Re: [gentoo-user] NFS static ports - driving me crazy...
No one? Another reboot, and had to open up OUTGOING port 57212 this time. Why are the static ports I'm assigning not being used? On 2013-12-31 8:11 AM, Tanstaafl tansta...@libertytrek.org wrote: On 2013-12-31 7:30 AM, Tanstaafl tansta...@libertytrek.org wrote: I've made the following changes to the following config files: /etc/conf.d/nfs OPTS_RPC_MOUNTD=-p 32767 OPTS_RPC_STATD=-p 32765 -o 32766 I've also changed the lockd ports /etc/sysctl.conf # You should compile nfsd into the kernel or add it # to modules.autoload for this to work properly # TCP Port for lock manager fs.nfs.nlm_tcpport = 4001 # UDP Port for lock manager fs.nfs.nlm_udpport = 4001 But when I try to mount the remote filesystem, I see the outbound request being blocked by the firewall. If I open up the port in the firewall, it mounts immediately. But after a reboot, the next time I try mounting it, some other random port shows up in the firewall logs... This can't be all that difficult... I must be missing something obvious. # rpcinfo -p program vers proto port service 104 tcp111 portmapper 103 tcp111 portmapper 102 tcp111 portmapper 104 udp111 portmapper 103 udp111 portmapper 102 udp111 portmapper 1000241 udp 32765 status 1000241 tcp 32765 status Again, this system is NOT running an NFS SERVER, I am only trying to use the nfs CLIENT to mount a remote NFS share - so, is the above what I should expect to see? something tells me no... Shouldn't the lockd ports be showing up to?
Re: [gentoo-user] NFS static ports - driving me crazy...
Try this: # /etc/conf.d/nfs # If you wish to set the port numbers for lockd, # please see /etc/sysctl.conf # Optional services to include in default `/etc/init.d/nfs start` # For NFSv4 users, you'll want to add rpc.idmapd here. NFS_NEEDED_SERVICES=rpc.idmapd # Number of servers to be started up by default OPTS_RPC_NFSD=8 # Options to pass to rpc.mountd # ex. OPTS_RPC_MOUNTD=-p 32767 OPTS_RPC_MOUNTD=-p 4000 # Options to pass to rpc.statd # ex. OPTS_RPC_STATD=-p 32765 -o 32766 OPTS_RPC_STATD=-p4001 -o4002 #-p 4000 # Options to pass to rpc.idmapd OPTS_RPC_IDMAPD= # Options to pass to rpc.gssd OPTS_RPC_GSSD= # Options to pass to rpc.svcgssd OPTS_RPC_SVCGSSD= # Options to pass to rpc.rquotad (requires sys-fs/quota) OPTS_RPC_RQUOTAD= # Timeout (in seconds) for exportfs EXPORTFS_TIMEOUT=30 in /etc/sysctl.conf: ... # TCP Port for lock manager fs.nfs.nlm_tcpport = 4003 # UDP Port for lock manager fs.nfs.nlm_udpport = 4003 asterisk ~ # rpcinfo -p program vers proto port service 104 tcp111 portmapper 103 tcp111 portmapper 102 tcp111 portmapper 104 udp111 portmapper 103 udp111 portmapper 102 udp111 portmapper 1000241 udp 4001 status 1000241 tcp 4001 status 151 udp 4000 mountd 151 tcp 4000 mountd 152 udp 4000 mountd 152 tcp 4000 mountd 153 udp 4000 mountd 153 tcp 4000 mountd 132 tcp 2049 nfs 133 tcp 2049 nfs 132 udp 2049 nfs 133 udp 2049 nfs 1000211 udp 4003 nlockmgr 1000213 udp 4003 nlockmgr 1000214 udp 4003 nlockmgr 1000211 tcp 4003 nlockmgr 1000213 tcp 4003 nlockmgr 1000214 tcp 4003 nlockmgr asterisk ~ # BillK On 02/01/14 19:23, Tanstaafl wrote: No one? Another reboot, and had to open up OUTGOING port 57212 this time. Why are the static ports I'm assigning not being used? On 2013-12-31 8:11 AM, Tanstaafl tansta...@libertytrek.org wrote: On 2013-12-31 7:30 AM, Tanstaafl tansta...@libertytrek.org wrote: I've made the following changes to the following config files: /etc/conf.d/nfs OPTS_RPC_MOUNTD=-p 32767 OPTS_RPC_STATD=-p 32765 -o 32766 I've also changed the lockd ports /etc/sysctl.conf # You should compile nfsd into the kernel or add it # to modules.autoload for this to work properly # TCP Port for lock manager fs.nfs.nlm_tcpport = 4001 # UDP Port for lock manager fs.nfs.nlm_udpport = 4001 But when I try to mount the remote filesystem, I see the outbound request being blocked by the firewall. If I open up the port in the firewall, it mounts immediately. But after a reboot, the next time I try mounting it, some other random port shows up in the firewall logs... This can't be all that difficult... I must be missing something obvious. # rpcinfo -p program vers proto port service 104 tcp111 portmapper 103 tcp111 portmapper 102 tcp111 portmapper 104 udp111 portmapper 103 udp111 portmapper 102 udp111 portmapper 1000241 udp 32765 status 1000241 tcp 32765 status Again, this system is NOT running an NFS SERVER, I am only trying to use the nfs CLIENT to mount a remote NFS share - so, is the above what I should expect to see? something tells me no... Shouldn't the lockd ports be showing up to?
Re: [gentoo-user] NFS static ports - driving me crazy...
On 2014-01-02 7:38 AM, William Kenworthy bi...@iinet.net.au wrote: Try this: # /etc/conf.d/nfs Thanks Bill, I will... But what do I need to restart to test the changes? I'd rather not have to reboot every time... Is it just rpcbind? Or do I need to restart nfs/nfsmmount too? Others? Thanks... hope I can get this resolved...
Re: [gentoo-user] NFS static ports - driving me crazy...
On 2014-01-02 7:48 AM, Tanstaafl tansta...@libertytrek.org wrote: On 2014-01-02 7:38 AM, William Kenworthy bi...@iinet.net.au wrote: Try this: # /etc/conf.d/nfs Thanks Bill, I will... But what do I need to restart to test the changes? I'd rather not have to reboot every time... Is it just rpcbind? Or do I need to restart nfs/nfsmmount too? Others? Thanks... hope I can get this resolved... Made the above changes, restarted rpcbind, current nfs mounts successfully unmounted, but failed to remount, and the OUTBOUND firewall now shows a different port being used/blocked (this time it was UDP 51804... sigh
Re: [gentoo-user] NFS static ports - driving me crazy...
On 2013-12-30 6:21 PM, Pavel Volkov negai...@gmail.com wrote: I've tried specifying the ports in /etc/conf.d/nfs, and /etc sysctl.conf, but I must be missing something, because every time I reboot, some other port comes up being blocked when I try to mount the shares... Anyone? The references I've found are older, so maybe there is something new I'm missing? Maybe you it's the lockd port: $ cat /etc/modprobe.d/lockd.conf options lockd nlm_udpport=13003 nlm_tcpport=13003 According to the comment at the top of /etc/conf.d/nfs, the lockd ports are set at /etc/sysctl.conf, which I now have as: # You should compile nfsd into the kernel or add it # to modules.autoload for this to work properly # TCP Port for lock manager fs.nfs.nlm_tcpport = 4001 # UDP Port for lock manager fs.nfs.nlm_udpport = 4001 One other question... What service(s) do I need to restart after making a change to test (so I don't have to reboot every time)?
Re: [gentoo-user] NFS static ports - driving me crazy...
On 2013-12-30 3:25 PM, Tanstaafl tansta...@libertytrek.org wrote: This is for NFS CLIENT... I'm mounting NFS shares from my remote QNAP NAS boxes. I've tried specifying the ports in /etc/conf.d/nfs, and /etc sysctl.conf, but I must be missing something, because every time I reboot, some other port comes up being blocked when I try to mount the shares... Anyone? The references I've found are older, so maybe there is something new I'm missing? Ok, to recap... I've made the following changes to the following config files: /etc/conf.d/nfs OPTS_RPC_MOUNTD=-p 32767 OPTS_RPC_STATD=-p 32765 -o 32766 I've also changed the lockd ports /etc/sysctl.conf # You should compile nfsd into the kernel or add it # to modules.autoload for this to work properly # TCP Port for lock manager fs.nfs.nlm_tcpport = 4001 # UDP Port for lock manager fs.nfs.nlm_udpport = 4001 But when I try to mount the remote filesystem, I see the outbound request being blocked by the firewall. If I open up the port in the firewall, it mounts immediately. But after a reboot, the next time I try mounting it, some other random port shows up in the firewall logs... This can't be all that difficult... I must be missing something obvious.
Re: [gentoo-user] NFS static ports - driving me crazy...
On 2013-12-31 7:30 AM, Tanstaafl tansta...@libertytrek.org wrote: I've made the following changes to the following config files: /etc/conf.d/nfs OPTS_RPC_MOUNTD=-p 32767 OPTS_RPC_STATD=-p 32765 -o 32766 I've also changed the lockd ports /etc/sysctl.conf # You should compile nfsd into the kernel or add it # to modules.autoload for this to work properly # TCP Port for lock manager fs.nfs.nlm_tcpport = 4001 # UDP Port for lock manager fs.nfs.nlm_udpport = 4001 But when I try to mount the remote filesystem, I see the outbound request being blocked by the firewall. If I open up the port in the firewall, it mounts immediately. But after a reboot, the next time I try mounting it, some other random port shows up in the firewall logs... This can't be all that difficult... I must be missing something obvious. # rpcinfo -p program vers proto port service 104 tcp111 portmapper 103 tcp111 portmapper 102 tcp111 portmapper 104 udp111 portmapper 103 udp111 portmapper 102 udp111 portmapper 1000241 udp 32765 status 1000241 tcp 32765 status Again, this system is NOT running an NFS SERVER, I am only trying to use the nfs CLIENT to mount a remote NFS share - so, is the above what I should expect to see? something tells me no... Shouldn't the lockd ports be showing up to?
[gentoo-user] NFS static ports - driving me crazy...
Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). This is for NFS CLIENT... I'm mounting NFS shares from my remote QNAP NAS boxes. I've tried specifying the ports in /etc/conf.d/nfs, and /etc sysctl.conf, but I must be missing something, because every time I reboot, some other port comes up being blocked when I try to mount the shares... Anyone? The references I've found are older, so maybe there is something new I'm missing? Thx...
Re: [gentoo-user] NFS static ports - driving me crazy...
Tanstaafl tansta...@libertytrek.org wrote: Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). Why don't you just use NFSv4? NFSv4 was designed to interact well with firewalls. Jörg -- EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin j...@cs.tu-berlin.de(uni) joerg.schill...@fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
Re: [gentoo-user] NFS static ports - driving me crazy...
On Mon, Dec 30, 2013 at 09:27:19PM +0100, Joerg Schilling wrote: Tanstaafl tansta...@libertytrek.org wrote: Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). Why don't you just use NFSv4? NFSv4 was designed to interact well with firewalls. Jörg It just so happens that I'm setting up NFS atm using this guide: https://wiki.gentoo.org/wiki/NFSv4 Let us know if the info there helps. -- List replies preferred. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] NFS static ports - driving me crazy...
On 2013-12-30 3:27 PM, Joerg Schilling joerg.schill...@fokus.fraunhofer.de wrote: Tanstaafl tansta...@libertytrek.org wrote: Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). Why don't you just use NFSv4? NFSv4 was designed to interact well with firewalls. I'm pretty sure these QNAP boxes don't support nfsv4
Re: [gentoo-user] NFS static ports - driving me crazy...
Bruce Hill da...@happypenguincomputers.com wrote: Why don't you just use NFSv4? NFSv4 was designed to interact well with firewalls. Jörg It just so happens that I'm setting up NFS atm using this guide: https://wiki.gentoo.org/wiki/NFSv4 This info unfortunately misses the port number: 2049 Jörg -- EMail:jo...@schily.isdn.cs.tu-berlin.de (home) Jörg Schilling D-13353 Berlin j...@cs.tu-berlin.de(uni) joerg.schill...@fokus.fraunhofer.de (work) Blog: http://schily.blogspot.com/ URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily
Re: [gentoo-user] NFS static ports - driving me crazy...
On Mon, Dec 30, 2013 at 10:04:29PM +0100, Joerg Schilling wrote: Bruce Hill da...@happypenguincomputers.com wrote: It just so happens that I'm setting up NFS atm using this guide: https://wiki.gentoo.org/wiki/NFSv4 This info unfortunately misses the port number: 2049 What do you mean by misses the port number: 2049? It's covered in the Troubleshooting section, as well as in man nfs. -- List replies preferred. A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? A: Top-posting. Q: What is the most annoying thing in e-mail? Don't top-post: http://en.wikipedia.org/wiki/Top_post#Top-posting
Re: [gentoo-user] NFS static ports - driving me crazy...
On Monday 30 December 2013 15:25:02 Tanstaafl wrote: Ok, my google-fu has failed me... I've found a few sites that describe how to set static ports for NFS mounting remote shares (I use iptables for both inbound AND outbound, and it is the outbound I'm having trouble with). This is for NFS CLIENT... I'm mounting NFS shares from my remote QNAP NAS boxes. I've tried specifying the ports in /etc/conf.d/nfs, and /etc sysctl.conf, but I must be missing something, because every time I reboot, some other port comes up being blocked when I try to mount the shares... Anyone? The references I've found are older, so maybe there is something new I'm missing? Maybe you it's the lockd port: $ cat /etc/modprobe.d/lockd.conf options lockd nlm_udpport=13003 nlm_tcpport=13003
