NFS Server Setup

The following do not specify NFS version 2 versus 3 versus 4; the steps below worked for me using NFS version 3 support built into the kernels of the server and the client (server is a Debian Etch machine, the client was another Linux distribution, PLD "rescue".)

If you're looking to set up NFSv4 with Kerberos, please see: NFS/Kerberos.

This section of the wiki REALLY needs a section about how to force NFS version 4 or 4.1 or 4.2 only" 
And what config files make that output what it is.


I wish I could write the section myself, but I cant find the info anywhere.
The closest I can find is setting:

    RPCNFSDCOUNT="64  --no-nfs-version 3"

in /etc/default/nfs-kernel-server

Also, how to configure to use NFS4.1 with no kerberos would be good to see here.  Setting "--no-nfs-version 4" seems to trigger something that forces kerberos keytab files... and prevents nfs-server from starting  ??

Make sure you have NFS server support in your server's kernel (kernel module named "knfsd.ko" under your /lib/modules/uname -r/ directory structure)

  $ grep NFSD /boot/config-`uname -r`

or similar (wherever you've stashed your config file, for example, perhaps in /usr/src/linux/.config.)

Then, note that there are at least two mainstream NFS server implementations at present (excluding those implemented in Python and similar): one implemented in user space (slower, easier to debug), and the other implemented in kernel space (faster.) The below shows the setup of the kernel-space one. If you wish to use the user-space server, then install the similarly-named package.

First, the packages to begin with:

 $ aptitude install nfs-kernel-server portmap

Note that portmap defaults to only listening for NFS connection attempts on 127.0.0.1 (localhost), so if you wish to allow connections on your local network, then you need to edit /etc/default/portmap, to comment out the "OPTIONS" line. Also, we need to ensure that the /etc/hosts.allow file allows connections to the portmap port. For example:

 $ perl -pi -e 's/^OPTIONS/#OPTIONS/' /etc/default/portmap
 $ echo "portmap: 192.168.1." >> /etc/hosts.allow
 $ /etc/init.d/portmap restart

See 'man hosts.allow' for examples on the syntax. But in general, specifying only part of the IP address like this (leaving the trailing period) treats the specified IP address fragment as a wildcard, allowing all IP addresses in the range 192.168.1.0 to 192.168.1.255 (in this example.) You can do more "wildcarding" using DNS names, and so on too. Note, 'portmap' is provided by the 'rpcbind' deb package (at least on Stretch).

Edit the /etc/exports file, which lists the server's filesystems to export over NFS to client machines. And create the NFS table with "exportfs -a". The following example shows the addition of a line which adds the path "/example", for access by any machine on the local network (here 192.168.1.*).

 $ echo "/example 192.168.1.0/255.255.255.0(rw,no_root_squash,subtree_check)" >> /etc/exports
 $ exportfs -a
 $ /etc/init.d/nfs-kernel-server reload

This tells the server to serve up that path, readable/writable, with root-user-id connecting clients to use root access instead of being mapped to 'nobody', and to use the 'subtree_check' to silence a warning message. Then, reloads the server.

Check which versions of NFS the server is running this way:

    root@deb9:/# cat /proc/fs/nfsd/versions
    -2 -3 +4 +4.1 +4.2
In this case, nfs2, nfs3 are disabled. NFS 4, 4.1, and 4.2 are enabled.  Any client trying to connect with NFSv2 or NFSv3 should get an error.

From the client side (for example, I used a PLD "rescue" disk to boot up a Windows machine for some diagnostics, and used its built-in NFS client support to mount a path from my other computer), you need to ensure that portmap is running, and that the NFS client support is built into the kernel or the proper module ("nfs.ko") is loaded, and then mount the server's path like so:

 $ mount 192.168.1.100:/example /mnt/example

To help debug:


See Also: