FedFsNfsReferrals

From Linux NFS

(Difference between revisions)
Jump to: navigation, search
(Legacy kernel DNS resolution)
Line 20: Line 20:
I've found that recent Fedora distributions (Fedora 16 and later) use new-style DNS resolution, and no further set-up is required.  However, earlier distributions (even EL6-based ones) do need some attention in this area.  The following steps may be required.
I've found that recent Fedora distributions (Fedora 16 and later) use new-style DNS resolution, and no further set-up is required.  However, earlier distributions (even EL6-based ones) do need some attention in this area.  The following steps may be required.
 +
 +
== Request key DNS resolution ==
 +
 +
The request key DNS resolver is a generic upcall and cache mechanism that is shared by CIFS, NFS, and AFS.  The kernel runs the /sbin/request-key program, which sorts out the upcall requests based on the contents of /etc/request-key.conf.  For further details, see the Documentation/networking/dns_resolver.txt file in the Linux kernel source.
 +
 +
With kernel 2.6.36 and following, the kernel NFS client can use this mechanism to perform DNS resolution.  Your distributor must provide the user space infrastructure to support request key DNS resolution.  If the file /etc/request-key.conf does not contain a line that says "dns_resolve" somewhere in it, do not attempt to use this mechanism.  For example, Fedora 15 does not provide the proper user space components, but Fedora 16 does.
 +
 +
==== Enabling request key DNS resolution ====
 +
 +
To enable the NFS client in a custom built kernel later than 2.6.36, set CONFIG_NFS_USE_LEGACY_DNS to "n" and CONFIG_DNS_RESOLVER to "m" or "y".  Be sure your Linux distributor provides the necessary user space executables to handle request key upcalls for the dns_resolve key.
== Legacy kernel DNS resolution ==
== Legacy kernel DNS resolution ==
Line 25: Line 35:
The legacy DNS resolution mechanism is a kernel upcall that is specific to the NFS client.  The kernel executes the script /sbin/nfs_cache_getent to resolve a hostname, and it writes the result back to /var/lib/nfs/rpc_pipefs/cache/dns_resolve/channel.  The kernel caches the result.
The legacy DNS resolution mechanism is a kernel upcall that is specific to the NFS client.  The kernel executes the script /sbin/nfs_cache_getent to resolve a hostname, and it writes the result back to /var/lib/nfs/rpc_pipefs/cache/dns_resolve/channel.  The kernel caches the result.
-
With kernels before 2.6.36, this mechanism is always enabled.  With 2.6.36, a Kconfig option is available to use the request_key DNS resolver instead.
+
==== Enabling legacy DNS resolution ====
-
If your Linux distributor doesn't provide this script, you can find it in the Linux kernel source contained in either Documentation/filesystems/nfs.txt or Documentation/filesystems/nfs/nfs.txt. Simply copy the file into /sbin/nfs_cache_getent, edit it to remove the instructions, and make the file executable.  After the client is rebooted (or the NFS module is reloaded), NFSv4 referral locations containing hostnames should be handled correctly.
+
With kernels before 2.6.36, this mechanism is always enabled. With 2.6.36 and later, a Kconfig option, CONFIG_NFS_USE_LEGACY_DNS, is available to use the request_key DNS resolver instead.
-
== New-style kernel DNS resolution ==
+
If your Linux distributor doesn't provide the /sbin/nfs_cache_getent script, you can find it in the Linux kernel source contained in either Documentation/filesystems/nfs.txt or Documentation/filesystems/nfs/nfs.txt.  Simply copy the file into /sbin/nfs_cache_getent, edit it to remove the instructions, and make the file executable.
-
With kernel 2.6.36 and following, the kernel NFS client can continue to use the upcall mechanism described above if the CONFIG_NFS_USE_LEGACY_DNS build option is set to YY is the default setting.
+
'''Note:''' A change made in 2.6.37 causes the legacy DNS resolver to fail.  A small patch is available to fix this issue, but has not been applied widely yetWatch this space.
-
However, an in-kernel DNS resolver is used if this build option is set to N.  In this case, no additional infrastructure (including /sbin/nfs_cache_getent) is required.
+
== Which resolver should I use? ==
-
Typically your Linux distributor provides the build option settings used to compile their kernel in /boot/config-''foo'' (where ''foo'' is the kernel version)You can look in this file to see how your distributor has set the CONFIG_NFS_USE_LEGACY_DNS build optionOr, if you build your own kernel, ensure this option is set to N for your next kernel build.
+
* Fedora 15 has disabled the legacy DNS resolver but does not provide the request key user space components.  Rebuild the kernel with CONFIG_NFS_USE_LEGACY_DNS=y and install /sbin/nfs_cache_getent.
 +
* Fedora 16 and later enable the request key resolver, and provide proper user space support for it.
 +
* RHEL 6, Oracle Linux 6, and Oracle UEK release 2 have the legacy DNS resolver enabled, but do not provide the user space script, and require the patch mentioned aboveWe are working on a fix.
 +
* Oracle UEK release 1 has the legacy DNS resolver enabledSimply install the /sbin/nfs_cache_getent script.

Revision as of 04:17, 30 October 2012

Contents

Project: fedfs-utils

[ Project Home | News | Downloads | Docs | Mailing Lists | Source Control | Issues ]


Introduction

FedFS relies on existing support for referrals in standard network file system clients like the NFS or CIFS client built into Linux. A referral is a file server response that tells a file-access client to look elsewhere for the shared file system it wants.

When client NFSv4 support is enabled, NFSv4 referral support is enabled by default in all recent Linux kernel versions. When a referral is encountered, the Linux NFS client automatically retrieves a location list from the file server. Each location contains an export path paired with a server hostname or IP address. The client attempts to mount each location in the list until one succeeds.

When a file server returns a location containing a DNS hostname, the client must resolve that to an IP address before it can mount the referred-to server. Early NFSv4 referral support had no ability to resolve a hostname contained in a location. More recently, DNS resolution capability was added to the Linux NFS client.

I've found that recent Fedora distributions (Fedora 16 and later) use new-style DNS resolution, and no further set-up is required. However, earlier distributions (even EL6-based ones) do need some attention in this area. The following steps may be required.

Request key DNS resolution

The request key DNS resolver is a generic upcall and cache mechanism that is shared by CIFS, NFS, and AFS. The kernel runs the /sbin/request-key program, which sorts out the upcall requests based on the contents of /etc/request-key.conf. For further details, see the Documentation/networking/dns_resolver.txt file in the Linux kernel source.

With kernel 2.6.36 and following, the kernel NFS client can use this mechanism to perform DNS resolution. Your distributor must provide the user space infrastructure to support request key DNS resolution. If the file /etc/request-key.conf does not contain a line that says "dns_resolve" somewhere in it, do not attempt to use this mechanism. For example, Fedora 15 does not provide the proper user space components, but Fedora 16 does.

Enabling request key DNS resolution

To enable the NFS client in a custom built kernel later than 2.6.36, set CONFIG_NFS_USE_LEGACY_DNS to "n" and CONFIG_DNS_RESOLVER to "m" or "y". Be sure your Linux distributor provides the necessary user space executables to handle request key upcalls for the dns_resolve key.

Legacy kernel DNS resolution

The legacy DNS resolution mechanism is a kernel upcall that is specific to the NFS client. The kernel executes the script /sbin/nfs_cache_getent to resolve a hostname, and it writes the result back to /var/lib/nfs/rpc_pipefs/cache/dns_resolve/channel. The kernel caches the result.

Enabling legacy DNS resolution

With kernels before 2.6.36, this mechanism is always enabled. With 2.6.36 and later, a Kconfig option, CONFIG_NFS_USE_LEGACY_DNS, is available to use the request_key DNS resolver instead.

If your Linux distributor doesn't provide the /sbin/nfs_cache_getent script, you can find it in the Linux kernel source contained in either Documentation/filesystems/nfs.txt or Documentation/filesystems/nfs/nfs.txt. Simply copy the file into /sbin/nfs_cache_getent, edit it to remove the instructions, and make the file executable.

Note: A change made in 2.6.37 causes the legacy DNS resolver to fail. A small patch is available to fix this issue, but has not been applied widely yet. Watch this space.

Which resolver should I use?

  • Fedora 15 has disabled the legacy DNS resolver but does not provide the request key user space components. Rebuild the kernel with CONFIG_NFS_USE_LEGACY_DNS=y and install /sbin/nfs_cache_getent.
  • Fedora 16 and later enable the request key resolver, and provide proper user space support for it.
  • RHEL 6, Oracle Linux 6, and Oracle UEK release 2 have the legacy DNS resolver enabled, but do not provide the user space script, and require the patch mentioned above. We are working on a fix.
  • Oracle UEK release 1 has the legacy DNS resolver enabled. Simply install the /sbin/nfs_cache_getent script.
Personal tools