There is no supported method of computing the OpenVMS name of a file by restoring just the container file from the save set. You need to restore the entire container file system to a temporary location as described in Section 16.9.8.1.

16.9.8.5 Recovering a Container File Only

This section applies to the situation where a container file has been deleted or is so badly corrupted that the ANALYZE CONTAINER /REPAIR command does not help, but the other OpenVMS file and directory parts of the container file system are still intact.

1. Restore the container file only from the most recent backup save set.
2. UNMAP the container file system.
3. Enter the command ANALYZE CONTAINER /REPAIR. This resets the inode attributes such as file size and time stamps according to the OpenVMS attributes of any files that were updated since the backup save set was made. It also resets the OpenVMS File ID of the container file.
4. MAP the container file system. If the NFS server is not shut down, MAP it with an alternate name that does not appear in the export database to prevent remote clients from using the container file system.
5. Files that were created after the save set was made have no inodes or directory links in the container file. You should be able to identify all these by the OpenVMS command DIRECTORY /SINCE. Make a note of what OpenVMS directory each is catalogued in, because this may be helpful later. Then rename these files into a temporary directory outside the container file system. Note that if any of these files are directories, renaming the directories effectively gets any files in those directories out of the container file system and into the temporary directory.
6. Use the IMPORT and CREATE DIRECTORY commands to transfer the files back into the container file system. For each file and directory, you need to determine its UNIX style path name, its owner, and possibly its mode.
   • You can determine the parent directory from the original OpenVMS parent directory and a DIRECTORY /VMS listing. If any of the files to be recovered from the temporary directory are directory files, re-create those directory files first.
   • You can determine the UID and GID from the proxy record for the OpenVMS owner.
   • You can determine the mode from the OpenVMS protection mask for OWNER, GROUP, and WORLD.
   • There is sure no way to recover the original UNIX style names of the files. You might be able to use the file contents to make a reasonable guess. For some files, you may have to assign new names.

The NFS server and the OpenVMS operating system provide many levels of security controls you can use to protect your file systems. Section 16.1.3, Section 16.1.4, and Section 16.1.7 reviewed how the server uses the proxy and export databases to restrict client access as well as how to use OpenVMS account privileges and protection schemes to control access to files and directories.

The NFS server provides additional security options by defining the logical name TCPIP$NFS00000000_SECURITY in the NFS server startup file SYS$STARTUP:TCPIP$NFS_SERVER_STARTUP.COM.

The server reads this logical name when it is started and applies the following security features:

• Setting bit 0 (value = 1)
  Grants the identifier TCPIP$NFS_REMOTE to each client, creating a class of users who can access files using NFS. If you need to control NFS access to selected objects, set ACLs on objects to deny access to users holding the TCPIP$NFS_REMOTE identifier.
• Setting bit 1 (value = 2)
  Disables user-level mount requests. If this bit is set, only root (UID=0) is able to mount file systems on the server.
• Setting bit 2 (value = 4)
  Stops the server from accepting client requests from nonprivileged internet ports. If all of your NFS client implementations use privileged ports, you can use this feature to prevent a user from masquerading as an NFS client implementation.
• Setting bit 4 (value = 16)
  Disables a user's access to the server through the SYSUAF file.
  The OpenVMS Authorize utility allows you to restrict a user's network access during certain hours of the day with the /NETWORK and /ACCESS qualifiers. When you add a proxy record to the volatile proxy database, the server reads the network access information from the SYSUAF file. However, the NFS server does not automatically receive any changes made to the SYSUAF. Therefore, you must make sure that the information in the NFS volatile database reflects the information in the SYSUAF file.
  If access is denied for a certain time of day, the following message is written to the NFS error log file. The NFS client receives an NFS AUTH_BADCRED error in the reply message. This message is translated into a permission-set denied message during the mount operation.
  

  TCPIP$-W-NFS_ACCNOA, access to the OpenVMS account is denied

  
  If verification is set up for each NFS message, then NFS performance is reduced, because at least three system service calls and additional calculations for each message are required. If the account has no restrictions on the network mode of operations, no verification is done. If the verification is disabled, no additional processing occurs.
  By default, bit 4 is set to 0, which enables this feature. To disable the feature, set bit 4 to 1.

• Setting bit 5 (value = 32)
  Changes the default that allows unmapped users limited access to file systems through the default user account. You can change this behavior by setting bit 5. This provides an additional level of security protection because the server will not let unmapped users access any data at all. See Section 16.1.5 for more information about granting access through the default user account.

The file SYS$STARTUP:TCPIP$NFS_SERVER_STARTUP.COM defines a set of logical names that set characteristics of the NFS server. These characteristics include:

• Error message logging
• Size of the host table
• File inactivity timer
• Number of threads
• Number of cached transactions
• Value of the default UID
• Value of the default GID
• Security options
• Server time
• Server cache parameters
• Policy for file blocks allocation

You can modify NFS server characteristics by temporarily changing values with the SET NFS_SERVER command, or you can make permanent changes by modifying a site-specific startup file that you create. The site-specific file, TCPIP$SYSTARTUP.COM holds any definitions you want to preserve for the NFS server and other TCPIP components. (Subsequent product upgrades or installations will not overwrite the definitions in the TCPIP$SYSTARTUP.COM file.)

To make permanent modifications:

1. If it does not already exist, create the file SYS$STARTUP:TCPIP$SYSTARTUP.COM.
2. Add definitions for the logical names you want to modify.
3. Shut down then restart the server to make the changes take effect.

Note that modifying server characteristics affects server performance. Be sure you understand the impact (review Section 16.13) before making any changes.

Table 16-2 describes the NFS server logical names.

Table 16-2 Modifying Server Characteristics

Logical Name	Description
TCPIP$NFS00000000_ERROR	Enables or disables error message logging.
TCPIP$NFS00000000_OPCOM	Enables or disables error logging to the operator console (OPCOM). Setting the value to zero (0) disables this option.
TCPIP$NFS00000000_HOSTS	Specifies the maximum number of client hosts that can be defined in the server's host table. This parameter should be large enough to allow the definition of all the hosts present in the proxy database. For this purpose, wildcard hosts counts as one. Making the parameter value larger than needed makes NFS allocate redundant virtual memory within the server.
TCPIP$NFS00000000_UID TCPIP$NFS00000000_GID	Defines the default user. The default values for these logical names are -2/-2 (the UNIX account "nobody"). You can change the values for these logical names. File access is determined by the privileges assigned to the OpenVMS account that maps to the default user in the proxy database. You can also set parameters dynamically by supplying the /UID_DEFAULT and /GID_DEFAULT qualifiers to the SET NFS_SERVER command.
TCPIP$NFS00000000_INACTIVITY	Specifies, in minutes and seconds, the time interval since the last file access request. The server keeps an activity timestamp for each opened file to help manage the open file cache. You can also modify this value with the /INACTIVITY_TIMER qualifier of the SET NFS_SERVER command. The default setting for this value is 02:00, or 2 minutes. Making the interval too short causes the NFS server to close files more often, which reduces performance.
TCPIP$NFS00000000_SECURITY	Gives a bit-mask value. Each set bit adds a different security feature to the NFS operation as follows: Bit Description 0 Grants the TCPIP$NFS_REMOTE identifier to each client. This lets you use ACLs to restrict access to users holding this security identifier. 1 Disables user-level mount requests, allowing only superuser (UID=0/GID=1) mount access to the file system. 2 Only privileged ports on the client host can send messages to the NFS server. (Privileged ports have ports of 0 to 1023.) 4 Disables checking information in the SYSUAF file to restrict network access. 5 Prevents unmapped users from gaining access through the default user account.
TCPIP$NFS00000000_THREADS	Defines the maximum number of threads that can be active at the same time. The performance of the server is directly related to this value. The recommended value for an average load is a thread maximum of 20. If you increase this value, you should also increase the XID cache value. You may need to increase the page file quota for the TCPIP$NFS account as well.
TCPIP$NFS00000000_XID	Defines the size of the transaction cache, specified in a number of 8K-byte buffers. The default value is 256 buffers (258 x 8K byte). In a busy server environment, increasing the size of the cache improves server performance. See Section 16.13.6 for more information. Depending on the frequency of file operations, the size of the cache is critical. If you increase this parameter, you may need to increase the page file quota for the TCPIP$NFS account as well.

16.12 Modifying File System Characteristics

The file SYS$STARTUP:TCPIP$NFS_SERVER_STARTUP.COM also defines a set of logical names that set the file system parameters. Table 16-3 describes these logical names.

Table 16-3 File System Logical Names

Logical Name	Description
TCPIP$CFS_CACHE_LOW_LIMIT	Defines the minimum size of the free buffer list. Below this number, the file system starts to reclaim used buffers. The default is 4 buffers. The free buffer list needs at least four free buffers (not taken by cache). If the actual number of free buffers is less than TCPIP$CFS_CACHE_LOW_LIMIT, the used buffers are freed up and returned to the free list, until the size of the free list reaches TCPIP$CFS_CACHE_HIGH_LIMIT.
TCPIP$CFS_CACHE_HIGH_LIMIT	Defines the number of buffers the file system tries to keep in the free buffer list. The default is eight buffers. See TCPIP$CFS_CACHE_LOW_LIMIT. In a busy server environment, setting this parameter higher is likely to improve performance.
TCPIP$CFS_CACHE_SIZE	Defines the maximum number of cache buffers to be allocated.
TCPIP$CFS_TRANSFERSIZE	Defines the optimum size, in bytes, of the data transferred between server and client on READ and WRITE operations. The default is 8K bytes (8192 bytes). This value is used in most NFS server implementations.
TCPIP$CFS_KEEP_ALLOC	Defines whether the KEEP_ALLOC option should be turned ON or OFF. The default is 0 (OFF). If the KEEP_ALLOC option is OFF, unused blocks at the end of a file are freed. If it is ON, then unused blocks are kept allocated.
TCPIP$CFS_SHOW_VERSION	Sets the SHOW_VERSION logical name ON or OFF. If ON, the NFS server returns to the client file names with version numbers, even if there is only one version of the file. The default is 0 (OFF).
TCPIP$CFS_MODUS_OPERANDI	Defines various operating modes. Use only under the advice of your Compaq support representative.
TCPIP$CFS_FATAL_MESSAGES	Defines the terminal device to which the important error messages are directed, in addition to the normal error messages that are sent to the operator's console. The default is _OPA0:.

16.13 Improving Server Performance

This section provides information to help you identify and resolve problems and tune system performance.

16.13.1 Displaying Performance Information

The SHOW NFS_SERVER command displays information about the running NFS server that you can use to tune its performance. You can enter SHOW NFS_SERVER for a specific client or host if it is listed in the proxy database. The counter information can be especially useful in determining the load on your system.

In the following sample the numbers are keyed to the discussion that follows.

TCPIP> SHOW NFS_SERVER Server:NFS$SERVER Loaded: 14-NOV-1995 15:35:01.73 Status: ACTIVE Running: 0 00:24:21.26 Memory allocated (1) 470260 RPC errors (2) Message processing: Authentication 0 Threads busy (3) 0 Others 0 Threads free 15 Mount data base: (4) Max. threads busy 5 Mounted file systems 1 Duplicate cache xid (5) 0 Current users 1 Duplicate active xid 0 Maximum mounted 1 Dropped 0 Maximum users 1 Data exchange: (6) NFS operations: (7) Bytes sent 11839124 null 0 getattr 42 Bytes rcvd 10900824 setattr 12 lookup 186 Messages sent 2956 readlink 0 rename 0 Messages rcvd 2956 read 1417 write 1284 Max. message sent 8292 statfs 1 create 2 Max. message rcvd 8328 remove 1 link 0 Open files: (8) symlink 0 mkdir 1 Maximum opened 2 rmdir 1 readdir 7 Closed per interval 0 Total NFS operations 2954 Currently opened 0 Error messages (9) 0

1. The amount of memory the NFS server was using when the command was entered. This amount is affected by the number of threads, size of the volatile user database, mounted file system structures, and the number of opened files.
2. The RPC errors logged for authentication (potential intruder attempts), garbled RPC messages, wrong RPC protocol number, no procedure, no program, and version mismatch. The error-logging file contains the information about the hosts and users that caused the erroneous RPC message.
3. The multithreading counters show the number of threads being processed at a given time. The number of threads includes the threads queued to the internet driver for receiving messages and the maximum number of threads that have been simultaneously active in the process.
   The value of the multithreading counters equals the specified value of the threads in the NFS startup file. This value indicates that the load on the server is too high for the specified maximum number of threads.
   Increasing the maximum number of threads might improve NFS performance.
4. The mount database counters display the number of mounted file systems and clients currently active within the NFS server. Because of the stateless nature of the server, these counters can contain an inaccurate value.
5. The duplicate/dropped message counter displays the number of duplicate transaction identifiers (XIDs) and dropped messages. The XID counter includes the duplicate XIDs present during message processing and caching, and the number of messages dropped because of busy resources within the OpenVMS environment. A large value indicates that the NFS performance is not good enough to avoid client timeout and message retransmissions. You may want to increase the number of threads to improve NFS performance. You can also reduce the client's retransmission rate by specifying a timeo option when the client mounts the file system.
6. The data exchange counter shows the number of bytes transmitted and received by the NFS server. This value provides an indication of the amount of load on the server.
7. The operation statistics counter displays the number of NFS operations for each operation type.
8. The open file counters display the maximum number of simultaneously open files, currently open files, and closed operations. A high number of files closed per activity time interval means that the clients have simultaneously accessed a large number of files. Accessing a large number of files may affect NFS server performance because of many file open and close operations. You may want to increase the inactivity timer value to improve NFS performance.
   The value of the maximum simultaneously opened files indicates the best value for an open channel quota.
9. The error message counter displays the number of error messages in the error log.

The SHOW CFS command is useful for monitoring the distribution of the file system services and the consumption of system time by the various system services. See the DIGITAL TCP/IP Services for OpenVMS Management Command Reference manual for a detailed description of the SHOW CFS command.

Example 16-1 shows file system information that is displayed after entering the SHOW CFS command. The numbers in the example are keyed to the discussion that follows. (The NFS server must be running when you enter this command.)

Example 16-1 SHOW CFS

TCPIP> SHOW CFS CFS SERVICES 13-MAR-1999 14:10:02.74 CFS Services(1) OpenVMS System Services(2) ----------------------- ------------------------------------------------ CLOSE 8 CREATE_FH 1 $ASSIGN 9 $QIO 0 CREDIR_FH 0 $DASSGN 8 Access 7 FREEBUFF 0 Create 1 GETATTR 28 $DEQ 182 Deaccess 8 LINK_FH 0 $ENQ 603 LOOKUP_FH 72 Read_attr 159 OPEN_FH 7 $EXPREG 16 Write_attr 33 READ 1 $SETPRT 5 READBUFF 0 Lookup 108 READDIR_FH 2 $CLREF 169 READLINK_FH 0 $SETEF 169 Extend 1 REMDIR_FH 0 REMOVE_FH 0 $DCLAST 232 Delete 0 RENAME_FH 0 $CLRAST 9 Enter 0 SETATTR 8 $SETAST 360 Remove 0 STATFS 1 SYMLINK_FH 0 $GETDVI 7 Read_V 9 WRITE 41 Write_V 57 OTHER 1 $CHKPRO 95 TOTAL 170