From ArchWiki
Revision as of 23:46, 26 September 2009 by VitaminJ (talk | contribs) (Full paths must be used, as a new user to NFS this wasn't obvious to me, coming from rsync-style.)
Jump to: navigation, search

Template:I18n links start Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n entry Template:I18n links end

Note: nfs-utils has been upgraded since 2009-06-23, and NFS4 support is now implemented. You'd better refer to the news.
Note: portmap has been replaced by rpcbind.


The goal of this article is to assist in setting up an nfs-server for sharing files over a network.

Note: for NFSv4, see NFSv4

Required packages

Required packages for both the server and the client are minimal.
You'll only need to install:

  • core/rpcbind (or core/portmap which was replaced)
  • core/nfs-utils

As the packages are in the [core] repository, they will be included by default in new Arch installations.

Setting up the server

You can now edit your configuration and start the daemons. You need to be root to execute the following commands.



This file (/etc/exports) defines the various shares on the nfs server, and their permissions.
A few examples:

/files *(ro,sync) ; Read-only access to anyone
/files,sync) ; Read-write access to a client on
/files,sync) ;  Read-write access to all clients from to

If you make changes to /etc/exports after starting the daemons, you can make them effective by issuing the following command:

exportfs -r

If you decide to make your NFS share public and writable, you can use the all_squash option in combination with anonuid and the anongid option. For example, to set the privileges for the user nobody in the group nobody, you can do the following:

; Read-write access to a client on, with rw access for the user 99 with gid 99

This also means, that if you want write access to this directory, nobody.nobody must be the owner of the share directory:

chown -R nobody.nobody /files

Full details on the exports file are provided by the exports man page.


Note: This file is replaced by "/etc/conf.d/nfs-common" & "/etc/conf.d/nfs-server".

Edit this file to pass appropriate run-time options to nfsd, mountd, statd, and sm-notify. The default Arch NFS init scripts require the --no-notify option for statd, as follows:


Others may be left at the provided defaults, or changed according to your requirements. Please refer to the relevant man pages for full details.


To allow network access to the nfs server you should edit /etc/hosts.allow.
The following example opens these services to anyone:

 nfsd: ALL
 rpcbind: ALL

This is a very insecure way of allowing host access. To get better control over who is allowed to access the daemons hosts.deny should be everyone, and hosts.allow should specifically allow certain people. In this example, should be the IP address of the person(s) allowed to access it. The numbers after the '/' is not a netmask!


This examples enables access for anyone on that network


For finer control, read the hosts_access(5) man page.


You can now start the server with the following commands:

/etc/rc.d/rpcbind start (or: /etc/rc.d/portmap start)
/etc/rc.d/nfs-common start (or: /etc/rc.d/nfslock start)
/etc/rc.d/nfs-server start (or: /etc/rc.d/nfsd start)

Please note that they must be started in that order.
To start the server at boot time, add these daemons to the DAEMONS array in /etc/rc.conf.

Setting up the client



Edit this file to pass appropriate run-time options to statd - the remaining options are for server use only. Do NOT use the --no-notify option on the client side, unless you are fully aware of the consequences of doing so.

Please refer to the statd man page for full details.


You'll need to allow rpcbind for the server's ip



Start the portmap and nfslock daemons:

/etc/rc.d/rpcbind start (or: /etc/rc.d/portmap start)
/etc/rc.d/nfs-common start (or: /etc/rc.d/nfslock start)

Please note that they must be started in that order OR start only nfs-common, as rpcbind will be started as a dependency.
To start the daemons at boot time, add them to the DAEMONS array in /etc/rc.conf.

Then just mount as normal:

mount server:/files /files

NOTE: Unlike CIFS shares or rsync, NFS exports must be called by the full path on the server. Example: if /home/fred/music is defined in /etc/exports on server ELROND, you must call

mount ELROND:/home/fred/music /mnt/point

instead of just using

mount ELROND:music /mnt/point

or you will get mount.nfs: access denied by server while mounting

Auto-mount on boot

If you want to mount on boot, make sure network, rpcbind (portmap), nfs-common (nfslock) and netfs are in the DAEMONS array in /etc/rc.conf. Make sure the order is this one. It's better not to put any '@' in front of them (although you could safely use @netfs). For instance :

DAEMONS=(... network rpcbind nfs-common @netfs ...)


DAEMONS=(... network portmap nfslock @netfs ...)

Add an appropriate line in /etc/fstab, for example:

server:/files /files nfs defaults 0 0

If you wish to specify a packet size for read and write packets, specify them in your fstab entry. The values listed below are the defaults if none are specified:

server:/files /files nfs rsize=32768,wsize=32768 0 0

Read the nfs man page for further information, including all available mount options.


Unreliable performance, slow data transfer, and/or high load when using NFS and gigabit

This is a result of the default packetsize used by NFS, which causes significant fragmentation on gigabit networks. You can modify this behavior by the rsize and wsize mount parameters. Using rsize=32768,wsize=32768 should suffice. Please note that this problem does not occur on 100Mb networks, due to the lower packet transfer speed.

Note: Default value for NFS4 is 32768. Maximum is 65536. Increase from default in increments of 1024 until maximum transfer rate is achieved.

Portmap daemon fails to start at boot

Make sure you place portmap BEFORE netfs in the daemons array in /etc/rc.conf .

Nfsd fails to start with "nfssvc: No such device"

Make sure the nfs and nfsd modules are loaded in the kernel.

Nfsd seems to work, but I can't connect from MacOS X clients

When trying to connect from a MacOS X client, you'll see that everything is ok at logs, but MacOS X refuses to mount your NFS share. You have to add insecure option to your share and re-run exportfs -r.

Links & References

  • See also Avahi, a Zeroconf implementation which allows automatic discovery of NFS shares.
  • HOWTO: Diskless network boot NFS root
  • Very helpful
  • If you are setting up the Archlinux NFS server for use by Windows clients through Microsoft's SFU, you will save a lot of time and hair-scratching by looking at this forum post first !