Install and Configure NFS on CentOS 8

Install Server


dnf -y install nfs-utils

Start / Enable at boot

  systemctl start nfs-server.service
  systemctl enable nfs-server.service


  • /etc/nfs.conf – main configuration file for the NFS daemons and tools
  • /etc/nfsmount.conf – an NFS mount configuration file

Create shared directory

I want to share the directory /mnt/backups on the NFS server.

mkdir -p /mnt/backups

Create the export file system

mdir -p /srv/nfs4/backups

Mount the directory

mount --bind /mnt/backups /srv/nfs4/backups

Update fstab.

vi /etc/fstab
/mnt/backups /srv/nfs4/backups  none   bind   0   0

Export the file system

The next step is to define the file systems that will be exported by the NFS server, the shares options and the clients that are allowed to access those file systems.

Export the backups directory and allow access only from clients on the network (e.g.

Update /etc/exports.

  • man exports to view all the options

The first line contains fsid=0 which defines the NFS root directory /srv/nfs4. Access to this NFS volume is allowed only from servers on the subnet. The crossmnt option is required to share directories that are sub-directories of an exported directory.

vi /etc/exports

For reference, here are a few different permission options.

Read and write from subnet.


Read from subnet, write from IP.


Read only from subnet.


Read only from IP.


Save the file and export the shares

  • -a Export or unexport all directories.
  • -r Reexport all directories, synchronizing /var/lib/nfs/etab with /etc/exports and files under /etc/exports.d. This option removes entries in /var/lib/nfs/etab which have been deleted from /etc/exports or files under /etc/exports.d, and removes any entries from
    the kernel export table which are no longer valid.
  • -v Be verbose.
exportfs -arv


exportfs -arv

Display exports.

-s Display the current export list suitable for /etc/exports.

exportfs -s


root_squash prevents root users from having root privileges on the mounted shares. It will map root UID and GID to nobody/nogroup UID/GID.

exportfs -s


Option 1

  firewall-cmd --permanent --add-service=nfs
  firewall-cmd --reload

Option 2

  firewall-cmd --permanent --new-zone=nfs
firewall-cmd --permanent --zone=nfs --add-service=nfs
firewall-cmd --permanent --zone=nfs --add-source=
firewall-cmd --reload }

Important: If you are using a Cloud service such as Google Cloud, make sure to allow ingress TCP and UDP ports 111, 2049, 20048.


firewall-cmd --list-all | grep nfs


firewall-cmd --list-all | grep nfs
services: nfs

View RPC services.

rpcinfo — report RPC information

rpcinfo -p


rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 53277 status
100024 1 tcp 54211 status
100005 1 udp 20048 mountd
100005 1 tcp 20048 mountd
100005 2 udp 20048 mountd
100005 2 tcp 20048 mountd
100005 3 udp 20048 mountd
100005 3 tcp 20048 mountd
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100227 3 tcp 2049 nfs_acl
100021 1 udp 47907 nlockmgr
100021 3 udp 47907 nlockmgr
100021 4 udp 47907 nlockmgr
100021 1 tcp 45523 nlockmgr
100021 3 tcp 45523 nlockmgr
100021 4 tcp 45523 nlockmgr



dnf -y install nfs-utils


Verify port access to the NFS server.

nc -zv 2049


Create a local file system/directory for mounting the remote NFS file system and mount it as an ntf file system.

mkdir /backups

Mount the exported filesystem.

When mounting an NFSv4 filesystem, you need to omit the NFS root directory, so instead of /srv/nfs4/backups you need to use /backups.

mount -t nfs /backups

Verify mount.

mount | grep nfs
df /backups


mount | grep nfs
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime) on /backups type nfs4 (rw,relatime,vers=4.2,rsize=524288,wsize=524288,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,clientaddr=,local_lock=none,addr=
df /backups
Filesystem 1K-blocks Used Available Use% Mounted on 20754432 2870784 17883648 14% /backups

Update fstab

To make the mounts permanent on reboot, open the /etc/fstab.

vi /etc/fstab /backups   nfs   defaults,timeo=900,retrans=5,_netdev   0 0


Run showmount against the NFS server from the NFS client.

Showmount queries the mount daemon on a remote host for information about the state of the NFS server on that machine.

showmount -e [NFS_SERVER]


showmount -e
Export list for

If you receive the following error, it could be because UDP/TCP port 20048 is not open.

showmount -e
clnt_create: RPC: Timed out

Test write on NFS server, read on Client.

touch /srv/nfs4/backups/file_created_on_server.text # Ran on NFS server
ls -l /backups/file_created_on_server.text          # Ran on NFS client

Test write on NFS client, read on NFS Server.

touch /backups/file_created_on_client.text # Ran on NFS client

You should get a read-only error.


touch /backups/file_created_on_client.text
touch: cannot touch '/backups/file_created_on_client.text': Read-only file system


Unmout the file system on the client side.

umount /backups

Remove from /etc/fstab.

vi /etc/fstab