1 .\" Copyright (c) 1992, 1993, 1994, 1995
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" @(#)mount_nfs.8 8.3 (Berkeley) 3/29/95
36 .Nd mount NFS file systems
40 .Op Fl a Ar maxreadahead
41 .Op Fl D Ar deadthresh
43 .Op Fl I Ar readdirsize
50 .Ar rhost : Ns Ar path node
56 system call to prepare and graft a remote NFS file system
57 .Pq Ar rhost : Ns Ar path
58 on to the file system tree at the point
60 This command is normally executed by
63 it implements the mount protocol as described in RFC 1094, Appendix A and
65 For NFSv4, it uses the NFSv4 protocol as described in RFC 7530, RFC 5661 and
70 keeps retrying until the mount succeeds.
71 This behaviour is intended for file systems listed in
73 that are critical to the boot process.
74 For non-critical file systems, the
78 options provide mechanisms to prevent the boot process from hanging
79 if the server is unavailable.
81 If the server becomes unresponsive while an NFS file system is
82 mounted, any new or outstanding file operations on that file system
83 will hang uninterruptibly until the server comes back.
84 To modify this default behaviour, see the
91 .Bl -tag -width indent
93 Options are specified with a
95 flag followed by a comma separated string of options.
98 man page for possible options and their meanings.
99 The following NFS specific options are also available:
100 .Bl -tag -width indent
101 .It Cm acregmin Ns = Ns Aq Ar seconds
102 .It Cm acregmax Ns = Ns Aq Ar seconds
103 .It Cm acdirmin Ns = Ns Aq Ar seconds
104 .It Cm acdirmax Ns = Ns Aq Ar seconds
105 When attributes of files are cached, a timeout calculated to determine
106 whether a given cache entry has expired.
107 These four values determine the upper and lower bounds of the timeouts for
111 (ie: everything else).
112 The default values are 3 -> 60 seconds
113 for regular files, and 30 -> 60 seconds for directories.
114 The algorithm to calculate the timeout is based on the age of the file.
116 the longer the cache is considered valid, subject to the limits above.
117 .It Cm actimeo Ns = Ns Aq Ar seconds
118 Set four cache timeouts above to specified value.
120 This option can be used along with
122 to specify that all operations should use the host-based initiator
124 This may be used for clients that run system daemons that need to
125 access files on the NFSv4 mounted volume.
127 If an initial attempt to contact the server fails, fork off a child to keep
128 trying the mount in the background.
131 where the file system mount is not critical to multiuser operation.
135 fork off a child to keep trying the mount in the background,
136 but do not attempt to mount in the foreground first.
138 60+ second timeout when the server is not responding.
139 Useful for speeding up the boot process of a client when the server is
140 likely to be unavailable.
141 This is often the case for interdependent servers
142 such as cross-mounted servers (each of two servers is an NFS client of
143 the other) and for cluster nodes that must boot before the file servers.
144 .It Cm deadthresh Ns = Ns Aq Ar value
146 .Dq "dead server threshold"
147 to the specified number of round trip timeout intervals before a
148 .Dq "server not responding"
149 message is displayed.
151 Turn off the dynamic retransmit timeout estimator.
152 This may be useful for UDP mounts that exhibit high retry rates,
153 since it is possible that the dynamically estimated timeout interval is too
156 Same as not specifying
158 .It Cm gssname Ns = Ns Aq Ar service-principal-name
159 This option can be used with the KerberosV security flavors for NFSv4 mounts
161 .Dq "service-principal-name"
162 of a host-based entry in the default
163 keytab file that is used for system operations.
164 It allows the mount to be performed by
166 and avoids problems with
167 cached credentials for the system operations expiring.
169 .Dq "service-principal-name"
170 should be specified without instance or domain and is typically
181 can also be used if the local system's
183 value does not match the host-based principal in the keytab.
185 Same as not specifying
188 Make the mount interruptible, which implies that file system calls that
189 are delayed due to an unresponsive server will fail with EINTR when a
190 termination signal is posted for the process.
191 To avoid leaving file locks in an indeterminate state on the NFS
192 server, it is recommended that the
194 option be used with this option.
195 .It Cm maxgroups Ns = Ns Aq Ar value
196 Set the maximum size of the group list for the credentials to the
198 This should be used for mounts on old servers that cannot handle a
199 group list size of 16, as specified in RFC 1057.
200 Try 8, if users in a lot of groups cannot get response from the mount
203 Force the mount protocol to use UDP transport, even for TCP NFS mounts.
204 (Necessary for some old
207 .It Cm nametimeo Ns = Ns Aq Ar value
208 Override the default of NFS_DEFAULT_NAMETIMEO for the timeout (in seconds)
209 for positive name cache entries.
210 If this is set to 0 it disables positive name caching for the mount point.
211 .It Cm negnametimeo Ns = Ns Aq Ar value
212 Override the default of NFS_DEFAULT_NEGNAMETIMEO for the timeout (in seconds)
213 for negative name cache entries.
214 If this is set to 0 it disables negative name caching for the mount point.
215 .It Cm nconnect Ns = Ns Aq Ar value
216 Specify the number of TCP connections (1-16) to be used
217 for an NFS Version 4, minor version 1 or 2 mount.
218 Multiple TCP connections can provide more client to server network
219 bandwidth for certain network configurations such as:
221 - Multiple network interfaces that are aggregated together.
222 - A fast network interface that uses multiple queues.
225 The first TCP connection will be used for all RPCs that consist
226 entirely of small RPC messages.
227 The RPCs that can have large RPC messages (Read/Readdir/Write) are
228 distributed over the additional TCP connections in a round robin
230 This option will result in more IP port#s being used.
231 This option requires the
234 Note that for NFS servers such as AmazonEFS, where each new TCP
235 connection can connect to a different cluster that maintains lock
236 state separately, this option cannot be used.
238 Use the NFS Version 2 protocol (the default is to try version 3 first
240 Note that NFS version 2 has a file size limit of 2 gigabytes.
242 Use the NFS Version 3 protocol.
244 Use the NFS Version 4 protocol.
245 This option will force the mount to use
247 By default, the highest minor version of NFS Version 4 that is
248 supported by the NFS Version 4 server will be used.
252 Make sure that all your NFS Version 4 clients have unique
255 .It Cm minorversion Ns = Ns Aq Ar value
256 Use the specified minor version for a NFS Version 4 mount,
257 overriding the default.
258 The minor versions supported are 0, 1, and 2.
259 This option is only meaningful when used with the
263 Make a minor version 1 or 2 of the NFS Version 4 protocol mount use a single
264 OpenOwner for all Opens.
265 This may be useful for a server with a very low limit on OpenOwners, such as
267 It may be required when an accumulation of NFS version 4 Opens occurs,
276 command-line options.
277 A common case for an accumulation of Opens is a shared library within
278 the NFS mount that is used by several
279 processes, where at least one of these processes is always running.
280 This option cannot be used for an NFS Version 4, minor version 0 mount.
281 It may not work correctly when Delegations are being issued by a server,
282 but note that the AmazonEFS server does not issued delegations at this time.
283 This option is only meaningful when used with the
287 Enable support for parallel NFS (pNFS) for minor version 1 or 2 of the
288 NFS Version 4 protocol.
289 This option is only meaningful when used with the
293 Disable attribute caching.
295 For UDP mount points, do not do a
297 This must be used if the server does not reply to requests from the standard
298 NFS port number 2049 or replies to requests using a different IP address
299 (which can occur if the server is multi-homed).
301 .Va vfs.nfs.nfs_ip_paranoia
302 sysctl to 0 will make this option the default.
304 Normally, NFS clients maintain the close-to-open cache coherency.
305 This works by flushing at close time and checking at open time.
306 Checking at open time is implemented by getting attributes from
307 the server and purging the data cache if they do not match
308 attributes cached by the client.
310 This option disables checking at open time.
311 It may improve performance for read-only mounts,
312 but should only be used if the data on the server changes rarely.
313 Be sure to understand the consequences before enabling this option.
314 .It Cm noinet4 , noinet6
320 Useful for hosts that have
321 both an A record and an AAAA record for the same name.
327 locks over the wire via the NLM protocol for NFSv3 mounts
328 or via the NFSv4 protocol for NFSv4 mounts.
329 All locks will be local and not seen by the server
330 and likewise not seen by other NFS clients for NFSv3 or NFSv4 mounts.
331 This removes the need to run the
337 servers on the client for NFSv3 mounts.
338 Note that this option will only be honored when performing the
339 initial mount, it will be silently ignored if used while updating
341 Also, note that NFSv4 mounts do not use these daemons.
342 The NFSv4 protocol handles locks,
343 unless this option is specified.
345 This mount option allows the NFS client to
346 combine non-contiguous byte ranges being written
347 such that the dirty byte range becomes a superset of the bytes
349 This reduces the number of writes significantly for software
351 The merging of byte ranges is not done if the file has been file
352 locked, since most applications modifying a file from multiple
353 clients will use file locking.
354 As such, this option could result in a corrupted file for the
355 rare case of an application modifying the file from multiple
356 clients concurrently without using file locking.
358 For the RPCSEC_GSS security flavors, such as krb5, krb5i and krb5p,
359 this option sets the name of the host based principal name expected
361 This option overrides the default, which will be ``nfs@<server-fqdn>''
362 and should normally be sufficient.
366 use a reserved socket port number (see below).
367 .It Cm port Ns = Ns Aq Ar port_number
368 Use specified port number for NFS requests.
369 The default is to query the portmapper for the NFS port.
370 .It Cm proto Ns = Ns Aq Ar protocol
371 Specify transport protocol version to use.
374 udp - Use UDP over IPv4
375 tcp - Use TCP over IPv4
376 udp6 - Use UDP over IPv6
377 tcp6 - Use TCP over IPv6
380 Used with NFSV3 to specify that the \fBReaddirPlus\fR RPC should
382 For NFSV4, setting this option has a similar effect, in that it will make
383 the Readdir Operation get more attributes.
384 This option reduces RPC traffic for cases such as
386 but tends to flood the attribute and name caches with prefetched entries.
387 Try this option and see whether performance improves or degrades.
389 most useful for client to server network interconnects with a large bandwidth
391 .It Cm readahead Ns = Ns Aq Ar value
392 Set the read-ahead count to the specified value.
393 This may be in the range of 0 - 4, and determines how many blocks
394 will be read ahead when a large file is being read sequentially.
395 Trying a value greater than 1 for this is suggested for
396 mounts with a large bandwidth * delay product.
397 .It Cm readdirsize Ns = Ns Aq Ar value
398 Set the readdir read size to the specified value.
399 The value should normally
402 that is <= the read size for the mount.
404 Use a reserved socket port number.
405 This flag is obsolete, and only retained for compatibility reasons.
406 Reserved port numbers are used by default now.
407 (For the rare case where the client has a trusted root account
408 but untrustworthy users and the network cables are in secure areas this does
409 help, but for normal desktop clients this does not apply.)
410 .It Cm retrans Ns = Ns Aq Ar value
411 Set the retransmit timeout count for soft mounts to the specified value.
412 .It Cm retrycnt Ns = Ns Aq Ar count
413 Set the mount retry count to the specified value.
414 The default is a retry count of zero, which means to keep retrying
416 There is a 60 second delay between each attempt.
417 .It Cm rsize Ns = Ns Aq Ar value
418 Set the read data size to the specified value.
419 It should normally be a power of 2 greater than or equal to 1024.
420 This should be used for UDP mounts when the
421 .Dq "fragments dropped due to timeout"
422 value is getting large while actively using a mount point.
427 option to see what the
428 .Dq "fragments dropped due to timeout"
430 .It Cm sec Ns = Ns Aq Ar flavor
431 This option specifies what security flavor should be used for the mount.
434 krb5 - Use KerberosV authentication
435 krb5i - Use KerberosV authentication and
436 apply integrity checksums to RPCs
437 krb5p - Use KerberosV authentication and
439 sys - The default AUTH_SYS, which uses a
440 uid + gid list authenticator
443 A soft mount, which implies that file system calls will fail
446 round trip timeout intervals.
448 This option specifies that a KerberosV NFSv4 minor version 1 or 2 mount
449 uses AUTH_SYS for system operations.
450 Using this option avoids the need for a KerberosV mount to have a
451 host-based principal entry in the default keytab file
454 option) or a requirement for the user doing the mount to have a
455 valid KerberosV ticket granting ticket (TGT) when the mount is done.
456 This option is intended to be used with the
460 options and can only be used for
461 NFSv4 mounts with minor version 1 or 2.
464 This is the default option, as it provides for increased reliability on both
465 LAN and WAN configurations compared to UDP.
466 Some old NFS servers do not support this method; UDP mounts may be required
467 for interoperability.
468 .It Cm timeout Ns = Ns Aq Ar value
469 Set the initial retransmit timeout to the specified value,
470 expressed in tenths of a second.
471 May be useful for fine tuning UDP mounts over internetworks
472 with high packet loss rates or an overloaded server.
473 Try increasing the interval if
475 shows high retransmit rates while the file system is active or reducing the
476 value if there is a low retransmit rate but long response delay observed.
479 option should be specified when using this option to manually
482 .It Cm timeo Ns = Ns Aq Ar value
486 This option specifies that the connection to the server must use TLS
488 TLS is only supported for TCP connections and the
490 daemon must be running for an NFS over TCP connection to use TLS.
491 .It Cm tlscertname Ns = Ns Aq Ar name
492 This option specifies the name of an alternate certificate to be
493 presented to the NFS server during TLS handshake.
494 The default certificate file names are
498 When this option is specified,
502 in the above file names.
503 For example, if the value of
507 the certificate file names to be used will be
511 These files are stored in
512 .Pa /etc/rpc.tlsclntd
514 This option is only meaningful when used with the
520 command line flag set.
523 .It Cm vers Ns = Ns Aq Ar vers_number
524 Use the specified version number for NFS requests.
531 .It Cm wcommitsize Ns = Ns Aq Ar value
532 Set the maximum pending write commit size to the specified value.
533 This determines the maximum amount of pending write data that the NFS
534 client is willing to cache for each file.
535 .It Cm wsize Ns = Ns Aq Ar value
536 Set the write data size to the specified value.
537 Ditto the comments w.r.t.\& the
539 option, but using the
540 .Dq "fragments dropped due to timeout"
541 value on the server instead of the client.
546 options should only be used as a last ditch effort at improving performance
547 when mounting servers that do not support TCP mounts.
550 .Sh IMPLEMENTATION NOTES
555 options are specified, the I/O size will be set to the largest value
556 supported by both the NFS client and server.
557 The largest value supported by the NFS client is defined by
560 which can be set to a power of two up to
567 command line option will show what
569 option settings are actually in use for the mount.
571 The following command line flags are equivalent to
573 named options and are supported for compatibility with older
575 .Bl -tag -width indent
587 .Fl o Cm readdirsize Ns = Ns Aq Ar value
595 Use a reserved socket port number.
596 This flag is obsolete, and only retained for compatibility reasons.
597 (For the rare case where the client has a trusted root account
598 but untrustworthy users and the network cables are in secure areas this does
599 help, but for normal desktop clients this does not apply.)
602 .Fl o Cm retrycnt Ns = Ns Aq Ar value
611 .Fl o Cm readahead Ns = Ns Aq Ar value
632 .Fl o Cm rsize Ns = Ns Aq Ar value
638 .Fl o Cm retransmit Ns = Ns Aq Ar value
641 .Fl o Cm wsize Ns = Ns Aq Ar value
644 .Fl o Cm retrans Ns = Ns Aq Ar value
649 named options are equivalent to other
651 named options and are supported for compatibility with other
652 operating systems (e.g., Linux, Solaris, and OSX) to ease usage of
655 .Bl -tag -width indent
656 .It Fl o Cm vers Ns = Ns 2
659 .It Fl o Cm vers Ns = Ns 3
662 .It Fl o Cm vers Ns = Ns 4
685 Since NFSv4 performs open/lock operations that have their ordering strictly
686 enforced by the server, the options
690 cannot be safely used.
691 For NFSv4 minor version 1 or 2 mounts, the ordering is done
692 via session slots and the NFSv4 client now handles broken session slots
696 option is used along with
700 an NFSv4 minor version 1 or 2 mount
701 should work fairly well, although still not completely correctly.
702 For NFSv4 minor version 0 mounts,
706 mount option is strongly recommended.