Troubleshooting
Problem
There are some limitations regarding the "/etc/exports" file; the limit of a line in the NFS exports file is 32767 characters; NFS permits no more than 256 host names in a root exports file entry. These limits are enough in most of cases, but in some large environments customer can hit one of these limits.
Symptom
The symptoms are usually the NFS client access deny to exported resources or not being able to mount an NFS share.
Resolving The Problem
We can use netgroups to overcome these limitations. Although Netgroup is a NIS feature, you can create a "/etc/netgroup" file without setting up NIS, follow these steps:
1. Create "/etc/netgroup" file on NFS server, here's an example of a netgroup file that contains a group called "group1", which consists of three hosts:
# cat /etc/netgroup
group1 (tcplabbso,,) (bonesbso,,) (srcmstrbso,,)
For more information about the syntax of a netgroup file, see the man page:
https://www.ibm.com/support/knowledgecenter/ssw_aix_72/filesreference/netgroup.html
https://www.ibm.com/support/knowledgecenter/ssw_aix_72/filesreference/netgroup.html
2. Modify "/etc/exports" file (or use smitty) to specify access for created netgroup, for example:
# cat /etc/exports
/tmp -sec=sys:krb5p:krb5i:krb5:dh,access=group1
# cat /etc/exports
/tmp -sec=sys:krb5p:krb5i:krb5:dh,access=group1
3. Unexport and reexport
# exportfs -ua
# exportfs -av
# exportfs -ua
# exportfs -av
There are some additional benefits of using netgroups.
1. NIM environments can benefit from using netgroups:
By default, when NIM exports a file or directory through NFS during resource allocation:
- NIM creates an entry in the "/etc/exports" file granting the target host both client mount access and root access for root users.
- As a result, when you are exporting to numerous clients, the limit on the length of a line in the exports file (32767 characters) can be exceeded, resulting in failure.
NIM provides an option to decrease the line length of an allocation entry in an NFS exports file by approximately one-half effectively permitting files to be allocated to a greater number of hosts.
- This action has the side effect of increasing the number of machines permitted in a NIM machine group.
- NIM achieves this reduction by granting only root access to allocation target hosts. The client mount access list is not created, which allows any machine to mount the resource, but still restricts root access to NIM clients only. NFS permits no more than 256 host names in a root exports file entry.
2. PowerHA environments
If you have to frequently change the exported host list, then you can use NFS netgroups (NIS is not required). If you add or remove a host to the "/etc/netgroup" file, then there is no need to restart the Resource Group, the new host can connect to the NFS server without any disruption to the cluster.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB08","label":"Cognitive Systems"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG10","label":"AIX"},"ARM Category":[{"code":"a8m0z000000cvyTAAQ","label":"Communication Applications-\u003ENFS\/NFSV4\/PCNFS"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
19 September 2024
UID
ibm16468915