Date: Sun, 7 Sep 2008 15:01:04 -0700 From: Jeremy Chadwick <koitsu@FreeBSD.org> To: Dmitry Morozovsky <marck@rinet.ru> Cc: freebsd-fs@FreeBSD.org, Pawel Jakub Dawidek <pjd@FreeBSD.org> Subject: Re: ZFS filesystem: export for more than one subnet Message-ID: <20080907220104.GA26094@icarus.home.lan> In-Reply-To: <alpine.BSF.2.00.0809071836130.76180@woozle.rinet.ru> References: <alpine.BSF.2.00.0809071836130.76180@woozle.rinet.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Sep 07, 2008 at 06:39:11PM +0400, Dmitry Morozovsky wrote: > Dear colleagues, > > is there any way so one can export ZFS file system to more than one net? > > in classic NFS I would use more than one line in /etc/exports -- how can I > express such behaviour in zfs properties? Didn't you inadvertently ask this same question 6 months ago? :-) http://lists.freebsd.org/pipermail/freebsd-current/2008-March/084079.html I believe if 'sharenfs=off' (the default), you can manage NFS mounts via /etc/exports like normal. Ideally, you should (?) be able to use multiple "-network xxx/netmask" entries on the same export line. If you absolutely must do it via the 'zfs' command, according to pjd@'s EuroBSDCon presentation, this should work: # /etc/rc.d/mountd start # zfs set sharenfs="ro,network=x.x.x.x,mask=y.y.y.y" some_fs # /etc/rc.d/mountd reload /etc/rc.d/mountd is already configured to read /etc/exports and /etc/zfs/exports, so all you should have to do is mountd_enable="yes" in rc.conf. You can also use CIDR syntax in network=xx/yy, which should decrease the line length. pjd@'s paper is here -- see page 18, "NFS is easy": http://2007.eurobsdcon.org/presentations/Pawel_Jakub_Dawidek/eurobsdcon07_zfs.pdf However, I'd advocate you consider running pf on the machine running mountd instead, and use an actual firewall to block who can talk to mountd on the machine exporting the shares. -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. PGP: 4BD6C0CB |
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20080907220104.GA26094>