ZFS ZFS and NFSv4

[RGM-79N]

Greeting.

Currently I use NFSv3 and export all dataset individually. That's cumbersome, and NFSv4 has greater perfomance and I want it

I have exports like
/home/user/development
/mnt/s-drive
/mnt/s-drive/backup

NFSv4 demands a single root point, like / or /

But my exports doesn't. The way I solved this on Linux is by using bind mounts (which are nullfs mounts on FreeBSD).
The FreeBSD's nullfs can't recursively resolve nested mounts, like nullfs mount of /mnt/s-drive won't have contents of /mnt/s-drive/backup

I see only this solution: use / as root point and export whole tree. I don't like it, it will make exports cluttered.

What options do I have it just continue using NFSv3? I kinda need TCP and session timeouts, because link outages bring down my laptop

 

[T-Daemon]

Hello there.

Currently ... export all dataset individually.

I see only this solution: use / as root point and export whole tree.

Without exposing whole " / " tree, a more restricted solution is to collect those individual datasets under a common dataset.

In the following example the zroot/exports dataset with mount point /exports is the NFSv4 tree root ( V4: /exports ), user is "tom":

 # zfs  create  -o mountpoint=/exports  zroot/exports

 # zfs  create  zroot/exports/s-drive
(Assuming s-drive is another disk, mount s-drive on /exports/s-drive.)

 # zfs  create -p  zroot/exports/tom/development

 # chown  -R  tom:tom  /exports/tom
 
As user
tom % pwd
/home/tom

tom % ln -s /exports/tom/development

In addition, to give the user control over the zroot/exports/<user> dataset you can grant them privileges to create,destroy,snapshot,mount,etc. parent and child datasets as user, see zfs-allow(8) (mount sub-command requires "sysctl vfs.usermount=1" ).

 

[RGM-79N]

Hello there.



Without exposing whole " / " tree, a more restricted solution is to collect those individual datasets under a common dataset.

In the following example the zroot/exports dataset with mount point /exports is the NFSv4 tree root ( V4: /exports ), user is "tom":

 # zfs  create  -o mountpoint=/exports  zroot/exports

 # zfs  create  zroot/exports/s-drive
(Assuming s-drive is another disk, mount s-drive on /exports/s-drive.)

 # zfs  create -p  zroot/exports/tom/development

 # chown  -R  tom:tom  /exports/tom
 
As user
tom % pwd
/home/tom

tom % ln -s /exports/tom/development

In addition, to give the user control over the zroot/exports/<user> dataset you can grant them elevated privileges to create,destroy,snapshot,mount,etc. datasets as user, see zfs-allow(8) (mount sub-command requires "sysctl vfs.usermount=1" ).

That's interesting. Can I have both NFSv3 and NFSv4 running? Like NFSv4 for s-drive, where performance and reliability is needed, and NFSv3 for exporting small things like /etc

 

[T-Daemon]

Can I have both NFSv3 and NFSv4 running? Like NFSv4 for s-drive, where performance and reliability is needed, and NFSv3 for exporting small things like /etc

Sure, but there is no reason not to use NFSv4 for small transfers as well.

Though, I didn't expect anyone to want to export /etc since it's not a very common candidate for NFS exports, but if it suits your needs.

Assuming

V4: /exports

/exports/s-drive    -network 192.168.1.0/24
/etc                -network 192.168.1.0/24

NFSv4:
 # mount -o nfsv4 192.168.1.101:/s-drive  /mnt/s-drive

NFSv3:
 # mount 192.168.1.101:/etc  /mnt/etc

 # nfsstat -m
192.168.1.101:/s-drive on /mnt/s-drive
nfsv4,minorversion=2,tcp,resvport,nconnect=1,hard,cto,sec=sys,acdirmin=3,acdirmax=60,acregmin=5,acregmax=60,nametimeo=60,negnametimeo=60,rsize=65536,wsize=65536,readdirsize=65536,readahead=1,wcommitsize=4194304,timeout=120,retrans=2147483647
192.168.1.101:/etc on /mnt/etc
nfsv3,tcp,resvport,nconnect=1,hard,cto,lockd,sec=sys,acdirmin=3,acdirmax=60,acregmin=5,acregmax=60,nametimeo=60,negnametimeo=60,rsize=65536,wsize=65536,readdirsize=65536,readahead=1,wcommitsize=4194304,timeout=120,retrans=2

 

[RGM-79N]

Sure, but there is no reason not to use NFSv4 for small transfers as well.

Though, I didn't expect anyone to want to export /etc since it's not a very common candidate for NFS exports, but if it suits your needs.

Assuming

V4: /exports

/exports/s-drive    -network 192.168.1.0/24
/etc                -network 192.168.1.0/24

NFSv4:
 # mount -o nfsv4 192.168.1.101:/s-drive  /mnt/s-drive

NFSv3:
 # mount 192.168.1.101:/etc  /mnt/etc

 # nfsstat -m
192.168.1.101:/s-drive on /mnt/s-drive
nfsv4,minorversion=2,tcp,resvport,nconnect=1,hard,cto,sec=sys,acdirmin=3,acdirmax=60,acregmin=5,acregmax=60,nametimeo=60,negnametimeo=60,rsize=65536,wsize=65536,readdirsize=65536,readahead=1,wcommitsize=4194304,timeout=120,retrans=2147483647
192.168.1.101:/etc on /mnt/etc
nfsv3,tcp,resvport,nconnect=1,hard,cto,lockd,sec=sys,acdirmin=3,acdirmax=60,acregmin=5,acregmax=60,nametimeo=60,negnametimeo=60,rsize=65536,wsize=65536,readdirsize=65536,readahead=1,wcommitsize=4194304,timeout=120,retrans=2

Thanks! I will try it!

I use s-drive for big transfers, like 100 gigs over gigabit line

 

[BaronBS]

Sure, but there is no reason not to use NFSv4 for small transfers as well.

Though, I didn't expect anyone to want to export /etc since it's not a very common candidate for NFS exports, but if it suits your needs.

Assuming

V4: /exports

/exports/s-drive    -network 192.168.1.0/24
/etc                -network 192.168.1.0/24

NFSv4:
 # mount -o nfsv4 192.168.1.101:/s-drive  /mnt/s-drive

NFSv3:
 # mount 192.168.1.101:/etc  /mnt/etc

 # nfsstat -m
192.168.1.101:/s-drive on /mnt/s-drive
nfsv4,minorversion=2,tcp,resvport,nconnect=1,hard,cto,sec=sys,acdirmin=3,acdirmax=60,acregmin=5,acregmax=60,nametimeo=60,negnametimeo=60,rsize=65536,wsize=65536,readdirsize=65536,readahead=1,wcommitsize=4194304,timeout=120,retrans=2147483647
192.168.1.101:/etc on /mnt/etc
nfsv3,tcp,resvport,nconnect=1,hard,cto,lockd,sec=sys,acdirmin=3,acdirmax=60,acregmin=5,acregmax=60,nametimeo=60,negnametimeo=60,rsize=65536,wsize=65536,readdirsize=65536,readahead=1,wcommitsize=4194304,timeout=120,retrans=2

Is there a way to export the same directory twice, once in nfsv3 and another in v4?
My /etc/export:

beastie@BattleStar-Hydra --> ~
Ψ cat /etc/exports                                                                                                                                                             < 15:32 >  < 11,724-12-15 >  < 0 > 
/media/Share -mapall=beastie -alldirs BattleStar-Lat54 BattleStar-Lat54TS BattleStar-Void418 BattleStar-T430
/media/Backup -mapall=beastie -alldirs BattleStar-Lat54 BattleStar-Void418 BattleStar-T430
/usr/src -maproot=root BattleStar-Lat54 BattleStar-Lat54TS
/usr/obj -maproot=root BattleStar-Lat54 BattleStar-Lat54TS
/usr/ports -maproot=root BattleStar-Lat54 BattleStar-Lat54TS

Context: Host that end with TS are from TailScale, the ones that don't are local network.

Goal: Use nfsv3 for TS hostnames (limited by UDP); and V4 for local hostnames (so I could use TCP).

Is it possible?

 

[T-Daemon]

Goal: Use nfsv3 for TS hostnames (limited by UDP); and V4 for local hostnames (so I could use TCP).

Is it possible?

This is possible. The only difference between the two protocols used is the mount option "nfsv4" for version 4, without for version 3.

Problematic in you exports configuration is the NFSv4 tree root configuration, which needs to be V4: /. This will expose the entire file system when mounted "nfsv4".

 

[RGM-79N]

I resolved this problem. So, now I use NFSv4 on s-drive, where all datasets are automatically gets picked by NFSv4 and mounted on client. I set ZFS 'sharenfs' prop to automatically export each dataset, since NFSv4 still needs NFSv3-style exports. It's important to get user ID mapping working, so I spent time on my Linux client configuring /etc/request-key and idmapd.

 

[RGM-79N]

This is possible. The only difference between the two protocols used is the mount option "nfsv4" for version 4, without for version 3.

Problematic in you exports configuration is the NFSv4 tree root configuration, which needs to be V4: /. This will expose the entire file system when mounted "nfsv4".

By the way, I did V4: / and its not enough to export entire rootfs, you still need NFSv3 explicit exports, otherwise you get NFS stale file handle error

 

[BaronBS]

This is possible. The only difference between the two protocols used is the mount option "nfsv4" for version 4, without for version 3.

Problematic in you exports configuration is the NFSv4 tree root configuration, which needs to be V4: /. This will expose the entire file system when mounted "nfsv4".

Like this?

beastie@BattleStar-Hydra --> ~
Ψ cat /etc/exports                                                                                                                                                             < 16:50 >  < 11,724-12-23 >  < 0 > 
/media/Share -mapall=beastie -alldirs BattleStar-Lat54 BattleStar-Lat54TS BattleStar-Void418 BattleStar-T430
/media/Backup -mapall=beastie -alldirs BattleStar-Lat54 BattleStar-Void418 BattleStar-T430
V4: /
beastie@BattleStar-Hydra --> ~
Ψ tail -23 /etc/rc.conf | head -12                                                                                                                                             < 16:50 >  < 11,724-12-23 >  < 0 > 
# NFS
nfs_server_enable="YES"
nfs_server_flags="-u -t -n 4"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
mountd_flags="-r"
mountd_enable="YES"
rpc_lockd_enable="YES" # Only needed for V3
rpc_statd_enable="YES" # Only needed for V3
rpcbind_enable="YES" # Only needed for V3
smartd_enable="YES"

Client:

beastie@BattleStar-Lat54 --> ~
Ψ head -22 .local/bin/sharemount                                                                                                                                               < 16:53 >  < 11,724-12-23 >  < 0 > 
#!/usr/bin/env sh

# Vars
SRV="BattleStar-Hydra"
dfH="$(df /usr/home/beastie/Public | tail -1 | awk -F ' ' '{print $1}')";
dfW="$(df /media/Backup | tail -1 | awk -F ' ' '{print $1}')";
netName="$(ifconfig wlan0 | egrep ssid | awk -F ' ' '{print $2}')";

# Functions

mount_Backup(){
    doas mount_nfs -o nolockd,rw,nosuid,tcp,nfsv4 "${SRV}":/media/Backup /media/Backup;
}

mount_Public(){
    doas mount_nfs -o nolockd,rw,nosuid,tcp,nfsv4 "${SRV}":/media/Share /home/beastie/Public;
}

mount_PublicTS(){
    doas mount_nfs -o intr,nolockd,rw,nosuid,udp,nfsv3,soft "${SRV}"TS:/media/Share /home/beastie/Public;
}

 

[T-Daemon]

Like this?

Looks ok, assuming there are no errors or unwanted side effects.