FedFsNfsReferrals
From Linux NFS
Chucklever (Talk | contribs) |
(→Request key DNS resolution: add convenience link to kernel docs) |
||
(19 intermediate revisions not shown) | |||
Line 13: | Line 13: | ||
== Introduction == | == Introduction == | ||
- | FedFS relies on existing support for | + | FedFS relies on existing support for [[FedFsGlossary#Referral|referrals]] in standard network file system clients like the NFS or CIFS client built into Linux. A referral is a file server response that tells a file-access client to look elsewhere for the shared file system it wants. |
- | When client NFSv4 support is enabled, NFSv4 referral support is enabled by default in all recent Linux kernel versions. When a referral is encountered, the Linux NFS client automatically retrieves a | + | When client NFSv4 support is enabled, NFSv4 referral support is enabled by default in all recent Linux kernel versions. When a referral is encountered, the Linux NFS client automatically retrieves a list of [[FedFsGlossary#Location|locations]] from the file server. The client attempts to mount each location in the list until one succeeds. |
- | When a file server returns a location containing a DNS hostname, the client must resolve that to an IP address before it can | + | When a file server returns a location containing a DNS hostname, the client must resolve that to an IP address before it can contact the referred-to server. Early NFSv4 referral support had no ability to resolve a hostname contained in a location. More recently, DNS resolution capability was added to the Linux NFS client. |
I've found that recent Fedora distributions (Fedora 16 and later) use new-style DNS resolution, and no further set-up is required. However, earlier distributions (even EL6-based ones) do need some attention in this area. The following steps may be required. | I've found that recent Fedora distributions (Fedora 16 and later) use new-style DNS resolution, and no further set-up is required. However, earlier distributions (even EL6-based ones) do need some attention in this area. The following steps may be required. | ||
Line 23: | Line 23: | ||
== Request key DNS resolution == | == Request key DNS resolution == | ||
- | The request key DNS resolver is a generic upcall and cache mechanism that is shared by CIFS, NFS, and AFS. | + | The request key DNS resolver is a generic upcall and cache mechanism that is shared by the Linux CIFS, NFS, and AFS client implementations. To perform a DNS resolution, the kernel runs the /sbin/request-key program, which sorts out upcall request based on a key and the contents of /etc/request-key.conf. For further details, see the [https://www.kernel.org/doc/Documentation/networking/dns_resolver.txt Documentation/networking/dns_resolver.txt] file in the Linux kernel source. |
- | With kernel 2.6.36 and following, the kernel NFS client can use this mechanism to perform DNS resolution. Your distributor must provide the user space infrastructure to support request key DNS resolution. If the file /etc/request-key.conf does not contain a line that says " | + | With kernel 2.6.36 and following, the kernel NFS client can use this mechanism to perform DNS resolution. Your distributor must provide the user space infrastructure to support request key DNS resolution. If the file /etc/request-key.conf does not contain a line that says "dns_resolver" somewhere in it, do not attempt to use this mechanism. For example, Fedora 15 does not provide the proper user space components, but Fedora 16 does. |
==== Enabling request key DNS resolution ==== | ==== Enabling request key DNS resolution ==== | ||
- | To enable the NFS client in a custom built kernel later than 2.6.36, set CONFIG_NFS_USE_LEGACY_DNS to "n" and CONFIG_DNS_RESOLVER to "m" or "y". Be sure your Linux distributor provides the necessary user space executables to handle request key upcalls for the dns_resolve key. | + | To enable the NFS client in a custom-built kernel later than 2.6.36, set CONFIG_NFS_USE_LEGACY_DNS to "n" and CONFIG_DNS_RESOLVER to "m" or "y". Be sure your Linux distributor provides the necessary user space executables to handle request key upcalls for the dns_resolve key. |
== Legacy kernel DNS resolution == | == Legacy kernel DNS resolution == | ||
Line 37: | Line 37: | ||
==== Enabling legacy DNS resolution ==== | ==== Enabling legacy DNS resolution ==== | ||
- | With kernels before 2.6.36, this mechanism is always enabled. With 2.6.36 and later, a Kconfig option, CONFIG_NFS_USE_LEGACY_DNS, is available to | + | With kernels before 2.6.36, this mechanism is always enabled. With 2.6.36 and later, a Kconfig option, CONFIG_NFS_USE_LEGACY_DNS, is available to switch between the legacy DNS resolver and the request_key DNS resolver. To use the legacy resolver, set this option to "y". To use the request key resolver, see the previous section of this article. |
- | If your Linux distributor doesn't provide the /sbin/nfs_cache_getent script, you can | + | If your Linux distributor doesn't provide the /sbin/nfs_cache_getent script, you can set up the script yourself. Find it in the Linux kernel source contained in either Documentation/filesystems/nfs.txt or Documentation/filesystems/nfs/nfs.txt. Simply copy the file into /sbin/nfs_cache_getent, edit it to remove the instructions, and make the file executable. |
- | '''Note:''' A change made in 2.6.37 causes the legacy DNS resolver to fail. | + | '''Note:''' A change made in 2.6.37 causes the legacy DNS resolver to fail. Apply commit 8d96b10639fb402357b75b055b1e82a65ff95050 "NFS: fix bug in legacy DNS resolver." Backports to stable kernels are available. |
== Which resolver should I use? == | == Which resolver should I use? == | ||
- | * Fedora 15 | + | Fedora 16 and later enable the request key resolver, and provide proper user space support for it. Nothing more is required. |
- | + | ||
- | * RHEL 6 | + | Otherwise, try one of these options: |
- | * Oracle UEK release 1 | + | |
+ | * Fedora 15 kernels are configured to use the request key resolver, but Fedora 15 does not provide the request key user space components needed to perform DNS resolution. Rebuild the kernel with CONFIG_NFS_USE_LEGACY_DNS=y and install /sbin/nfs_cache_getent. | ||
+ | * RHEL 6 and Oracle Linux 6 have the legacy DNS resolver enabled, but do not provide /sbin/nfs_cache_getent, and require the patch mentioned above. An update with this fix will be available soon. | ||
+ | * Oracle UEK release 1 kernels use the legacy DNS resolver. Simply install the /sbin/nfs_cache_getent script. | ||
+ | * Oracle UEK release 2 kernels have the legacy DNS resolver enabled, but require the patch mentioned above. An update with this fix will be available soon. |
Latest revision as of 15:44, 9 September 2015
Contents |
Project: fedfs-utils
[ Project Home | News | Downloads | Docs | Mailing Lists | Source Control | Issues ]
Introduction
FedFS relies on existing support for referrals in standard network file system clients like the NFS or CIFS client built into Linux. A referral is a file server response that tells a file-access client to look elsewhere for the shared file system it wants.
When client NFSv4 support is enabled, NFSv4 referral support is enabled by default in all recent Linux kernel versions. When a referral is encountered, the Linux NFS client automatically retrieves a list of locations from the file server. The client attempts to mount each location in the list until one succeeds.
When a file server returns a location containing a DNS hostname, the client must resolve that to an IP address before it can contact the referred-to server. Early NFSv4 referral support had no ability to resolve a hostname contained in a location. More recently, DNS resolution capability was added to the Linux NFS client.
I've found that recent Fedora distributions (Fedora 16 and later) use new-style DNS resolution, and no further set-up is required. However, earlier distributions (even EL6-based ones) do need some attention in this area. The following steps may be required.
Request key DNS resolution
The request key DNS resolver is a generic upcall and cache mechanism that is shared by the Linux CIFS, NFS, and AFS client implementations. To perform a DNS resolution, the kernel runs the /sbin/request-key program, which sorts out upcall request based on a key and the contents of /etc/request-key.conf. For further details, see the Documentation/networking/dns_resolver.txt file in the Linux kernel source.
With kernel 2.6.36 and following, the kernel NFS client can use this mechanism to perform DNS resolution. Your distributor must provide the user space infrastructure to support request key DNS resolution. If the file /etc/request-key.conf does not contain a line that says "dns_resolver" somewhere in it, do not attempt to use this mechanism. For example, Fedora 15 does not provide the proper user space components, but Fedora 16 does.
Enabling request key DNS resolution
To enable the NFS client in a custom-built kernel later than 2.6.36, set CONFIG_NFS_USE_LEGACY_DNS to "n" and CONFIG_DNS_RESOLVER to "m" or "y". Be sure your Linux distributor provides the necessary user space executables to handle request key upcalls for the dns_resolve key.
Legacy kernel DNS resolution
The legacy DNS resolution mechanism is a kernel upcall that is specific to the NFS client. The kernel executes the script /sbin/nfs_cache_getent to resolve a hostname, and it writes the result back to /var/lib/nfs/rpc_pipefs/cache/dns_resolve/channel. The kernel caches the result.
Enabling legacy DNS resolution
With kernels before 2.6.36, this mechanism is always enabled. With 2.6.36 and later, a Kconfig option, CONFIG_NFS_USE_LEGACY_DNS, is available to switch between the legacy DNS resolver and the request_key DNS resolver. To use the legacy resolver, set this option to "y". To use the request key resolver, see the previous section of this article.
If your Linux distributor doesn't provide the /sbin/nfs_cache_getent script, you can set up the script yourself. Find it in the Linux kernel source contained in either Documentation/filesystems/nfs.txt or Documentation/filesystems/nfs/nfs.txt. Simply copy the file into /sbin/nfs_cache_getent, edit it to remove the instructions, and make the file executable.
Note: A change made in 2.6.37 causes the legacy DNS resolver to fail. Apply commit 8d96b10639fb402357b75b055b1e82a65ff95050 "NFS: fix bug in legacy DNS resolver." Backports to stable kernels are available.
Which resolver should I use?
Fedora 16 and later enable the request key resolver, and provide proper user space support for it. Nothing more is required.
Otherwise, try one of these options:
- Fedora 15 kernels are configured to use the request key resolver, but Fedora 15 does not provide the request key user space components needed to perform DNS resolution. Rebuild the kernel with CONFIG_NFS_USE_LEGACY_DNS=y and install /sbin/nfs_cache_getent.
- RHEL 6 and Oracle Linux 6 have the legacy DNS resolver enabled, but do not provide /sbin/nfs_cache_getent, and require the patch mentioned above. An update with this fix will be available soon.
- Oracle UEK release 1 kernels use the legacy DNS resolver. Simply install the /sbin/nfs_cache_getent script.
- Oracle UEK release 2 kernels have the legacy DNS resolver enabled, but require the patch mentioned above. An update with this fix will be available soon.