whitetiger264 commented on issue #7244: URL: https://github.com/apache/cloudstack/issues/7244#issuecomment-1439041934
Hi @DaanHoogland and @weizhouapache Thank you thus for all your efforts in trying to solve this. So it hit me that we never checked NFS logs, so I did and managed to find the reason why the `access denied` was being triggered: ``` [root@nfshost ~]# tail -f /var/log/messages | grep "rpc.mountd" Feb 21 22:08:06 nfshos rpc.mountd[23050]: refused mount request from 197.189.XXX.ZZZ for /data/secondary (/data/secondary): illegal port 30070 Feb 21 22:08:38 nfshos rpc.mountd[23050]: refused mount request from 197.189.XXX.ZZZ for /data/secondary (/data/secondary): illegal port 26659 ``` So because my local network, `192.168.50.0/24` is a NAT, when SSVM connects to my external NFS servers, it does this from the local IP address `192.168.50.75` this then passes out my gateway WAN IP `197.189.XXX.ZZZ` through a different port as shown above. The NFS server does not like this port and, therefore, refused the connection. I quick fix is to add `insecure` to my export file in the NFS servers, which I have and can confirm works 100% so it seems I need to find a way around this because using `insecure` is, well insecure and very much not recommended. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
