21.2 About NFS

A Network File System (NFS) server can share directory hierarchies in its local file systems with remote client systems over an IP-based network. After an NFS server exports a directory, NFS clients mount this directory if they have been granted permission to do so. The directory appears to the client systems as if it were a local directory. NFS centralizes storage provisioning and can improves data consistency and reliability.

Oracle Linux supports three versions of the NFS protocol:

  • NFS version 2 (NFSv2), specified in RFC 1094.

  • NFS version 3 (NFSv3), specified in RFC 1813.

  • NFS version 4 (NFSv4), specified in RFC 3530.

NFSv2 and NFSv3 rely on Remote Procedure Call (RPC) services, which are controlled by the rpcbind service. rpcbind responds to requests for an RPC service and sets up connections for the requested service. In addition, separate lockd and rpc.statd services are used to handle locking and mounting protocols. Configuring a firewall to cope with the various ranges of ports that are used by all these services is complex and error prone.

NFSv4 does not use rpcbind as the NFS server itself listens on TCP port 2049 for service requests. The mounting and locking protocols are also integrated into the NFSv4 protocol, so the lockd and rpc.statd services are also not required. These refinements mean that firewall configuration for NFSv4 is no more difficult than for a service such as HTTP.

The following table describes the various services that are used with versions 2, 3, and 4 of NFS:

Service

Used in Version

Description

lockd

2 and 3

Handles the RPC processes that allow NFS clients to obtain locks on files on the server.

Started by the nfslock service.

nfs

2, 3, and 4

Starts all services that are required to implement shared NFS file systems.

If only NFSv4 clients can access the server, this is the only NFS service that needs to be started explicitly.

nfsd

2, 3, and 4

Implements the kernel-space part of the NFS service.

Started by the nfs service.

nfslock

2 and 3

Starts the RPC processes that allow NFS clients to lock files on the server.

Start this service after the nfs service to support NFSv2 and NFSv3 clients.

rpcbind

2 and 3

Responds to requests for an RPC service and sets up connections for the requested service.

Start this service before the nfs service to support NFSv2 and NFSv3 clients.

For more information, see the rpcbind(8) manual page.

rpc.gssd and rpc.svcgssd

2,3, and 4

Implement the RPCSEC_GSS protocol, which provides authentication only (krb5), integrity protection (krb5i), or privacy protection (krb5p) security for protocols that use RPC. Before a client can send any RPC requests, it must first establish a security context with the server.

Started by the nfs service if cryptographic security is enabled.

For more information, see the exports(5), rpc.gssd(8), and rpc.svcgssd(8) manual pages.

rpc.idmapd

4

Provides mapping between NFSv4 names (strings of the form user@domain) and local UIDs and GIDs, using definitions in /etc/idmapd.conf.

Started by the nfs service.

For more information, see the idmapd.conf(5) and rpc.idmapd(8) manual pages.

rpc.mountd

2,3, and 4

Handles mount requests from NFSv2 and NFSv3 clients by checking that the NFS server exports the requested NFS share and that the client is allowed to access it.

For NFSv4, this service is required only to set up exports.

Started by the nfs service.

For more information, see the rpc.mountd(8) manual page.

rpc.nfsd

2,3, and 4

Implements the user-space part of the NFS service, which specifies on what sort of sockets the kernel service should listen, what NFS versions it supports, and how many kernel threads it should use. The number of threads is visible and settable via /proc/fs/nfsd/threads.

Started by the nfs service.

For more information, see the rpc.nfsd(8) manual page.

rpc.rquotad

2,3, and 4

Provides quota information for the quota command to display user quotas for remote file systems and the edquota command to set quotas on remote file systems.

Started by the nfs service.

For more information, see the rpc.rquotad(8) manual page.

rpc.statd

2 and 3

Implements the Network Status Monitor (NSM) RPC protocol, which notifies NFS clients when an NFS server has restarted after an uncontrolled shutdown or system crash.

Started by the nfslock service.

For more information, see the rpc.statd(8) manual page.