xref: /freebsd/sbin/mount_nfs/mount_nfs.8 (revision 53071ed1c96db7f89defc99c95b0ad1031d48f45)
1.\" Copyright (c) 1992, 1993, 1994, 1995
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 3. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\"	@(#)mount_nfs.8	8.3 (Berkeley) 3/29/95
29.\" $FreeBSD$
30.\"
31.Dd December 14, 2019
32.Dt MOUNT_NFS 8
33.Os
34.Sh NAME
35.Nm mount_nfs
36.Nd mount NFS file systems
37.Sh SYNOPSIS
38.Nm
39.Op Fl 23bcdiLlNPsTU
40.Op Fl a Ar maxreadahead
41.Op Fl D Ar deadthresh
42.Op Fl g Ar maxgroups
43.Op Fl I Ar readdirsize
44.Op Fl o Ar options
45.Op Fl R Ar retrycnt
46.Op Fl r Ar readsize
47.Op Fl t Ar timeout
48.Op Fl w Ar writesize
49.Op Fl x Ar retrans
50.Ar rhost : Ns Ar path node
51.Sh DESCRIPTION
52The
53.Nm
54utility calls the
55.Xr nmount 2
56system call to prepare and graft a remote NFS file system
57.Pq Ar rhost : Ns Ar path
58on to the file system tree at the point
59.Ar node .
60This command is normally executed by
61.Xr mount 8 .
62For NFSv2 and NFSv3,
63it implements the mount protocol as described in RFC 1094, Appendix A and
64RFC 1813, Appendix I.
65For NFSv4, it uses the NFSv4 protocol as described in RFC 7530, RFC 5661 and
66RFC 7862.
67.Pp
68By default,
69.Nm
70keeps retrying until the mount succeeds.
71This behaviour is intended for file systems listed in
72.Xr fstab 5
73that are critical to the boot process.
74For non-critical file systems, the
75.Cm bg
76and
77.Cm retrycnt
78options provide mechanisms to prevent the boot process from hanging
79if the server is unavailable.
80.Pp
81If the server becomes unresponsive while an NFS file system is
82mounted, any new or outstanding file operations on that file system
83will hang uninterruptibly until the server comes back.
84To modify this default behaviour, see the
85.Cm intr
86and
87.Cm soft
88options.
89.Pp
90The options are:
91.Bl -tag -width indent
92.It Fl o
93Options are specified with a
94.Fl o
95flag followed by a comma separated string of options.
96See the
97.Xr mount 8
98man page for possible options and their meanings.
99The following NFS specific options are also available:
100.Bl -tag -width indent
101.It Cm acregmin Ns = Ns Aq Ar seconds
102.It Cm acregmax Ns = Ns Aq Ar seconds
103.It Cm acdirmin Ns = Ns Aq Ar seconds
104.It Cm acdirmax Ns = Ns Aq Ar seconds
105When attributes of files are cached, a timeout calculated to determine
106whether a given cache entry has expired.
107These four values determine the upper and lower bounds of the timeouts for
108.Dq directory
109attributes and
110.Dq regular
111(ie: everything else).
112The default values are 3 -> 60 seconds
113for regular files, and 30 -> 60 seconds for directories.
114The algorithm to calculate the timeout is based on the age of the file.
115The older the file,
116the longer the cache is considered valid, subject to the limits above.
117.It Cm actimeo Ns = Ns Aq Ar seconds
118Set four cache timeouts above to specified value.
119.It Cm allgssname
120This option can be used along with
121.Fl o Cm gssname
122to specify that all operations should use the host-based initiator
123credential.
124This may be used for clients that run system daemons that need to
125access files on the NFSv4 mounted volume.
126.It Cm bg
127If an initial attempt to contact the server fails, fork off a child to keep
128trying the mount in the background.
129Useful for
130.Xr fstab 5 ,
131where the file system mount is not critical to multiuser operation.
132.It Cm deadthresh Ns = Ns Aq Ar value
133Set the
134.Dq "dead server threshold"
135to the specified number of round trip timeout intervals before a
136.Dq "server not responding"
137message is displayed.
138.It Cm dumbtimer
139Turn off the dynamic retransmit timeout estimator.
140This may be useful for UDP mounts that exhibit high retry rates,
141since it is possible that the dynamically estimated timeout interval is too
142short.
143.It Cm fg
144Same as not specifying
145.Cm bg .
146.It Cm gssname Ns = Ns Aq Ar service-principal-name
147This option can be used with the KerberosV security flavors for NFSv4 mounts
148to specify the
149.Dq "service-principal-name"
150of a host-based entry in the default
151keytab file that is used for system operations.
152It allows the mount to be performed by
153.Dq "root"
154and avoids problems with
155cached credentials for the system operations expiring.
156The
157.Dq "service-prinicpal-name"
158should be specified without instance or domain and is typically
159.Dq "host" ,
160.Dq "nfs"
161or
162.Dq "root" .
163.It Cm hard
164Same as not specifying
165.Cm soft .
166.It Cm intr
167Make the mount interruptible, which implies that file system calls that
168are delayed due to an unresponsive server will fail with EINTR when a
169termination signal is posted for the process.
170.It Cm maxgroups Ns = Ns Aq Ar value
171Set the maximum size of the group list for the credentials to the
172specified value.
173This should be used for mounts on old servers that cannot handle a
174group list size of 16, as specified in RFC 1057.
175Try 8, if users in a lot of groups cannot get response from the mount
176point.
177.It Cm mntudp
178Force the mount protocol to use UDP transport, even for TCP NFS mounts.
179(Necessary for some old
180.Bx
181servers.)
182.It Cm nametimeo Ns = Ns Aq Ar value
183Override the default of NFS_DEFAULT_NAMETIMEO for the timeout (in seconds)
184for positive name cache entries.
185If this is set to 0 it disables positive name caching for the mount point.
186.It Cm negnametimeo Ns = Ns Aq Ar value
187Override the default of NFS_DEFAULT_NEGNAMETIMEO for the timeout (in seconds)
188for negative name cache entries.
189If this is set to 0 it disables negative name caching for the mount point.
190.It Cm nfsv2
191Use the NFS Version 2 protocol (the default is to try version 3 first
192then version 2).
193Note that NFS version 2 has a file size limit of 2 gigabytes.
194.It Cm nfsv3
195Use the NFS Version 3 protocol.
196.It Cm nfsv4
197Use the NFS Version 4 protocol.
198This option will force the mount to use
199TCP transport.
200.It Cm minorversion Ns = Ns Aq Ar value
201Override the default of 0 for the minor version of the NFS Version 4 protocol.
202The minor versions other than 0 currently supported are 1 and 2.
203This option is only meaningful when used with the
204.Cm nfsv4
205option.
206.It Cm oneopenown
207Make a minor version 1 or 2 of the NFS Version 4 protocol mount use a single
208OpenOwner for all Opens.
209This may be useful for a server with a very low limit on OpenOwners, such as
210AmazonEFS.
211It ca only be used with an NFSv4.1 or NFSv4.2 mount.
212It may not work correctly when Delegations are being issued by a server,
213but note that the AmazonEFS server does not issued delegations at this time.
214.It Cm pnfs
215Enable support for parallel NFS (pNFS) for minor version 1 or 2 of the
216NFS Version 4 protocol.
217This option is only meaningful when used with the
218.Cm minorversion
219option.
220.It Cm noac
221Disable attribute caching.
222.It Cm noconn
223For UDP mount points, do not do a
224.Xr connect 2 .
225This must be used if the server does not reply to requests from the standard
226NFS port number 2049 or replies to requests using a different IP address
227(which can occur if the server is multi-homed).
228Setting the
229.Va vfs.nfs.nfs_ip_paranoia
230sysctl to 0 will make this option the default.
231.It Cm nocto
232Normally, NFS clients maintain the close-to-open cache coherency.
233This works by flushing at close time and checking at open time.
234Checking at open time is implemented by getting attributes from
235the server and purging the data cache if they do not match
236attributes cached by the client.
237.Pp
238This option disables checking at open time.
239It may improve performance for read-only mounts,
240but should only be used if the data on the server changes rarely.
241Be sure to understand the consequences before enabling this option.
242.It Cm noinet4 , noinet6
243Disables
244.Dv AF_INET
245or
246.Dv AF_INET6
247connections.
248Useful for hosts that have
249both an A record and an AAAA record for the same name.
250.It Cm nolockd
251Do
252.Em not
253forward
254.Xr fcntl 2
255locks over the wire via the NLM protocol for NFSv3 mounts.
256All locks will be local and not seen by the server
257and likewise not seen by other NFS clients for NFSv3 mounts.
258This removes the need to run the
259.Xr rpcbind 8
260service and the
261.Xr rpc.statd 8
262and
263.Xr rpc.lockd 8
264servers on the client.
265Note that this option will only be honored when performing the
266initial mount, it will be silently ignored if used while updating
267the mount options.
268Also, note that NFSv4 mounts do not use these daemons and handle locks over the
269wire in the NFSv4 protocol.
270As such, this option is meaningless for NFSv4 mounts.
271.It Cm noncontigwr
272This mount option allows the NFS client to
273combine non-contiguous byte ranges being written
274such that the dirty byte range becomes a superset of the bytes
275that are dirty.
276This reduces the number of writes significantly for software
277builds.
278The merging of byte ranges is not done if the file has been file
279locked, since most applications modifying a file from multiple
280clients will use file locking.
281As such, this option could result in a corrupted file for the
282rare case of an application modifying the file from multiple
283clients concurrently without using file locking.
284.It Cm principal
285For the RPCSEC_GSS security flavors, such as krb5, krb5i and krb5p,
286this option sets the name of the host based principal name expected
287by the server.
288This option overrides the default, which will be ``nfs@<server-fqdn>''
289and should normally be sufficient.
290.It Cm noresvport
291Do
292.Em not
293use a reserved socket port number (see below).
294.It Cm port Ns = Ns Aq Ar port_number
295Use specified port number for NFS requests.
296The default is to query the portmapper for the NFS port.
297.It Cm proto Ns = Ns Aq Ar protocol
298Specify transport protocol version to use.
299Currently, they are:
300.Bd -literal
301udp -   Use UDP over IPv4
302tcp -   Use TCP over IPv4
303udp6 -  Use UDP over IPv6
304tcp6 -  Use TCP over IPv6
305.Ed
306.It Cm rdirplus
307Used with NFSV3 to specify that the \fBReaddirPlus\fR RPC should
308be used.
309For NFSV4, setting this option has a similar effect, in that it will make
310the Readdir Operation get more attributes.
311This option reduces RPC traffic for cases such as
312.Dq "ls -l" ,
313but tends to flood the attribute and name caches with prefetched entries.
314Try this option and see whether performance improves or degrades.
315Probably
316most useful for client to server network interconnects with a large bandwidth
317times delay product.
318.It Cm readahead Ns = Ns Aq Ar value
319Set the read-ahead count to the specified value.
320This may be in the range of 0 - 4, and determines how many blocks
321will be read ahead when a large file is being read sequentially.
322Trying a value greater than 1 for this is suggested for
323mounts with a large bandwidth * delay product.
324.It Cm readdirsize Ns = Ns Aq Ar value
325Set the readdir read size to the specified value.
326The value should normally
327be a multiple of
328.Dv DIRBLKSIZ
329that is <= the read size for the mount.
330.It Cm resvport
331Use a reserved socket port number.
332This flag is obsolete, and only retained for compatibility reasons.
333Reserved port numbers are used by default now.
334(For the rare case where the client has a trusted root account
335but untrustworthy users and the network cables are in secure areas this does
336help, but for normal desktop clients this does not apply.)
337.It Cm retrans Ns = Ns Aq Ar value
338Set the retransmit timeout count for soft mounts to the specified value.
339.It Cm retrycnt Ns = Ns Aq Ar count
340Set the mount retry count to the specified value.
341The default is a retry count of zero, which means to keep retrying
342forever.
343There is a 60 second delay between each attempt.
344.It Cm rsize Ns = Ns Aq Ar value
345Set the read data size to the specified value.
346It should normally be a power of 2 greater than or equal to 1024.
347This should be used for UDP mounts when the
348.Dq "fragments dropped due to timeout"
349value is getting large while actively using a mount point.
350(Use
351.Xr netstat 1
352with the
353.Fl s
354option to see what the
355.Dq "fragments dropped due to timeout"
356value is.)
357.It Cm sec Ns = Ns Aq Ar flavor
358This option specifies what security flavor should be used for the mount.
359Currently, they are:
360.Bd -literal
361krb5 -  Use KerberosV authentication
362krb5i - Use KerberosV authentication and
363        apply integrity checksums to RPCs
364krb5p - Use KerberosV authentication and
365        encrypt the RPC data
366sys -   The default AUTH_SYS, which uses a
367        uid + gid list authenticator
368.Ed
369.It Cm soft
370A soft mount, which implies that file system calls will fail
371after
372.Ar retrycnt
373round trip timeout intervals.
374.It Cm tcp
375Use TCP transport.
376This is the default option, as it provides for increased reliability on both
377LAN and WAN configurations compared to UDP.
378Some old NFS servers do not support this method; UDP mounts may be required
379for interoperability.
380.It Cm timeout Ns = Ns Aq Ar value
381Set the initial retransmit timeout to the specified value,
382expressed in tenths of a second.
383May be useful for fine tuning UDP mounts over internetworks
384with high packet loss rates or an overloaded server.
385Try increasing the interval if
386.Xr nfsstat 1
387shows high retransmit rates while the file system is active or reducing the
388value if there is a low retransmit rate but long response delay observed.
389(Normally, the
390.Cm dumbtimer
391option should be specified when using this option to manually
392tune the timeout
393interval.)
394.It Cm timeo Ns = Ns Aq Ar value
395Alias for
396.Cm timeout .
397.It Cm udp
398Use UDP transport.
399.It Cm vers Ns = Ns Aq Ar vers_number
400Use the specified version number for NFS requests.
401See the
402.Cm nfsv2 ,
403.Cm nfsv3 ,
404and
405.Cm nfsv4
406options for details.
407.It Cm wcommitsize Ns = Ns Aq Ar value
408Set the maximum pending write commit size to the specified value.
409This determines the maximum amount of pending write data that the NFS
410client is willing to cache for each file.
411.It Cm wsize Ns = Ns Aq Ar value
412Set the write data size to the specified value.
413Ditto the comments w.r.t.\& the
414.Cm rsize
415option, but using the
416.Dq "fragments dropped due to timeout"
417value on the server instead of the client.
418Note that both the
419.Cm rsize
420and
421.Cm wsize
422options should only be used as a last ditch effort at improving performance
423when mounting servers that do not support TCP mounts.
424.El
425.El
426.Sh COMPATIBILITY
427The following command line flags are equivalent to
428.Fl o
429named options and are supported for compatibility with older
430installations.
431.Bl -tag -width indent
432.It Fl 2
433Same as
434.Fl o Cm nfsv2
435.It Fl 3
436Same as
437.Fl o Cm nfsv3
438.It Fl D
439Same as
440.Fl o Cm deadthresh
441.It Fl I
442Same as
443.Fl o Cm readdirsize Ns = Ns Aq Ar value
444.It Fl L
445Same as
446.Fl o Cm nolockd
447.It Fl N
448Same as
449.Fl o Cm noresvport
450.It Fl P
451Use a reserved socket port number.
452This flag is obsolete, and only retained for compatibility reasons.
453(For the rare case where the client has a trusted root account
454but untrustworthy users and the network cables are in secure areas this does
455help, but for normal desktop clients this does not apply.)
456.It Fl R
457Same as
458.Fl o Cm retrycnt Ns = Ns Aq Ar value
459.It Fl T
460Same as
461.Fl o Cm tcp
462.It Fl U
463Same as
464.Fl o Cm mntudp
465.It Fl a
466Same as
467.Fl o Cm readahead Ns = Ns Aq Ar value
468.It Fl b
469Same as
470.Fl o Cm bg
471.It Fl c
472Same as
473.Fl o Cm noconn
474.It Fl d
475Same as
476.Fl o Cm dumbtimer
477.It Fl g
478Same as
479.Fl o Cm maxgroups
480.It Fl i
481Same as
482.Fl o Cm intr
483.It Fl l
484Same as
485.Fl o Cm rdirplus
486.It Fl r
487Same as
488.Fl o Cm rsize Ns = Ns Aq Ar value
489.It Fl s
490Same as
491.Fl o Cm soft
492.It Fl t
493Same as
494.Fl o Cm retransmit Ns = Ns Aq Ar value
495.It Fl w
496Same as
497.Fl o Cm wsize Ns = Ns Aq Ar value
498.It Fl x
499Same as
500.Fl o Cm retrans Ns = Ns Aq Ar value
501.El
502.Pp
503The following
504.Fl o
505named options are equivalent to other
506.Fl o
507named options and are supported for compatibility with other
508operating systems (e.g., Linux, Solaris, and OSX) to ease usage of
509.Xr autofs 5
510support.
511.Bl -tag -width indent
512.It Fl o Cm vers Ns = Ns 2
513Same as
514.Fl o Cm nfsv2
515.It Fl o Cm vers Ns = Ns 3
516Same as
517.Fl o Cm nfsv3
518.It Fl o Cm vers Ns = Ns 4
519Same as
520.Fl o Cm nfsv4
521.El
522.Sh SEE ALSO
523.Xr nmount 2 ,
524.Xr unmount 2 ,
525.Xr nfsv4 4 ,
526.Xr fstab 5 ,
527.Xr gssd 8 ,
528.Xr mount 8 ,
529.Xr nfsd 8 ,
530.Xr nfsiod 8 ,
531.Xr showmount 8
532.Sh HISTORY
533A version of the
534.Nm
535utility appeared in
536.Bx 4.4 .
537.Sh BUGS
538Since nfsv4 performs open/lock operations that have their ordering strictly
539enforced by the server, the options
540.Cm intr
541and
542.Cm soft
543cannot be safely used.
544.Cm hard
545nfsv4 mounts are strongly recommended.
546