[
https://issues.apache.org/jira/browse/HDFS-6439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14004074#comment-14004074
]
Brandon Li commented on HDFS-6439:
----------------------------------
I've uploaded a file for the captured network trace: mount-nfs-requests.pcapng
I used root user on a VM as the NFS client. The VM has the OS CentOS 6.4 x64.
The VM has NFS gateway export mounted on ~/tmp already:
start capture-
1. first umount the mount point ~/tmp
2. mount the hdfs export again
end capture.
In the trace, we can see that the NFS client used privileged port for most
calls except that sometimes it uses non-privileged port to do MOUNT NULL and
NFS NULL calls.
> NFS should not reject NFS requests to the NULL procedure whether port
> monitoring is enabled or not
> --------------------------------------------------------------------------------------------------
>
> Key: HDFS-6439
> URL: https://issues.apache.org/jira/browse/HDFS-6439
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: nfs
> Reporter: Brandon Li
> Attachments: mount-nfs-requests.pcapng
>
>
> As discussed in HDFS-6406, this JIRA is to track the follow update:
> 1. Port monitoring is the feature name with traditional NFS server and we may
> want to make the config property (along with related variable
> allowInsecurePorts) something as dfs.nfs.port.monitoring.
> 2 . According to RFC2623 (http://www.rfc-editor.org/rfc/rfc2623.txt):
> {quote} Whether port monitoring is enabled or not, NFS servers SHOULD NOT
> reject NFS requests to the NULL procedure (procedure number 0). See
> subsection 2.3.1, "NULL procedure" for a complete explanation. {quote}
> I do notice that NFS clients (most time) send mount NULL and nfs NULL from no
> privileged port. If we deny that call in mountd or nfs server, the client
> can't mount the export even as user root.
> 3. it would be nice to have the user guide updated too.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
