Full NFS Guide to Linux: concepts, installation and best practices

Introduction

In modern business and development environments, sharing files between multiple systems is a daily need. Linux offers several solutions for this purpose, one of the oldest and most reliable Network File System (NFS). Originally developed by Sun Microsystems in the 1980s, NFS allows the teams to access remote directories as if they were local, facilitating collaboration and data centralization. In this article we will explore what NFS is, how it works, its advantages and limitations, and show you step by step how to install, configure and protect an NFS server in a typical Linux distribution.

What is NFS?

NFS is an application layer protocol that allows the exchange of files and directories between computers through an IP network. It works by following the client-server model: the NFS server exposes, or exports, certain directories of the local file system, while customers mount them on their own directory tree. The protocol uses remote procedure (RPC) calls to translate reading, writing and attributes operations into messages that cross the network. Since its version 2, NFS has evolved to version 3 and later to version 4, incorporating improvements in performance, safety and compatibility with firewalls. In practice, NFS is often used in computer clusters, web servers and development environments where rapid and consistent access to shared data is required.

Advantages and disadvantages of NFS

Before deciding whether NFS is the right solution for your infrastructure, it is important to assess both its strengths and its limitations. The main aspects to be considered are summarized below.

• Transparent access: remote files behave as if they were on the local disk, which simplifies the use of existing applications.
• Scalability: it allows to share large volumes of data among many customers without replying information.
• Under top: In fast and reliable networks, NFS offers a performance close to that of local file systems.
• Network unit: Any interruption or latency directly affects the availability and performance of the service.
• Limited security in old versions: NFSv2 and NFSv3 authenticate by IP address, which can be supplanted; NFSv4 improves this with Kerberos and safe export.
• Configuration complexity in mixed environments: the allocation of UID / GID between customers and servers must be synchronized to avoid permissions problems.

NFS server installation in Linux

In most modern Linux distributions, the package provided by the NFS server is called nfs-kernel-server in Debian / Ubuntu and nfs-utils in RHEL / CentOS / Fedora. The installation process is simple and is done by the corresponding package manager.

• Update the package index: sudo apt update (Debian / Ubuntu) or sudo dnf check-update (Fedora / RHEL).
• Install the NFS server: sudo apt install nfs-kernel-server or sudo dnf install nfs-utils.
• Start and enable the service to boot the boot: sudo systemctl able -now nfs-kernel-server (Debian / Ubuntu) or sudo systemctl able -now nfs-server (RHEL / Fedora).
• Check that the service is active: sudo systemctl status nfs-kernel -server or nfs-server, and make sure it does not show errors.

Basic export configuration

Once the service is working, the next step is to define which directories will be shared and with which permissions. This is done by editing the / etc / exports file.

Each line of / etc / exports follows the format (options). For example, to share / srv / nfs / customers with reading and writing for the network 192.168.1.0 / 24, add: / srv / nfs / customers 192.168.1.0 / 24 (rw, sync, no _ subtree _ check). After saving the file, changes are applied with the exportfs -ra command and you can verify the export list with showmount -e localhost.

NFS customer assembly

On the customer side, mounting an NFS export is as simple as creating a assembly point and running the mount command with the nfs type.

• Create a directory where the sharing will be mounted: sudo mkdir -p / mnt / nfs / customers.
• Mounting manually: sudo mount -t nfs server _ ip: / srv / nfs / customers / mnt / nfs / customers.
• For mounting to persist after reboot, add a line to / etc / fstab: server _ ip: / srv / nfs / customers / mnt / nfs / customers nfs defaults, _ netdev 0 0.
• Useful options: soft, intr and timo = 15 to prevent the process from being blocked if the server stops responding.

Security and good practices

Although NFS is comfortable, its default configuration can expose sensitive data. Implementing some security measures helps to protect the environment.

• Use recent versions: prefer NFSv4, which supports strong authentication with Kerberos and optional encryption.
• Restrict access by IP address or host name in / etc / exports, avoiding comodines like * that allow connections from any equipment.
• Enable firewall: allow only the necessary traffic (port 2049 for NFS and associated RPC ports) from reliable networks.
• Synchronize UID and GID: Use services such as NIS or LDAP, or use the anonymous and anonymous option to map unknown users to a restricted account.
• Monitor and audit: review server logs (rpc.mountd, nfsd) and use tools like nfsstat to detect performance anomalies or unauthorized access attempts.

Conclusion

NFS remains a robust and low-cost solution for sharing files on Linux networks, especially in environments where performance and simplicity are a priority. By understanding its functioning, its advantages and its limitations, and following best configuration and security practices, you can implement a reliable network file system that climbs with your organization's needs. Whether you are managing a computer cluster, a web server or a development environment, NFS offers the flexibility to keep data accessible and consistent among all the systems involved.