User Tools

Site Tools


doc:howto:nfs.server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:howto:nfs.server [2012/09/24 23:29]
ketelp Warning about CIDR notation in /etc/exports.
doc:howto:nfs.server [2013/12/25 15:17] (current)
yeti mention kmod-loop ... https://dev.openwrt.org/ticket/11541
Line 1: Line 1:
-====== Network ​filesystem ​(NFS) ====== +====== Network ​File System ​(NFS) ====== 
-The [[wp>​Network File System]] is the protocol of choice to share files over the internal ​network. Depending on your needs, you may also want to use [[doc:​uci:​samba|Samba]] or the [[sshfs.server|SSH Filesystem]] additionally or instead.+The [[wp>​Network File System]] is the protocol of choice to share files over an internal ​Local Area Network. Depending on your needs, you may also want to use [[doc:​uci:​samba|Samba]] or the [[sshfs.server|SSH Filesystem]] additionally or instead.
  
 ===== Preparations ===== ===== Preparations =====
Line 38: Line 38:
  
 **NOTE:** You do not need all packages: **''​nfs-kernel-server''​** should suffice. **NOTE:** You do not need all packages: **''​nfs-kernel-server''​** should suffice.
 +
 +**NOTE:** You may need to install kmod-loop manually to fix "​mount:​ can't setup loop device: No such file or directory"​ errors. (see https://​dev.openwrt.org/​ticket/​11541)
  
 === Client (your PCs) === === Client (your PCs) ===
Line 61: Line 63:
 $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p tcp --dport 32777:32780 #​----------- nfsd $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p tcp --dport 32777:32780 #​----------- nfsd
 $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p udp --dport 32777:32780 #​----------- nfsd $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p udp --dport 32777:32780 #​----------- nfsd
-$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK ​#-- don't track nfs +$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack ​#-- don't track nfs 
-$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j NOTRACK ​#-- don't track nfs +$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j CT --notrack ​#-- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK ​#- don't track nfs +$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack ​#- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --dport 32777:32780 -j NOTRACK ​#- don't track nfs+$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --dport 32777:32780 -j CT --notrack ​#- don't track nfs
 </​code>​ </​code>​
  
Line 77: Line 79:
 /​mnt/​sda4 ​  ​192.168.1.0/​255.255.255.0(rw,​sync,​no_subtree_check)''​ | /​mnt/​sda4 ​  ​192.168.1.0/​255.255.255.0(rw,​sync,​no_subtree_check)''​ |
 You can't use the CIDR notation, so ''/​mnt/​sda4 192.168.1.0/​24(rw,​sync,​no_subtree_check)''​ would not work, however the above example does. You can't use the CIDR notation, so ''/​mnt/​sda4 192.168.1.0/​24(rw,​sync,​no_subtree_check)''​ would not work, however the above example does.
 +
 +If you set up pivot-root or pivot-overlay,​ use the path on /overlay/ partition, else you cannot export mounted fs.
  
 Assuming the daemons are already running, use the command ''​exportfs -ar''​ to reload and apply changes on the fly. Assuming the daemons are already running, use the command ''​exportfs -ar''​ to reload and apply changes on the fly.
 +
 +=== Start on boot ===
 +Since //​opkg//​-installed init.d scripts are not enabled nor started by default, you need to do this manually. Same procedure as with most (all?) OpenWrt packages: The first commands will will start them right now, the third and fourth will create the symlinks ''/​etc/​rc.d/​S??​portmap''​ and  ''/​etc/​rc.d/​S??​nfsd''​ so they get started on boot:
 +
 +<​code>​
 +root@OpenWrt:​~#​ /​etc/​init.d/​portmap start
 +root@OpenWrt:​~#​ /​etc/​init.d/​nfsd start
 +root@OpenWrt:​~#​ /​etc/​init.d/​portmap enable
 +root@OpenWrt:​~#​ /​etc/​init.d/​nfsd enable
 +</​code>​
 +
 +After start (and after a reboot) verify with ''​top''​ or ''​ps''​ whether the services are running.\\
 +The following entries should appear in the process list:
 +
 +<​code>​
 +/​usr/​sbin/​rpc.mountd -p 32780    ​
 +/​usr/​sbin/​rpc.statd -p 32778 -o 32779
 +/​usr/​sbin/​portmap
 +</​code>​
 +
 +Use the ''​netstat -l''​ command to see whether //portmap// is listening on port 111 for both tcp and udp. The //nfsd// process may use varying ports.
  
 ==== Client configuration ==== ==== Client configuration ====
Line 103: Line 128:
 TODO TODO
  
-===== Start on boot ===== +===== Problems ​=====
-Since //​opkg//​-installed init.d scripts are not enabled nor started by default, you need to do this manually. Same procedure as with most (all?) OpenWrt packages: The first commands will will start them right now, the third and fourth will create the symlinks ''/​etc/​rc.d/​S??​portmap''​ and  ''/​etc/​rc.d/​S??​nfsd''​ so they get started on boot:+
  
-<​code>​ +If the loopback device support is missing, an error like "//Cannot register serviceRPCTimed out//" may appear
-root@OpenWrt:​~# ​/etc/init.d/​portmap start +Installing the kmod-loop package should solve this issue.
-root@OpenWrt:~# /​etc/​init.d/​nfsd start +
-root@OpenWrt:~# /etc/init.d/portmap enable +
-root@OpenWrt:​~#​ /etc/init.d/nfsd enable +
-</​code>​+
  
-After start (and after a reboot) verify with ''​top''​ or ''​ps''​ whether the services are running.\\ 
-The following entries should appear in the process list: 
  
-<​code>​ +===== Performance ​Tuning ===== 
-/usr/​sbin/​rpc.mountd -p 32780    ​ +Maybe you want to compare the read and write performance with that of your [[doc:​uci:​samba]] setupPost it in the forum or right here:
-/​usr/​sbin/​rpc.statd -p 32778 -o 32779 +
-/​usr/​sbin/​portmap +
-</​code>​+
  
-Use the ''​netstat -l''​ command ​to see whether ​//portmap// is listening on port 111 for both tcp and udp. The //nfsd/process may use varying ports.+Do not expect ​to much. When i started with my RouterStationPro i got 7 MB/s writing to and 10 MB/s reading from it.
  
-===== Problems =====+Now:
  
-If the loopback device support is missing, an error like "//Cannot register serviceRPC: Timed out//" may appear+Server:  
-Installing ​the kmod-loop package should solve this issue.+  * echo 4 >  ​/proc/fs/​nfsd/​threads 
 +  * /​etc/​exports: /mnt/bla 192.168.1.0/​255.255.255.0(rw,​all_squash,​insecure,​async,​no_subtree_check) 
 +  * Check out /​proc/​fs/​nfsd/​max_block_size if client reports other block size then what you have specified. It can be changed if the server is not running, but nfsd mountedNow you can echo the right value to it. - Updated by fathom
  
 +Client: mount options: udp,​async,​rsize=32768,​wsize=32768,​intr,​noatime ​
  
-===== Performance ===== +i get: writing: 15,3MB/s and reading: 17,​4MB/​s ​ 
-Maybe you want to compare ​the read and write performance with that of your [[doc:​uci:​samba]] setupPost it in the forum or right here:+ 
 +I have TL-WR1043ND from TP-Link by default it has a throughput of 4,5mb/sec, after tweaking ​the block size, and the mount options it delivers 9,5 mb/secCheers! (Still on wifi it has a speed of 6 mb/s)
  
 ==== Throughput Issues ==== ==== Throughput Issues ====
 Since [[doc:​howto:​netfilter]] will track every connection, if you use MASQUERADING for example, you could disable con-tracking for data connections:​ Since [[doc:​howto:​netfilter]] will track every connection, if you use MASQUERADING for example, you could disable con-tracking for data connections:​
 <code sh> <code sh>
-$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK ​#---------- don't track nfs +$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack ​#---------- don't track nfs 
-$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j NOTRACK ​#---------- don't track nfs +$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j CT --notrack ​#---------- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --sport 32777:32780 -j NOTRACK ​#---------- don't track nfs +$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --sport 32777:32780 -j CT --notrack ​#---------- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --sport 32777:32780 -j NOTRACK ​#---------- don't track nfs+$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --sport 32777:32780 -j CT --notrack ​#---------- don't track nfs
 </​code>​ </​code>​
doc/howto/nfs.server.1348522193.txt.bz2 · Last modified: 2012/09/24 23:29 by ketelp