Provided by: nbd-client_3.16.2-1ubuntu0.2_amd64 bug

NAME

       nbd-client  -  connect  to  a  server  running nbd-server(1), to use its    exported block
       device

SYNOPSIS

       nbd-client host [ port ] nbd-device [ -connections num ] [ -sdp ] [ -swap ] [ -persist ] [
       -nofork ] [ -systemd-mark ] [ -block-size block size ] [ -timeout seconds ] [ -name name ]
       [ -certfile certfile ] [ -keyfile keyfile ] [  -cacertfile  cacertfile  ]  [  -tlshostname
       hostname ]

       nbd-client  -unix  path  nbd-device [ -connections num ] [ -sdp ] [ -swap ] [ -persist ] [
       -nofork ] [ -systemd-mark ] [ -block-size block size ] [ -timeout seconds ] [ -name name ]

       nbd-client nbd-device

       nbd-client -d nbd-device

       nbd-client -c nbd-device

       nbd-client -l host [ port ]

DESCRIPTION

       With nbd-client, you can connect to a server running nbd-server, thus using raw  diskspace
       from that server as a blockdevice on the local client.

       To  do  this, support from the Linux Kernel is necessary, in the form of the Network Block
       Device (NBD). When you have that, either in the kernel, or as a module, you can connect to
       an NBD server and use its exported file through a block special file with major mode 43.

       Optionally, long options can also be specified with two leading dashes.

OPTIONS

       The following options are supported:

       -block-size block size

       -b     Use  a  blocksize  of "block size". Default is 1024; allowed values are either 512,
              1024, 2048 or 4096

       -connections num

       -C     Use num connections to the server, to allow speeding up request  handling,  at  the
              cost  of  higher  resource  usage on the server. Use of this option requires kernel
              support available first with Linux 4.9.

       host   The hostname or IP address of the machine running nbd-server. Since 2.9.15, the NBD
              utilities support IPv6.

       -timeout seconds

       -t     Set  the  connection timeout to "seconds". For this to work, you need a kernel with
              support for the NBD_SET_TIMEOUT ioctl; this was  introduced  into  Linus'  tree  on
              2007-10-11, and will be part of kernel 2.6.24.

       port   The TCP port on which nbd-server is running at the server.

              The  port  number  defaults  to  10809,  the  IANA-assigned port number for the NBD
              protocol.

              Previous versions of the nbd tools supported an older version  of  the  negotiation
              protocol  known  as "oldstyle".  This protocol version is no longer supported as of
              version 3.11 of the nbd support tools.

       nbd-device
              The block special file (/dev  entry)  which  this  nbd-client  should  connect  to,
              specified as a full path.

              When  the  mode is used wherein no hostname or export name is specified, nbd-client
              will look up the necessary configuration in the nbdtab file. For more  information,
              see nbdtab(5).

       -check

       -c     Check whether the specified nbd device is connected.

              If  the device is connected, nbd-client will exit with an exit state of 0 and print
              the PID of the nbd-client instance that connected it to stdout.

              If the device is not connected or does not  exist  (for  example  because  the  nbd
              module  was not loaded), nbd-client will exit with an exit state of 1 and not print
              anything on stdout.

              If an error occurred, nbd-client will exit with an exit state of 2, and  not  print
              anything on stdout either.

       -disconnect

       -d     Disconnect the specified nbd device from the server

       -list

       -l     Ask  the  server  for  a list of available exports. If the server is exporting over
              IPv6 as well as over IPv4, this will list all exports twice; otherwise,  it  should
              list them all only once.

              Note  that  this option only works with nbd-server processes running version 3.1 or
              above, and must be enabled in server configuration (with  the  "allowlist"  option)
              before it can be used.

       -persist

       -p     When  this option is specified, nbd-client will immediately try to reconnect an nbd
              device if the connection ever drops unexpectedly due to a lost server or  something
              similar.

       -sdp

       -S     Connect  to  the server using the Socket Direct Protocol (SDP), rather than IP. See
              nbd-server(5) for details.

       -swap

       -s     Specifies that this NBD device will be used as swapspace. This option  attempts  to
              prevent deadlocks by performing mlockall() and adjusting the oom-killer score at an
              appropriate time. It does not however guarantee that such deadlocks can be avoided.

       -systemd-mark

       -m     The systemd init system requires that processes  which  should  not  be  killed  at
              shutdown  time  be  marked  appropriately  by  replacing  the first letter of their
              argv[0] with an '@' sign.

              This option will cause nbd-client to do so.

              Note that this only works if nbd-client is run from an initrd; i.e.,  systemd  will
              ignore such a mark if run from a systemd unit file or from the command line.

       -nofork

       -n     Specifies  that  the  NBD  client  should  not detach and daemonize itself. This is
              mostly useful for debugging.

              Note that nbd-client will still fork once to trigger an update to the device node's
              partition table. It is not possible to disable this.

       -name

       -N     Specifies  the name of the export that we want to use. If not specified, nbd-client
              will ask for a "default" export, if one exists on the server.

       -unix

       -u     Connect to the server over a unix domain socket at path, rather than  to  a  server
              over a TCP socket. The server must be listening on the given socket.

   TLS SUPPORT
       Enabling  any  of  the  TLS-related  options causes the client to use the NBD_OPT_STARTTLS
       command to upgrade the connection to TLS. Since negotiating TLS support from userspace for
       a  kernel  socket  would  be  very  involved  (if  passing  keys to kernel space were even
       possible, which it isn't), the way this is implemented  is  that  the  nbd-client  process
       creates  a  socketpair,  one  side  of which it hands to the kernel, and the other side of
       which is  handed  to  an  encrypting/decrypting  proxy.  This  has  the  effect  that  all
       communication  will be encrypted before being sent over the wire; however, doing so is not
       safe in combination with swapping over an NBD device:

       In order to free memory by swapping, the kernel needs to be sure that the write to the nbd
       device  has  finalized.  For  this,  it needs to be able to receive an NBD_CMD_WRITE reply
       which informs it that the write has completed successfully and  that  the  memory  may  be
       released.  Receiving  data  over  the  network, however, requires that the kernel allocate
       memory first, which is impossible if we're low on memory (a likely situation  when  trying
       to  swap).  This is likely to cause a deadlock when we're low on memory and there are high
       amounts of network traffic.

       To remedy this situation, the kernel sets the PF_MEMALLOC option on the nbd  socket;  when
       low  on  memory, it will throw away all packets except for those destined to a socket with
       that option set, relying on the normal TCP retransmit system to ensure that  data  is  not
       lost. This avoids the deadlock described above.

       However,  the PF_MEMALLOC option is set on the socket that is connected to the nbd device,
       not the encrypted socket connected to the encrypting/decrypting proxy. As such, when using
       TLS,  the PF_MEMALLOC option is not set on the socket that actually receives data from the
       network, which means that the deadlock reappears.

       For this reason, if the -swap option is used when TLS is in use, nbd-client will issue  an
       appropriate warning.

       -certfile file

       -F     Use  the  specified  file  as  the client certificate for TLS authentication to the
              server.

       -keyfile file

       -K     Use the specified file as the private key for the client cerificate.

       -cacertfile file

       -A     Use the specified file as the CA certificate for TLS authentication to the server.

       -tlshostname hostname

       -H     Use the specified hostname for the TLS context. If not specified, the hostname used
              to connect to the server will be used.

EXAMPLES

       Some examples of nbd-client usage:

       • To  connect  to  a  server  running  on port 2000 at host "server.domain.com", using the
         client's block special file "/dev/nbd0":

         nbd-client server.domain.com 2000 /dev/nbd0

       • To connect to a server running on port 2001 at host "swapserver.domain.com",  using  the
         client's block special file "/dev/nbd1", for swap purposes:

         nbd-client swapserver.domain.com 2001 /dev/nbd1 -swap

       • To  disconnect  the  above connection again (after making sure the block special file is
         not in use anymore):

         nbd-client -d /dev/nbd1

SEE ALSO

       nbd-server (1).

AUTHOR

       The NBD kernel module and the NBD tools have been written by Pavel Macheck (pavel@ucw.cz).

       The kernel module is now maintained by Paul Clements  (Paul.Clements@steeleye.com),  while
       the userland tools are maintained by Wouter Verhelst (wouter@debian.org)

       This  manual  page  was  written  by  Wouter Verhelst (<wouter@debian.org>) for the Debian
       GNU/Linux system (but may be used by others).  Permission is granted to  copy,  distribute
       and/or  modify this document under the terms of the GNU General Public License, version 2,
       as published by the Free Software Foundation.

                                                $                                   NBD-CLIENT(8)