> Hey Rudy, > > Can you help me set up web, slug, syd, and our dev box (on 10.1.1.9) so that they can > NFS mount the NAS /data2/share on syd:/data/share? I see that there is a > setting in rc.conf nfsclient="YES" or something like that, are there any > other rc.conf directives necessary? And what do I need to do to the > firewalls?
FIREWALL: Client and Server
On the server, you need to allow udp from/to the internal IPs you want to allow nfs mounts.On the client, same thing.
You can set your NFS server (your NAS box) up with something like this:
NFS_CLIENTS="web.example.net slug.example.net syd.example.net 10.1.1.9"
for CLIENT in $NFS_CLIENTS; do
${fwcmd} add pass udp from ${CLIENT} to any in
${fwcmd} add pass udp from any to ${CLIENT} out
done
Don't forget to rerun your firewall: sh /etc/rc.firewall &
NFSD: Server side
You need to configure the nfsd [man nfsd] server to allow specific directories to be mounted by specific clients. To do this, edit the /etc/exports file [man exports] on the NFS server (the NAS box). For your needs, you need:/data2 -maproot=root syd.example.net web.example.net slug.example.net 10.1.1.9
You need to make sure nfsd is tuned to the proper number of servers.
A rule of thumb is to have at least 4 servers for each client plus a few extras.
You set this value as a runtime flag to nfsd (you use the -n flag), use this formula:
(Number-of-clients + 1) * 4.
If FreeBSD, you configure this by adding a line like this in your /etc/rc.conf:
nfs_server_flags="-u -t -n 24"
While we are at it, let's talk about the other settings you need in your /etc/rc.conf:
# the number of nfsds to run [-n] should be: (Number-of-clients + 1) * 4 nfs_server_enable="YES" nfs_server_flags="-u -t -n 24" rpcbind_enable="YES" mountd_flags="-r -p 100"
Run a 'ps -ax | grep nfs' on the server to see the load on the clients, note the time column -- it represents the time that server has spent using the CPU:
PID TT STAT TIME COMMAND 35660 ?? Is 0:00.02 nfsd: master (nfsd) 35661 ?? D 3:23.43 nfsd: server (nfsd) 35662 ?? D 0:58.57 nfsd: server (nfsd) 35663 ?? S 0:07.11 nfsd: server (nfsd) 35664 ?? S 0:01.95 nfsd: server (nfsd) 35665 ?? S 0:00.57 nfsd: server (nfsd) 35666 ?? S 0:00.29 nfsd: server (nfsd) 35667 ?? S 0:00.20 nfsd: server (nfsd) 35668 ?? I 0:00.10 nfsd: server (nfsd) 35669 ?? I 0:00.07 nfsd: server (nfsd) 35670 ?? I 0:00.05 nfsd: server (nfsd) 35671 ?? I 0:00.03 nfsd: server (nfsd) 35672 ?? I 0:00.02 nfsd: server (nfsd)This means, that the first server (no not the master, but the one with the 35661 PID) has run 3 hours of CPU. The last one, 35672, has only been needed .02 seconds of CPU. Neat! See the pattern? The higher the PID number, the less CPU time the server has run. In fact, it looks like a gaussian distribution. Hmmm... wonder what a logrithmic scale of those numbers looks like:
Also, the last 5 servers are in the Idle STATE -- I stands for Idle [man ps] which means they haven't run in the past 20 seconds. If your nfs server ever seems slow (from a client), run a ps and see the CPU times on the least used nfsd server. (ignore all this if your nfsd uses round-robin between the servers ;)
To make your changes take you should restart your NFS server: /etc/rc.d/nfsd restart
NFSD: Clients
As for the clients, you need to edit fstab to add the remote mount point. [man fstab]You need a line like this on clients:
nas.example.net:/data2 /data nfs rw 0 0
To mount that, you can run: mount /data
If you don't have nfs ability in your clients' kernel, throw these into your /etc/rc.conf:
nfs_client_enable="YES" nfs_client_flags="-n 4"and then run /etc/rc.d/nfsclient start to load the nfs module in your kernel.
Trouble?
So, you made a bunch of changes and your nfs still doesn't work correctly? Try restarting the nfsd server:/etc/rc.d/nfsd stop /etc/rc.d/rpcbind stop /etc/rc.d/mound stop /etc/rc.d/nfsd startStop and start your firewall, check your log files (eg /var/log/messages).