pool/nfs-utils
SHA256
2
0
Fork 2
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nfs-utils?expand=0&rev=43

Browse Source
This commit is contained in:
OBS User unknown 2008-12-02 14:33:46 +00:00 committed by Git OBS Bridge
parent 6b5d1a1645
commit 369bfd08cc
6 changed files with 244 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
modprobe.nfs-utils
View File

@ -1,3 +0,0 @@
install sunrpc /sbin/modprobe --ignore-install sunrpc ; grep '^sunrpc' /etc/sysctl.conf | sysctl -q -e -n -p -
install lockd /sbin/modprobe --ignore-install lockd ; grep '^fs.nfs.n.m' /etc/sysctl.conf | sysctl -q -e -n -p -
install nfs /sbin/modprobe --ignore-install nfs ; grep -E '^fs.nfs.(nfs|idmap)' /etc/sysctl.conf | sysctl -q -e -n -p -

19
nfs-utils.changes
View File

@ -1,3 +1,22 @@
-------------------------------------------------------------------
Tue Dec 2 03:15:50 CET 2008 - nfbrown@suse.de
- warn-nfs-udp.patch
* Add warnings to nfs.man about usage of UDP
and print message pointing to this warning
when udp is used.
This comes from util-linux-warn-nfsudp.diff in
previous releases.
- nfs.init
* load nfs modules then apply any sysctl setting
before mounting any filesystems
(bnc#431306, bnc#443118)
- nfsserver.init
* set lockd sysctls before starting lockd.
(bnc#443118)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Nov 25 06:10:31 CET 2008 - nfbrown@suse.de Tue Nov 25 06:10:31 CET 2008 - nfbrown@suse.de

23
nfs-utils.spec
View File

@ -27,7 +27,7 @@ BuildRequires: libevent
Url: http://nfs.sourceforge.net Url: http://nfs.sourceforge.net
Summary: Support Utilities for Kernel nfsd Summary: Support Utilities for Kernel nfsd
Version: 1.1.3 Version: 1.1.3
Release: 13 Release: 14
Group: Productivity/Networking/NFS Group: Productivity/Networking/NFS
License: GPL v2 or later License: GPL v2 or later
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -45,13 +45,13 @@ Source7: fw-client
Source8: fw-server Source8: fw-server
Source9: mkinitrd-setup.sh Source9: mkinitrd-setup.sh
Source10: mkinitrd-boot.sh Source10: mkinitrd-boot.sh
Source11: modprobe.nfs-utils
Patch0: nfs-utils-1.0.7-bind-syntax.patch Patch0: nfs-utils-1.0.7-bind-syntax.patch
Patch1: nfs-utils-1.1.2-try-before-mount.patch Patch1: nfs-utils-1.1.2-try-before-mount.patch
Patch2: nfs-utils-1.1.2-connect-UDP.patch Patch2: nfs-utils-1.1.2-connect-UDP.patch
Patch3: sm-notify-no-sync.patch Patch3: sm-notify-no-sync.patch
Patch4: rpc.gssd-catch-signal.patch Patch4: rpc.gssd-catch-signal.patch
Patch5: fork-start-statd.patch Patch5: fork-start-statd.patch
Patch6: warn-nfs-udp.patch
%description %description
This package contains the NFS utilities. You can tune the number of This package contains the NFS utilities. You can tune the number of
@ -134,6 +134,7 @@ Authors:
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1 %patch5 -p1
%patch6 -p1
cp %{S:6} . cp %{S:6} .
%build %build
@ -184,8 +185,6 @@ install -m 0644 %{SOURCE8} ${RPM_BUILD_ROOT}/etc/sysconfig/SuSEfirewall2.d/servi
install -d $RPM_BUILD_ROOT/lib/mkinitrd/scripts install -d $RPM_BUILD_ROOT/lib/mkinitrd/scripts
install -m 755 %{S:9} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/setup-nfs.sh install -m 755 %{S:9} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/setup-nfs.sh
install -m 755 %{S:10} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/boot-nfs.sh install -m 755 %{S:10} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/boot-nfs.sh
install -d $RPM_BUILD_ROOT/etc/modprobe.d
install -m 644 %{S:11} $RPM_BUILD_ROOT/etc/modprobe.d/nfs-utils
%clean %clean
rm -rf $RPM_BUILD_ROOT rm -rf $RPM_BUILD_ROOT
@ -219,8 +218,6 @@ rm -rf $RPM_BUILD_ROOT
%defattr(-,root,root) %defattr(-,root,root)
%config /etc/init.d/nfs %config /etc/init.d/nfs
%config /etc/idmapd.conf %config /etc/idmapd.conf
%dir /etc/modprobe.d
/etc/modprobe.d/nfs-utils
%dir /lib/mkinitrd %dir /lib/mkinitrd
%dir /lib/mkinitrd/scripts %dir /lib/mkinitrd/scripts
/lib/mkinitrd/scripts/setup-nfs.sh /lib/mkinitrd/scripts/setup-nfs.sh
@ -292,6 +289,20 @@ rm -rf $RPM_BUILD_ROOT
%doc nfs/*.html nfs/*.ps linux-nfs/* README.NFSv4 %doc nfs/*.html nfs/*.ps linux-nfs/* README.NFSv4
%changelog %changelog
* Tue Dec 02 2008 nfbrown@suse.de
- warn-nfs-udp.patch
* Add warnings to nfs.man about usage of UDP
and print message pointing to this warning
when udp is used.
This comes from util-linux-warn-nfsudp.diff in
previous releases.
- nfs.init
* load nfs modules then apply any sysctl setting
before mounting any filesystems
(bnc#431306, bnc#443118)
- nfsserver.init
* set lockd sysctls before starting lockd.
(bnc#443118)
* Tue Nov 25 2008 nfbrown@suse.de * Tue Nov 25 2008 nfbrown@suse.de
- nfs.init - nfs.init
* Don't 'stop' if root is on NFS. * Don't 'stop' if root is on NFS.

7
nfs.init
View File

@ -177,6 +177,13 @@ case "$1-$nfs" in
rc_exit rc_exit
fi fi
# explicit modprobe so we can set some sysctl values
# before any daemons (e.g. lockd) start.
# When modprobe allows this to be moved to modprobe.d
# without breaking --show-depends, this can be removed.
modprobe nfs
grep -E '^(sunrpc|fs.nfs)' /etc/sysctl.conf | sysctl -q -e -n -p -
# in case we need /usr and/or /opt via nfs # in case we need /usr and/or /opt via nfs
mount_usr mount_usr

5
nfsserver.init
View File

@ -160,6 +160,11 @@ case "$1" in
echo -n "Starting kernel based NFS server:" echo -n "Starting kernel based NFS server:"
modprobe nfsd modprobe nfsd
# this can be removed when modprobe allows the sysctl to be
# moved to modprobe.d without breaking --show-depends
grep '^fs.nfs.n[sl]m' /etc/sysctl.conf | sysctl -q -e -n -p -
# mount nfsd filesystem # mount nfsd filesystem
check_for_nfsdfs check_for_nfsdfs
if [ "$HAVE_NFSDFS" = "yes" -a ! -f /proc/fs/nfsd/exports ] ; then if [ "$HAVE_NFSDFS" = "yes" -a ! -f /proc/fs/nfsd/exports ] ; then

196
warn-nfs-udp.patch Normal file
View File

@ -0,0 +1,196 @@
Index: nfs-utils-1.1.3/utils/mount/nfs.man
===================================================================
--- nfs-utils-1.1.3.orig/utils/mount/nfs.man
+++ nfs-utils-1.1.3/utils/mount/nfs.man
@@ -438,6 +438,8 @@ Specifying
.B proto=udp
forces all traffic types to use UDP.
.IP
+.B Before using NFS over UDP, please refer to the section WARNINGS below.
+.IP
If the
.B proto
mount option is not specified, the
@@ -452,6 +454,8 @@ The
option is an alternative to specifying
.BR proto=udp.
It is included for compatibility with other operating systems.
+.IP
+.B Before using NFS over UDP, please refer to the section WARNINGS below.
.TP 1.5i
.B tcp
The
@@ -799,7 +803,7 @@ dropped requests, but this can result in
and server load.
.P
However, UDP can be quite effective in specialized settings where
-the networks MTU is large relative to NFSs data transfer size (such
+the network's MTU is large relative to NFS's data transfer size (such
as network environments that enable jumbo Ethernet frames). In such
environments, trimming the
.B rsize
@@ -811,6 +815,8 @@ in a single frame) is advised. This r
the loss of a single MTU-sized network frame results in the loss of
an entire large read or write request.
.P
+Please see also the WARNINGS section below.
+.P
TCP is the default transport protocol used for all modern NFS
implementations. It performs well in almost every conceivable
network environment and provides excellent guarantees against data
@@ -1179,6 +1185,83 @@ of Access Control Lists that are semanti
NFS version 4 ACLs are not fully compatible with POSIX ACLs; as such,
some translation between the two is required
in an environment that mixes POSIX ACLs and NFS version 4.
+.SH WARNINGS
+Using NFS over UDP on high-speed links such as Gigabit
+.BR "can cause silent data corruption" .
+.P
+The problem can be triggered at high loads, and is caused by problems in
+IP fragment reassembly. NFS read and writes typically transmit UDP packets
+of 4 Kilobytes or more, which have to be broken up into several fragments
+in order to be sent over the Ethernet link, which limits packets to 1500
+bytes by default. This process happens at the IP network layer and is
+called fragmentation.
+.P
+In order to identify fragments that belong together, IP assigns a 16bit
+.I IP ID
+value to each packet; fragments generated from the same UDP packet
+will have the same IP ID. The receiving system will collect these
+fragments and combine them to form the original UDP packet. This process
+is called reassembly. The default timeout for packet reassembly is
+30 seconds; if the network stack does not receive all fragments of
+a given packet within this interval, it assumes the missing fragment(s)
+got lost and discards those it already received.
+.P
+The problem this creates over high-speed links is that it is possible
+to send more than 65536 packets within 30 seconds. In fact, with
+heavy NFS traffic one can observe that the IP IDs repeat after about
+5 seconds.
+.P
+This has serious effects on reassembly: if one fragment gets lost,
+another fragment
+.I from a different packet
+but with the
+.I same IP ID
+will arrive within the 30 second timeout, and the network stack will
+combine these fragments to form a new packet. Most of the time, network
+layers above IP will detect this mismatched reassembly - in the case
+of UDP, the UDP checksum, which is a 16 bit checksum over the entire
+packet payload, will usually not match, and UDP will discard the
+bad packet.
+.P
+However, the UDP checksum is 16 bit only, so there is a chance of 1 in
+65536 that it will match even if the packet payload is completely
+random (which very often isn't the case). If that is the case,
+silent data corruption will occur.
+.P
+This potential should be taken seriously, at least on Gigabit
+Ethernet.
+Network speeds of 100Mbit/s should be considered less
+problematic, because with most traffic patterns IP ID wrap around
+will take much longer than 30 seconds.
+.P
+It is therefore strongly recommended to use
+.BR "NFS over TCP where possible" ,
+since TCP does not perform fragmentation.
+.P
+If you absolutely have to use NFS over UDP over Gigabit Ethernet,
+some steps can be taken to mitigate the problem and reduce the
+probability of corruption:
+.TP +1.5i
+.I Jumbo frames:
+Many Gigabit network cards are capable of transmitting
+frames bigger than the 1500 byte limit of traditional Ethernet, typically
+9000 bytes. Using jumbo frames of 9000 bytes will allow you to run NFS over
+UDP at a page size of 8K without fragmentation. Of course, this is
+only feasible if all involved stations support jumbo frames.
+.IP
+To enable a machine to send jumbo frames on cards that support it,
+it is sufficient to configure the interface for a MTU value of 9000.
+.TP +1.5i
+.I Lower reassembly timeout:
+By lowering this timeout below the time it takes the IP ID counter
+to wrap around, incorrect reassembly of fragments can be prevented
+as well. To do so, simply write the new timeout value (in seconds)
+to the file
+.BR /proc/sys/net/ipv4/ipfrag_time .
+.IP
+A value of 2 seconds will greatly reduce the probability of IPID clashes on
+a single Gigabit link, while still allowing for a reasonable timeout
+when receiving fragmented traffic from distant peers.
.SH FILES
.TP 1.5i
.I /etc/fstab
Index: nfs-utils-1.1.3/utils/mount/nfsmount.c
===================================================================
--- nfs-utils-1.1.3.orig/utils/mount/nfsmount.c
+++ nfs-utils-1.1.3/utils/mount/nfsmount.c
@@ -263,6 +263,9 @@ parse_options(char *old_opts, struct nfs
if (!strcmp(opteq+1, "udp")) {
nfs_pmap->pm_prot = IPPROTO_UDP;
mnt_pmap->pm_prot = IPPROTO_UDP;
+ fprintf(stderr,
+ "Using NFS over UDP can cause data corruption.\n"
+ "Please refer to the WARNINGS section of the nfs(5) manual page.\n");
#if NFS_MOUNT_VERSION >= 2
data->flags &= ~NFS_MOUNT_TCP;
} else if (!strcmp(opteq+1, "tcp") &&
Index: nfs-utils-1.1.3/utils/mount/stropts.c
===================================================================
--- nfs-utils-1.1.3.orig/utils/mount/stropts.c
+++ nfs-utils-1.1.3/utils/mount/stropts.c
@@ -389,14 +389,28 @@ static struct mount_options *nfs_rewrite
po_remove_all(options, "proto");
}
if (strcmp(option, "udp") == 0) {
+ static int once = 0;
nfs_server.pmap.pm_prot = IPPROTO_UDP;
po_remove_all(options, "proto");
+ if (!once)
+ fprintf(stderr,
+ "Using NFS over UDP can cause data corruption.\n"
+ "Please refer to the WARNINGS section of the nfs(5) manual page.\n");
+ once = 1;
+
}
}
p = po_rightmost(options, "tcp", "udp");
switch (p) {
case PO_KEY2_RIGHTMOST:
nfs_server.pmap.pm_prot = IPPROTO_UDP;
+ {static int once = 0;
+ if (!once)
+ fprintf(stderr,
+ "Using NFS over UDP can cause data corruption.\n"
+ "Please refer to the WARNINGS section of the nfs(5) manual page.\n");
+ once = 1;
+ }
break;
case PO_KEY1_RIGHTMOST:
nfs_server.pmap.pm_prot = IPPROTO_TCP;
@@ -565,11 +579,24 @@ static int nfs_try_nfs23mount(struct nfs
static int nfs_try_nfs4mount(struct nfsmount_info *mi)
{
char **extra_opts = mi->extra_opts;
+ char *proto;
+ static int once = 0;
if (po_join(mi->options, extra_opts) == PO_FAILED) {
errno = EIO;
return 0;
}
+ if (po_contains(mi->options, "udp"))
+ proto = "udp";
+ else
+ proto = po_get(mi->options, "proto");
+ if (proto && strcmp(proto, "udp") == 0 && !once) {
+ fprintf(stderr,
+ "Using NFS over UDP can cause data corruption.\n"
+ "Please refer to the WARNINGS section of the nfs(5) manual page.\n");
+ once=1;
+ }
+
if (verbose)
printf(_("%s: text-based options: '%s'\n"),