Network Your Files in a Snap with NFS

Part One: With NFS, you can provide your Unix users with a centralized file server for everything from simple storage to networked home directories. Here's what you need to get started.

By  Charlie Schluting | Mar 17, 2005
Page 1 of 2
Print ArticleEmail Article
  • Share on Facebook
  • Share on Twitter
  • Share on LinkedIn

NFS, Network File System, is the original file-sharing method among UNIX-based computers. Originally developed by Sun, NFS is still widely used, since it is a (relatively) simple and effective means to provide a centralized file server.

We will be implementing an NFS server step by step in this article, exploring methods for simply sharing a directory, and also briefly talking about making users' home directories live on the server. A second installation will deal with the intricacies of NFS options, auto-mounting, and the differences between operating systems' NFS implementations.

Also on NFS at ENP

  • NFS/NIS: Lessen Your Legacy Security Liabilities
  • Windows Services for Unix: There's No Place Like /home
  • New Security Report is Good News/Bad News for Net Admins
    • The basic premise behind NFS is a simple client/server model. You share directories on the server, the client mounts them, and then it appears to the users on the client machine as just another file system.

    Older NFS versions, which most people use for the sake of interoperability, have practically zero security. The server will believe what it's told about the UID/GID of files, so it should be protected from the Internet. Additionally, it should be limited to only serving files for clients that you designate. The easiest way to limit NFS mounts is with tcpwrappers, configurable via /etc/hosts.allow. Portmap, lockd, rquotad, statd, and mountd should all be limited to networks or specific IP addresses of trusted NFS clients.

    The Server
    Since Linux' NFS configuration options are quite similar to other Unix variants, we will be assuming a Linux client and server for this article.

    First things first: We should begin by starting the necessary NFS services. On the server side, most distributions have a startup script designed to accomplish this. Running something like /etc/init.d/nfs start will fire up the NFS server properly on most distributions.

    Using rpcinfo -p should return a bit of information about which RPC (define) services are running. At a minimum, for NFS to function, you should see: portmap, status, mountd, nfs, and nlockmgr. Any missing items will require that you figure out why they are missing before proceeding. Note that these names are based on the most current nfs-utils package, currently nfs-utils-1.0.6-22. Your specific Linux distribution's documentation should provide more information about how to make sure everything is started at boot time.

    Now on to the fun part: sharing directories. The file /etc/exports is used to specify which file systems should be exported to which clients. This is basically a listing of:

    "directory machine1(options) machine2(options)…"

    Examples should make it clear:

    • To share /usr read-only to two IP addresses:
      /usr 192.168.0.1(ro) 192.168.0.2(ro)

    • To share /usr/local read-write to one machine, and read-only to everyone else:
      /usr/local 192.168.0.5(rw) *(ro)

    There are many ways to share directories, and many configurable options. Client lists can be netgroups, IP addresses, a single host, wildcards, or IP networks. Refer to "man exports" for more exhaustive details. The server also needs to be told to reread the configuration when it changes. This can be accomplished by sending -HUP to the nfs daemon, or by running exportfs -ra.

    If everything was done properly, this server should be ready to serve NFS. The command showmount -e will list the exported file systems. If an RPC error was returned, that generally means a necessary service is not running.

    Continued on page 2: Configuring the Client

    Comment and Contribute
    (Maximum characters: 1200). You have
    characters left.
    Get the Latest Scoop with Enterprise Networking Planet Newsletter
    Helpful Links

    • Yankee Group Mobile WAN Optimization Report

      Mobile work continues to evolve. Your organization must keep up with the demands of its mobile workforce. This report introduces the concept of mobile WAN optimization and provides three case studies including RCM, PRTM and Einstein that highlight how this emerging technology can help IT departments achieve what previously appeared to be conflicting goals. Read >

    • Network Security Resources

      More threats than ever before pose a danger to today's enterprise network. Get the latest tips and intel on the newest risks in our guide to network security resources. Read >

    • Extreme Savings: Cutting Costs with WAN Optimization

      Did you know it's possible to cut IT costs without impacting day-to-day IT operations? In fact, when you download this whitepaper from Riverbed on cost-savings through WAN optimization, you'll discover how businesses of all different sizes have realized a return on investment in just a few months through significant hard cost savings in areas such as bandwidth reduction and IT consolidation. It's called Extreme Savings and its only from Riverbed. Read >