Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

Solaris Tunable Parameters Reference Manual
Previous Next

nfssrv Module Parameters

This section describes NFS parameters for the nfssrv module.

nfssrv:nfs_portmon

Description

Controls some security checking that the NFS server attempts to do to enforce integrity on the part of its clients. The NFS server can check whether the source port from which a request was sent was a reserved port. A reserved port has a number less than 1024. For BSD-based systems, these ports are reserved for processes being run by root. This security checking can prevent users from writing their own RPC-based applications that defeat the access checking that the NFS client uses.

Data Type

Integer (32-bit)

Default

0 (security checking disabled)

Range

0 (security checking disabled) or 1 (security checking enabled)

Units

Boolean values

Dynamic?

Yes

Validation

None

When to Change

Use this parameter to prevent malicious users from gaining access to files by using the NFS server that they would not ordinarily have access to. However, the reserved port notion is not universally supported. Thus, the security aspects of the check are very weak. Also, not all NFS client implementations bind their transport endpoints to a port number in the reserved range. Thus, interoperability problems might result if the security checking is enabled.

Commitment Level

Unstable

nfssrv:rfs_write_async

Description

Controls the behavior of the NFS version 2 server when it processes WRITE requests. The NFS version 2 protocol mandates that all modified data and metadata associated with the WRITE request reside on stable storage before the server can respond to the client. NFS version 2 WRITE requests are limited to 8192 bytes of data. Thus, each WRITE request might cause multiple small writes to the storage subsystem. This can cause a performance problem.

One method to accelerate NFS version 2 WRITE requests is to take advantage of a client behavior. Clients tend to send WRITE requests in batches. The server can take advantage of this behavior by clustering together the different WRITE requests into a single request to the underlying file system. Thus, the data to be written to the storage subsystem can be written in fewer, larger requests. This method can significantly increase the throughput for WRITE requests.

Data Type

Integer (32-bit)

Default

1 (clustering enabled)

Range

0 (clustering disabled) or 1 (clustering enabled)

Units

Boolean values

Dynamic?

Yes

Validation

None

When to Change

Some very small NFS clients, particularly PC clients, might not batch WRITE requests. Thus, the behavior required from the clients might not exist. In addition, the clustering in the NFS version 2 server might just add overhead and slow down performance instead of increasing it.

Commitment Level

Unstable

nfssrv:nfsauth_ch_cache_max

Description

Controls the size of the cache of client handles that contact the NFS authentication server. This server authenticates NFS clients to determine whether they are allowed access to the file handle that they are trying to use.

Data Type

Integer (32-bit)

Default

16

Range

0 to 231 - 1

Units

Client handles

Dynamic?

Yes

Validation

None

When to Change

This cache is not dynamic, so attempts to allocate a client handle when all are busy will fail. This failure results in requests being dropped by the NFS server because they could not be authenticated. Most often, this result is not a problem because the NFS client just times out and retransmits the request. However, for soft-mounted file systems on the client, the client might time out, not retry the request, and then return an error to the application. This situation might be avoided if you ensure that the size of the cache on the server is large enough to handle the load.

Commitment Level

Unstable

nfssrv:exi_cache_time

Description

Controls the duration of time that entries are held in the NFS authentication cache before being purged due to memory pressure in the system.

Data Type

Long integer (32 bits on 32-bit platforms and 64 bits on 64-bit platforms)

Default

3600 seconds (1 hour)

Range

0 to 231 - 1 on 32-bit platforms

0 to 263 - 1 on 64-bit platforms

Units

Seconds

Dynamic?

Yes

Validation

None

When to Change

The size of the NFS authentication cache can be adjusted by varying the minimum age of entries that can get purged from the cache. The size of the cache should be controlled so that it is not allowed to grow too large, thus using system resources that are not allowed to be released due to this aging process.

Commitment Level

Unstable

Previous Next

 
 
  Published under the terms fo the Public Documentation License Version 1.01. Design by Interspire