nfs-stablerestartrestart information for the NFSv4 server




The nfs-stablerestart file holds information that allows the NFSv4 server to restart without always returning the NFSERR_NOGRACE error, as described in the NFSv4 server specification; see Network File System (NFS) Version 4 Protocol RFC 3530, Section 8.6.3.

The first record in the file, as defined by struct nfsf_rec in /usr/include/fs/nfs/nfsrvstate.h, holds the lease duration of the last incarnation of the server and the number of boot times that follows. Following this are the number of previous boot times listed in the first record. The lease duration is used to set the grace period. The boot times are used to avoid the unlikely occurrence of a boot time being reused, due to a TOD clock going backwards. This record and the previous boot times with this boot time added is re-written at the end of the grace period.

The rest of the file are appended records, as defined by struct nfst_rec in /usr/include/fs/nfs/nfsrvstate.h and are used represent one of two things. There are records which indicate that a client successfully acquired state and records that indicate a client's state was revoked. State revoke records indicate that state information for a client was discarded, due to lease expiry and an otherwise conflicting open or lock request being made by a different client. These records can be used to determine if clients might have done either of the edge conditions.

If a client might have done either edge condition or this file is empty or corrupted, the server returns NFSERR_NOGRACE for any reclaim request from the client.

For correct operation of the server, it must be ensured that the file is written to stable storage by the time a write op with IO_SYNC specified has returned. This might require hardware level caching to be disabled for a local disk drive that holds the file, or similar.


NFSv4 stable restart file
backup copy of the file


nfsv4(4), nfsd(8)


If the file is empty, the NFSv4 server has no choice but to return NFSERR_NOGRACE for all reclaim requests. Although correct, this is a highly undesirable occurrence, so the file should not be lost if at all possible. The backup copy of the file is maintained and used by the nfsd(8) to minimize the risk of this occurring. To move the file, you must edit the nfsd sources and recompile it. This was done to discourage accidental relocation of the file.
April 10, 2011 FreeBSD