Page 180 - DCAP602_NETWORK_OPERATING_SYSTEMS

Page 180 - DCAP602_NETWORK_OPERATING_SYSTEMS_I

P. 180

Network Operating Systems-I

notes The client can also run a daemon, known as nfsiod. The nfsiod daemon services the requests from
the NFS server. This is optional, and improves performance, but is not required for normal and
correct operation.
NFS allows hosts to mount partitions on a remote system and use them as though they are local
file systems. This allows the system administrator to store resources in a central location on the
network, providing authorized users continuous access to them.
Linux uses a combination of kernel-level support and continuously running daemon processes to
provide NFS file sharing, however, NFS support must be enabled in the Linux kernel in order to
function. NFS uses Remote Procedure Calls (RPC) to route requests between clients and servers,
meaning that the portmap service must be enabled and active at the proper runlevels for NFS
communication to occur. Working with portmap, the following processes ensure that a given
NFS connection is allowed and may proceed without error:
1. rpc.mountd — The running process that receives the mount request from an NFS client and
checks to see if it matches with a currently exported file system.

2. rpc.nfsd — The process that implements the user-space components of the NFS service.
It works with the Linux kernel to meet the dynamic demands of NFS clients, such as
providing additional server threads for NFS clients to use.
3. rpc.lockd — A daemon that is not necessary with modern kernels. NFS file locking is now
done by the kernel. It is included with the nfs-utils package for users of older kernels that
do not include this functionality by default.
4. rpc.statd — Implements the Network Status Monitor (NSM) RPC protocol. This provides
reboot notification when an NFS server is restarted without being gracefully brought
down.
5. rpc.rquotad — An RPC server that provides user quota information for remote users.
Not all of these programs are required for NFS service. The only services that must be enabled
are rpc.mountd, rpc.nfsd, and portmap. The other daemons provide additional functionality and
should only be used if the server environment requires them.
NFS version 2 uses the User Datagram Protocol (UDP) to provide a stateless network connection
between the client and server. NFS version 3 can use UDP or TCP running over an IP. The
stateless UDP connection minimizes network traffic, as the NFS server sends the client a cookie
after the client is authorized to access the shared volume. This cookie is a random value stored
on the server’s side and is passed along with RPC requests from the client. The NFS server can be
restarted without affecting the clients and the cookie will remain intact.
NFS only performs authentication when a client system attempts to mount a remote file system.
To limit access, the NFS server first employs TCP wrappers. TCP wrappers reads the /etc/
hosts.allow and /etc/hosts.deny files to determine if a particular client should be permitted or
prevented access to the NFS server.

After the client is granted access by TCP wrappers, the NFS server refers to its configuration file,
/etc/exports, to determine whether the client can mount any of the exported file systems. After
granting access, any file and directory operations are sent to the server using remote procedure
calls.

Task “NFS only performs authentication when a client system attempts to mount a
remote file system.” Comment

174 LoveLy professionaL university

175 176 177 178 179 180 181 182 183 184 185