1.\" Copyright (c) 1989, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" @(#)nfsd.8 8.4 (Berkeley) 3/29/95 29.\" $FreeBSD$ 30.\" 31.Dd December 20, 2019 32.Dt NFSD 8 33.Os 34.Sh NAME 35.Nm nfsd 36.Nd remote 37NFS server 38.Sh SYNOPSIS 39.Nm 40.Op Fl ardute 41.Op Fl n Ar num_servers 42.Op Fl h Ar bindip 43.Op Fl p Ar pnfs_setup 44.Op Fl m Ar mirror_level 45.Op Fl V Ar virtual_hostname 46.Op Fl Fl maxthreads Ar max_threads 47.Op Fl Fl minthreads Ar min_threads 48.Sh DESCRIPTION 49The 50.Nm 51utility runs on a server machine to service NFS requests from client machines. 52At least one 53.Nm 54must be running for a machine to operate as a server. 55.Pp 56Unless otherwise specified, eight servers per CPU for UDP transport are 57started. 58.Pp 59The following options are available: 60.Bl -tag -width Ds 61.It Fl r 62Register the NFS service with 63.Xr rpcbind 8 64without creating any servers. 65This option can be used along with the 66.Fl u 67or 68.Fl t 69options to re-register NFS if the rpcbind server is restarted. 70.It Fl d 71Unregister the NFS service with 72.Xr rpcbind 8 73without creating any servers. 74.It Fl V Ar virtual_hostname 75Specifies a hostname to be used as a principal name, instead of 76the default hostname. 77.It Fl n Ar threads 78Specifies how many servers to create. 79This option is equivalent to specifying 80.Fl Fl maxthreads 81and 82.Fl Fl minthreads 83with their respective arguments to 84.Ar threads . 85.It Fl Fl maxthreads Ar threads 86Specifies the maximum servers that will be kept around to service requests. 87.It Fl Fl minthreads Ar threads 88Specifies the minimum servers that will be kept around to service requests. 89.It Fl h Ar bindip 90Specifies which IP address or hostname to bind to on the local host. 91This option is recommended when a host has multiple interfaces. 92Multiple 93.Fl h 94options may be specified. 95.It Fl a 96Specifies that nfsd should bind to the wildcard IP address. 97This is the default if no 98.Fl h 99options are given. 100It may also be specified in addition to any 101.Fl h 102options given. 103Note that NFS/UDP does not operate properly when 104bound to the wildcard IP address whether you use -a or do not use -h. 105.It Fl p Ar pnfs_setup 106Enables pNFS support in the server and specifies the information that the 107daemon needs to start it. 108This option can only be used on one server and specifies that this server 109will be the MetaData Server (MDS) for the pNFS service. 110This can only be done if there is at least one 111.Fx 112system configured 113as a Data Server (DS) for it to use. 114.Pp 115The 116.Ar pnfs_setup 117string is a set of fields separated by ',' characters: 118Each of these fields specifies one DS. 119It consists of a server hostname, followed by a ':' 120and the directory path where the DS's data storage file system is mounted on 121this MDS server. 122This can optionally be followed by a '#' and the mds_path, which is the 123directory path for an exported file system on this MDS. 124If this is specified, it means that this DS is to be used to store data 125files for this mds_path file system only. 126If this optional component does not exist, the DS will be used to store data 127files for all exported MDS file systems. 128The DS storage file systems must be mounted on this system before the 129.Nm 130is started with this option specified. 131.br 132For example: 133.sp 134nfsv4-data0:/data0,nfsv4-data1:/data1 135.sp 136would specify two DS servers called nfsv4-data0 and nfsv4-data1 that comprise 137the data storage component of the pNFS service. 138These two DSs would be used to store data files for all exported file systems 139on this MDS. 140The directories 141.Dq /data0 142and 143.Dq /data1 144are where the data storage servers exported 145storage directories are mounted on this system (which will act as the MDS). 146.br 147Whereas, for the example: 148.sp 149nfsv4-data0:/data0#/export1,nfsv4-data1:/data1#/export2 150.sp 151would specify two DSs as above, however nfsv4-data0 will be used to store 152data files for 153.Dq /export1 154and nfsv4-data1 will be used to store data files for 155.Dq /export2 . 156.sp 157When using IPv6 addresses for DSs 158be wary of using link local addresses. 159The IPv6 address for the DS is sent to the client and there is no scope 160zone in it. 161As such, a link local address may not work for a pNFS client to DS 162TCP connection. 163When parsed, 164.Nm 165will only use a link local address if it is the only address returned by 166.Xr getaddrinfo 3 167for the DS hostname. 168.It Fl m Ar mirror_level 169This option is only meaningful when used with the 170.Fl p 171option. 172It specifies the 173.Dq mirror_level , 174which defines how many of the DSs will 175have a copy of a file's data storage file. 176The default of one implies no mirroring of data storage files on the DSs. 177The 178.Dq mirror_level 179would normally be set to 2 to enable mirroring, but 180can be as high as NFSDEV_MAXMIRRORS. 181There must be at least 182.Dq mirror_level 183DSs for each exported file system on the MDS, as specified in the 184.Fl p 185option. 186This implies that, for the above example using "#/export1" and "#/export2", 187mirroring cannot be done. 188There would need to be two DS entries for each of "#/export1" and "#/export2" 189in order to support a 190.Dq mirror_level 191of two. 192.Pp 193If mirroring is enabled, the server must use the Flexible File 194layout. 195If mirroring is not enabled, the server will use the File layout 196by default, but this default can be changed to the Flexible File layout if the 197.Xr sysctl 8 198vfs.nfsd.default_flexfile 199is set non-zero. 200.It Fl t 201Serve TCP NFS clients. 202.It Fl u 203Serve UDP NFS clients. 204.It Fl e 205Ignored; included for backward compatibility. 206.El 207.Pp 208For example, 209.Dq Li "nfsd -u -t -n 6" 210serves UDP and TCP transports using six daemons. 211.Pp 212A server should run enough daemons to handle 213the maximum level of concurrency from its clients, 214typically four to six. 215.Pp 216The 217.Nm 218utility listens for service requests at the port indicated in the 219NFS server specification; see 220.%T "Network File System Protocol Specification" , 221RFC1094, 222.%T "NFS: Network File System Version 3 Protocol Specification" , 223RFC1813, 224.%T "Network File System (NFS) Version 4 Protocol" , 225RFC7530, 226.%T "Network File System (NFS) Version 4 Minor Version 1 Protocol" , 227RFC5661, 228.%T "Network File System (NFS) Version 4 Minor Version 2 Protocol" , 229RFC7862, 230.%T "File System Extended Attributes in NFSv4" , 231RFC8276 and 232.%T "Parallel NFS (pNFS) Flexible File Layout" , 233RFC8435. 234.Pp 235If 236.Nm 237detects that 238NFS is not loaded in the running kernel, it will attempt 239to load a loadable kernel module containing NFS support using 240.Xr kldload 2 . 241If this fails, or no NFS KLD is available, 242.Nm 243will exit with an error. 244.Pp 245If 246.Nm 247is to be run on a host with multiple interfaces or interface aliases, use 248of the 249.Fl h 250option is recommended. 251If you do not use the option NFS may not respond to 252UDP packets from the same IP address they were sent to. 253Use of this option 254is also recommended when securing NFS exports on a firewalling machine such 255that the NFS sockets can only be accessed by the inside interface. 256The 257.Nm ipfw 258utility 259would then be used to block NFS-related packets that come in on the outside 260interface. 261.Pp 262If the server has stopped servicing clients and has generated a console message 263like 264.Dq Li "nfsd server cache flooded..." , 265the value for vfs.nfsd.tcphighwater needs to be increased. 266This should allow the server to again handle requests without a reboot. 267Also, you may want to consider decreasing the value for 268vfs.nfsd.tcpcachetimeo to several minutes (in seconds) instead of 12 hours 269when this occurs. 270.Pp 271Unfortunately making vfs.nfsd.tcphighwater too large can result in the mbuf 272limit being reached, as indicated by a console message 273like 274.Dq Li "kern.ipc.nmbufs limit reached" . 275If you cannot find values of the above 276.Nm sysctl 277values that work, you can disable the DRC cache for TCP by setting 278vfs.nfsd.cachetcp to 0. 279.Pp 280The 281.Nm 282utility has to be terminated with 283.Dv SIGUSR1 284and cannot be killed with 285.Dv SIGTERM 286or 287.Dv SIGQUIT . 288The 289.Nm 290utility needs to ignore these signals in order to stay alive as long 291as possible during a shutdown, otherwise loopback mounts will 292not be able to unmount. 293If you have to kill 294.Nm 295just do a 296.Dq Li "kill -USR1 <PID of master nfsd>" 297.Sh EXIT STATUS 298.Ex -std 299.Sh SEE ALSO 300.Xr nfsstat 1 , 301.Xr kldload 2 , 302.Xr nfssvc 2 , 303.Xr nfsv4 4 , 304.Xr pnfs 4 , 305.Xr pnfsserver 4 , 306.Xr exports 5 , 307.Xr stablerestart 5 , 308.Xr gssd 8 , 309.Xr ipfw 8 , 310.Xr mountd 8 , 311.Xr nfsiod 8 , 312.Xr nfsrevoke 8 , 313.Xr nfsuserd 8 , 314.Xr rpcbind 8 315.Sh HISTORY 316The 317.Nm 318utility first appeared in 319.Bx 4.4 . 320.Sh BUGS 321If 322.Nm 323is started when 324.Xr gssd 8 325is not running, it will service AUTH_SYS requests only. 326To fix the problem you must kill 327.Nm 328and then restart it, after the 329.Xr gssd 8 330is running. 331.Pp 332For a Flexible File Layout pNFS server, 333if there are Linux clients doing NFSv4.1 or NFSv4.2 mounts, those 334clients might need the 335.Xr sysctl 8 336vfs.nfsd.flexlinuxhack 337to be set to one on the MDS as a workaround. 338.Pp 339Linux 5.n kernels appear to have been patched such that this 340.Xr sysctl 8 341does not need to be set. 342