NFSv4 and share for multiply networks

setevoy

setevoy

Hi.

I'm trying to set up an NFSv4 share, and everything works when setting a limit for only one network.

The /etc/exports:

Code: 
V4: /nas/nfs

Then, adding with ZFS set:

Code: 
# zfs set sharenfs="-network 192.168.0.0/24 -maproot=root" nas/nfs/backups

After that, I can mount using "sudo mount -t nfs4 192.168.0.2:/backups /mnt/test/" on my Linux client.

But I have a VPN network on this FreeBSD host and want to add it too.

Tried all possible combinations like:

Code: 
zfs set sharenfs="-network 192.168.0.0/24 -maproot=root -network 192.168.100.0/24" nas/nfs/backups
zfs set sharenfs="192.168.0.0/24,192.168.100.0/24" nas/nfs/backups
zfs set sharenfs="network=192.168.0.0/24,network=192.168.100.0/24" nas/nfs/backups
zfs set sharenfs="-network 192.168.0.0 -mask 255.255.255.0 192.168.100.0 -mask 255.255.255.0 10.8.0.0 -mask 255.255.255.0" nas/nfs/backups

But none works, and mountd sends "bad exports list line" errors.

So... What's the correct way to do so? Found few threads here, for example Help with zfs sharenfs and NFSv4, ZFS set sharenfs multiple hosts, but none works for me.

Or just do share for all with "sharenfs=on"? Doesn't look like a correct way...

What I'm missing here?

P.S. Also wondering why zfs-set man page has an example with the `@=` notation:

Code: 
# zfs set sharenfs='rw=@123.123.0.0/16:[::1],root=neo' tank/home

Which isn't working:

Code: 
# zfs set sharenfs='rw=@192.168.0.0/24' nas/nfs/backups

This gives the "bad exports list line '/nas/nfs/backups rw=@192.168.0.0/24': no valid entries" error.
 
You have to set a semicolon (;) between the different networks (this is not documented in the regular manuals, as far as I know, but it is the subject of review "Allow ZFS sharenfs to generate multiple export(5) lines", linked in my post # 9 in the thread you found, and missed probably the reference to it at the bottom of the post).

Example:
Rich (BB code): 
# zfs  sharenfs="network 192.168.0.0/24 maproot=root;network 192.168.100.0/24"  nas/nfs/backups

You can check the export result in /etc/zfs/exports
Code: 
# cat /etc/zfs/exports
# !!! DO NOT EDIT THIS FILE MANUALLY !!!

/nas/nfs/backups    -network 192.168.0.0/24 -maproot=root
/nas/nfs/backups    -network 192.168.100.0/24
 
T-Daemon said:
You have to set a semicolon (;) between the different networks (this is not documented in the regular manuals, as far as I know, but it is the subject of review "Allow ZFS sharenfs to generate multiple export(5) lines", linked in my post # 9 in the thread you found, and missed probably the reference to it at the bottom of the post).

Example:
Rich (BB code): 
# zfs  sharenfs="network 192.168.0.0/24 maproot=root;network 192.168.100.0/24"  nas/nfs/backups
Click to expand...
Thanks, indeed missed it.

But for me, it adds it as a single line:

Code: 
# zfs  sharenfs="-network 192.168.0.0/24 -maproot=root;-network 192.168.100.0/24" nas/nfs/backups

# cat /etc/zfs/exports
# !!! DO NOT EDIT THIS FILE MANUALLY !!!

/nas/nfs/backups        -network 192.168.0.0/24 -maproot=root;-network 192.168.100.0/24

If this matters:

Code: 
# zfs version
zfs-2.2.7-FreeBSD_ge269af1b3
zfs-kmod-2.2.7-FreeBSD_ge269af1b3
 
POSIX.1 said:
T-Daemon, OP asked for setting up an NFSv4 share. As far as I can remember zfs sharenfs cannot create valid lines that are required to start with V4.
Click to expand...

I've set V4 manually in the /etc/exports:

Code: 
# cat /etc/exports 
V4: /nas/nfs

But the question is how to configure the same dataset's exports for multiple networks.
Bacuse everything is great with the:

Code: 
# zfs set sharenfs="-network 192.168.0.0/24 -maproot=root" nas/nfs/backups

# cat /etc/zfs/exports
# !!! DO NOT EDIT THIS FILE MANUALLY !!!

/nas/nfs/backups        -network 192.168.0.0/24 -maproot=root

But not when using something like:

Code: 
# zfs set sharenfs="-network 192.168.0.0 -network 192.168.100.0 -network 10.8.0.0" nas/nfs/backups
 
setevoy said:
If this matters:

# zfs version
zfs-2.2.7-FreeBSD_ge269af1b3
zfs-kmod-2.2.7-FreeBSD_ge269af1b3
Click to expand...
Bummer, this works on version 2.4.0. (>=15 branch)

2.2.7 seems have not got patched to include the semicolon. Which FreeBSD version is the system running?

You have to resort to /etc/exports to share on different networks.
 
T-Daemon said:
Bummer, this works on version 2.4.0. (>=15 branch)

2.2.7 seems have not got patched to include the semicolon. Which FreeBSD version is the system running?

You have to resort to /etc/exports to share on different networks.
Click to expand...
Ah, thanks. I have 14.3.

You have to resort to /etc/exports to share on different networks.
Click to expand...
Well, tried that too.
And it even works with such format, if I did it correctly (but can be mounted and data is accessible in the 192.168.0.0/24, although I haven't checked from other networks yet):

Code: 
V4: /nas/nfs
/nas/nfs/backups -network 192.168.0.0/24 -maproot=root
/nas/nfs/backups -network 192.168.100.0/24 -maproot=root
/nas/nfs/backups -network 10.8.0.0/24 -maproot=root
 
POSIX.1 said:
T-Daemon, OP asked for setting up an NFSv4 share. As far as I can remember zfs sharenfs cannot create valid lines that are required to start with V4. Did recent zfs versions improve on that?
Click to expand...
This is the first time I've heard of it.

Even older ZFS "sharenfs" can very well export NFSv4 shares as long as all the requirements are met ("V4:" line in /etc/exports, "nfsv4_server_enable" in /etc/rc.conf ).
 
Yeah, checked from another host via VPN, and it works.

Just in case for googlers:

/etc/exports content on the FreeBSD host:

Code: 
V4: /nas/nfs
/nas/nfs/backups -network 192.168.0.0/24 -maproot=root
/nas/nfs/backups -network 192.168.100.0/24 -maproot=root
/nas/nfs/backups -network 10.8.0.0/24 -maproot=root

ZFS sharenfs is turned off:
Code: 
root@setevoy-nas:/home/setevoy # zfs get sharenfs nas/nfs/backups
NAME             PROPERTY  VALUE     SOURCE
nas/nfs/backups  sharenfs  off       local

Remote host via VPN:

Code: 
[setevoy@setevoy-home ~]$ ip a s wg0
44: wg0: <POINTOPOINT,NOARP,UP,LOWER_UP> mtu 1420 qdisc noqueue state UNKNOWN group default qlen 1000
    link/none 
    inet 10.8.0.3/24 scope global wg0

First attempt - got an error "NFS: mount program didn't pass remote address":

Code: 
[setevoy@setevoy-home ~]$ sudo mount -t nfs4 192.168.0.2:/backups /mnt/test/
mount: /mnt/test: fsconfig() failed: NFS: mount program didn't pass remote address.

Had no nfs-utils installed there:
Code: 
[setevoy@setevoy-home ~]$ sudo pacman -S nfs-utils

And now it's mounted, and data is accessible:

Code: 
[setevoy@setevoy-home ~]$ sudo touch /mnt/test/test-home
[setevoy@setevoy-home ~]$ ls -l /mnt/test/
total 2
-rw-r--r-- 1 root root 0 Dec 30 14:20 test
-rw-r--r-- 1 root root 0 Dec 30 14:55 test-client
-rw-r--r-- 1 root root 0 Dec 30 19:30 test-home

Both remote hosts are connected:

Code: 
root@setevoy-nas:/home/setevoy # nfsdumpstate -o
Flags         OpenOwner      Open LockOwner      Lock     Deleg  OldDeleg Clientaddr                                    ClientID
                      0         0         0         0         0         0 192.168.0.4                                   4c696e7578204e465376342e322073657465766f792d776f726b
CB                    1         0         0         0         0         0 10.8.0.3                                      4c696e7578204e465376342e322073657465766f792d686f6d65
 
You must log in or register to reply here.
Back
Top