How to Configure NFS Server and Client in Linux for File Sharing

SeekLinux 0

How to configure an NFS server and client in Linux for secure file sharing over a network

Network File System (NFS) is one of the most widely used file-sharing protocols in Linux environments. It allows system administrators to share directories from one Linux server and make them accessible to other Linux systems over a network. NFS is mostly used in enterprise environments, application servers, backup solutions, virtualization platforms and clustered systems where multiple servers need access to the same files.

In this step by step guide, you will learn how to configure an NFS server and client in Linux, create shared directories, configure persistent mount points, verify connectivity, troubleshoot common issues and apply security best practices.

This post covers

NFS Basics
·       What Is NFS in Linux?
·       Benefits of NFS
·       Common Use Cases of NFS
·       NFS Architecture Overview
·       NFSv3 vs NFSv4
·       NFS vs Samba
·       How to Verify NFSv4 Is Being Used

Lab Setup
·       Lab Environment
·       Prerequisites

Configure the NFS Server
·       Step 1: Install NFS Packages
·       Step 2: Create a Shared Directory
·       Step 3: Configure NFS Exports
·       Common /etc/exports Examples
·       Step 4: Export the Shared Directory
·       Step 5: Start and Enable NFS Services
·       Step 6: Configure Firewall and SELinux
·       Step 7: Verify NFS Shares

Configure the NFS Client
·       Step 8: Install NFS Client Packages
·       Step 9: Discover Available NFS Shares
·       Step 10: Create a Mount Point
·       Step 11: Mount the NFS Share
·       Verify the NFS Version
·       Step 12: Test File Sharing

Production Best Practices
·       Make NFS Mounts Persistent
·       Recommended Mount Options
·       NFS Performance Optimization Tips

Verification and Monitoring
·       Useful NFS Verification Commands
·       Useful NFS Monitoring Commands

Troubleshooting and Security
·       Common NFS Troubleshooting Issues
·       NFS Security Best Practices
·       Kerberos Authentication

Additional Resources
·       Real World NFS Example
·       What Should You Learn After NFS?
·       Frequently Asked Questions
·       Conclusion

What Is NFS in Linux?
NFS (Network File System) is a file sharing protocol originally developed by Sun Microsystems. It enables a remote directory on one Linux server to be mounted and accessed over the network as if it were a local file system.

Instead of copying files between systems NFS allows multiple Linux servers to access the same data centrally over the network.

Before configuring NFS, it is helpful to understand the basics of Linux networking. If you're new to networking concepts, read our guide on Linux Basic Networking for Beginners.

Benefits of NFS

·     Centralized file storage
·     Easy file sharing between Linux servers
·    Reduced data duplication
·    Simplified backup management
·    Best for enterprise Linux environments
·    Supports multiple clients simultaneously

Common Use Cases of NFS
·    Sharing of application data
·    Web server content sharing
·    Backup repositories
·    Virtual machine storage
·    Clustered server environments
·    Home directories on enterprise networks  

NFS Architecture Overview
An NFS environment consists of two main components:NFS architecture showing a Linux NFS server sharing files with multiple Linux clients over a network

NFS relies on proper network communication between the server and clients. Make sure both systems have correctly configured hostnames and IP addresses by following our guide on How to Configure Hostname, Static IP Address, Gateway and DNS on a Linux Server.

NFS Server
An NFS (Network File System) server is a Linux system that shares one or more directories with other computers over a network. It stores the shared files and makes them available to authorized client systems and allows users to access remote files as if they were stored on their own local machine.

The NFS server controls:

·  Which directories are shared (exported)
·  Which clients are allowed to access the shared directories
·  Whether clients have read-only or read-write permissions
·  Access and security settings defined in the /etc/exports file

The server creates a directory and makes it available to remote systems on the network by exports file.Linux NFS server exporting a shared directory for network file sharing

NFS Client
An NFS (Network File System) client is a Linux system that connects to an NFS server and mounts its exported directory over the network. Once the shared directory is mounted, users and applications can access remote files and directories as if they were stored on the local system.

The NFS client is responsible for:

·  Connecting to the NFS server
·  Discovering available shared directories (exports)
·  Mounts remote directories to a local mount point
· Reading from and writing to shared files based on the permissions granted by the NFS server

The client mounts the NFS share from network on the local directory and accesses it like a local file system.Linux NFS client mounting a shared directory from an NFS server  

NFS Versions Comparison: NFSv3 vs NFSv4
Latest Linux distributions support both NFSv3 and NFSv4.
Feature NFSv3 NFSv4
Security Basic Improved
Firewall Configuration Multiple Ports Single Port (TCP 2049)
Performance Good Better
Authentication Limited Enhanced
Recommended for New Deployments No Yes
For new deployments NFSv4 is recommended. By default NFSv4 communicates on TCP port 2049.

NFS vs Samba: Which File Sharing Solution Should You Choose?
Both NFS and Samba are popular file sharing solutions but they serve different environments.
Feature NFS Samba
Best For Linux to Linux Linux to Windows
Performance Faster Slightly Lower
Configuration Simpler More Complex
Authentication Linux File Permissions Active Directory Support
Enterprise Usage Linux Servers Mixed Linux & Windows Networks
Recommended Use Linux Infrastructure  Windows Integration
If all systems are Linux based then NFS is usually the preferred choice because it offers better performance and simpler administration. Samba is more suitable for Windows systems when they need access to shared files.

How to Verify NFSv4 Is Being Used
Latest Linux distributions support NFSv4 by default and it is recommended for new deployments because it provides improved security, better performance, and simplified firewall configuration.

Check Supported NFS Versions on the Server
Run the following command on the NFS server:

cat /proc/fs/nfsd/versionsChecking supported NFS protocol versions on a Linux NFS server using the cat /proc/fs/nfsd/versions command

The + sign indicates that the version is enabled. Output is showing that the server supports NFSv3, NFSv4, NFSv4.1, and NFSv4.2.

Lab Environment

Host IP Address Role
nfs-server 192.168.1.164 NFS Server
nfs-client 192.168.1.179 NFS Client
Replace these IP addresses with your environment values.

Prerequisites

·  Two machines physical or virtual
·  Static IP addresses
·  Root or sudo privileges
·  Network connectivity between systems

  If you're unfamiliar with package management, our How to Use APT and DPKG in Ubuntu guide explains how software packages are installed and managed on Debian-based systems.

Step 1: Install NFS Packages on the Server

On RHEL, Rocky Linux, AlmaLinux

sudo dnf install nfs-utils -yInstalling the nfs-utils package on a RHEL-based Linux system using the DNF package manager

On Ubuntu

sudo apt updateUpdating the package index on an Ubuntu or Debian Linux system using the APT package manager

sudo apt install nfs-kernel-server -yInstalling the NFS server package on Ubuntu or Debian using the APT package manager

Verify installation:

For RHEL
rpm -qa | grep nfsChecking installed NFS packages on a RHEL-based Linux system using the RPM package manager

 For Ubuntu
dpkg -l | grep nfsChecking installed NFS packages on an Ubuntu or Debian system using the DPKG package manager

Want to understand where shared directories should be stored? Read our guide on the Linux Directory Structure and File System.

Step 2: Create a Shared Directory
Create a directory on the server that will be shared over the network.
sudo mkdir -p /opt/shareCreating a shared directory for NFS file sharing on a Linux server

Assign appropriate permissions to this directory
sudo chmod 755 /opt/shareSetting directory permissions for the NFS shared folder using the chmod command in Linux

Create a test file
Create a test file in the shared directory on the NFS server
echo "NFS Share Test" | sudo tee /opt/share/test.txtCreating a test file in the NFS shared directory to verify file sharing between the server and client

Verify:
ls -l /opt/shareListing the contents of the NFS shared directory to verify that the test file was created successfully

Step 3: Configure NFS Exports
NFS exports are configured in /etc/exports file. Open /etc/exports file with your favorite editor:

sudo vi /etc/exportsEditing the /etc/exports file to configure NFS shared directories on a Linux server

Add the following entry:

/opt/share 192.168.1.179(rw,sync,no_subtree_check, root_squash)

Explanation

Option Description
rw Allows clients to read from and write to the shared directory.
ro Provides read-only access to the shared directory.
sync Writes changes to disk before confirming the operation, improving data integrity.
async Improves performance by caching write operations but may increase the risk of data loss during unexpected failures
no_root_squash Preserves the client's root privileges on the NFS server. Suitable for testing or special administrative scenarios but not recommended for production
root_squash Maps the client's root user to an unprivileged user, providing better security. Recommended for production environments
no_root_squash can be used in testing environments or special administrative situations but it is generally not recommended for production systems because it preserves the client's root privileges on the NFS server which increases the potential security risk.

Since NFS relies on proper user and group permissions, you may also find our ManagingUsers and Groups in Linux guide helpful.

Common `/etc/exports` Examples
The `/etc/exports` file determines which directories are shared and which clients are allowed to access them. Below are some common examples used in different environments.

Share with a Single Client
/opt/share 192.168.1.179(rw,sync)

This configuration shares the `/opt/share` directory only with the client that has the IP address `192.168.1.179`. The client has read and write access and data is written to disk synchronously for better reliability.

Best for: Small labs or environments where only one Linux system needs access.

Share with an Entire Subnet
/opt/share 192.168.1.0/24(rw,sync)

This configuration allows all hosts in network of `192.168.1.0/24` to access the shared directory.

Best for: Large Enterprise networks where multiple trusted Linux servers require access to the same shared files.

Read-Only Share for All Clients
/opt/share *(ro,sync)

The asterisk (`*`) allows any client to access the exported directory, but only with read-only permissions.

Best for: software repositories, documentation servers or shared installation media where users only need to read files.

Note: Avoid using `*` with read-write permissions in production because it allows any client that can reach the server to access the share.

Secure Production Example
/opt/share 192.168.1.179(rw,sync,root_squash,no_subtree_check)

This configuration is mostly used in production environments.

·  rw                           Allows read and write access
·  sync                        Writes data to disk before confirming the operation, it improves data integrity
·  root_squash       Maps the remote root user to an unprivileged user, preventing remote root users from having root privileges on the server
·  no_subtree_check   Disables subtree checking, it improves performance and avoids certain file access issues

Best for: Production Linux servers where security and reliability are important.

Step 4: Export the Shared Directory
Apply the export configuration by this command.

sudo exportfs -rav

OutPut
Exporting NFS shared directories and applying the updated /etc/exports configuration

Verify exports:

sudo exportfs -vVerifying exported NFS shared directories and export options using the exportfs -v command

Step 5: Start and Enable NFS Services

RHEL-Based Systems
sudo systemctl enable --now nfs-serverStarting and enabling the NFS server service to launch automatically at system boot

Verify status:
sudo systemctl status nfs-serverChecking the status of the NFS server service to verify that it is running successfully

On Ubuntu
sudo systemctl enable --now nfs-kernel-serverStarting and enabling the NFS kernel server service to launch automatically at system boot on Ubuntu or Debian

Verify Status:
sudo systemctl status nfs-kernel-serverChecking the status of the NFS kernel server service to verify that it is running successfully on Ubuntu or Debian

Step 6: Configure Firewall Rules
If a firewall is enabled, allow NFS traffic through firewall.

firewalld
sudo firewall-cmd  --permanent --add-service=nfs
sudo firewall-cmd  --permanent --add-service=mountd
sudo firewall-cmd  --permanent --add-service=rpc-bind
sudo firewall-cmd  --reload

Verify:
sudo firewall-cmd --list-services

UFW
sudo ufw allow from 192.168.1.0/24 to any port nfs

Configure SELinux for NFS (RHEL-Based Systems)
If SELinux is enabled then NFS exports may fail even firewall and permissions are configured correctly.

Check SELinux status:
getenforce

Allow NFS exports:
sudo setsebool -P nfs_export_all_rw 1Configuring SELinux to allow read and write access for NFS shared directories on a Linux server

Verify:
getsebool nfs_export_all_rwChecking the SELinux nfs_export_all_rw boolean to verify NFS read and write permissions

If you continue to experience access issues, review SELinux logs:
sudo ausearch -m AVCChecking SELinux access denial messages to troubleshoot NFS permission issues on a Linux server
One of the primary reasons behind NFS access problems in enterprise Linux systems is SELinux restrictions.

Step 7: Verify NFS Share on the Server
This command displays exported shares.

showmount -e localhostDisplaying exported NFS shared directories on the local Linux server using the showmount command

Step 8: Install NFS Client Packages

RHEL-Based Client System
sudo dnf install nfs-utils -yInstalling the nfs-utils package required to configure NFS server and client services on a RHEL-based Linux system

Ubuntu/Debian Client System
sudo apt updateUpdating the APT package index before installing NFS packages on Ubuntu or Debian

sudo apt install nfs-common -yInstalling the nfs-common package required to configure an NFS client on Ubuntu or Debian

Step 9: Discover Available NFS Shares
Check available exports.

showmount -e 192.168.1.164Displaying available NFS shared directories exported by the Linux NFS server using the showmount command

Step 10: Create a Mount Point
Create a mount directory on the client system to mount exported directory from server.

sudo mkdir -p /mnt/nfs-shareCreating a mount point for the NFS shared directory on a Linux client

Step 11: Mount the NFS Share on the Mount Directory
Mount manually with this command.

sudo mount -t nfs 192.168.1.164:/opt/share /mnt/nfs-shareMounting the NFS shared directory from the Linux server onto the Linux client using the mount command

Verify:
Verify mount with this command.

df -h
Verifying that the NFS shared directory is successfully mounted using the df -h command

or

mount | grep nfsVerifying the NFS shared directory and mount options on the Linux client using the mount command

Verify NFS Version on Client
Latest Linux deployments should use NFSv4 whenever possible because it provides better security and simplified firewall management. Verify the mounted NFS version:

nfsstat -m
erifying the mounted NFS file system, NFS protocol version, and mount options using the nfsstat -m command
The `vers=4.2` value confirms that the client is using NFSv4.

Step 12: Test File Sharing

Create a test file from the client
touch /mnt/nfs-share/client-test.txtCreating a test file on the mounted NFS shared directory to verify client write access

Check file on the server
ls -l /opt/shareListing the contents of the NFS shared directory on the Linux server to verify file synchronization
The file should be visible immediately.

Make NFS Mounts Persistent
Manual mounts disappear after system reboot. To mount automatically, edit: /etc/fstab
Add:
192.168.1.164:/opt/share /mnt/nfs-share nfs defaults,_netdev 0 0Configuring a persistent NFS mount by adding the shared directory to the /etc/fstab file

Test and Verify:
sudo mount -a

df -h
Verifying that the NFS shared directory is mounted successfully after applying the /etc/fstab configuration
If no errors appear then the configuration is correct.

Recommended Mount Options for Production
In production environments administrators mostly use additional mount options to improve reliability.

Example:
192.168.1.164:/opt/share /mnt/nfs-share nfs4 rw,hard,intr,_netdev 0 0

Option Purpose
rw Allows clients to read from and write to the mounted NFS share.
hard Continues retrying NFS requests until the server becomes available, helping prevent data corruption.
intr Allows interrupted NFS operations to be terminated by user signals if the server is unresponsive.
_netdev Delays mounting the NFS share until the network is fully available during system startup.
nofail Prevents the system from failing to boot if the NFS server is temporarily unavailable. ✓ Recommended for non-critical mounts.
These options help to improve stability in enterprise environments.

NFS Performance Optimization Tips

By default, NFS works well for most environments. However administrators can improve performance for large file transfers, virtualization, or high-traffic file servers by tuning mount options.

1. Adjust Read and Write Buffer Sizes
The `rsize` (read size) and `wsize` (write size) options control how much data is transferred in a single operation. Larger buffer sizes can improve throughput on high speed networks.

Example:
sudo mount -t nfs -o vers=4,rsize=1048576,wsize=1048576 192.168.1.164:/opt/share /mnt/nfs-share

2. Use a Reliable Network
NFS performance mostly depends on network speed and latency. A Gigabit Ethernet or faster connection provides better performance than slower or congested networks.

3. Use `sync` for Data Integrity

The `sync` option ensures that data is written to disk before the server acknowledges the write operation. Although it may reduce write performance slightly but it provides better data integrity and is recommended for most production environments.

4. Monitor NFS Performance
Use the following command to view NFS client and server statistics:

nfsstat
Reviewing these statistics can help identify network bottlenecks, retransmissions, or performance issues in busy environments.

Useful NFS Verification Commands

1. Show Exported Directories
showmount -e

2. Display Active Exports
exportfs -v

3. Check Mounted NFS Filesystems
mount | grep nfs

4. View Disk Usage
df -h

5. Check NFS Service Status
systemctl status nfs-server

Useful NFS Monitoring Commands
Administrators can use the following commands to monitor NFS services and connections.

1. Check active NFS statistics
nfsstat
Displaying NFS client and server statistics to verify NFS performance and activity

2. View RPC services
rpcinfo -p
Displaying registered RPC services to verify NFS-related services on a Linux server

Or

rpcinfo -p | grep nfs
Verifying that the NFS service is registered with the RPC service on a Linux server

3. Check NFS is listening on the port
ss -ltunp | grep 2049Verifying that the NFS service is listening on TCP port 2049 using the ss command

4. View NFS service logs
Journalctl -xeu nfs-serverViewing NFS server service logs to troubleshoot startup and configuration issues using the journalctl command
These commands are useful for diagnosing performance and connectivity issues.

Understanding Linux services and logs make troubleshooting much easier. Our Linux bootprocess guide explains how Linux starts system services.

Common NFS Troubleshooting Issues

1. Permission Denied
Error:
mount.nfs: access denied by server

Solution:
·  Verify /etc/exports
·  Confirm client IP is allowed
·  Re-export configuration 

sudo exportfs -rav

2. Connection Refused
Error:
Connection refused

Solution:
·  Verify NFS service
systemctl status nfs-server

Start service if necessary
sudo systemctl start nfs-server

3. Firewall Blocking NFS
Verify firewall settings.
firewall-cmd --list-services
Allow required services.

4. Mount Hangs or Times Out
·     Check network connectivity
ping 192.168.1.164

·     Verify exported shares
showmount -e 192.168.1.164

NFS Security Best Practices
NFS should be configured securely especially in production environments.

Restrict Client Access
Instead of:
/opt/share *(rw,sync)

Use:
/opt/share 192.168.1.179(rw,sync)

Use Root Squashing
This is recommended in production environments.
/opt/share 192.168.1.179(rw,sync,root_squash)

This prevents remote root users from gaining root-level access on the server.

Use NFSv4
NFSv4 provides:

·  Better security
·  Simplified firewall configuration
·  Improved authentication

Limit Network Access
Allow access only to trusted subnets.
192.168.1.0/24

Kerberos Authentication for Enterprise NFS
Large organizations often secure NFS using Kerberos authentication.

Kerberos provides:

·  User authentication
·  Data integrity verification
·  Optional data encryption

Common security modes:
Kerberos Mode Description
krb5 Provides authentication only. It verifies the identity of the client and server without protecting the transmitted data
krb5i Provides authentication and data integrity. It ensures that transmitted data has not been modified during communication
krb5p Provides authentication, data integrity, and encryption. Recommended for environments that require the highest level of NFS security

Kerberos is mostly used in enterprise environments that require stronger security controls than standard IP based access restrictions.

Real World NFS Example

A company hosts multiple application servers that require access to shared documents.

Instead of storing duplicate files on every server:

·  One Linux server exports /shared-data
·  Multiple application servers mount the same directory
·  All systems access identical files
·  Backups are performed from a single location

This approach reduces storage use and simplifies administration.

What Should You Learn After NFS?
Once you understand NFS fundamentals, consider learning:

1. NFSv4 advanced configuration
2. AutoFS automatic mounting
3. Samba file sharing
4. Kerberos authentication
5. High Availability NFS
6. GlusterFS
7. CephFS

These technologies are mostly used in enterprise Linux environments and help administrators build scalable storage solutions.

Frequently Asked Questions (FAQs)

Q 1. What is NFS in Linux?
NFS (Network File System) is a file sharing protocol that allows Linux systems to access remote directories as if they were on the local filesystems.

Q 2. What is the difference between NFSv3 and NFSv4?
NFSv4 provides better security, simplified firewall configuration, and improved authentication compared to NFSv3.

Q 3. How do I view exported NFS shares?
Use:
Showmount -e

Q 4. How do I make an NFS mount persistent?
Add the mount entry to /etc/fstab and verify with:
sudo mount -a

Q 5. Is NFS secure?
NFS can be secure when access is restricted only to trusted hosts, root squashing is enabled and NFSv4 is used.
Conclusion
NFS will remain one of the most efficient methods for file sharing between Linux systems. By configuring an NFS server and client, administrators can centralize storage, simplify data management and provide seamless file access across multiple servers.

In this guide, you learned how to install NFS packages, configure exports, mount remote shares, create persistent mounts, verify connectivity, troubleshoot common issues and secure NFS deployments using best practices. Whether you are managing a small lab environment or an enterprise infrastructure, NFS is an important Linux administration skill that every system administrator should understand.

📢 For more Linux tutorials, practical guides, and the latest updates, visit SeekLinux.net.


Author: Aqeel Anwar
SeekLinux Author
SeekLinux Team
Linux Engineers | DevOps | Security Enthusiasts

SeekLinux Team shares practical Linux tutorials, SSL/TLS certificate guides, commands and DevOps solutions. Our goal is to simplify system administration and help you master real-world server and security tasks.

Learn more about us →

Tags

Post a Comment

Post a Comment

Previous Post Next Post