[PATCH 1/3] mountd: Use protocol bit fields to turn protocols off.

[PATCH 1/3] mountd: Use protocol bit fields to turn protocols off.

[Steve Dickson]

Convert the current code to used the NFSCTL_XXX macros
to turn off the TCP listener.

Signed-off-by: Steve Dickson <steved@redhat.com>
---
 support/include/rpcmisc.h |  2 +-
 support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
 support/nfs/svc_create.c  |  5 +++++
 utils/mountd/mountd.c     |  2 +-
 4 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/support/include/rpcmisc.h b/support/include/rpcmisc.h
index b806227..31c8e5d 100644
--- a/support/include/rpcmisc.h
+++ b/support/include/rpcmisc.h
@@ -56,7 +56,7 @@ void		rpc_dispatch(struct svc_req *rq, SVCXPRT *xprt,
 int		getservport(u_long number, const char *proto);
 
 extern int	_rpcpmstart;
-extern int	_rpcfdtype;
+extern unsigned int	_rpcprotobits;
 extern int	_rpcsvcdirty;
 
 static inline struct sockaddr_in *nfs_getrpccaller_in(SVCXPRT *xprt)
diff --git a/support/nfs/rpcmisc.c b/support/nfs/rpcmisc.c
index b73187a..64c98ff 100644
--- a/support/nfs/rpcmisc.c
+++ b/support/nfs/rpcmisc.c
@@ -39,7 +39,7 @@
 
 #define _RPCSVC_CLOSEDOWN	120
 int	_rpcpmstart = 0;
-int	_rpcfdtype = 0;
+unsigned int _rpcprotobits = (NFSCTL_UDPBIT|NFSCTL_TCPBIT);
 int	_rpcsvcdirty = 0;
 
 static void
@@ -51,7 +51,7 @@ closedown(int sig)
 		static int size;
 		int i, openfd;
 
-		if (_rpcfdtype == SOCK_DGRAM)
+		if (NFSCTL_TCPISSET(_rpcprotobits) == 0)
 			exit(0);
 
 		if (size == 0)
@@ -130,7 +130,16 @@ rpc_init(char *name, int prog, int vers,
 		 * listen will fail on a connected TCP socket(passed by rsh).
 		 */
 		if (!(fdtype == SOCK_STREAM && listen(0,5) == -1)) {
-			_rpcfdtype = fdtype;
+			switch(fdtype) {
+			case SOCK_DGRAM:
+				NFSCTL_UDPSET(_rpcprotobits);
+				break;
+			case SOCK_STREAM:
+				NFSCTL_TCPSET(_rpcprotobits);
+				break;
+			default:
+				xlog(L_FATAL, "getsockopt returns bad socket type: %d", fdtype);
+			}
 			_rpcpmstart = 1;
 		}
 	}
@@ -139,7 +148,7 @@ rpc_init(char *name, int prog, int vers,
 		sock = RPC_ANYSOCK;
 	}
 
-	if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_DGRAM)) {
+	if (NFSCTL_UDPISSET(_rpcprotobits)) {
 		static SVCXPRT *last_transp = NULL;
 
 		if (_rpcpmstart == 0) {
@@ -167,7 +176,7 @@ rpc_init(char *name, int prog, int vers,
 		last_transp = transp;
 	}
 
-	if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_STREAM)) {
+	if (NFSCTL_TCPISSET(_rpcprotobits)) {
 		static SVCXPRT *last_transp = NULL;
 
 		if (_rpcpmstart == 0) {
diff --git a/support/nfs/svc_create.c b/support/nfs/svc_create.c
index c159fc8..9ae2965 100644
--- a/support/nfs/svc_create.c
+++ b/support/nfs/svc_create.c
@@ -29,6 +29,7 @@
 #include <unistd.h>
 #include <errno.h>
 #include <netdb.h>
+#include "nfslib.h"
 
 #include <netinet/in.h>
 
@@ -417,6 +418,10 @@ nfs_svc_create(char *name, const rpcprog_t program, const rpcvers_t version,
 		if (!(nconf->nc_flag & NC_VISIBLE))
 			continue;
 		visible++;
+
+		if (!strcmp(nconf->nc_proto, NC_TCP) && !NFSCTL_TCPISSET(_rpcprotobits))
+			continue;
+
 		if (port == 0)
 			servport = getservport(program, nconf->nc_proto);
 		else
diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index 993b6e6..f918472 100644
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -755,7 +755,7 @@ main(int argc, char **argv)
 			nfs_version &= ~NFSVERSBIT(vers);
 			break;
 		case 'n':
-			_rpcfdtype = SOCK_DGRAM;
+			NFSCTL_TCPUNSET(_rpcprotobits);
 			break;
 		case 'r':
 			reverse_resolve = 1;
-- 
1.8.3.1

[PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Steve Dickson]

[ Here is the second try for these patches incorporating the code review..]

Recently it was pointed out to me that the [-n | --no-tcp] flags 
were broken in mountd. Sure enough they are and they broke 
when nfs-utils moved to using libtirpc, which was years ago.

Obviously nobody is using these flags since has not been 
notice until now, but it seemed to me it no longer makes 
any sense to have flags. We really want people to use TCP 
so why should there be a way to turn it off? It should be
the opposite... They should be able to turn off UDP listeners
not TCP... 


Steve Dickson (3):
  mountd: Use protocol bit fields to turn protocols off.
  mountd: Deprecate the ability to disable TCP listeners.
  mountd: Add the ability to disable UDP listeners.

 support/include/rpcmisc.h |  2 +-
 support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
 support/nfs/svc_create.c  |  5 +++++
 utils/mountd/mountd.c     | 17 ++++++++++++-----
 utils/mountd/mountd.man   |  6 +++---
 5 files changed, 35 insertions(+), 14 deletions(-)

-- 
1.8.3.1

[PATCH 1/3] mountd: Use protocol bit fields to turn protocols off.

[Steve Dickson]

Convert the current code to used the NFSCTL_XXX macros
to turn off the TCP listener.

Signed-off-by: Steve Dickson <steved@redhat.com>
---
 support/include/rpcmisc.h |  2 +-
 support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
 support/nfs/svc_create.c  |  5 +++++
 utils/mountd/mountd.c     |  2 +-
 4 files changed, 21 insertions(+), 7 deletions(-)

diff --git a/support/include/rpcmisc.h b/support/include/rpcmisc.h
index b806227..31c8e5d 100644
--- a/support/include/rpcmisc.h
+++ b/support/include/rpcmisc.h
@@ -56,7 +56,7 @@ void		rpc_dispatch(struct svc_req *rq, SVCXPRT *xprt,
 int		getservport(u_long number, const char *proto);
 
 extern int	_rpcpmstart;
-extern int	_rpcfdtype;
+extern unsigned int	_rpcprotobits;
 extern int	_rpcsvcdirty;
 
 static inline struct sockaddr_in *nfs_getrpccaller_in(SVCXPRT *xprt)
diff --git a/support/nfs/rpcmisc.c b/support/nfs/rpcmisc.c
index b73187a..64c98ff 100644
--- a/support/nfs/rpcmisc.c
+++ b/support/nfs/rpcmisc.c
@@ -39,7 +39,7 @@
 
 #define _RPCSVC_CLOSEDOWN	120
 int	_rpcpmstart = 0;
-int	_rpcfdtype = 0;
+unsigned int _rpcprotobits = (NFSCTL_UDPBIT|NFSCTL_TCPBIT);
 int	_rpcsvcdirty = 0;
 
 static void
@@ -51,7 +51,7 @@ closedown(int sig)
 		static int size;
 		int i, openfd;
 
-		if (_rpcfdtype == SOCK_DGRAM)
+		if (NFSCTL_TCPISSET(_rpcprotobits) == 0)
 			exit(0);
 
 		if (size == 0)
@@ -130,7 +130,16 @@ rpc_init(char *name, int prog, int vers,
 		 * listen will fail on a connected TCP socket(passed by rsh).
 		 */
 		if (!(fdtype == SOCK_STREAM && listen(0,5) == -1)) {
-			_rpcfdtype = fdtype;
+			switch(fdtype) {
+			case SOCK_DGRAM:
+				NFSCTL_UDPSET(_rpcprotobits);
+				break;
+			case SOCK_STREAM:
+				NFSCTL_TCPSET(_rpcprotobits);
+				break;
+			default:
+				xlog(L_FATAL, "getsockopt returns bad socket type: %d", fdtype);
+			}
 			_rpcpmstart = 1;
 		}
 	}
@@ -139,7 +148,7 @@ rpc_init(char *name, int prog, int vers,
 		sock = RPC_ANYSOCK;
 	}
 
-	if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_DGRAM)) {
+	if (NFSCTL_UDPISSET(_rpcprotobits)) {
 		static SVCXPRT *last_transp = NULL;
 
 		if (_rpcpmstart == 0) {
@@ -167,7 +176,7 @@ rpc_init(char *name, int prog, int vers,
 		last_transp = transp;
 	}
 
-	if ((_rpcfdtype == 0) || (_rpcfdtype == SOCK_STREAM)) {
+	if (NFSCTL_TCPISSET(_rpcprotobits)) {
 		static SVCXPRT *last_transp = NULL;
 
 		if (_rpcpmstart == 0) {
diff --git a/support/nfs/svc_create.c b/support/nfs/svc_create.c
index c159fc8..9ae2965 100644
--- a/support/nfs/svc_create.c
+++ b/support/nfs/svc_create.c
@@ -29,6 +29,7 @@
 #include <unistd.h>
 #include <errno.h>
 #include <netdb.h>
+#include "nfslib.h"
 
 #include <netinet/in.h>
 
@@ -417,6 +418,10 @@ nfs_svc_create(char *name, const rpcprog_t program, const rpcvers_t version,
 		if (!(nconf->nc_flag & NC_VISIBLE))
 			continue;
 		visible++;
+
+		if (!strcmp(nconf->nc_proto, NC_TCP) && !NFSCTL_TCPISSET(_rpcprotobits))
+			continue;
+
 		if (port == 0)
 			servport = getservport(program, nconf->nc_proto);
 		else
diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index 993b6e6..f918472 100644
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -755,7 +755,7 @@ main(int argc, char **argv)
 			nfs_version &= ~NFSVERSBIT(vers);
 			break;
 		case 'n':
-			_rpcfdtype = SOCK_DGRAM;
+			NFSCTL_TCPUNSET(_rpcprotobits);
 			break;
 		case 'r':
 			reverse_resolve = 1;
-- 
1.8.3.1

[PATCH 2/3] mountd: Deprecate the ability to disable TCP listeners.

[Steve Dickson]

Disable the ability to turn off TCP listeners since that
is the protocol now required and best suited for
NFS traffic.

Signed-off-by: Steve Dickson <steved@redhat.com>
---
 utils/mountd/mountd.c   | 11 +++++++----
 utils/mountd/mountd.man |  3 ---
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index f918472..b762301 100644
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -755,7 +755,10 @@ main(int argc, char **argv)
 			nfs_version &= ~NFSVERSBIT(vers);
 			break;
 		case 'n':
-			NFSCTL_TCPUNSET(_rpcprotobits);
+			fprintf(stderr, 
+				"Deprecated: The -n flag (the ability to disable TCP listeners)" \
+				" is no longer supported\n");
+			usage(progname, 1);
 			break;
 		case 'r':
 			reverse_resolve = 1;
@@ -905,8 +908,8 @@ usage(const char *prog, int n)
 "Usage: %s [-F|--foreground] [-h|--help] [-v|--version] [-d kind|--debug kind]\n"
 "	[-o num|--descriptors num] [-f exports-file|--exports-file=file]\n"
 "	[-p|--port port] [-V version|--nfs-version version]\n"
-"	[-N version|--no-nfs-version version] [-n|--no-tcp]\n"
-"	[-H ha-callout-prog] [-s|--state-directory-path path]\n"
-"	[-g|--manage-gids] [-t num|--num-threads=num]\n", prog);
+"	[-N version|--no-nfs-version version] [-H ha-callout-prog]\n"
+"	[-s|--state-directory-path path][-g|--manage-gids] \n"
+"	[-t num|--num-threads=num]\n", prog);
 	exit(n);
 }
diff --git a/utils/mountd/mountd.man b/utils/mountd/mountd.man
index b60dc90..c049e35 100644
--- a/utils/mountd/mountd.man
+++ b/utils/mountd/mountd.man
@@ -112,9 +112,6 @@ either one of these version should not be offered,
 must be invoked with the option
 .B "\-\-no-nfs-version <vers>" .
 .TP
-.B \-n " or " \-\-no-tcp
-Don't advertise TCP for mount.
-.TP
 .B \-P
 Ignored (compatibility with unfsd??).
 .TP
-- 
1.8.3.1

[PATCH 3/3] mountd: Add the ability to disable UDP listeners.

[Steve Dickson]

Add the ability to turn off UDP listeners with the
new "-u | --no-udp" flag.

Signed-off-by: Steve Dickson <steved@redhat.com>
---
 support/nfs/svc_create.c | 2 +-
 utils/mountd/mountd.c    | 8 ++++++--
 utils/mountd/mountd.man  | 3 +++
 3 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/support/nfs/svc_create.c b/support/nfs/svc_create.c
index 9ae2965..dac17d9 100644
--- a/support/nfs/svc_create.c
+++ b/support/nfs/svc_create.c
@@ -419,7 +419,7 @@ nfs_svc_create(char *name, const rpcprog_t program, const rpcvers_t version,
 			continue;
 		visible++;
 
-		if (!strcmp(nconf->nc_proto, NC_TCP) && !NFSCTL_TCPISSET(_rpcprotobits))
+		if (!strcmp(nconf->nc_proto, NC_UDP) && !NFSCTL_UDPISSET(_rpcprotobits))
 			continue;
 
 		if (port == 0)
diff --git a/utils/mountd/mountd.c b/utils/mountd/mountd.c
index b762301..fa6cf80 100644
--- a/utils/mountd/mountd.c
+++ b/utils/mountd/mountd.c
@@ -68,6 +68,7 @@ static struct option longopts[] =
 	{ "num-threads", 1, 0, 't' },
 	{ "reverse-lookup", 0, 0, 'r' },
 	{ "manage-gids", 0, 0, 'g' },
+	{ "no-udp", 0, 0, 'u' },
 	{ NULL, 0, 0, 0 }
 };
 
@@ -708,7 +709,7 @@ main(int argc, char **argv)
 
 	/* Parse the command line options and arguments. */
 	opterr = 0;
-	while ((c = getopt_long(argc, argv, "o:nFd:f:p:P:hH:N:V:vrs:t:g", longopts, NULL)) != EOF)
+	while ((c = getopt_long(argc, argv, "o:nFd:f:p:P:hH:N:V:vurs:t:g", longopts, NULL)) != EOF)
 		switch (c) {
 		case 'g':
 			manage_gids = 1;
@@ -785,6 +786,9 @@ main(int argc, char **argv)
 		case 'v':
 			printf("%s version " VERSION "\n", progname);
 			exit(0);
+		case 'u':
+			NFSCTL_UDPUNSET(_rpcprotobits);
+			break;
 		case 0:
 			break;
 		case '?':
@@ -910,6 +914,6 @@ usage(const char *prog, int n)
 "	[-p|--port port] [-V version|--nfs-version version]\n"
 "	[-N version|--no-nfs-version version] [-H ha-callout-prog]\n"
 "	[-s|--state-directory-path path][-g|--manage-gids] \n"
-"	[-t num|--num-threads=num]\n", prog);
+"	[-t num|--num-threads=num] [-u|--no-udp]\n", prog);
 	exit(n);
 }
diff --git a/utils/mountd/mountd.man b/utils/mountd/mountd.man
index c049e35..5d99659 100644
--- a/utils/mountd/mountd.man
+++ b/utils/mountd/mountd.man
@@ -178,6 +178,9 @@ threads are usually only needed for NFS servers which need to handle
 mount storms of hundreds of NFS mounts in a few seconds, or when
 your DNS server is slow or unreliable.
 .TP
+.B  \-u " or " \-\-no-udp
+Don't advertise UDP for mounting
+.TP
 .B \-V " or " \-\-nfs-version
 This option can be used to request that
 .B rpc.mountd
-- 
1.8.3.1

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Jeff Layton]

On Thu, 24 Oct 2013 14:17:10 -0400
Steve Dickson <steved@redhat.com> wrote:

> [ Here is the second try for these patches incorporating the code review..]
> 
> Recently it was pointed out to me that the [-n | --no-tcp] flags 
> were broken in mountd. Sure enough they are and they broke 
> when nfs-utils moved to using libtirpc, which was years ago.
> 
> Obviously nobody is using these flags since has not been 
> notice until now, but it seemed to me it no longer makes 
> any sense to have flags. We really want people to use TCP 
> so why should there be a way to turn it off? It should be
> the opposite... They should be able to turn off UDP listeners
> not TCP... 
> 
> 
> Steve Dickson (3):
>   mountd: Use protocol bit fields to turn protocols off.
>   mountd: Deprecate the ability to disable TCP listeners.
>   mountd: Add the ability to disable UDP listeners.
> 
>  support/include/rpcmisc.h |  2 +-
>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
>  support/nfs/svc_create.c  |  5 +++++
>  utils/mountd/mountd.c     | 17 ++++++++++++-----
>  utils/mountd/mountd.man   |  6 +++---
>  5 files changed, 35 insertions(+), 14 deletions(-)
> 

Sorry I'm coming in late on this...

I don't think we want to remove the ability to disable TCP listeners.

Why, you ask? We've been on a multi-year effort to move people to
NFSv4, and with that, there's no reason to have mountd listen on the
network at all.

So personally, I think it would make sense to:

a) allow people to disable listening on UDP in addition to TCP

...or...

b) add an option that prevents it from listening on any sockets for a
   v4-only configuration

In addition, we generally do want people to use UDP for the MNT
protocol because it's less apt to cause issues with reserved port
exhaustion. Given that it'll continue to listen on a UDP socket by
default, that last point is less of an issue, but that might be a good
reason to rethink this whole plan.

-- 
Jeff Layton <jlayton@redhat.com>

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Steve Dickson]

On 24/10/13 14:45, Jeff Layton wrote:
> On Thu, 24 Oct 2013 14:17:10 -0400
> Steve Dickson <steved@redhat.com> wrote:
> 
>> [ Here is the second try for these patches incorporating the code review..]
>>
>> Recently it was pointed out to me that the [-n | --no-tcp] flags 
>> were broken in mountd. Sure enough they are and they broke 
>> when nfs-utils moved to using libtirpc, which was years ago.
>>
>> Obviously nobody is using these flags since has not been 
>> notice until now, but it seemed to me it no longer makes 
>> any sense to have flags. We really want people to use TCP 
>> so why should there be a way to turn it off? It should be
>> the opposite... They should be able to turn off UDP listeners
>> not TCP... 
>>
>>
>> Steve Dickson (3):
>>   mountd: Use protocol bit fields to turn protocols off.
>>   mountd: Deprecate the ability to disable TCP listeners.
>>   mountd: Add the ability to disable UDP listeners.
>>
>>  support/include/rpcmisc.h |  2 +-
>>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
>>  support/nfs/svc_create.c  |  5 +++++
>>  utils/mountd/mountd.c     | 17 ++++++++++++-----
>>  utils/mountd/mountd.man   |  6 +++---
>>  5 files changed, 35 insertions(+), 14 deletions(-)
>>
> 
> Sorry I'm coming in late on this...
np... I was expecting more push back! ;-) 

> 
> I don't think we want to remove the ability to disable TCP listeners.
> 
> Why, you ask? We've been on a multi-year effort to move people to
> NFSv4, and with that, there's no reason to have mountd listen on the
> network at all.
True...

> 
> So personally, I think it would make sense to:
> 
> a) allow people to disable listening on UDP in addition to TCP
I see no reason whatsoever to turn off TCP listeners especially
since that is the protocol of choice... something we have 
be spouting about for years...  
 
> 
> ...or...
> 
> b) add an option that prevents it from listening on any sockets for a
>    v4-only configuration
In this case it would optimal to not even start mountd, unfortunately
due to exports reasons, it not possible... but it should be!! :-) 
  
> 
> In addition, we generally do want people to use UDP for the MNT
> protocol because it's less apt to cause issues with reserved port
> exhaustion. Given that it'll continue to listen on a UDP socket by
> default, that last point is less of an issue, but that might be a good
> reason to rethink this whole plan.
> 
I did think of this.... UDP is on by default... Is up the admin... 


steved.

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Jeff Layton]

On Thu, 24 Oct 2013 15:45:03 -0400
Steve Dickson <SteveD@redhat.com> wrote:

> 
> 
> On 24/10/13 14:45, Jeff Layton wrote:
> > On Thu, 24 Oct 2013 14:17:10 -0400
> > Steve Dickson <steved@redhat.com> wrote:
> > 
> >> [ Here is the second try for these patches incorporating the code review..]
> >>
> >> Recently it was pointed out to me that the [-n | --no-tcp] flags 
> >> were broken in mountd. Sure enough they are and they broke 
> >> when nfs-utils moved to using libtirpc, which was years ago.
> >>
> >> Obviously nobody is using these flags since has not been 
> >> notice until now, but it seemed to me it no longer makes 
> >> any sense to have flags. We really want people to use TCP 
> >> so why should there be a way to turn it off? It should be
> >> the opposite... They should be able to turn off UDP listeners
> >> not TCP... 
> >>
> >>
> >> Steve Dickson (3):
> >>   mountd: Use protocol bit fields to turn protocols off.
> >>   mountd: Deprecate the ability to disable TCP listeners.
> >>   mountd: Add the ability to disable UDP listeners.
> >>
> >>  support/include/rpcmisc.h |  2 +-
> >>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
> >>  support/nfs/svc_create.c  |  5 +++++
> >>  utils/mountd/mountd.c     | 17 ++++++++++++-----
> >>  utils/mountd/mountd.man   |  6 +++---
> >>  5 files changed, 35 insertions(+), 14 deletions(-)
> >>
> > 
> > Sorry I'm coming in late on this...
> np... I was expecting more push back! ;-) 
> 
> > 
> > I don't think we want to remove the ability to disable TCP listeners.
> > 
> > Why, you ask? We've been on a multi-year effort to move people to
> > NFSv4, and with that, there's no reason to have mountd listen on the
> > network at all.
> True...
> 
> > 
> > So personally, I think it would make sense to:
> > 
> > a) allow people to disable listening on UDP in addition to TCP
> I see no reason whatsoever to turn off TCP listeners especially
> since that is the protocol of choice... something we have 
> be spouting about for years...  
>  

There are reasons to be able to turn off TCP listeners:

If you're running a NFSv4-only server, there's no reason to allow it to
listen on TCP _or_ UDP sockets. I think that sort of environment is
going to become more prevalent in the future, not less.

> > 
> > ...or...
> > 
> > b) add an option that prevents it from listening on any sockets for a
> >    v4-only configuration
> In this case it would optimal to not even start mountd, unfortunately
> due to exports reasons, it not possible... but it should be!! :-) 
>   

Right, mountd has 2 jobs:

1) respond to MNT protocol requests from clients

...and...

2) feed exports info to the kernel

For v4, you obviously don't need the first role, so being able to
disable network listeners is a good thing in such a configuration.

> > 
> > In addition, we generally do want people to use UDP for the MNT
> > protocol because it's less apt to cause issues with reserved port
> > exhaustion. Given that it'll continue to listen on a UDP socket by
> > default, that last point is less of an issue, but that might be a good
> > reason to rethink this whole plan.
> > 
> I did think of this.... UDP is on by default... Is up the admin... 
> 

That's good. I have no objection to adding an option to disable UDP
listeners if the admin chooses. I just think it would be best to fix
the ability to disable TCP listeners as well instead of removing it.

-- 
Jeff Layton <jlayton@redhat.com>

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Steve Dickson]

On 25/10/13 07:43, Jeff Layton wrote:
> On Thu, 24 Oct 2013 15:45:03 -0400
> Steve Dickson <SteveD@redhat.com> wrote:
> 
>>
>>
>> On 24/10/13 14:45, Jeff Layton wrote:
>>> On Thu, 24 Oct 2013 14:17:10 -0400
>>> Steve Dickson <steved@redhat.com> wrote:
>>>
>>>> [ Here is the second try for these patches incorporating the code review..]
>>>>
>>>> Recently it was pointed out to me that the [-n | --no-tcp] flags 
>>>> were broken in mountd. Sure enough they are and they broke 
>>>> when nfs-utils moved to using libtirpc, which was years ago.
>>>>
>>>> Obviously nobody is using these flags since has not been 
>>>> notice until now, but it seemed to me it no longer makes 
>>>> any sense to have flags. We really want people to use TCP 
>>>> so why should there be a way to turn it off? It should be
>>>> the opposite... They should be able to turn off UDP listeners
>>>> not TCP... 
>>>>
>>>>
>>>> Steve Dickson (3):
>>>>   mountd: Use protocol bit fields to turn protocols off.
>>>>   mountd: Deprecate the ability to disable TCP listeners.
>>>>   mountd: Add the ability to disable UDP listeners.
>>>>
>>>>  support/include/rpcmisc.h |  2 +-
>>>>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
>>>>  support/nfs/svc_create.c  |  5 +++++
>>>>  utils/mountd/mountd.c     | 17 ++++++++++++-----
>>>>  utils/mountd/mountd.man   |  6 +++---
>>>>  5 files changed, 35 insertions(+), 14 deletions(-)
>>>>
>>>
>>> Sorry I'm coming in late on this...
>> np... I was expecting more push back! ;-) 
>>
>>>
>>> I don't think we want to remove the ability to disable TCP listeners.
>>>
>>> Why, you ask? We've been on a multi-year effort to move people to
>>> NFSv4, and with that, there's no reason to have mountd listen on the
>>> network at all.
>> True...
>>
>>>
>>> So personally, I think it would make sense to:
>>>
>>> a) allow people to disable listening on UDP in addition to TCP
>> I see no reason whatsoever to turn off TCP listeners especially
>> since that is the protocol of choice... something we have 
>> be spouting about for years...  
>>  
> 
> There are reasons to be able to turn off TCP listeners:
> 
> If you're running a NFSv4-only server, there's no reason to allow it to
> listen on TCP _or_ UDP sockets. I think that sort of environment is
> going to become more prevalent in the future, not less.
I ideally it would be best not to have mountd at all on NFSv4-only server.
Basically, have the kernel get its exports like it gets it ID mappings.
Until that day comes, which I hope fill be soon, the TCP listener 
only effects v3 mounts and we definitely want people to use TCP
with v3. 
 
 
> 
>>>
>>> ...or...
>>>
>>> b) add an option that prevents it from listening on any sockets for a
>>>    v4-only configuration
>> In this case it would optimal to not even start mountd, unfortunately
>> due to exports reasons, it not possible... but it should be!! :-) 
>>   
> 
> Right, mountd has 2 jobs:
> 
> 1) respond to MNT protocol requests from clients
> 
> ...and...
> 
> 2) feed exports info to the kernel
> 
> For v4, you obviously don't need the first role, so being able to
> disable network listeners is a good thing in such a configuration.
Again, I would rather build an v4 only environment where mountd
does not even run... 

steved.
 
> 
>>>
>>> In addition, we generally do want people to use UDP for the MNT
>>> protocol because it's less apt to cause issues with reserved port
>>> exhaustion. Given that it'll continue to listen on a UDP socket by
>>> default, that last point is less of an issue, but that might be a good
>>> reason to rethink this whole plan.
>>>
>> I did think of this.... UDP is on by default... Is up the admin... 
>>
> 
> That's good. I have no objection to adding an option to disable UDP
> listeners if the admin chooses. I just think it would be best to fix
> the ability to disable TCP listeners as well instead of removing it.
> 

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Jeff Layton]

On Fri, 25 Oct 2013 08:23:29 -0400
Steve Dickson <SteveD@redhat.com> wrote:

> 
> 
> On 25/10/13 07:43, Jeff Layton wrote:
> > On Thu, 24 Oct 2013 15:45:03 -0400
> > Steve Dickson <SteveD@redhat.com> wrote:
> > 
> >>
> >>
> >> On 24/10/13 14:45, Jeff Layton wrote:
> >>> On Thu, 24 Oct 2013 14:17:10 -0400
> >>> Steve Dickson <steved@redhat.com> wrote:
> >>>
> >>>> [ Here is the second try for these patches incorporating the code review..]
> >>>>
> >>>> Recently it was pointed out to me that the [-n | --no-tcp] flags 
> >>>> were broken in mountd. Sure enough they are and they broke 
> >>>> when nfs-utils moved to using libtirpc, which was years ago.
> >>>>
> >>>> Obviously nobody is using these flags since has not been 
> >>>> notice until now, but it seemed to me it no longer makes 
> >>>> any sense to have flags. We really want people to use TCP 
> >>>> so why should there be a way to turn it off? It should be
> >>>> the opposite... They should be able to turn off UDP listeners
> >>>> not TCP... 
> >>>>
> >>>>
> >>>> Steve Dickson (3):
> >>>>   mountd: Use protocol bit fields to turn protocols off.
> >>>>   mountd: Deprecate the ability to disable TCP listeners.
> >>>>   mountd: Add the ability to disable UDP listeners.
> >>>>
> >>>>  support/include/rpcmisc.h |  2 +-
> >>>>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
> >>>>  support/nfs/svc_create.c  |  5 +++++
> >>>>  utils/mountd/mountd.c     | 17 ++++++++++++-----
> >>>>  utils/mountd/mountd.man   |  6 +++---
> >>>>  5 files changed, 35 insertions(+), 14 deletions(-)
> >>>>
> >>>
> >>> Sorry I'm coming in late on this...
> >> np... I was expecting more push back! ;-) 
> >>
> >>>
> >>> I don't think we want to remove the ability to disable TCP listeners.
> >>>
> >>> Why, you ask? We've been on a multi-year effort to move people to
> >>> NFSv4, and with that, there's no reason to have mountd listen on the
> >>> network at all.
> >> True...
> >>
> >>>
> >>> So personally, I think it would make sense to:
> >>>
> >>> a) allow people to disable listening on UDP in addition to TCP
> >> I see no reason whatsoever to turn off TCP listeners especially
> >> since that is the protocol of choice... something we have 
> >> be spouting about for years...  
> >>  
> > 
> > There are reasons to be able to turn off TCP listeners:
> > 
> > If you're running a NFSv4-only server, there's no reason to allow it to
> > listen on TCP _or_ UDP sockets. I think that sort of environment is
> > going to become more prevalent in the future, not less.
> I ideally it would be best not to have mountd at all on NFSv4-only server.
> Basically, have the kernel get its exports like it gets it ID mappings.
> Until that day comes, which I hope fill be soon, the TCP listener 
> only effects v3 mounts and we definitely want people to use TCP
> with v3. 
>  

We want people to use TCP for NFS protocol with v3. In general however,
we do *not* want them using TCP for the MNT protocol. We've had many
problems in the past with clients hitting reserved port exhaustion due
to using TCP for short-lived sockets to carry MNT traffic. This is the
reason that the client defaults to UDP for MNT traffic.

>  
> > 
> >>>
> >>> ...or...
> >>>
> >>> b) add an option that prevents it from listening on any sockets for a
> >>>    v4-only configuration
> >> In this case it would optimal to not even start mountd, unfortunately
> >> due to exports reasons, it not possible... but it should be!! :-) 
> >>   
> > 
> > Right, mountd has 2 jobs:
> > 
> > 1) respond to MNT protocol requests from clients
> > 
> > ...and...
> > 
> > 2) feed exports info to the kernel
> > 
> > For v4, you obviously don't need the first role, so being able to
> > disable network listeners is a good thing in such a configuration.
> Again, I would rather build an v4 only environment where mountd
> does not even run... 
> 

I'd be fine with that. But until that materializes we're stuck with
running mountd in some form on the server.

>  
> > 
> >>>
> >>> In addition, we generally do want people to use UDP for the MNT
> >>> protocol because it's less apt to cause issues with reserved port
> >>> exhaustion. Given that it'll continue to listen on a UDP socket by
> >>> default, that last point is less of an issue, but that might be a good
> >>> reason to rethink this whole plan.
> >>>
> >> I did think of this.... UDP is on by default... Is up the admin... 
> >>
> > 
> > That's good. I have no objection to adding an option to disable UDP
> > listeners if the admin chooses. I just think it would be best to fix
> > the ability to disable TCP listeners as well instead of removing it.
> > 


-- 
Jeff Layton <jlayton@redhat.com>

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Steve Dickson]

On 25/10/13 08:29, Jeff Layton wrote:
> On Fri, 25 Oct 2013 08:23:29 -0400
> Steve Dickson <SteveD@redhat.com> wrote:
> 
>>
>>
>> On 25/10/13 07:43, Jeff Layton wrote:
>>> On Thu, 24 Oct 2013 15:45:03 -0400
>>> Steve Dickson <SteveD@redhat.com> wrote:
>>>
>>>>
>>>>
>>>> On 24/10/13 14:45, Jeff Layton wrote:
>>>>> On Thu, 24 Oct 2013 14:17:10 -0400
>>>>> Steve Dickson <steved@redhat.com> wrote:
>>>>>
>>>>>> [ Here is the second try for these patches incorporating the code review..]
>>>>>>
>>>>>> Recently it was pointed out to me that the [-n | --no-tcp] flags 
>>>>>> were broken in mountd. Sure enough they are and they broke 
>>>>>> when nfs-utils moved to using libtirpc, which was years ago.
>>>>>>
>>>>>> Obviously nobody is using these flags since has not been 
>>>>>> notice until now, but it seemed to me it no longer makes 
>>>>>> any sense to have flags. We really want people to use TCP 
>>>>>> so why should there be a way to turn it off? It should be
>>>>>> the opposite... They should be able to turn off UDP listeners
>>>>>> not TCP... 
>>>>>>
>>>>>>
>>>>>> Steve Dickson (3):
>>>>>>   mountd: Use protocol bit fields to turn protocols off.
>>>>>>   mountd: Deprecate the ability to disable TCP listeners.
>>>>>>   mountd: Add the ability to disable UDP listeners.
>>>>>>
>>>>>>  support/include/rpcmisc.h |  2 +-
>>>>>>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
>>>>>>  support/nfs/svc_create.c  |  5 +++++
>>>>>>  utils/mountd/mountd.c     | 17 ++++++++++++-----
>>>>>>  utils/mountd/mountd.man   |  6 +++---
>>>>>>  5 files changed, 35 insertions(+), 14 deletions(-)
>>>>>>
>>>>>
>>>>> Sorry I'm coming in late on this...
>>>> np... I was expecting more push back! ;-) 
>>>>
>>>>>
>>>>> I don't think we want to remove the ability to disable TCP listeners.
>>>>>
>>>>> Why, you ask? We've been on a multi-year effort to move people to
>>>>> NFSv4, and with that, there's no reason to have mountd listen on the
>>>>> network at all.
>>>> True...
>>>>
>>>>>
>>>>> So personally, I think it would make sense to:
>>>>>
>>>>> a) allow people to disable listening on UDP in addition to TCP
>>>> I see no reason whatsoever to turn off TCP listeners especially
>>>> since that is the protocol of choice... something we have 
>>>> be spouting about for years...  
>>>>  
>>>
>>> There are reasons to be able to turn off TCP listeners:
>>>
>>> If you're running a NFSv4-only server, there's no reason to allow it to
>>> listen on TCP _or_ UDP sockets. I think that sort of environment is
>>> going to become more prevalent in the future, not less.
>> I ideally it would be best not to have mountd at all on NFSv4-only server.
>> Basically, have the kernel get its exports like it gets it ID mappings.
>> Until that day comes, which I hope fill be soon, the TCP listener 
>> only effects v3 mounts and we definitely want people to use TCP
>> with v3. 
>>  
> 
> We want people to use TCP for NFS protocol with v3. In general however,
> we do *not* want them using TCP for the MNT protocol. We've had many
> problems in the past with clients hitting reserved port exhaustion due
> to using TCP for short-lived sockets to carry MNT traffic. This is the
> reason that the client defaults to UDP for MNT traffic.
True... but with v4 now being the default, the admin would really have
to change things for this to happen... 

I guess I really don't care if they can or can not turn off UDP,
I just think it makes sense  for people to be able to disable
the best transport for v3 mounts... 

steved.

> 
>>  
>>>
>>>>>
>>>>> ...or...
>>>>>
>>>>> b) add an option that prevents it from listening on any sockets for a
>>>>>    v4-only configuration
>>>> In this case it would optimal to not even start mountd, unfortunately
>>>> due to exports reasons, it not possible... but it should be!! :-) 
>>>>   
>>>
>>> Right, mountd has 2 jobs:
>>>
>>> 1) respond to MNT protocol requests from clients
>>>
>>> ...and...
>>>
>>> 2) feed exports info to the kernel
>>>
>>> For v4, you obviously don't need the first role, so being able to
>>> disable network listeners is a good thing in such a configuration.
>> Again, I would rather build an v4 only environment where mountd
>> does not even run... 
>>
> 
> I'd be fine with that. But until that materializes we're stuck with
> running mountd in some form on the server.
> 
>>  
>>>
>>>>>
>>>>> In addition, we generally do want people to use UDP for the MNT
>>>>> protocol because it's less apt to cause issues with reserved port
>>>>> exhaustion. Given that it'll continue to listen on a UDP socket by
>>>>> default, that last point is less of an issue, but that might be a good
>>>>> reason to rethink this whole plan.
>>>>>
>>>> I did think of this.... UDP is on by default... Is up the admin... 
>>>>
>>>
>>> That's good. I have no objection to adding an option to disable UDP
>>> listeners if the admin chooses. I just think it would be best to fix
>>> the ability to disable TCP listeners as well instead of removing it.
>>>
> 
> 

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Jeff Layton]

On Fri, 25 Oct 2013 08:55:23 -0400
Steve Dickson <SteveD@redhat.com> wrote:

> 
> 
> On 25/10/13 08:29, Jeff Layton wrote:
> > On Fri, 25 Oct 2013 08:23:29 -0400
> > Steve Dickson <SteveD@redhat.com> wrote:
> > 
> >>
> >>
> >> On 25/10/13 07:43, Jeff Layton wrote:
> >>> On Thu, 24 Oct 2013 15:45:03 -0400
> >>> Steve Dickson <SteveD@redhat.com> wrote:
> >>>
> >>>>
> >>>>
> >>>> On 24/10/13 14:45, Jeff Layton wrote:
> >>>>> On Thu, 24 Oct 2013 14:17:10 -0400
> >>>>> Steve Dickson <steved@redhat.com> wrote:
> >>>>>
> >>>>>> [ Here is the second try for these patches incorporating the code review..]
> >>>>>>
> >>>>>> Recently it was pointed out to me that the [-n | --no-tcp] flags 
> >>>>>> were broken in mountd. Sure enough they are and they broke 
> >>>>>> when nfs-utils moved to using libtirpc, which was years ago.
> >>>>>>
> >>>>>> Obviously nobody is using these flags since has not been 
> >>>>>> notice until now, but it seemed to me it no longer makes 
> >>>>>> any sense to have flags. We really want people to use TCP 
> >>>>>> so why should there be a way to turn it off? It should be
> >>>>>> the opposite... They should be able to turn off UDP listeners
> >>>>>> not TCP... 
> >>>>>>
> >>>>>>
> >>>>>> Steve Dickson (3):
> >>>>>>   mountd: Use protocol bit fields to turn protocols off.
> >>>>>>   mountd: Deprecate the ability to disable TCP listeners.
> >>>>>>   mountd: Add the ability to disable UDP listeners.
> >>>>>>
> >>>>>>  support/include/rpcmisc.h |  2 +-
> >>>>>>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
> >>>>>>  support/nfs/svc_create.c  |  5 +++++
> >>>>>>  utils/mountd/mountd.c     | 17 ++++++++++++-----
> >>>>>>  utils/mountd/mountd.man   |  6 +++---
> >>>>>>  5 files changed, 35 insertions(+), 14 deletions(-)
> >>>>>>
> >>>>>
> >>>>> Sorry I'm coming in late on this...
> >>>> np... I was expecting more push back! ;-) 
> >>>>
> >>>>>
> >>>>> I don't think we want to remove the ability to disable TCP listeners.
> >>>>>
> >>>>> Why, you ask? We've been on a multi-year effort to move people to
> >>>>> NFSv4, and with that, there's no reason to have mountd listen on the
> >>>>> network at all.
> >>>> True...
> >>>>
> >>>>>
> >>>>> So personally, I think it would make sense to:
> >>>>>
> >>>>> a) allow people to disable listening on UDP in addition to TCP
> >>>> I see no reason whatsoever to turn off TCP listeners especially
> >>>> since that is the protocol of choice... something we have 
> >>>> be spouting about for years...  
> >>>>  
> >>>
> >>> There are reasons to be able to turn off TCP listeners:
> >>>
> >>> If you're running a NFSv4-only server, there's no reason to allow it to
> >>> listen on TCP _or_ UDP sockets. I think that sort of environment is
> >>> going to become more prevalent in the future, not less.
> >> I ideally it would be best not to have mountd at all on NFSv4-only server.
> >> Basically, have the kernel get its exports like it gets it ID mappings.
> >> Until that day comes, which I hope fill be soon, the TCP listener 
> >> only effects v3 mounts and we definitely want people to use TCP
> >> with v3. 
> >>  
> > 
> > We want people to use TCP for NFS protocol with v3. In general however,
> > we do *not* want them using TCP for the MNT protocol. We've had many
> > problems in the past with clients hitting reserved port exhaustion due
> > to using TCP for short-lived sockets to carry MNT traffic. This is the
> > reason that the client defaults to UDP for MNT traffic.
> True... but with v4 now being the default, the admin would really have
> to change things for this to happen... 
> 
> I guess I really don't care if they can or can not turn off UDP,
> I just think it makes sense  for people to be able to disable
> the best transport for v3 mounts... 
> 
> steved.
> 

Ok, but then we go back to my original point. The best configuration
in a v4-only environment is to prevent mountd from listening on any
sockets. If you add the '-u' flag, and fix the '-n' flag, then users
can do that. OTOH, adding a -u flag and getting rid of the -n flag
seems pointless.

Let's step back a moment...

Why do you think it's better for v2/3 clients to use TCP vs. UDP for
MNT traffic? I've always thought that the reverse is true since these
sockets are almost always very short-lived.

-- 
Jeff Layton <jlayton@redhat.com>

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Steve Dickson]

On 25/10/13 09:03, Jeff Layton wrote:
> On Fri, 25 Oct 2013 08:55:23 -0400
> Steve Dickson <SteveD@redhat.com> wrote:
> 
>>
>>
>> On 25/10/13 08:29, Jeff Layton wrote:
>>> On Fri, 25 Oct 2013 08:23:29 -0400
>>> Steve Dickson <SteveD@redhat.com> wrote:
>>>
>>>>
>>>>
>>>> On 25/10/13 07:43, Jeff Layton wrote:
>>>>> On Thu, 24 Oct 2013 15:45:03 -0400
>>>>> Steve Dickson <SteveD@redhat.com> wrote:
>>>>>
>>>>>>
>>>>>>
>>>>>> On 24/10/13 14:45, Jeff Layton wrote:
>>>>>>> On Thu, 24 Oct 2013 14:17:10 -0400
>>>>>>> Steve Dickson <steved@redhat.com> wrote:
>>>>>>>
>>>>>>>> [ Here is the second try for these patches incorporating the code review..]
>>>>>>>>
>>>>>>>> Recently it was pointed out to me that the [-n | --no-tcp] flags 
>>>>>>>> were broken in mountd. Sure enough they are and they broke 
>>>>>>>> when nfs-utils moved to using libtirpc, which was years ago.
>>>>>>>>
>>>>>>>> Obviously nobody is using these flags since has not been 
>>>>>>>> notice until now, but it seemed to me it no longer makes 
>>>>>>>> any sense to have flags. We really want people to use TCP 
>>>>>>>> so why should there be a way to turn it off? It should be
>>>>>>>> the opposite... They should be able to turn off UDP listeners
>>>>>>>> not TCP... 
>>>>>>>>
>>>>>>>>
>>>>>>>> Steve Dickson (3):
>>>>>>>>   mountd: Use protocol bit fields to turn protocols off.
>>>>>>>>   mountd: Deprecate the ability to disable TCP listeners.
>>>>>>>>   mountd: Add the ability to disable UDP listeners.
>>>>>>>>
>>>>>>>>  support/include/rpcmisc.h |  2 +-
>>>>>>>>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
>>>>>>>>  support/nfs/svc_create.c  |  5 +++++
>>>>>>>>  utils/mountd/mountd.c     | 17 ++++++++++++-----
>>>>>>>>  utils/mountd/mountd.man   |  6 +++---
>>>>>>>>  5 files changed, 35 insertions(+), 14 deletions(-)
>>>>>>>>
>>>>>>>
>>>>>>> Sorry I'm coming in late on this...
>>>>>> np... I was expecting more push back! ;-) 
>>>>>>
>>>>>>>
>>>>>>> I don't think we want to remove the ability to disable TCP listeners.
>>>>>>>
>>>>>>> Why, you ask? We've been on a multi-year effort to move people to
>>>>>>> NFSv4, and with that, there's no reason to have mountd listen on the
>>>>>>> network at all.
>>>>>> True...
>>>>>>
>>>>>>>
>>>>>>> So personally, I think it would make sense to:
>>>>>>>
>>>>>>> a) allow people to disable listening on UDP in addition to TCP
>>>>>> I see no reason whatsoever to turn off TCP listeners especially
>>>>>> since that is the protocol of choice... something we have 
>>>>>> be spouting about for years...  
>>>>>>  
>>>>>
>>>>> There are reasons to be able to turn off TCP listeners:
>>>>>
>>>>> If you're running a NFSv4-only server, there's no reason to allow it to
>>>>> listen on TCP _or_ UDP sockets. I think that sort of environment is
>>>>> going to become more prevalent in the future, not less.
>>>> I ideally it would be best not to have mountd at all on NFSv4-only server.
>>>> Basically, have the kernel get its exports like it gets it ID mappings.
>>>> Until that day comes, which I hope fill be soon, the TCP listener 
>>>> only effects v3 mounts and we definitely want people to use TCP
>>>> with v3. 
>>>>  
>>>
>>> We want people to use TCP for NFS protocol with v3. In general however,
>>> we do *not* want them using TCP for the MNT protocol. We've had many
>>> problems in the past with clients hitting reserved port exhaustion due
>>> to using TCP for short-lived sockets to carry MNT traffic. This is the
>>> reason that the client defaults to UDP for MNT traffic.
>> True... but with v4 now being the default, the admin would really have
>> to change things for this to happen... 
>>
>> I guess I really don't care if they can or can not turn off UDP,
>> I just think it makes sense  for people to be able to disable
>> the best transport for v3 mounts... 
>>
>> steved.
>>
> 
> Ok, but then we go back to my original point. The best configuration
> in a v4-only environment is to prevent mountd from listening on any
> sockets. If you add the '-u' flag, and fix the '-n' flag, then users
> can do that. OTOH, adding a -u flag and getting rid of the -n flag
> seems pointless.
This these patches have nothing to do with v4 mounts... The are all
about limiting people to use the TCP mounts for v2/v3 mounts... 
 
> 
> Let's step back a moment...
> 
> Why do you think it's better for v2/3 clients to use TCP vs. UDP for
> MNT traffic? I've always thought that the reverse is true since these
> sockets are almost always very short-lived.
Obviously UDP... but the code will try TCP if UDP does not exists...
Again, with v4 being the default, people would really have work hard
to put themselves in this position... 

steved.

> 

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[J. Bruce Fields]

On Fri, Oct 25, 2013 at 08:23:29AM -0400, Steve Dickson wrote:
> 
> 
> On 25/10/13 07:43, Jeff Layton wrote:
> > On Thu, 24 Oct 2013 15:45:03 -0400
> > Steve Dickson <SteveD@redhat.com> wrote:
> > 
> >>
> >>
> >> On 24/10/13 14:45, Jeff Layton wrote:
> >>> On Thu, 24 Oct 2013 14:17:10 -0400
> >>> Steve Dickson <steved@redhat.com> wrote:
> >>>
> >>>> [ Here is the second try for these patches incorporating the code review..]
> >>>>
> >>>> Recently it was pointed out to me that the [-n | --no-tcp] flags 
> >>>> were broken in mountd. Sure enough they are and they broke 
> >>>> when nfs-utils moved to using libtirpc, which was years ago.
> >>>>
> >>>> Obviously nobody is using these flags since has not been 
> >>>> notice until now, but it seemed to me it no longer makes 
> >>>> any sense to have flags. We really want people to use TCP 
> >>>> so why should there be a way to turn it off? It should be
> >>>> the opposite... They should be able to turn off UDP listeners
> >>>> not TCP... 
> >>>>
> >>>>
> >>>> Steve Dickson (3):
> >>>>   mountd: Use protocol bit fields to turn protocols off.
> >>>>   mountd: Deprecate the ability to disable TCP listeners.
> >>>>   mountd: Add the ability to disable UDP listeners.
> >>>>
> >>>>  support/include/rpcmisc.h |  2 +-
> >>>>  support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
> >>>>  support/nfs/svc_create.c  |  5 +++++
> >>>>  utils/mountd/mountd.c     | 17 ++++++++++++-----
> >>>>  utils/mountd/mountd.man   |  6 +++---
> >>>>  5 files changed, 35 insertions(+), 14 deletions(-)
> >>>>
> >>>
> >>> Sorry I'm coming in late on this...
> >> np... I was expecting more push back! ;-) 
> >>
> >>>
> >>> I don't think we want to remove the ability to disable TCP listeners.
> >>>
> >>> Why, you ask? We've been on a multi-year effort to move people to
> >>> NFSv4, and with that, there's no reason to have mountd listen on the
> >>> network at all.
> >> True...
> >>
> >>>
> >>> So personally, I think it would make sense to:
> >>>
> >>> a) allow people to disable listening on UDP in addition to TCP
> >> I see no reason whatsoever to turn off TCP listeners especially
> >> since that is the protocol of choice... something we have 
> >> be spouting about for years...  
> >>  
> > 
> > There are reasons to be able to turn off TCP listeners:
> > 
> > If you're running a NFSv4-only server, there's no reason to allow it to
> > listen on TCP _or_ UDP sockets. I think that sort of environment is
> > going to become more prevalent in the future, not less.
> I ideally it would be best not to have mountd at all on NFSv4-only server.
> Basically, have the kernel get its exports like it gets it ID mappings.
> Until that day comes, which I hope fill be soon, the TCP listener 
> only effects v3 mounts and we definitely want people to use TCP
> with v3. 

I'm not sure if we want to do that, but note one thing we'll need to do
before then is solve the namespace problems.  (We don't currently have a
good way to run the usermode helper in the right container.)

--b.

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Chuck Lever]

On Oct 24, 2013, at 2:17 PM, Steve Dickson <SteveD@redhat.com> wrote:

> [ Here is the second try for these patches incorporating the code review..]
> 
> Recently it was pointed out to me that the [-n | --no-tcp] flags 
> were broken in mountd. Sure enough they are and they broke 
> when nfs-utils moved to using libtirpc, which was years ago.
> 
> Obviously nobody is using these flags since has not been 
> notice until now,

Agreed, we have clear evidence of that.  Removing the "no TCP" flag makes sense.

> but it seemed to me it no longer makes 
> any sense to have flags. We really want people to use TCP 
> so why should there be a way to turn it off? It should be
> the opposite... They should be able to turn off UDP listeners
> not TCP...

If noone is using --no-tcp now, what makes you believe that anyone would want to use --no-udp?

And, why do we want to force people to use TCP for MNT?  That's going to be a disaster for clients that perform a large number of mounts at once -- I think we even have bugs describing this scenario -- it will suck up the reserved port space on clients faster than you can say "Jack Robinson."

Let's wait for a concrete user request for such a feature.


> Steve Dickson (3):
>  mountd: Use protocol bit fields to turn protocols off.
>  mountd: Deprecate the ability to disable TCP listeners.
>  mountd: Add the ability to disable UDP listeners.
> 
> support/include/rpcmisc.h |  2 +-
> support/nfs/rpcmisc.c     | 19 ++++++++++++++-----
> support/nfs/svc_create.c  |  5 +++++
> utils/mountd/mountd.c     | 17 ++++++++++++-----
> utils/mountd/mountd.man   |  6 +++---
> 5 files changed, 35 insertions(+), 14 deletions(-)
> 
> -- 
> 1.8.3.1
> 
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

-- 
Chuck Lever
chuck[dot]lever[at]oracle[dot]com

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Steve Dickson]

On 25/10/13 10:20, J. Bruce Fields wrote:
>> I ideally it would be best not to have mountd at all on NFSv4-only server.
>> > Basically, have the kernel get its exports like it gets it ID mappings.
>> > Until that day comes, which I hope fill be soon, the TCP listener 
>> > only effects v3 mounts and we definitely want people to use TCP
>> > with v3. 
> I'm not sure if we want to do that, but note one thing we'll need to do
> before then is solve the namespace problems.  (We don't currently have a
> good way to run the usermode helper in the right container.)

Sorry for not keeping up on the container work and possibly asking
dumb question... but there can be different exports per container?
I thought it was just different IPs per container....

If so, how does that work today? 

steved.
 

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[J. Bruce Fields]

On Fri, Oct 25, 2013 at 11:18:03AM -0400, Steve Dickson wrote:
> On 25/10/13 10:20, J. Bruce Fields wrote:
> >> I ideally it would be best not to have mountd at all on NFSv4-only server.
> >> > Basically, have the kernel get its exports like it gets it ID mappings.
> >> > Until that day comes, which I hope fill be soon, the TCP listener 
> >> > only effects v3 mounts and we definitely want people to use TCP
> >> > with v3. 
> > I'm not sure if we want to do that, but note one thing we'll need to do
> > before then is solve the namespace problems.  (We don't currently have a
> > good way to run the usermode helper in the right container.)
> 
> Sorry for not keeping up on the container work and possibly asking
> dumb question... but there can be different exports per container?

Yes, definitely.

> I thought it was just different IPs per container....
> 
> If so, how does that work today? 

It should work (except possibly for state recovery).  I haven't tested
it yet, though I hope to.  Stanislav has.

--b.

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[Stanislav Kinsbursky]

Guys, feel free to mail me.
It's a pure luck that I read this mail...
Yes, different exports for containers definitelly were working in past.
And, actually, it's not that easy to break this functionaly since there are not special code parts to support sucn exports in containers.

Пользователь "J. Bruce Fields" <bfields@fieldses.org> писал:


On Fri, Oct 25, 2013 at 11:18:03AM -0400, Steve Dickson wrote:
> On 25/10/13 10:20, J. Bruce Fields wrote:
> >> I ideally it would be best not to have mountd at all on NFSv4-only server.
> >> > Basically, have the kernel get its exports like it gets it ID mappings.
> >> > Until that day comes, which I hope fill be soon, the TCP listener
> >> > only effects v3 mounts and we definitely want people to use TCP
> >> > with v3.
> > I'm not sure if we want to do that, but note one thing we'll need to do
> > before then is solve the namespace problems.  (We don't currently have a
> > good way to run the usermode helper in the right container.)
>
> Sorry for not keeping up on the container work and possibly asking
> dumb question... but there can be different exports per container?

Yes, definitely.

> I thought it was just different IPs per container....
>
> If so, how does that work today?

It should work (except possibly for state recovery).  I haven't tested
it yet, though I hope to.  Stanislav has.

--b.
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Re: [PATCH 0/3] mountd: disabling turning off TCP listeners (v2)

[J. Bruce Fields]

On Sat, Oct 26, 2013 at 07:10:22PM +0000, Stanislav Kinsbursky wrote:
> Guys, feel free to mail me.
> It's a pure luck that I read this mail...

Hah, sorry, yes, I was been lazy, should have added the cc.

> Yes, different exports for containers definitelly were working in past.
> And, actually, it's not that easy to break this functionaly since there are not special code parts to support sucn exports in containers.

Yes, it's not that I'm worried about it so much as that there are things
I'd like to try using it for.

Though it probably would be a good idea to set up some simple regression
tests.

--b.

> 
> Пользователь "J. Bruce Fields" <bfields@fieldses.org> писал:
> 
> 
> On Fri, Oct 25, 2013 at 11:18:03AM -0400, Steve Dickson wrote:
> > On 25/10/13 10:20, J. Bruce Fields wrote:
> > >> I ideally it would be best not to have mountd at all on NFSv4-only server.
> > >> > Basically, have the kernel get its exports like it gets it ID mappings.
> > >> > Until that day comes, which I hope fill be soon, the TCP listener
> > >> > only effects v3 mounts and we definitely want people to use TCP
> > >> > with v3.
> > > I'm not sure if we want to do that, but note one thing we'll need to do
> > > before then is solve the namespace problems.  (We don't currently have a
> > > good way to run the usermode helper in the right container.)
> >
> > Sorry for not keeping up on the container work and possibly asking
> > dumb question... but there can be different exports per container?
> 
> Yes, definitely.
> 
> > I thought it was just different IPs per container....
> >
> > If so, how does that work today?
> 
> It should work (except possibly for state recovery).  I haven't tested
> it yet, though I hope to.  Stanislav has.
> 
> --b.
> --
> To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html