xref: /freebsd/sbin/mount_nfs/mount_nfs.8 (revision 52f72944b8f5abb2386eae924357dee8aea17d5b)
1.\" Copyright (c) 1992, 1993, 1994, 1995
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 3. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\"	@(#)mount_nfs.8	8.3 (Berkeley) 3/29/95
29.\" $FreeBSD$
30.\"
31.Dd April 13, 2017
32.Dt MOUNT_NFS 8
33.Os
34.Sh NAME
35.Nm mount_nfs
36.Nd mount NFS file systems
37.Sh SYNOPSIS
38.Nm
39.Op Fl 23bcdiLlNPsTU
40.Op Fl a Ar maxreadahead
41.Op Fl D Ar deadthresh
42.Op Fl g Ar maxgroups
43.Op Fl I Ar readdirsize
44.Op Fl o Ar options
45.Op Fl R Ar retrycnt
46.Op Fl r Ar readsize
47.Op Fl t Ar timeout
48.Op Fl w Ar writesize
49.Op Fl x Ar retrans
50.Ar rhost : Ns Ar path node
51.Sh DESCRIPTION
52The
53.Nm
54utility calls the
55.Xr nmount 2
56system call to prepare and graft a remote NFS file system
57.Pq Ar rhost : Ns Ar path
58on to the file system tree at the point
59.Ar node .
60This command is normally executed by
61.Xr mount 8 .
62It implements the mount protocol as described in RFC 1094, Appendix A and
63.%T "NFS: Network File System Version 3 Protocol Specification" ,
64Appendix I.
65.Pp
66By default,
67.Nm
68keeps retrying until the mount succeeds.
69This behaviour is intended for file systems listed in
70.Xr fstab 5
71that are critical to the boot process.
72For non-critical file systems, the
73.Cm bg
74and
75.Cm retrycnt
76options provide mechanisms to prevent the boot process from hanging
77if the server is unavailable.
78.Pp
79If the server becomes unresponsive while an NFS file system is
80mounted, any new or outstanding file operations on that file system
81will hang uninterruptibly until the server comes back.
82To modify this default behaviour, see the
83.Cm intr
84and
85.Cm soft
86options.
87.Pp
88The options are:
89.Bl -tag -width indent
90.It Fl o
91Options are specified with a
92.Fl o
93flag followed by a comma separated string of options.
94See the
95.Xr mount 8
96man page for possible options and their meanings.
97The following NFS specific options are also available:
98.Bl -tag -width indent
99.It Cm acregmin Ns = Ns Aq Ar seconds
100.It Cm acregmax Ns = Ns Aq Ar seconds
101.It Cm acdirmin Ns = Ns Aq Ar seconds
102.It Cm acdirmax Ns = Ns Aq Ar seconds
103When attributes of files are cached, a timeout calculated to determine
104whether a given cache entry has expired.
105These four values determine the upper and lower bounds of the timeouts for
106.Dq directory
107attributes and
108.Dq regular
109(ie: everything else).
110The default values are 3 -> 60 seconds
111for regular files, and 30 -> 60 seconds for directories.
112The algorithm to calculate the timeout is based on the age of the file.
113The older the file,
114the longer the cache is considered valid, subject to the limits above.
115.It Cm actimeo Ns = Ns Aq Ar seconds
116Set four cache timeouts above to specified value.
117.It Cm allgssname
118This option can be used along with
119.Fl o Cm gssname
120to specify that all operations should use the host-based initiator
121credential.
122This may be used for clients that run system daemons that need to
123access files on the NFSv4 mounted volume.
124.It Cm bg
125If an initial attempt to contact the server fails, fork off a child to keep
126trying the mount in the background.
127Useful for
128.Xr fstab 5 ,
129where the file system mount is not critical to multiuser operation.
130.It Cm deadthresh Ns = Ns Aq Ar value
131Set the
132.Dq "dead server threshold"
133to the specified number of round trip timeout intervals before a
134.Dq "server not responding"
135message is displayed.
136.It Cm dumbtimer
137Turn off the dynamic retransmit timeout estimator.
138This may be useful for UDP mounts that exhibit high retry rates,
139since it is possible that the dynamically estimated timeout interval is too
140short.
141.It Cm fg
142Same as not specifying
143.Cm bg .
144.It Cm gssname Ns = Ns Aq Ar service-principal-name
145This option can be used with the KerberosV security flavors for NFSv4 mounts
146to specify the
147.Dq "service-principal-name"
148of a host-based entry in the default
149keytab file that is used for system operations.
150It allows the mount to be performed by
151.Dq "root"
152and avoids problems with
153cached credentials for the system operations expiring.
154The
155.Dq "service-prinicpal-name"
156should be specified without instance or domain and is typically
157.Dq "host" ,
158.Dq "nfs"
159or
160.Dq "root" .
161.It Cm hard
162Same as not specifying
163.Cm soft .
164.It Cm intr
165Make the mount interruptible, which implies that file system calls that
166are delayed due to an unresponsive server will fail with EINTR when a
167termination signal is posted for the process.
168.It Cm maxgroups Ns = Ns Aq Ar value
169Set the maximum size of the group list for the credentials to the
170specified value.
171This should be used for mounts on old servers that cannot handle a
172group list size of 16, as specified in RFC 1057.
173Try 8, if users in a lot of groups cannot get response from the mount
174point.
175.It Cm mntudp
176Force the mount protocol to use UDP transport, even for TCP NFS mounts.
177(Necessary for some old
178.Bx
179servers.)
180.It Cm nametimeo Ns = Ns Aq Ar value
181Override the default of NFS_DEFAULT_NAMETIMEO for the timeout (in seconds)
182for positive name cache entries.
183If this is set to 0 it disables positive name caching for the mount point.
184.It Cm negnametimeo Ns = Ns Aq Ar value
185Override the default of NFS_DEFAULT_NEGNAMETIMEO for the timeout (in seconds)
186for negative name cache entries.
187If this is set to 0 it disables negative name caching for the mount point.
188.It Cm nfsv2
189Use the NFS Version 2 protocol (the default is to try version 3 first
190then version 2).
191Note that NFS version 2 has a file size limit of 2 gigabytes.
192.It Cm nfsv3
193Use the NFS Version 3 protocol.
194.It Cm nfsv4
195Use the NFS Version 4 protocol.
196This option will force the mount to use
197TCP transport.
198.It Cm minorversion Ns = Ns Aq Ar value
199Override the default of 0 for the minor version of the NFS Version 4 protocol.
200The only minor version currently supported is 1.
201This option is only meaningful when used with the
202.Cm nfsv4
203option.
204.It Cm oneopenown
205Make a minor version 1 of the NFS Version 4 protocol mount use a single OpenOwner
206for all Opens.
207This may be useful for a server with a very low limit on OpenOwners, such as
208AmazonEFS.
209It can only be used with an NFSv4.1 mount.
210It may not work correctly when Delegations are being issued by a server,
211but note that the AmazonEFS server does not issued delegations at this time.
212.It Cm pnfs
213Enable support for parallel NFS (pNFS) for minor version 1 of the
214NFS Version 4 protocol.
215This option is only meaningful when used with the
216.Cm minorversion
217option.
218.It Cm noac
219Disable attribute caching.
220.It Cm noconn
221For UDP mount points, do not do a
222.Xr connect 2 .
223This must be used if the server does not reply to requests from the standard
224NFS port number 2049 or replies to requests using a different IP address
225(which can occur if the server is multi-homed).
226Setting the
227.Va vfs.nfs.nfs_ip_paranoia
228sysctl to 0 will make this option the default.
229.It Cm nocto
230Normally, NFS clients maintain the close-to-open cache coherency.
231This works by flushing at close time and checking at open time.
232Checking at open time is implemented by getting attributes from
233the server and purging the data cache if they do not match
234attributes cached by the client.
235.Pp
236This option disables checking at open time.
237It may improve performance for read-only mounts,
238but should only be used if the data on the server changes rarely.
239Be sure to understand the consequences before enabling this option.
240.It Cm noinet4 , noinet6
241Disables
242.Dv AF_INET
243or
244.Dv AF_INET6
245connections.
246Useful for hosts that have
247both an A record and an AAAA record for the same name.
248.It Cm nolockd
249Do
250.Em not
251forward
252.Xr fcntl 2
253locks over the wire.
254All locks will be local and not seen by the server
255and likewise not seen by other NFS clients.
256This removes the need to run the
257.Xr rpcbind 8
258service and the
259.Xr rpc.statd 8
260and
261.Xr rpc.lockd 8
262servers on the client.
263Note that this option will only be honored when performing the
264initial mount, it will be silently ignored if used while updating
265the mount options.
266.It Cm noncontigwr
267This mount option allows the NFS client to
268combine non-contiguous byte ranges being written
269such that the dirty byte range becomes a superset of the bytes
270that are dirty.
271This reduces the number of writes significantly for software
272builds.
273The merging of byte ranges is not done if the file has been file
274locked, since most applications modifying a file from multiple
275clients will use file locking.
276As such, this option could result in a corrupted file for the
277rare case of an application modifying the file from multiple
278clients concurrently without using file locking.
279.It Cm principal
280For the RPCSEC_GSS security flavors, such as krb5, krb5i and krb5p,
281this option sets the name of the host based principal name expected
282by the server.
283This option overrides the default, which will be ``nfs@<server-fqdn>''
284and should normally be sufficient.
285.It Cm noresvport
286Do
287.Em not
288use a reserved socket port number (see below).
289.It Cm port Ns = Ns Aq Ar port_number
290Use specified port number for NFS requests.
291The default is to query the portmapper for the NFS port.
292.It Cm proto Ns = Ns Aq Ar protocol
293Specify transport protocol version to use.
294Currently, they are:
295.Bd -literal
296udp -   Use UDP over IPv4
297tcp -   Use TCP over IPv4
298udp6 -  Use UDP over IPv6
299tcp6 -  Use TCP over IPv6
300.Ed
301.It Cm rdirplus
302Used with NFSV3 to specify that the \fBReaddirPlus\fR RPC should
303be used.
304For NFSV4, setting this option has a similar effect, in that it will make
305the Readdir Operation get more attributes.
306This option reduces RPC traffic for cases such as
307.Dq "ls -l" ,
308but tends to flood the attribute and name caches with prefetched entries.
309Try this option and see whether performance improves or degrades.
310Probably
311most useful for client to server network interconnects with a large bandwidth
312times delay product.
313.It Cm readahead Ns = Ns Aq Ar value
314Set the read-ahead count to the specified value.
315This may be in the range of 0 - 4, and determines how many blocks
316will be read ahead when a large file is being read sequentially.
317Trying a value greater than 1 for this is suggested for
318mounts with a large bandwidth * delay product.
319.It Cm readdirsize Ns = Ns Aq Ar value
320Set the readdir read size to the specified value.
321The value should normally
322be a multiple of
323.Dv DIRBLKSIZ
324that is <= the read size for the mount.
325.It Cm resvport
326Use a reserved socket port number.
327This flag is obsolete, and only retained for compatibility reasons.
328Reserved port numbers are used by default now.
329(For the rare case where the client has a trusted root account
330but untrustworthy users and the network cables are in secure areas this does
331help, but for normal desktop clients this does not apply.)
332.It Cm retrans Ns = Ns Aq Ar value
333Set the retransmit timeout count for soft mounts to the specified value.
334.It Cm retrycnt Ns = Ns Aq Ar count
335Set the mount retry count to the specified value.
336The default is a retry count of zero, which means to keep retrying
337forever.
338There is a 60 second delay between each attempt.
339.It Cm rsize Ns = Ns Aq Ar value
340Set the read data size to the specified value.
341It should normally be a power of 2 greater than or equal to 1024.
342This should be used for UDP mounts when the
343.Dq "fragments dropped due to timeout"
344value is getting large while actively using a mount point.
345(Use
346.Xr netstat 1
347with the
348.Fl s
349option to see what the
350.Dq "fragments dropped due to timeout"
351value is.)
352.It Cm sec Ns = Ns Aq Ar flavor
353This option specifies what security flavor should be used for the mount.
354Currently, they are:
355.Bd -literal
356krb5 -  Use KerberosV authentication
357krb5i - Use KerberosV authentication and
358        apply integrity checksums to RPCs
359krb5p - Use KerberosV authentication and
360        encrypt the RPC data
361sys -   The default AUTH_SYS, which uses a
362        uid + gid list authenticator
363.Ed
364.It Cm soft
365A soft mount, which implies that file system calls will fail
366after
367.Ar retrycnt
368round trip timeout intervals.
369.It Cm tcp
370Use TCP transport.
371This is the default option, as it provides for increased reliability on both
372LAN and WAN configurations compared to UDP.
373Some old NFS servers do not support this method; UDP mounts may be required
374for interoperability.
375.It Cm timeout Ns = Ns Aq Ar value
376Set the initial retransmit timeout to the specified value,
377expressed in tenths of a second.
378May be useful for fine tuning UDP mounts over internetworks
379with high packet loss rates or an overloaded server.
380Try increasing the interval if
381.Xr nfsstat 1
382shows high retransmit rates while the file system is active or reducing the
383value if there is a low retransmit rate but long response delay observed.
384(Normally, the
385.Cm dumbtimer
386option should be specified when using this option to manually
387tune the timeout
388interval.)
389.It Cm timeo Ns = Ns Aq Ar value
390Alias for
391.Cm timeout .
392.It Cm udp
393Use UDP transport.
394.It Cm vers Ns = Ns Aq Ar vers_number
395Use the specified version number for NFS requests.
396See the
397.Cm nfsv2 ,
398.Cm nfsv3 ,
399and
400.Cm nfsv4
401options for details.
402.It Cm wcommitsize Ns = Ns Aq Ar value
403Set the maximum pending write commit size to the specified value.
404This determines the maximum amount of pending write data that the NFS
405client is willing to cache for each file.
406.It Cm wsize Ns = Ns Aq Ar value
407Set the write data size to the specified value.
408Ditto the comments w.r.t.\& the
409.Cm rsize
410option, but using the
411.Dq "fragments dropped due to timeout"
412value on the server instead of the client.
413Note that both the
414.Cm rsize
415and
416.Cm wsize
417options should only be used as a last ditch effort at improving performance
418when mounting servers that do not support TCP mounts.
419.El
420.El
421.Sh COMPATIBILITY
422The following command line flags are equivalent to
423.Fl o
424named options and are supported for compatibility with older
425installations.
426.Bl -tag -width indent
427.It Fl 2
428Same as
429.Fl o Cm nfsv2
430.It Fl 3
431Same as
432.Fl o Cm nfsv3
433.It Fl D
434Same as
435.Fl o Cm deadthresh
436.It Fl I
437Same as
438.Fl o Cm readdirsize Ns = Ns Aq Ar value
439.It Fl L
440Same as
441.Fl o Cm nolockd
442.It Fl N
443Same as
444.Fl o Cm noresvport
445.It Fl P
446Use a reserved socket port number.
447This flag is obsolete, and only retained for compatibility reasons.
448(For the rare case where the client has a trusted root account
449but untrustworthy users and the network cables are in secure areas this does
450help, but for normal desktop clients this does not apply.)
451.It Fl R
452Same as
453.Fl o Cm retrycnt Ns = Ns Aq Ar value
454.It Fl T
455Same as
456.Fl o Cm tcp
457.It Fl U
458Same as
459.Fl o Cm mntudp
460.It Fl a
461Same as
462.Fl o Cm readahead Ns = Ns Aq Ar value
463.It Fl b
464Same as
465.Fl o Cm bg
466.It Fl c
467Same as
468.Fl o Cm noconn
469.It Fl d
470Same as
471.Fl o Cm dumbtimer
472.It Fl g
473Same as
474.Fl o Cm maxgroups
475.It Fl i
476Same as
477.Fl o Cm intr
478.It Fl l
479Same as
480.Fl o Cm rdirplus
481.It Fl r
482Same as
483.Fl o Cm rsize Ns = Ns Aq Ar value
484.It Fl s
485Same as
486.Fl o Cm soft
487.It Fl t
488Same as
489.Fl o Cm retransmit Ns = Ns Aq Ar value
490.It Fl w
491Same as
492.Fl o Cm wsize Ns = Ns Aq Ar value
493.It Fl x
494Same as
495.Fl o Cm retrans Ns = Ns Aq Ar value
496.El
497.Pp
498The following
499.Fl o
500named options are equivalent to other
501.Fl o
502named options and are supported for compatibility with other
503operating systems (e.g., Linux, Solaris, and OSX) to ease usage of
504.Xr autofs 5
505support.
506.Bl -tag -width indent
507.It Fl o Cm vers Ns = Ns 2
508Same as
509.Fl o Cm nfsv2
510.It Fl o Cm vers Ns = Ns 3
511Same as
512.Fl o Cm nfsv3
513.It Fl o Cm vers Ns = Ns 4
514Same as
515.Fl o Cm nfsv4
516.El
517.Sh SEE ALSO
518.Xr nmount 2 ,
519.Xr unmount 2 ,
520.Xr nfsv4 4 ,
521.Xr fstab 5 ,
522.Xr gssd 8 ,
523.Xr mount 8 ,
524.Xr nfsd 8 ,
525.Xr nfsiod 8 ,
526.Xr showmount 8
527.Sh HISTORY
528A version of the
529.Nm
530utility appeared in
531.Bx 4.4 .
532.Sh BUGS
533Since nfsv4 performs open/lock operations that have their ordering strictly
534enforced by the server, the options
535.Cm intr
536and
537.Cm soft
538cannot be safely used.
539.Cm hard
540nfsv4 mounts are strongly recommended.
541