xref: /freebsd/usr.sbin/nfsd/nfsd.8 (revision 6683132d54bd6d589889e43dabdc53d35e38a028)
1.\" Copyright (c) 1989, 1991, 1993
2.\"	The Regents of the University of California.  All rights reserved.
3.\"
4.\" Redistribution and use in source and binary forms, with or without
5.\" modification, are permitted provided that the following conditions
6.\" are met:
7.\" 1. Redistributions of source code must retain the above copyright
8.\"    notice, this list of conditions and the following disclaimer.
9.\" 2. Redistributions in binary form must reproduce the above copyright
10.\"    notice, this list of conditions and the following disclaimer in the
11.\"    documentation and/or other materials provided with the distribution.
12.\" 3. Neither the name of the University nor the names of its contributors
13.\"    may be used to endorse or promote products derived from this software
14.\"    without specific prior written permission.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19.\" ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26.\" SUCH DAMAGE.
27.\"
28.\"	@(#)nfsd.8	8.4 (Berkeley) 3/29/95
29.\" $FreeBSD$
30.\"
31.Dd February 14, 2019
32.Dt NFSD 8
33.Os
34.Sh NAME
35.Nm nfsd
36.Nd remote
37NFS server
38.Sh SYNOPSIS
39.Nm
40.Op Fl ardute
41.Op Fl n Ar num_servers
42.Op Fl h Ar bindip
43.Op Fl p Ar pnfs_setup
44.Op Fl m Ar mirror_level
45.Op Fl V Ar virtual_hostname
46.Op Fl Fl maxthreads Ar max_threads
47.Op Fl Fl minthreads Ar min_threads
48.Sh DESCRIPTION
49The
50.Nm
51utility runs on a server machine to service NFS requests from client machines.
52At least one
53.Nm
54must be running for a machine to operate as a server.
55.Pp
56Unless otherwise specified, eight servers per CPU for UDP transport are
57started.
58.Pp
59The following options are available:
60.Bl -tag -width Ds
61.It Fl r
62Register the NFS service with
63.Xr rpcbind 8
64without creating any servers.
65This option can be used along with the
66.Fl u
67or
68.Fl t
69options to re-register NFS if the rpcbind server is restarted.
70.It Fl d
71Unregister the NFS service with
72.Xr rpcbind 8
73without creating any servers.
74.It Fl V Ar virtual_hostname
75Specifies a hostname to be used as a principal name, instead of
76the default hostname.
77.It Fl n Ar threads
78Specifies how many servers to create.
79This option is equivalent to specifying
80.Fl Fl maxthreads
81and
82.Fl Fl minthreads
83with their respective arguments to
84.Ar threads .
85.It Fl Fl maxthreads Ar threads
86Specifies the maximum servers that will be kept around to service requests.
87.It Fl Fl minthreads Ar threads
88Specifies the minimum servers that will be kept around to service requests.
89.It Fl h Ar bindip
90Specifies which IP address or hostname to bind to on the local host.
91This option is recommended when a host has multiple interfaces.
92Multiple
93.Fl h
94options may be specified.
95.It Fl a
96Specifies that nfsd should bind to the wildcard IP address.
97This is the default if no
98.Fl h
99options are given.
100It may also be specified in addition to any
101.Fl h
102options given.
103Note that NFS/UDP does not operate properly when
104bound to the wildcard IP address whether you use -a or do not use -h.
105.It Fl p Ar pnfs_setup
106Enables pNFS support in the server and specifies the information that the
107daemon needs to start it.
108This option can only be used on one server and specifies that this server
109will be the MetaData Server (MDS) for the pNFS service.
110This can only be done if there is at least one
111.Fx
112system configured
113as a Data Server (DS) for it to use.
114.Pp
115The
116.Ar pnfs_setup
117string is a set of fields separated by ',' characters:
118Each of these fields specifies one DS.
119It consists of a server hostname, followed by a ':'
120and the directory path where the DS's data storage file system is mounted on
121this MDS server.
122This can optionally be followed by a '#' and the mds_path, which is the
123directory path for an exported file system on this MDS.
124If this is specified, it means that this DS is to be used to store data
125files for this mds_path file system only.
126If this optional component does not exist, the DS will be used to store data
127files for all exported MDS file systems.
128The DS storage file systems must be mounted on this system before the
129.Nm
130is started with this option specified.
131.br
132For example:
133.sp
134nfsv4-data0:/data0,nfsv4-data1:/data1
135.sp
136would specify two DS servers called nfsv4-data0 and nfsv4-data1 that comprise
137the data storage component of the pNFS service.
138These two DSs would be used to store data files for all exported file systems
139on this MDS.
140The directories
141.Dq /data0
142and
143.Dq /data1
144are where the data storage servers exported
145storage directories are mounted on this system (which will act as the MDS).
146.br
147Whereas, for the example:
148.sp
149nfsv4-data0:/data0#/export1,nfsv4-data1:/data1#/export2
150.sp
151would specify two DSs as above, however nfsv4-data0 will be used to store
152data files for
153.Dq /export1
154and nfsv4-data1 will be used to store data files for
155.Dq /export2 .
156.sp
157When using IPv6 addresses for DSs
158be wary of using link local addresses.
159The IPv6 address for the DS is sent to the client and there is no scope
160zone in it.
161As such, a link local address may not work for a pNFS client to DS
162TCP connection.
163When parsed,
164.Nm
165will only use a link local address if it is the only address returned by
166.Xr getaddrinfo 3
167for the DS hostname.
168.It Fl m Ar mirror_level
169This option is only meaningful when used with the
170.Fl p
171option.
172It specifies the
173.Dq mirror_level ,
174which defines how many of the DSs will
175have a copy of a file's data storage file.
176The default of one implies no mirroring of data storage files on the DSs.
177The
178.Dq mirror_level
179would normally be set to 2 to enable mirroring, but
180can be as high as NFSDEV_MAXMIRRORS.
181There must be at least
182.Dq mirror_level
183DSs for each exported file system on the MDS, as specified in the
184.Fl p
185option.
186This implies that, for the above example using "#/export1" and "#/export2",
187mirroring cannot be done.
188There would need to be two DS entries for each of "#/export1" and "#/export2"
189in order to support a
190.Dq mirror_level
191of two.
192.Pp
193If mirroring is enabled, the server must use the Flexible File
194layout.
195If mirroring is not enabled, the server will use the File layout
196by default, but this default can be changed to the Flexible File layout if the
197.Xr sysctl 8
198vfs.nfsd.default_flexfile
199is set non-zero.
200.It Fl t
201Serve TCP NFS clients.
202.It Fl u
203Serve UDP NFS clients.
204.It Fl e
205Ignored; included for backward compatibility.
206.El
207.Pp
208For example,
209.Dq Li "nfsd -u -t -n 6"
210serves UDP and TCP transports using six daemons.
211.Pp
212A server should run enough daemons to handle
213the maximum level of concurrency from its clients,
214typically four to six.
215.Pp
216The
217.Nm
218utility listens for service requests at the port indicated in the
219NFS server specification; see
220.%T "Network File System Protocol Specification" ,
221RFC1094,
222.%T "NFS: Network File System Version 3 Protocol Specification" ,
223RFC1813,
224.%T "Network File System (NFS) Version 4 Protocol" ,
225RFC3530 and
226.%T "Network File System (NFS) Version 4 Minor Version 1 Protocol" ,
227RFC5661.
228.Pp
229If
230.Nm
231detects that
232NFS is not loaded in the running kernel, it will attempt
233to load a loadable kernel module containing NFS support using
234.Xr kldload 2 .
235If this fails, or no NFS KLD is available,
236.Nm
237will exit with an error.
238.Pp
239If
240.Nm
241is to be run on a host with multiple interfaces or interface aliases, use
242of the
243.Fl h
244option is recommended.
245If you do not use the option NFS may not respond to
246UDP packets from the same IP address they were sent to.
247Use of this option
248is also recommended when securing NFS exports on a firewalling machine such
249that the NFS sockets can only be accessed by the inside interface.
250The
251.Nm ipfw
252utility
253would then be used to block NFS-related packets that come in on the outside
254interface.
255.Pp
256If the server has stopped servicing clients and has generated a console message
257like
258.Dq Li "nfsd server cache flooded..." ,
259the value for vfs.nfsd.tcphighwater needs to be increased.
260This should allow the server to again handle requests without a reboot.
261Also, you may want to consider decreasing the value for
262vfs.nfsd.tcpcachetimeo to several minutes (in seconds) instead of 12 hours
263when this occurs.
264.Pp
265Unfortunately making vfs.nfsd.tcphighwater too large can result in the mbuf
266limit being reached, as indicated by a console message
267like
268.Dq Li "kern.ipc.nmbufs limit reached" .
269If you cannot find values of the above
270.Nm sysctl
271values that work, you can disable the DRC cache for TCP by setting
272vfs.nfsd.cachetcp to 0.
273.Pp
274The
275.Nm
276utility has to be terminated with
277.Dv SIGUSR1
278and cannot be killed with
279.Dv SIGTERM
280or
281.Dv SIGQUIT .
282The
283.Nm
284utility needs to ignore these signals in order to stay alive as long
285as possible during a shutdown, otherwise loopback mounts will
286not be able to unmount.
287If you have to kill
288.Nm
289just do a
290.Dq Li "kill -USR1 <PID of master nfsd>"
291.Sh EXIT STATUS
292.Ex -std
293.Sh SEE ALSO
294.Xr nfsstat 1 ,
295.Xr kldload 2 ,
296.Xr nfssvc 2 ,
297.Xr nfsv4 4 ,
298.Xr pnfs 4 ,
299.Xr pnfsserver 4 ,
300.Xr exports 5 ,
301.Xr stablerestart 5 ,
302.Xr gssd 8 ,
303.Xr ipfw 8 ,
304.Xr mountd 8 ,
305.Xr nfsiod 8 ,
306.Xr nfsrevoke 8 ,
307.Xr nfsuserd 8 ,
308.Xr rpcbind 8
309.Sh HISTORY
310The
311.Nm
312utility first appeared in
313.Bx 4.4 .
314.Sh BUGS
315If
316.Nm
317is started when
318.Xr gssd 8
319is not running, it will service AUTH_SYS requests only.
320To fix the problem you must kill
321.Nm
322and then restart it, after the
323.Xr gssd 8
324is running.
325.Pp
326If mirroring is enabled via the
327.Fl m
328option and there are Linux clients doing NFSv4.1 mounts, those clients
329need to be patched to support the
330.Dq tightly coupled
331variant of
332the Flexible File layout or the
333.Xr sysctl 8
334vfs.nfsd.flexlinuxhack
335must be set to one on the MDS as a workaround.
336