# NFSv4 Input/output error



## anjar (Sep 15, 2009)

I have been trying to set up NFSv4 + Kerberos on my server. The export seems to mount fine on the client but any actions cause I/O errors.
Client and server are running FreeBSD 8.0-BETA4

Client commands

```
$ kinit
...
$ mount -t nfs -o nfsv4,tcp,rw,sec=krb5p myserver.mydomain:/ /mnt/ex
$ ls /mnt/ex
nfsv4 client/server protocol prob err=10020
nfsv4 client/server protocol prob err=10020
ls: : Input/output error
```

/etc/exports

```
V4: /export -sec=krb5p myclient.mydomain myserver.mydomain
```

Client /etc/rc.conf

```
nfs_client_enable="YES"
nfsuserd_enable="YES"
nfscbd_enable="YES"
gssd_enable="YES"
```

Server /etc/rc.conf

```
kerberos5_server="/usr/local/sbin/krb5kdc"
kadmind5_server="/usr/local/sbin/kadmind"
kerberos5_server_enable="YES"
kadmind5_server_enable="YES"

gssd_enable="YES"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
nfsuserd_flags="-verbose"
nfs_access_cache="60"
nfs_server_enable="YES"
nfs_server_flags="-e -t -u -h 192.168.1.200 -n 4"
mountd_enable="YES"
mountd_flags="-r -e -h 192.168.1.200 -l"
rpc_lockd_enable="YES"
rpc_statd_enable="YES"
rpcbind_enable="YES"
rpcbind_flags="-L -l -h 192.168.1.200"
```

Any help would be great.

Thanks


----------



## k561 (Oct 18, 2010)

At me the same problem. Please help.

Problem:

```
[B]client[/B]
#mount_nfs -o tcp,nfsv4,sec=sys 192.168.2.1:/ /home

# mount|grep home
192.168.2.1:/ on /home (newnfs)

# ls /home
ls: /home: Input/output error

# tail -1 /var/log/messages
Oct 18 14:57:16 cl1 kernel: nfsv4 client/server protocol prob err=10020

[B]server[/B]
# tail -2 /var/log/messages
Oct 18 14:57:16 cl2 nfsuserd:[5794]: Added uid=0 name=root
Oct 18 14:57:16 cl2 nfsuserd:[5795]: Added gid=0 name=wheel
```

Parameters of the client

```
# uname -rm
8.1-RELEASE-p1 i386

# grep nfs /etc/rc.conf
nfsuserd_enable="YES"
nfscbd_enable="YES"

The kernel is compiled with an option: options NFSCL
```

Parameters of the server:

```
# uname -rm
8.1-RELEASE-p1 i386

# grep -E '(nfs|mount)' /etc/rc.conf
nfs_server_flags="-e -t -n 4"
mountd_flags="-e -r"
mountd_enable="YES"
nfs_server_enable="YES"
nfsv4_server_enable="YES"
nfsuserd_enable="YES"
nfsuserd_flags="-verbose"

# cat /etc/exports
V4: /home   -sec=sys        -network 192.168.2.0 -mask 255.255.255.0
```


----------



## k561 (Oct 18, 2010)

On the client has taken readings tcpdump (`tcpdump -n -s0 host 192.168.2.1`)

`#mount_nfs -o tcp,nfsv4,sec=sys 192.168.2.1:/ /home`

```
[noparse]
19:08:45.675127 IP 192.168.2.2.927 > 192.168.2.1.2049: Flags [S], seq 2324900067, win 65535, options [mss 1460,nop,wscale 5,sackOK,TS val 186567 ecr 0], length 0
19:08:45.675316 IP 192.168.2.1.2049 > 192.168.2.2.927: Flags [S.], seq 2185645414, ack 2324900068, win 65535, options [mss 1460,nop,wscale 3,sackOK,TS val 2762913139 ecr 186567], length 0
19:08:45.675361 IP 192.168.2.2.927 > 192.168.2.1.2049: Flags [.], ack 1, win 2081, options [nop,nop,TS val 186568 ecr 2762913139], length 0
19:08:45.675661 IP 192.168.2.2.4060682595 > 192.168.2.1.2049: 40 null
19:08:45.675833 IP 192.168.2.1.2049 > 192.168.2.2.927: Flags [.], ack 45, win 29127, options [nop,nop,TS val 2762913141 ecr 186568], length 0
19:08:45.675899 IP 192.168.2.1.2049 > 192.168.2.2.4060682595: reply ok 24 null
19:08:45.676028 IP 192.168.2.2.927 > 192.168.2.1.2049: Flags [F.], seq 45, ack 29, win 2081, options [nop,nop,TS val 186568 ecr 2762913141], length 0
19:08:45.676155 IP 192.168.2.1.2049 > 192.168.2.2.927: Flags [.], ack 46, win 29127, options [nop,nop,TS val 2762913141 ecr 186568], length 0
19:08:45.676262 IP 192.168.2.1.2049 > 192.168.2.2.927: Flags [F.], seq 29, ack 46, win 29127, options [nop,nop,TS val 2762913141 ecr 186568], length 0
19:08:45.676303 IP 192.168.2.2.927 > 192.168.2.1.2049: Flags [.], ack 30, win 2081, options [nop,nop,TS val 186569 ecr 2762913141], length 0
19:08:45.676895 IP 192.168.2.2.64470 > 192.168.2.1.2049: Flags [S], seq 2411548806, win 65535, options [mss 1460,nop,wscale 5,sackOK,TS val 186569 ecr 0], length 0
19:08:45.677109 IP 192.168.2.1.2049 > 192.168.2.2.64470: Flags [S.], seq 1668820457, ack 2411548807, win 65535, options [mss 1460,nop,wscale 3,sackOK,TS val 3482405114 ecr 186569], length 0
19:08:45.677150 IP 192.168.2.2.64470 > 192.168.2.1.2049: Flags [.], ack 1, win 2081, options [nop,nop,TS val 186570 ecr 3482405114], length 0
19:08:45.677258 IP 192.168.2.2.2309383866 > 192.168.2.1.2049: 108 getattr [|nfs]
19:08:45.677441 IP 192.168.2.1.2049 > 192.168.2.2.64470: Flags [.], ack 113, win 29127, options [nop,nop,TS val 3482405114 ecr 186570], length 0
19:08:45.677546 IP 192.168.2.1.2049 > 192.168.2.2.2309383866: reply ok 92 getattr FIFO 10432271160 ids 2/24 sz 0
19:08:45.677910 IP 192.168.2.2.2309383867 > 192.168.2.1.2049: 152 getattr fh 0,7/0
19:08:45.678127 IP 192.168.2.1.2049 > 192.168.2.2.2309383867: reply ok 240 getattr FIFO 10731272141 ids 2/22 sz 0
19:08:45.678229 IP 192.168.2.2.2309383868 > 192.168.2.1.2049: 152 getattr fh 0,7/0
19:08:45.678435 IP 192.168.2.1.2049 > 192.168.2.2.2309383868: reply ok 328 getattr FIFO 10731272141 ids 2/22 sz 0
19:08:45.778886 IP 192.168.2.2.64470 > 192.168.2.1.2049: Flags [.], ack 673, win 8192, options [nop,nop,TS val 186671 ecr 3482405115], length 0
[/noparse]
```


```
# ls /home/
ls: /home/: Input/output error
```


```
[noparse]
19:08:53.512920 IP 192.168.2.2.2309383869 > 192.168.2.1.2049: 160 getattr fh 0,6/0
19:08:53.513225 IP 192.168.2.1.2049 > 192.168.2.2.2309383869: reply ok 60 getattr ERROR: unk 10020
19:08:53.516054 IP 192.168.2.2.2309383870 > 192.168.2.1.2049: 160 getattr fh 0,6/0
19:08:53.516349 IP 192.168.2.1.2049 > 192.168.2.2.2309383870: reply ok 60 getattr ERROR: unk 10020
19:08:53.617414 IP 192.168.2.2.64470 > 192.168.2.1.2049: Flags [.], ack 801, win 8192, options [nop,nop,TS val 194508 ecr 3482412564], length 0
[/noparse]
```


----------



## Tarick (Jun 26, 2011)

Just to point anyone who stumbled upon this problem too and got here while searching, the reason is not properly made /etc/exports, see comment for more info.


----------



## icecoke (Aug 5, 2015)

This is a quote old thread, but NFSv4 is still not the best documented version of NFS 

As pointed out by Tarick, the /etc/exports syntax and the mount syntax from the client is quite important:

Server /etc/exports:


```
V4: / 10.0.2.200
/path/to/be/exported
```

I my tests, it only(!) worked, if the V4 line only has the real root '/' as path and the exported path is in a further line (didn't checked for multiple exported path).

Client (e.g. I used CentOS7):

`mount 10.0.1.144:/path/to/be/exported /nfs/target -o soft,vers=4`

That way, and only that way it worked. E.g.


```
V4: /path/to/be/exported 10.0.2.200
```
in the servers export file does not(!) export /path/to/be/exported with NFSv4.

Maybe this is of help for someone in the future.


----------



## Alexandros Perdikomatis (May 14, 2016)

what ever is the exported directory at server, client asks for a path relative to the server's exported directory assuming is the root.
For example, if I want to export /get/my at V4, export is 'V4: /get/my' having default security sys.
Now, if directory '/get/my' contains a sub directory named 'puts' and I want this directory to be mounted to my '/media/nfs', then client command should be: 'mount -o nfsv4 mynfsserver:/puts /media/nfs'
'mynfsserver:/' is server's '/get/my' directory. The exported directory at version 4, is the root at client's side.


----------

