Case Summary: NFS Mount Failure (EPERM) due to Tailscale Routing Conflict Issue: An Ubuntu 24.04 LTS client (Firebat F1) was unable to mount NFS shares from a TrueNAS server on the same local subnet (192.168.254.0/24), resulting in an Operation not permitted (EPERM) error. Other services like CIFS/SMB and HTTP remained functional.
Root Cause Analysis: The problem was caused by a routing conflict introduced by Tailscale. A remote node in the Tailnet (pfSense) was advertising the local subnet (192.168.254.0/24) as a Subnet Route. On the Ubuntu 24.04 client, Tailscale's Policy-Based Routing (PBR) took precedence over the local main routing table. As a result, traffic destined for the local NAS was being "hijacked" and encapsulated into the Tailscale tunnel. The TrueNAS server received the NFS request with a source IP from the Tailscale range (100.x.x.x) instead of the authorized local IP range, leading to a security rejection at the protocol level. Resolution: The issue was resolved by adjusting the routing priority to ensure the physical local interface (LAN) is checked before the Tailscale routing table. This was achieved by adding a high-priority routing rule: sudo ip rule add to 192.168.254.0/24 lookup main priority 5000 Permanent Fix: Applied the routing policy via Netplan to ensure the rule persists across reboots and is applied during the network interface initialization, before NFS attempts to mount via /etc/fstab. Please close the case. this time Gemini > GPT ;) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2141470 Title: NFS mount fails with Operation not permitted on Firebat F1, Ubuntu 24.04.03 LTS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nfs-utils/+bug/2141470/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
