NFS4

NFS is in practice the fastest way move files around a small network. It beats both samba and afp in throughput in my testing and will a little extra config works well between apple and linux.

Note: NFS in 14.10 seems to perform slowly compared to it's predecessors. I'll update if I learn more.

Install and Configure The Server

There is essentially no required configuration of the NFS server itself when you're in a pure NFS4 environment. See the notes below if you must be compatible with older clients, but otherwise all you need do is install the kernel-server

sudo  apt-get install nfs-kernel-server 

Note: This also installs all the parts of NFS to support previous versions as well.

Export Your Shared Content.

In NFS parlance, you 'export' a folder when you share it and the convention is to create and use the folder /srv/nfs4You configure this by editing the /etc/exports file as follows

sudo vim /etc/exports

/srv/nfs4 192.168.1.0/24(rw,async,no_subtree_check,fsid=0,all_squash,anonuid=1000,anongid=1000,insecure)
/srv/nfs4        This is the actual folder on the file system you're sharing
192.168.1.0/24   # This is the network you're sharing with
rw               # Read-Write mode
async            # allow cached writes
no_subtree_check # disable  double-checking of file requests
fsid=0           # This signifies this is the 'root' of the exported file system and that
                 # clients will mount this share as '/'
all_squash       # all user IDs will translated to anonymous
anonuid=1000     # all connections will be mapped to this user account in /etc/passwd
anongid=1000     # all connections will be mapped to this group account in /etc/passwd
insecure         # Allows OS X clients to connect


If you can't put all your content under this folder, it's recommended you create pseudo file system for security reasons. See the notes for more info on that, but keep things simple if you can.

Lastly, put your changed into effect by issuing the exportfs command. You can also restart the service but it's better practice to do it this way as in the future you don't want to disrupt clients.

exportfs -rav

Firewall

If you have a Debian based distro you can get this working with a firewall fairly easily.

# to white list a given host - useful if you have a mac that will use multiple RPC ports
sudo ufw allow from 192.168.1.2

# or if you want to do a range of linux clients
ufw allow from 192.168.0.0/16 to any port nfs

Since nfs is already defined as a well -known service on port 2049, you don't have to do anything else. 

Connect From an OS X Client

In order to get things working well with Macs, you'll have to use NFS3 protocols that include additional daemons and dynamic ports. However, installing the NFS server as above includes all this and things will work fairly painlessly as long as you white-list the client at the local firewall. This allows the apple client to  connect to the RPC portmapper and lock daemon

You'll also want to use 'nolock' on your mac client for better performance when mounting shares with the finder

sudo vim /etc/nfs.conf

#
# nfs.conf: the NFS configuration file
#
nfs.client.mount.options = nolock

You can now hit command-k and enter the string below to connect

nfs://my.server.or.ip/srv/nfs4/


If you want to use a more limited firewall than the example above, you can set static ports for the v3 components. Take a look at the NFS4 and Firewalls page to configure that.

Troubleshooting

No Such File or Directory

Version 4 has a '/' and you need to mount that, as opposed to /srv/nfs4.
http://askubuntu.com/questions/35077/cannot-mount-nfs4-share-no-such-file-or-directory

mount_nfs: can't mount / from home onto /Volumes/mnt: Invalid argument

You can't combine -o vers=4 with options like 'nolocks', presumably because it's not implemented fully.

https://developer.apple.com/library/mac/documentation/Darwin/Reference/Manpages/man8/mount_nfs.8.html

There was a problem ....

Check that you have 'insecure' in your nfs export options on the server

Can't create or see files

Don't forget that file permissions apply as the user you specified above. Set chown and chmod accordingly
Subpages (1): NFS4 and Firewalls
Comments