1 .\" Copyright (c) 1992, 1993, 1994, 1995
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" @(#)mount_nfs.8 8.3 (Berkeley) 3/29/95
35 .Nd mount NFS file systems
39 .Op Fl a Ar maxreadahead
40 .Op Fl D Ar deadthresh
42 .Op Fl I Ar readdirsize
49 .Ar rhost : Ns Ar path node
55 system call to prepare and graft a remote NFS file system
56 .Pq Ar rhost : Ns Ar path
57 on to the file system tree at the point
59 This command is normally executed by
62 it implements the mount protocol as described in RFC 1094, Appendix A and
64 For NFSv4, it uses the NFSv4 protocol as described in RFC 7530, RFC 5661 and
69 keeps retrying until the mount succeeds.
70 This behaviour is intended for file systems listed in
72 that are critical to the boot process.
73 For non-critical file systems, the
77 options provide mechanisms to prevent the boot process from hanging
78 if the server is unavailable.
80 If the server becomes unresponsive while an NFS file system is
81 mounted, any new or outstanding file operations on that file system
82 will hang uninterruptibly until the server comes back.
83 To modify this default behaviour, see the
90 .Bl -tag -width indent
92 Options are specified with a
94 flag followed by a comma separated string of options.
97 man page for possible options and their meanings.
98 The following NFS specific options are also available:
99 .Bl -tag -width indent
100 .It Cm acregmin Ns = Ns Aq Ar seconds
101 .It Cm acregmax Ns = Ns Aq Ar seconds
102 .It Cm acdirmin Ns = Ns Aq Ar seconds
103 .It Cm acdirmax Ns = Ns Aq Ar seconds
104 When attributes of files are cached, a timeout calculated to determine
105 whether a given cache entry has expired.
106 These four values determine the upper and lower bounds of the timeouts for
110 (ie: everything else).
111 The default values are 3 -> 60 seconds
112 for regular files, and 30 -> 60 seconds for directories.
113 The algorithm to calculate the timeout is based on the age of the file.
115 the longer the cache is considered valid, subject to the limits above.
116 .It Cm actimeo Ns = Ns Aq Ar seconds
117 Set four cache timeouts above to specified value.
119 This option can be used along with
121 to specify that all operations should use the host-based initiator
123 This may be used for clients that run system daemons that need to
124 access files on the NFSv4 mounted volume.
126 If an initial attempt to contact the server fails, fork off a child to keep
127 trying the mount in the background.
130 where the file system mount is not critical to multiuser operation.
134 fork off a child to keep trying the mount in the background,
135 but do not attempt to mount in the foreground first.
137 60+ second timeout when the server is not responding.
138 Useful for speeding up the boot process of a client when the server is
139 likely to be unavailable.
140 This is often the case for interdependent servers
141 such as cross-mounted servers (each of two servers is an NFS client of
142 the other) and for cluster nodes that must boot before the file servers.
143 .It Cm deadthresh Ns = Ns Aq Ar value
145 .Dq "dead server threshold"
146 to the specified number of round trip timeout intervals before a
147 .Dq "server not responding"
148 message is displayed.
150 Turn off the dynamic retransmit timeout estimator.
151 This may be useful for UDP mounts that exhibit high retry rates,
152 since it is possible that the dynamically estimated timeout interval is too
155 Same as not specifying
157 .It Cm gssname Ns = Ns Aq Ar service-principal-name
158 This option can be used with the KerberosV security flavors for NFSv4 mounts
160 .Dq "service-principal-name"
161 of a host-based entry in the default
162 keytab file that is used for system operations.
163 It allows the mount to be performed by
165 and avoids problems with
166 cached credentials for the system operations expiring.
168 .Dq "service-principal-name"
169 should be specified without instance or domain and is typically
180 can also be used if the local system's
182 value does not match the host-based principal in the keytab.
184 Same as not specifying
187 Make the mount interruptible, which implies that file system calls that
188 are delayed due to an unresponsive server will fail with EINTR when a
189 termination signal is posted for the process.
190 To avoid leaving file locks in an indeterminate state on the NFS
191 server, it is recommended that the
193 option be used with this option.
194 .It Cm maxgroups Ns = Ns Aq Ar value
195 Set the maximum size of the group list for the credentials to the
197 This should be used for mounts on old servers that cannot handle a
198 group list size of 16, as specified in RFC 1057.
199 Try 8, if users in a lot of groups cannot get response from the mount
202 Force the mount protocol to use UDP transport, even for TCP NFS mounts.
203 (Necessary for some old
206 .It Cm nametimeo Ns = Ns Aq Ar value
207 Override the default of NFS_DEFAULT_NAMETIMEO for the timeout (in seconds)
208 for positive name cache entries.
209 If this is set to 0 it disables positive name caching for the mount point.
210 .It Cm negnametimeo Ns = Ns Aq Ar value
211 Override the default of NFS_DEFAULT_NEGNAMETIMEO for the timeout (in seconds)
212 for negative name cache entries.
213 If this is set to 0 it disables negative name caching for the mount point.
214 .It Cm nconnect Ns = Ns Aq Ar value
215 Specify the number of TCP connections (1-16) to be used
216 for an NFS Version 4, minor version 1 or 2 mount.
217 Multiple TCP connections can provide more client to server network
218 bandwidth for certain network configurations such as:
220 - Multiple network interfaces that are aggregated together.
221 - A fast network interface that uses multiple queues.
224 The first TCP connection will be used for all RPCs that consist
225 entirely of small RPC messages.
226 The RPCs that can have large RPC messages (Read/Readdir/Write) are
227 distributed over the additional TCP connections in a round robin
229 This option will result in more IP port#s being used.
230 This option requires the
233 Note that for NFS servers such as AmazonEFS, where each new TCP
234 connection can connect to a different cluster that maintains lock
235 state separately, this option cannot be used.
237 Use the NFS Version 2 protocol (the default is to try version 3 first
239 Note that NFS version 2 has a file size limit of 2 gigabytes.
241 Use the NFS Version 3 protocol.
243 Use the NFS Version 4 protocol.
244 This option will force the mount to use
246 By default, the highest minor version of NFS Version 4 that is
247 supported by the NFS Version 4 server will be used.
251 Make sure that all your NFS Version 4 clients have unique
254 .It Cm minorversion Ns = Ns Aq Ar value
255 Use the specified minor version for a NFS Version 4 mount,
256 overriding the default.
257 The minor versions supported are 0, 1, and 2.
258 This option is only meaningful when used with the
262 Make a minor version 1 or 2 of the NFS Version 4 protocol mount use a single
263 OpenOwner for all Opens.
264 This may be useful for a server with a very low limit on OpenOwners, such as
266 It may be required when an accumulation of NFS version 4 Opens occurs,
275 command-line options.
276 A common case for an accumulation of Opens is a shared library within
277 the NFS mount that is used by several
278 processes, where at least one of these processes is always running.
279 This option cannot be used for an NFS Version 4, minor version 0 mount.
280 It may not work correctly when Delegations are being issued by a server,
281 but note that the AmazonEFS server does not issued delegations at this time.
282 This option is only meaningful when used with the
286 Enable support for parallel NFS (pNFS) for minor version 1 or 2 of the
287 NFS Version 4 protocol.
288 This option is only meaningful when used with the
292 Disable attribute caching.
294 For UDP mount points, do not do a
296 This must be used if the server does not reply to requests from the standard
297 NFS port number 2049 or replies to requests using a different IP address
298 (which can occur if the server is multi-homed).
300 .Va vfs.nfs.nfs_ip_paranoia
301 sysctl to 0 will make this option the default.
303 Normally, NFS clients maintain the close-to-open cache coherency.
304 This works by flushing at close time and checking at open time.
305 Checking at open time is implemented by getting attributes from
306 the server and purging the data cache if they do not match
307 attributes cached by the client.
309 This option disables checking at open time.
310 It may improve performance for read-only mounts,
311 but should only be used if the data on the server changes rarely.
312 Be sure to understand the consequences before enabling this option.
313 .It Cm noinet4 , noinet6
319 Useful for hosts that have
320 both an A record and an AAAA record for the same name.
326 locks over the wire via the NLM protocol for NFSv3 mounts
327 or via the NFSv4 protocol for NFSv4 mounts.
328 All locks will be local and not seen by the server
329 and likewise not seen by other NFS clients for NFSv3 or NFSv4 mounts.
330 This removes the need to run the
336 servers on the client for NFSv3 mounts.
337 Note that this option will only be honored when performing the
338 initial mount, it will be silently ignored if used while updating
340 Also, note that NFSv4 mounts do not use these daemons.
341 The NFSv4 protocol handles locks,
342 unless this option is specified.
344 This mount option allows the NFS client to
345 combine non-contiguous byte ranges being written
346 such that the dirty byte range becomes a superset of the bytes
348 This reduces the number of writes significantly for software
350 The merging of byte ranges is not done if the file has been file
351 locked, since most applications modifying a file from multiple
352 clients will use file locking.
353 As such, this option could result in a corrupted file for the
354 rare case of an application modifying the file from multiple
355 clients concurrently without using file locking.
357 For the RPCSEC_GSS security flavors, such as krb5, krb5i and krb5p,
358 this option sets the name of the host based principal name expected
360 This option overrides the default, which will be ``nfs@<server-fqdn>''
361 and should normally be sufficient.
365 use a reserved socket port number (see below).
366 .It Cm port Ns = Ns Aq Ar port_number
367 Use specified port number for NFS requests.
368 The default is to query the portmapper for the NFS port.
369 .It Cm proto Ns = Ns Aq Ar protocol
370 Specify transport protocol version to use.
373 udp - Use UDP over IPv4
374 tcp - Use TCP over IPv4
375 udp6 - Use UDP over IPv6
376 tcp6 - Use TCP over IPv6
379 Used with NFSV3 to specify that the \fBReaddirPlus\fR RPC should
381 For NFSV4, setting this option has a similar effect, in that it will make
382 the Readdir Operation get more attributes.
383 This option reduces RPC traffic for cases such as
385 but tends to flood the attribute and name caches with prefetched entries.
386 Try this option and see whether performance improves or degrades.
388 most useful for client to server network interconnects with a large bandwidth
390 .It Cm readahead Ns = Ns Aq Ar value
391 Set the read-ahead count to the specified value.
392 This may be in the range of 0 - 4, and determines how many blocks
393 will be read ahead when a large file is being read sequentially.
394 Trying a value greater than 1 for this is suggested for
395 mounts with a large bandwidth * delay product.
396 .It Cm readdirsize Ns = Ns Aq Ar value
397 Set the readdir read size to the specified value.
398 The value should normally
401 that is <= the read size for the mount.
403 Use a reserved socket port number.
404 This flag is obsolete, and only retained for compatibility reasons.
405 Reserved port numbers are used by default now.
406 (For the rare case where the client has a trusted root account
407 but untrustworthy users and the network cables are in secure areas this does
408 help, but for normal desktop clients this does not apply.)
409 .It Cm retrans Ns = Ns Aq Ar value
410 Set the retransmit timeout count for soft mounts to the specified value.
411 .It Cm retrycnt Ns = Ns Aq Ar count
412 Set the mount retry count to the specified value.
413 The default is a retry count of zero, which means to keep retrying
415 There is a 60 second delay between each attempt.
416 .It Cm rsize Ns = Ns Aq Ar value
417 Set the read data size to the specified value.
418 It should normally be a power of 2 greater than or equal to 1024.
419 This should be used for UDP mounts when the
420 .Dq "fragments dropped due to timeout"
421 value is getting large while actively using a mount point.
426 option to see what the
427 .Dq "fragments dropped due to timeout"
429 .It Cm sec Ns = Ns Aq Ar flavor
430 This option specifies what security flavor should be used for the mount.
433 krb5 - Use KerberosV authentication
434 krb5i - Use KerberosV authentication and
435 apply integrity checksums to RPCs
436 krb5p - Use KerberosV authentication and
438 sys - The default AUTH_SYS, which uses a
439 uid + gid list authenticator
442 A soft mount, which implies that file system calls will fail
445 round trip timeout intervals.
447 This option specifies that a KerberosV NFSv4 minor version 1 or 2 mount
448 uses AUTH_SYS for system operations.
449 Using this option avoids the need for a KerberosV mount to have a
450 host-based principal entry in the default keytab file
453 option) or a requirement for the user doing the mount to have a
454 valid KerberosV ticket granting ticket (TGT) when the mount is done.
455 This option is intended to be used with the
459 options and can only be used for
460 NFSv4 mounts with minor version 1 or 2.
463 This is the default option, as it provides for increased reliability on both
464 LAN and WAN configurations compared to UDP.
465 Some old NFS servers do not support this method; UDP mounts may be required
466 for interoperability.
467 .It Cm timeout Ns = Ns Aq Ar value
468 Set the initial retransmit timeout to the specified value,
469 expressed in tenths of a second.
470 May be useful for fine tuning UDP mounts over internetworks
471 with high packet loss rates or an overloaded server.
472 Try increasing the interval if
474 shows high retransmit rates while the file system is active or reducing the
475 value if there is a low retransmit rate but long response delay observed.
478 option should be specified when using this option to manually
481 .It Cm timeo Ns = Ns Aq Ar value
485 This option specifies that the connection to the server must use TLS
487 TLS is only supported for TCP connections and the
489 daemon must be running for an NFS over TCP connection to use TLS.
490 .It Cm tlscertname Ns = Ns Aq Ar name
491 This option specifies the name of an alternate certificate to be
492 presented to the NFS server during TLS handshake.
493 The default certificate file names are
497 When this option is specified,
501 in the above file names.
502 For example, if the value of
506 the certificate file names to be used will be
510 These files are stored in
511 .Pa /etc/rpc.tlsclntd
513 This option is only meaningful when used with the
519 command line flag set.
522 .It Cm vers Ns = Ns Aq Ar vers_number
523 Use the specified version number for NFS requests.
530 .It Cm wcommitsize Ns = Ns Aq Ar value
531 Set the maximum pending write commit size to the specified value.
532 This determines the maximum amount of pending write data that the NFS
533 client is willing to cache for each file.
534 .It Cm wsize Ns = Ns Aq Ar value
535 Set the write data size to the specified value.
536 Ditto the comments w.r.t.\& the
538 option, but using the
539 .Dq "fragments dropped due to timeout"
540 value on the server instead of the client.
545 options should only be used as a last ditch effort at improving performance
546 when mounting servers that do not support TCP mounts.
549 .Sh IMPLEMENTATION NOTES
554 options are specified, the I/O size will be set to the largest value
555 supported by both the NFS client and server.
556 The largest value supported by the NFS client is defined by
559 which can be set to a power of two up to
566 command line option will show what
568 option settings are actually in use for the mount.
570 The following command line flags are equivalent to
572 named options and are supported for compatibility with older
574 .Bl -tag -width indent
586 .Fl o Cm readdirsize Ns = Ns Aq Ar value
594 Use a reserved socket port number.
595 This flag is obsolete, and only retained for compatibility reasons.
596 (For the rare case where the client has a trusted root account
597 but untrustworthy users and the network cables are in secure areas this does
598 help, but for normal desktop clients this does not apply.)
601 .Fl o Cm retrycnt Ns = Ns Aq Ar value
610 .Fl o Cm readahead Ns = Ns Aq Ar value
631 .Fl o Cm rsize Ns = Ns Aq Ar value
637 .Fl o Cm retransmit Ns = Ns Aq Ar value
640 .Fl o Cm wsize Ns = Ns Aq Ar value
643 .Fl o Cm retrans Ns = Ns Aq Ar value
648 named options are equivalent to other
650 named options and are supported for compatibility with other
651 operating systems (e.g., Linux, Solaris, and OSX) to ease usage of
654 .Bl -tag -width indent
655 .It Fl o Cm vers Ns = Ns 2
658 .It Fl o Cm vers Ns = Ns 3
661 .It Fl o Cm vers Ns = Ns 4
684 Since NFSv4 performs open/lock operations that have their ordering strictly
685 enforced by the server, the options
689 cannot be safely used.
690 For NFSv4 minor version 1 or 2 mounts, the ordering is done
691 via session slots and the NFSv4 client now handles broken session slots
695 option is used along with
699 an NFSv4 minor version 1 or 2 mount
700 should work fairly well, although still not completely correctly.
701 For NFSv4 minor version 0 mounts,
705 mount option is strongly recommended.