|
NFS consists of two main parts: a server and one or more clients. The client remotely accesses the data that is stored on the server machine. To do the job well, a few processes have to be configured and running. There are some benefits which NFS provides:
- Local workstations use less disk space because commonly used data can be stored on a single machine and still remain accessible to others over the network.
- There is no need for users to have separate home directories on every network machine. Home directories could be set up on the NFS server and made available throughout the network.
- Storage devices can be used by other machines on the network. This may reduce the number of removable media drives throughout the network.
NFSv4 supports several security flavors, including:
- AUTH_SYS (also known as AUTH_UNIX) represents the traditional low-security model found in NFSv2/v3. Provides UNIX-style credentials by using UIDs and GIDs to identify the sender and recipient of RPC messages.
- RPCSEC_GSS - new security flavor. Introduces secure authentication, integrity, and encryption. It is based on GSS-API. The three required security triples when using RPCSEC_GSS are:
- Kerberos 5 for enterprise/LAN use
- LIPKEY (based on SPKM-3) for Internet use
- SPKM-3
The D-Grid reference installation use the model: one export point pro NFS server. To reduce the number of the mount points for the NFS clients and set the shared structure into one directory. The clients mount (server exports) /srv/nfs/ directory, and allocate links for appropriate shared resource. The AUTH_SYS security model for NFSv4 is choosed.
Monitoring of the current NFS activity can be done with the command: watch nfsstat -r -o net
|
Package: NFS v. 4
os: Scientific Linux version 5.4 64 bit
server: dgireffs1.fzk.de
manuals: nfs4 server / nfs4 client
Archive links
Information links
Download links
|
