ajy@cel (Andrew Yeomans) (11/12/90)
Is it possible to run NFS protocols over a wide-area network? Using UDP? Or TCP to guarantee order of packets? (Sorry if it's a stupid question - I can't be an expert in everything :-) -- Andrew Yeomans ajy@cel.uucp (or ajy@cel.co.uk)
brent@terra.Eng.Sun.COM (Brent Callaghan) (11/13/90)
In article <6989@suns4.cel.co.uk>, ajy@cel (Andrew Yeomans) writes: > Is it possible to run NFS protocols over a wide-area network? > Using UDP? Or TCP to guarantee order of packets? Yup, you can do it with current UDP implementations but you must be careful to set the rsize and wsize mount options down to 1k to avoid fragmentation/reassembly problems. You should also set the timeo option to a value that reflects the increased round-trip-time particularly if there's a satellite in the circuit somewhere. Be aware that client and/or server generates UDP checksums there's no way to verify that the data received is correct. I/O performance will be about as good as you would expect given the bandwidth of the link and the transfer size. Some non-IO operations may be unexpectedly sluggish though - the NFS protocol was designed to be used in local area networks with the expectation of fast round trip times for request-response. A good example is a pathname lookup that translates into multiple NFS lookup requests that must be executed synchronously. IO performance of a implementation that uses TCP will be better than a UDP for WAN because it permits a larger transfer size to be used without the penalty that UDP fragmentation/reassembly suffers over an unreliable medium. -- Made in New Zealand --> Brent Callaghan @ Sun Microsystems Email: brent@Eng.Sun.COM phone: (415) 336 1051
karl_kleinpaste@cis.ohio-state.edu (11/13/90)
ajy@cel.uucp writes:
Is it possible to run NFS protocols over a wide-area network?
Yes.
[10] [10:00am] lettuce:/n/giza/0/karl# hostname
lettuce.cis.ohio-state.edu
[11] [10:00am] lettuce:/n/giza/0/karl# mount | grep afs
honeydew.srv.cs.cmu.edu:/afs on /n/afs type nfs (rw,soft,nosuid,intr,bg)
[12] [10:00am] lettuce:/n/giza/0/karl# traceroute honeydew.srv.cs.cmu.edu
traceroute to honeydew.srv.cs.cmu.edu (128.2.250.251), 30 hops max, 40 byte packets
1 vegetable.cis.ohio-state.edu (128.146.63.1) 10 ms 10 ms 10 ms
2 hi-proteon.cis.ohio-state.edu (128.146.8.1) 0 ms 0 ms 10 ms
3 gwkc1.ircc.ohio-state.edu (128.146.3.1) 10 ms 10 ms 10 ms
4 gwcicnet.ohio-dmz.net (192.68.143.1) 20 ms 30 ms 20 ms
5 um-osu.cic.net (131.103.11.46) 20 ms 20 ms 20 ms
6 nss17.merit.edu (35.1.1.50) 20 ms 20 ms 20 ms
7 Ithaca.NY.NSS.NSF.NET (129.140.74.17) 40 ms 40 ms 40 ms
8 Pittsburgh.PA.NSS.NSF.NET (129.140.69.10) 60 ms 129.140.69.8 (129.140.69.8) 80 ms 90ms
9 psc-gw3.psc.edu (192.5.146.3) 110 ms 80 ms 80 ms
10 ROUTER8.CC.CMU.EDU (128.2.1.8) 100 ms 100 ms 100 ms
--karl
echan@cad017.intel.com (Eldon Chan ~ ) (11/21/90)
If I just want to allow NFS, ftp and mail traffic passing between the two Cisco routers, what kind of access-list should I set? Since NFS traffic doesn't use the same UDP port all the time. I am sure someone must has done this before. One straight forward solution is to allow all UDP traffic and then disable the port that I don't like (1-1023 except 111). Any sugestions are welcome ! Thanks. Eldon Chan
thurlow@convex.com (Robert Thurlow) (12/03/90)
In <1056@inews.intel.com> echan@cad017.intel.com (Eldon Chan ~ ) writes: >Since NFS traffic doesn't use the same UDP port all the time. I am sure >someone must has done this before. >One straight forward solution is to allow all UDP traffic and then >disable the port that I don't like (1-1023 except 111). Huh? NFS on all systems I've looked at always hard-code the server port number of the server to 2049. That's convention, and not blessed by an entry in /etc/services, but I'd bet on it being reliable. Do you know of a system which does have their NFS server at port 2049? Rob T -- Rob Thurlow, thurlow@convex.com or thurlow%convex.com@uxc.cso.uiuc.edu ---------------------------------------------------------------------- "This opinion was the only one available; I got here kind of late."