Problem while writing files from NFS client to server behind firewall
(Edit: Forgot to mention NFS in the title)
For some time now, I'm having some problems with configuring an NFSv4 server to let it work with a firewall.
I've already searched to web, but I was unable to find a solution that works for me. I'm hoping that someone can help me here.
The situation is as follows:
I'm trying to connect an NFS client to an NFS server that is behind a firewall. I don't have access to this firewall, but I can contact the administrator to open some ports for me. I already did this for opening port 2049.
The result is that the client can read files from the server, but is unable to write files to the server. I believe that for writing an extra RPC-connection needs to be set up. However, the ports on which the RPC-connection is set up, seem to be different for every connection (I verified this using 'netstat -tn'). Clearly, this is a problem since the server is protected by the firewall.
Thus, what I want to do is configure the server in such a way, that it always uses the same server-side port(s) to connect with the writing clients (just like 2049 for reading). I've already tried to configure the /etc/default/nfs-kernel-server and /etc/default/nfs-common files, but that hasn't really worked out yet.
Because I don't like to contact the system admin every day, I hooked up 2 computers (client/server) on which I set up the same configuration (without the firewall). I'd like to see it working on those machines first (that is, 'netstat -tn' showing the correct port), before I contact the admin to open some extra ports.
Can anyone help me ?
in /etc/sysconfig/nfs yo can force each relevant NFS process to se a static port and bypass the need for the RPC services (although I think it might still be checked regardless). Better yet, use NFS4 and ignore it alltogether as it doesn't RPC for the data transfer, just direct TCP/2049
The thing is, I'm using NFS4...
It seems that other connections (on other ports than 2049) are used when writing data from clients.
Any further ideas? Thanks
|All times are GMT -5. The time now is 03:25 AM.|