FedFsNfsReferrals

From Linux NFS

(Difference between revisions)
Jump to: navigation, search
(Enabling legacy DNS resolution)
(Request key DNS resolution)
Line 23: Line 23:
== Request key DNS resolution ==
== Request key DNS resolution ==
-
The request key DNS resolver is a generic upcall and cache mechanism that is shared by the Linux CIFS, NFS, and AFS client implementations.  The kernel runs the /sbin/request-key program, which sorts out the upcall requests based on the contents of /etc/request-key.conf.  For further details, see the Documentation/networking/dns_resolver.txt file in the Linux kernel source.
+
The request key DNS resolver is a generic upcall and cache mechanism that is shared by the Linux CIFS, NFS, and AFS client implementations.  To perform a DNS resolution, the kernel runs the /sbin/request-key program, which sorts out upcall request based on a key and the contents of /etc/request-key.conf.  For further details, see the Documentation/networking/dns_resolver.txt file in the Linux kernel source.
With kernel 2.6.36 and following, the kernel NFS client can use this mechanism to perform DNS resolution.  Your distributor must provide the user space infrastructure to support request key DNS resolution.  If the file /etc/request-key.conf does not contain a line that says "dns_resolve" somewhere in it, do not attempt to use this mechanism.  For example, Fedora 15 does not provide the proper user space components, but Fedora 16 does.
With kernel 2.6.36 and following, the kernel NFS client can use this mechanism to perform DNS resolution.  Your distributor must provide the user space infrastructure to support request key DNS resolution.  If the file /etc/request-key.conf does not contain a line that says "dns_resolve" somewhere in it, do not attempt to use this mechanism.  For example, Fedora 15 does not provide the proper user space components, but Fedora 16 does.

Revision as of 04:23, 30 October 2012

Contents

Project: fedfs-utils

[ Project Home | News | Downloads | Docs | Mailing Lists | Source Control | Issues ]


Introduction

FedFS relies on existing support for referrals in standard network file system clients like the NFS or CIFS client built into Linux. A referral is a file server response that tells a file-access client to look elsewhere for the shared file system it wants.

When client NFSv4 support is enabled, NFSv4 referral support is enabled by default in all recent Linux kernel versions. When a referral is encountered, the Linux NFS client automatically retrieves a location list from the file server. Each location contains an export path paired with a server hostname or IP address. The client attempts to mount each location in the list until one succeeds.

When a file server returns a location containing a DNS hostname, the client must resolve that to an IP address before it can mount the referred-to server. Early NFSv4 referral support had no ability to resolve a hostname contained in a location. More recently, DNS resolution capability was added to the Linux NFS client.

I've found that recent Fedora distributions (Fedora 16 and later) use new-style DNS resolution, and no further set-up is required. However, earlier distributions (even EL6-based ones) do need some attention in this area. The following steps may be required.

Request key DNS resolution

The request key DNS resolver is a generic upcall and cache mechanism that is shared by the Linux CIFS, NFS, and AFS client implementations. To perform a DNS resolution, the kernel runs the /sbin/request-key program, which sorts out upcall request based on a key and the contents of /etc/request-key.conf. For further details, see the Documentation/networking/dns_resolver.txt file in the Linux kernel source.

With kernel 2.6.36 and following, the kernel NFS client can use this mechanism to perform DNS resolution. Your distributor must provide the user space infrastructure to support request key DNS resolution. If the file /etc/request-key.conf does not contain a line that says "dns_resolve" somewhere in it, do not attempt to use this mechanism. For example, Fedora 15 does not provide the proper user space components, but Fedora 16 does.

Enabling request key DNS resolution

To enable the NFS client in a custom-built kernel later than 2.6.36, set CONFIG_NFS_USE_LEGACY_DNS to "n" and CONFIG_DNS_RESOLVER to "m" or "y". Be sure your Linux distributor provides the necessary user space executables to handle request key upcalls for the dns_resolve key.

Legacy kernel DNS resolution

The legacy DNS resolution mechanism is a kernel upcall that is specific to the NFS client. The kernel executes the script /sbin/nfs_cache_getent to resolve a hostname, and it writes the result back to /var/lib/nfs/rpc_pipefs/cache/dns_resolve/channel. The kernel caches the result.

Enabling legacy DNS resolution

With kernels before 2.6.36, this mechanism is always enabled. With 2.6.36 and later, a Kconfig option, CONFIG_NFS_USE_LEGACY_DNS, is available to switch between the legacy DNS resolver and the request_key DNS resolver. To use the legacy resolver, set this option to "y". To use the request key resolver, see the previous section of this article.

If your Linux distributor doesn't provide the /sbin/nfs_cache_getent script, you can set up the script yourself. Find it in the Linux kernel source contained in either Documentation/filesystems/nfs.txt or Documentation/filesystems/nfs/nfs.txt. Simply copy the file into /sbin/nfs_cache_getent, edit it to remove the instructions, and make the file executable.

Note: A change made in 2.6.37 causes the legacy DNS resolver to fail. A small patch is available to fix this issue, but has not been applied widely yet. Watch this space.

Which resolver should I use?

  • Fedora 15 has disabled the legacy DNS resolver but does not provide the request key user space components. Rebuild the kernel with CONFIG_NFS_USE_LEGACY_DNS=y and install /sbin/nfs_cache_getent.
  • Fedora 16 and later enable the request key resolver, and provide proper user space support for it. Nothing more is required.
  • RHEL 6, Oracle Linux 6, and Oracle UEK release 2 have the legacy DNS resolver enabled, but do not provide the user space script, and require the patch mentioned above. We are working on a fix.
  • Oracle UEK release 1 has the legacy DNS resolver enabled. Simply install the /sbin/nfs_cache_getent script.
Personal tools