=nfs

[root@client ~]# firewall-cmd --permanent --add-service=mountd
[root@client ~]# firewall-cmd --permanent --add-service=rpc-bind
[root@client ~]# firewall-cmd --reload

In Server Verify portmapper, mountd and nfs is running

[root@server ~]# rpcinfo -p

program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 53245 status
100005 1 udp 20048 mountd
100024 1 tcp 49155 status
100005 1 tcp 20048 mountd
100005 2 udp 20048 mountd
100005 2 tcp 20048 mountd
100005 3 udp 20048 mountd
100005 3 tcp 20048 mountd
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 3 tcp 2049 nfs_acl
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 3 udp 2049 nfs_acl
100021 1 udp 40535 nlockmgr
100021 3 udp 40535 nlockmgr
100021 4 udp 40535 nlockmgr
100021 1 tcp 36405 nlockmgr
100021 3 tcp 36405 nlockmgr
100021 4 tcp 36405 nlockmgr
[root@server ~]#
In Client Machine Verify portmapper, mountd and nfs is running

[root@client ~]# rpcinfo -p 192.168.56.103

program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 57957 status
100024 1 tcp 45593 status
100005 1 udp 20048 mountd
100005 1 tcp 20048 mountd
100005 2 udp 20048 mountd
100005 2 tcp 20048 mountd
100005 3 udp 20048 mountd
100005 3 tcp 20048 mountd
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 3 tcp 2049 nfs_acl
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100227 3 udp 2049 nfs_acl
100021 1 udp 52722 nlockmgr
100021 3 udp 52722 nlockmgr
100021 4 udp 52722 nlockmgr
100021 1 tcp 34123 nlockmgr
100021 3 tcp 34123 nlockmgr
100021 4 tcp 34123 nlockmgr
[root@client ~]#

After installing packages and starting services on both the machines,

we need to configure both the machines for file sharing.

Configuring the NFS Server

Step 1:Configure Export directory

For sharing a directory with NFS, we need to make an entry in

“/etc/exports” configuration file. Here I’ll be creating a new
directory named “NetworkSharing” in “/” partition to share with client
server, you can also share an already existing directory with NFS.
 [root@server ~]# mkdir /NetworkSharing ;chmod 1777 /NetworkSharing
[root@server ~]#

[root@server ~]# ls -ld /NetworkSharing

drwxrwxrwt. 2 root root 6 Oct 11 14:17 /NetworkSharing
[root@server ~]#

Step 2: Make an Entry in /etc/exports file

Now we need to make an entry in “/etc/exports” and restart the

services to make our directory shareable in the network.

[root@server /]# cat /etc/exports

/NetworkSharing 192.168.56.101(rw,sync,no_root_squash)
[root@server /]#

Most common exports options

/NetworkSharing export /NetworkSharing directory for host with IP

192.168.56.101(rw,sync) 192.168.56.101 with read, write permissions, and
synchronized mode

/NetworkSharing192.168.56.101 export /NetworkSharing directory for network

(ro,sync) 192.168.56.101 netmask 255.255.255.0 with read only
permissions and synchronized mode

/NetworkSharing192.168.56.101 export /NetworkSharing directory for host with IP

(rw,sync) 192.168.56.102(ro,sync) 192.168.56.101 with read, write permissions,
synchronized mode, and also export /NetworkSharing
directory for hosts with IP 192.168.56.102 with read
only permissions and synchronized mode

/NetworkSharing192.168.56.101 export /NetworkSharing directory for host with IP

(rw,sync,no_root_squash) 192.168.56.101 with read, write permissions,
synchronized mode and the remote root user will be
treated as a root and will be able to change any file and
directory.
 /NetworkSharing*(ro,sync) export /NetworkSharing directory for any host with a
read only permission and synchronized mode

/NetworkSharing goutam.com (rw, export /NetworkSharing directory for hostname

sync) goutam.com with read, write permissions and
synchronized mode

In the above example, there is a directory in / partition named

“/NetworkSharing ” is being shared with client IP “192.168.56.101”
with read and write (rw) privilege,

you can also use hostname of the client in the place of IP in above
example.

NFS Server :Export Options

Some other options we can use in “/etc/exports” file for file sharing
is as follows.

ro: With the help of this option we can provide read only access to
the shared files i.e client will only be able to read.
rw: This option allows the client server to both read and write access
within the shared directory.
sync: Sync confirms requests to the shared directory only once the
changes have been committed.
no_subtree_check: This option prevents the subtree checking. When a
shared directory is the subdirectory of a larger file system, nfs
performs scans of every directory above it, in order to verify its
permissions and details. Disabling the subtree check may increase the
reliability of NFS, but reduce security.
no_root_squash: This phrase allows root to connect to the designated
directory.

Step 3: Refresh and Reload Sever list

Refresh the server’s list after modifying

[root@server /]# exportfs -r

To reload exportfs -v
exportfs -v : Displays a list of shares files and options on a server

[root@server /]# exportfs -v

/NetworkSharing

192.168.56.101(rw,sync,wdelay,hide,no_subtree_check,sec=sys,
secure,no_root_squash,no_all_squash)
[root@server /]#
 Setting Up the NFS Client

After configuring the NFS server, we need to mount that shared

directory or partition in the client server.

Step 4: Mount Shared Directories on NFS Client

Now at the NFS client end, we need to mount that directory in our
server to access it locally. T

To find out that shares available on the remote server or NFS Server.

[root@client ~]# showmount -e 192.168.56.103

Export list for 192.168.56.103:
/NetworkSharing 192.168.56.101
[root@client ~]#

Mount Shared NFS Directory

To mount that shared NFS directory we can use following mount command.

mount -t <nfs-type> <host>:</remote/export> </local/directory>

Where:

<nfs-type> : Version of nfs you are using For Example NFS, NFS2,
NFS3, NFS4.
<host> : IP Address of the NFS Server.
</remote/export> : Exported Directory Path from Server.
</local/directory> : Directory Path where you are going to mount the
NFS exported directory

To Mount the Remote NFS filesystem

mount -t nfs 192.168.56.103:/NetworkSharing /mnt

Step 5 :To see Mounted filesystem use df -hT command :

[root@client ~]# df -hT

Filesystem Type Size Used Avail Use% Mounted
on
/dev/mapper/centos-root xfs 21G 7.1G 14G 34% /
devtmpfs devtmpfs 905M 0 905M 0% /dev
tmpfs tmpfs 920M 0 920M 0%
/dev/shm
tmpfs tmpfs 920M 8.8M 911M 1% /run
tmpfs tmpfs 920M 0 920M 0%
/sys/fs/cgroup
/dev/sda1 xfs 1014M 178M 837M 18% /boot
tmpfs tmpfs 184M 28K 184M 1%
/run/user/1000
tmpfs tmpfs 184M 0 184M 0%
/run/user/0
192.168.56.103:/NetworkSharing nfs4 11G 3.3G 7.2G 32% /mnt

Using Mount command At the bottom can also see List of Mounted
filesystem

[root@client ~]# mount

192.168.56.103:/NetworkSharing on /mnt type nfs4
(rw,relatime,vers=4.1,rsize=262144,wsize=262144,namlen=255,
hard,proto=tcp,port=0,timeo=600,retrans=2,sec=sys,clientaddr=
192.168.56.101,local_lock=none,addr=192.168.56.103)

The above mount command mounted the nfs shared directory on to nfs
client temporarily,

Step 6: Permanently mount the Filesystem By Making Entry in

“/etc/fstab“.

It's a Temporary mounting ,In order to mount is Permanently without

restart, to mount an NFS directory permanently on your system across
the reboots, we need to make an entry in “/etc/fstab“.

[root@client mnt]# vi /etc/fstab

 [root@client mnt]# tail -1 /etc/fstab
192.168.56.103:/NetworkSharing /mnt nfs4 defaults 0 0

Step 7 :Test the Working of NFS Setup

We can test our NFS server setup by creating a test file on the server
end and check its availability at nfs client side or vice-versa.

At the Client Machine create some files with contents

[root@client ~]# cd /mnt

[root@client mnt]# touch file1 file2 file3
[root@client mnt]#

Go to that shared directory in the server and you’ll find that shared
file without any manual refresh or service restart.

File created in client computer ,can be viewed on server ,as it is

shared

[root@server /]# cd /NetworkSharing

[root@server NetworkSharing]# ls
file1 file2 file3
[root@server NetworkSharing]#

Since shared folder is protected with sticky bit ,only root

and owner of file can delete the file .

Important commands for NFS

Some more important commands for NFS.

showmount -e : Shows the available shares on your local machine

showmount -e <server-ip or hostname>: Lists the available shares at
the remote server
showmount -d : Lists all the sub directories
exportfs -v : Displays a list of shares files and options on a server
exportfs -a : Exports all shares listed in /etc/exports, or given name
exportfs -u : Unexports all shares listed in /etc/exports, or given
name
exportfs -r : Refresh the server’s list after modifying /etc/exports
 Automount kernel based Utility

Automount utility does mount NFS filesystems on demand and unmount s

automatically, which saves system resources
Mounting the same filesystem normally with /etc/fstab mounts the
mentioned filesystem even if it is used very rarely.

This causes the system to allocate or utilize resources to keep the

filesystem mounted, which in turn affects overall system performance

you can overcome this issue by using the kernel-based automount

utility

Whenever want to access on demand ,it should connect ,if not doing
anything it should be disconnect Automatically based on idle timeout
say 60

This is utility ,It will on demand mount automatically and will

unmount Automatically .

Automounter consists of two components:

kernel module that implements a file system
User-space daemon that performs all of the other functions

In addition to NFS filesystem, automount can also be used to mount

other file systems including AFS,SMBFS,CISF, AND Local file systems.

Configured Auto-mounter .

It has 2 primary files located in /etc directory.

/etc/auto.master Primary Map
/etc/auto.misc Secondary Map

Step 1 :In client machine install autofs

 [root@client /]# yum install autofs
Loaded plugins: fastestmirror, langpacks
base
| 2.9 kB 00:00:00
Loading mirror speeds from cached hostfile
Package 1:autofs-5.0.7-69.el7.x86_64 already installed and latest
version
Nothing to do
[root@client /]#

Verify 2 files is present in /etc directory after installation.

1. auto.master
2. auto.misc

[root@client /]# ls -l /etc/auto.m*

-rw-r--r--. 1 root root 795 Aug 4 18:35 /etc/auto.master
-rw-r--r--. 1 root root 524 Aug 4 18:35 /etc/auto.misc

Step 2: In /etc/auto.master file check primary mount point ,secondary

Map file and Timeout Interval is configured

[root@client /]# cat /etc/auto.master

/misc /etc/auto.misc --timeout=80

First field is Primary mount point :/misc

Second field is secondary map file : /etc/auto.misc
Third field is Time in seconds : The third field sets the time-out
period for the mounted filesystem,which can automatically unmount
itself 80 seconds after use.

Step 3 :In /etc/auto.misc file ,check following thing is configured

Secondary Mount point, Filesystem Type and Server IP with shared
directory details.

[root@client /]# vi /etc/auto.misc

[root@client /]# tail -1 /etc/auto.misc
nfs -fstype=nfs 192.168.56.103:/NetworkSharing
[root@client /]#

nfs :Secondary Mount Point

nfs :Filesystem Type
192.168.56.103:/NetworkSharing : Field specify location of the
filesystem.The "kernel" entry is supposed to be an NFS mount.

Step 4:Start auto-mounter service

To start autofs

[root@client /]# systemctl start autofs

[root@client /]# ps -ef |grep autofs
root 4366 1 0 15:32 ? 00:00:00 /usr/sbin/automount --
pid-file /run/autofs.pid
root 4393 2580 0 15:32 pts/0 00:00:00 grep --color=auto
autofs
[root@client /]#

Step 5: Entry can be removed from fstab as mounting is taken care by

Auto-mounter

Step 6 :Verifying Auto mounter service is working on demand

Now On demand It will be Automatically auto mounted ,In time seconds

=80 as Timeout interval is configured as 80 second in primary map file
/etc/auto.misc

[root@client /]# cd /misc/nfs

Where /misc :Primary mount Point as Mentioned in Primary Map file

/etc/auto.misc
nfs : secondary Mount Point as mentioned in secondary map file
1 /etc/auto.misc

[root@client nfs]# ls
file1 file2 file3

It will be Mounted Automatically

 [root@client nfs]# df -hT
Filesystem Type Size Used Avail Use%
Mountedon
/dev/mapper/centos-root xfs 21G 7.1G 14G 34% /
devtmpfs devtmpfs 905M 0 905M 0% /dev
tmpfs tmpfs 920M 0 920M 0%
/dev/shm
tmpfs tmpfs 920M 8.8M 911M 1% /run
tmpfs tmpfs 920M 0 920M 0%
/sys/fs/cgroup
/dev/sda1 xfs 1014M 178M 837M 18% /boot
tmpfs tmpfs 184M 28K 184M 1%
/run/user/1000
tmpfs tmpfs 184M 0 184M 0%
/run/user/0
192.168.56.103:/NetworkSharing nfs4 11G 3.3G 7.2G 32%
/misc/nfs
[root@client nfs]#

Come out of Share Directory NetworkSharing, After 80 seconds

Filesystem would be automatically auto-mounted

[root@client nfs]# cd ../..

It will be automatically unmounted after 80 seconds, can be verify

with df -hT commands after 800 seconds .

[root@client /]# df -hT

Filesystem Type Size Used Avail Use% Mounted on
/dev/mapper/centos-root xfs 21G 7.1G 14G 34% /
devtmpfs devtmpfs 905M 0 905M 0% /dev
tmpfs tmpfs 920M 0 920M 0% /dev/shm
tmpfs tmpfs 920M 8.8M 911M 1% /run
tmpfs tmpfs 920M 0 920M 0% /sys/fs/cgroup
/dev/sda1 xfs 1014M 178M 837M 18% /boot
tmpfs tmpfs 184M 28K 184M 1% /run/user/1000
tmpfs tmpfs 184M 0 184M 0% /run/user/0
[root@client /]#