Nfs – How to disable NFSv3/v2 connections to a FreeBSD NFSv4 server

freebsdmountnfsnfs4

I am using a Kubuntu 11.10 client with a FreeBSD 9.0 server.

The server has the following lines in /etc/rc.conf

nfs_server_enable="YES"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"

and the following in /etc/exports

V4: /
/

I am not using any type of security other than the default sys to keep this config as simple as possible.

From the client, both of these commands successfully mount the exported NFS share:

$ sudo mount -t nfs test.home:/ /mnt
$ sudo mount -t nfs4 test.home:/ /mnt

What can I do on the server end to disable NFSv3 and below so that the following does not work?

$ sudo mount -t nfs test.home:/ /mnt

Best Answer

I got the following answer to this question from the FreeBSD developer who works on the code for NFS. To disable v2 and v3 connections at the server level the following command needs to be run:

sysctl vfs.nfsd.server_min_nfsvers=4

If you want the change to permanent on the system then add the following line to /etc/sysctl.conf:

 vfs.nfsd.server_min_nfsvers=4

I just tested this on the setup in my original question and I get the following output about the mounts using the v3 and v4 mount commands:

$ sudo mount -t nfs test.home:/ /mnt
$ mount
test.home:/ on /mnt type nfs (rw,vers=4,addr=192.168.1.5,clientaddr=192.168.1.3)

$ sudo mount -t nfs4 test.home:/ /mnt
$ mount
test.home:/ on /mnt type nfs4 (rw,addr=192.168.1.5,clientaddr=192.168.1.3)

Notice that both end up with v4 mounts now.

Related Topic