NFS proxy serving

AIX® supports Network File System (NFS) proxy serving. An AIX server can concurrently export locally accessible file systems and proxy exports. The exported proxy view can be mounted by NFS clients.

AIX NFS proxy serving uses disk caching of accessed data to serve similar subsequent requests locally with reduced network traffic to the back-end server. Proxy serving can potentially extend NFS data access over slower or less reliable networks with improved performance and reduced network traffic to the primary server where the data resides. Depending on availability and content management requirements, proxy serving can provide a solution for extending NFS access to network edges without the need for copying data. You can configure AIX NFS proxy serving using the mknfsproxy command.

Proxy caching can be used with both the NFS v3 and the NFS v4 protocols. The protocol between the proxy and the connected clients can be either NFS v3 or NFS v4 when the NFS v4 protocol is used between the proxy and the back-end server. However, when the NFS v3 protocol is used, the protocol between the proxy and the connected clients must be the NFS v3 protocol. Both reads and writes of data are supported in addition to byte range advisory locks.

The krb5, krb5i, and krb5p security methods can be used between the proxy server and its connected clients. These methods can also be used between the proxy server and the main server. Using ticket forwarding technology through proxy, you can authenticate on the client and be authenticated to the main server. To take advantage of this technology, use the kinit command with the -f option when you are performing Kerberos authentication. If auth_sys security is used between the proxy and the back-end server, when you access the back-end server, the proxy server maps Kerberos client accesses into auth_sys attributes. For best results, the proxy server and the back-end server should share the same user and group identity definitions.