LinuxQuestions.org
LinuxAnswers - the LQ Linux tutorial section.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
LinkBack Search this Thread
Old 05-24-2005, 08:12 AM   #1
bcal
Member
 
Registered: Nov 2004
Distribution: FC3/winXP dual-boot
Posts: 61

Rep: Reputation: 15
FC3 nfs share to RH9 client


I've just built a machine from old bits, with a hard drive so old that it can't take FC3, so I installed RH9 on it. I want to share a directory from the FC3 machine to the RH9 one. Both machines can ping each other, I have exported the directory I want to share on the FC3 machine; the /etc/exports file reads:
/imports/4network 192.168.0.5(ro,insecure,sync)

The nfs daemon is running on the FC3 server.

When I try to mount the share directory on the RH9 client using
mount lerebus:/imports/4network /mnt/network/
<lerebus is the FC3 machine name, assigned 192.168.0.2 in /etc/hosts file in the RH9 machine>

I get the error
mount: RPC: Remote system error - No route to host

I've done a search for this on the net and it seems to be a firewall problem on the server. However, (a) all the solutions seem to deal with ipchains rather than iptables and (b) this firewall configuration stuff is all new to me and fairly unintelligible, so I don't know what to change to fix this problem and still keep the security tight.

rpcinfo -p on the RH9 client gives:
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32768 status
100024 1 tcp 32768 status
391002 2 tcp 32768 sgi_fam
100011 1 udp 729 rquotad
100011 2 udp 729 rquotad
100011 1 tcp 732 rquotad
100011 2 tcp 732 rquotad


rpcinfo -p on the FC3 server:
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32768 status
100024 1 tcp 32768 status
100011 1 udp 824 rquotad
100011 2 udp 824 rquotad
100011 1 tcp 827 rquotad
100011 2 tcp 827 rquotad
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100021 1 udp 32771 nlockmgr
100021 3 udp 32771 nlockmgr
100021 4 udp 32771 nlockmgr
100021 1 tcp 32771 nlockmgr
100021 3 tcp 32771 nlockmgr
100021 4 tcp 32771 nlockmgr
100005 1 udp 840 mountd
100005 1 tcp 843 mountd
100005 2 udp 840 mountd
100005 2 tcp 843 mountd
100005 3 udp 840 mountd
100005 3 tcp 843 mountd


iptables -L on the FC3 server
Chain INPUT (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain FORWARD (policy ACCEPT)
target prot opt source destination
RH-Firewall-1-INPUT all -- anywhere anywhere

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain RH-Firewall-1-INPUT (2 references)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT ipv6-crypt-- anywhere anywhere
ACCEPT ipv6-auth-- anywhere anywhere
ACCEPT udp -- anywhere 224.0.0.251 udp dpt:5353
ACCEPT udp -- anywhere anywhere udp dpt:ipp
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
REJECT all -- anywhere anywhere reject-with icmp-host-prohibited


Any other info I should be providing, just tell me. Thanks.
 
Old 05-24-2005, 08:32 AM   #2
fr_laz
Member
 
Registered: Jan 2005
Location: Cork Ireland
Distribution: Debian
Posts: 384

Rep: Reputation: 32
Hi,

if that's a firewall related problem, then stop the firewall (/etc/rc.d/init.d/iptables stop, then issue a iptables -L to verify that default policies are set t oaccept) and retry your mount command.
 
Old 05-25-2005, 05:33 AM   #3
bcal
Member
 
Registered: Nov 2004
Distribution: FC3/winXP dual-boot
Posts: 61

Original Poster
Rep: Reputation: 15
Tried that - thanks for the suggestion. Now I get and RPC: Timeout error.

In any case, turning off the firewall is OK to check whether that's the problem, but it's not a long-term solution. Surely there has to be a way to let the communication through the firewall.

Still, fix the timeout problem first I guess. Any ideas?

Last edited by bcal; 05-25-2005 at 05:35 AM.
 
Old 05-26-2005, 07:34 AM   #4
fr_laz
Member
 
Registered: Jan 2005
Location: Cork Ireland
Distribution: Debian
Posts: 384

Rep: Reputation: 32
Hi,

I agree, stoping firewall isn't a final solution ! The issue is that nfs uses sun-rpc which elects a dynamical port to transfer the files. So you cannot set up an iptables rule to match nfs... that's a typical connexion tracking issue. The link below explains hos to configure nfs so that it uses allways the same port, thus you'll be able to create a rule for it :
http://www.lowth.com/LinWiz/nfs_help.html

as for the timeout, I see this error every time I try to mount through nfs a filesystem that's not accessible (not mounted on the nfs server, nfs server down...).
I propose that you:
_ check out that you wrote the right IP address in /etc/exports
_ check out that nfs-kernell-server and nfs-common run on the server (I believe that both are needed)
_ check out that there's not a firewall on the client side that would block nfs

Good luck !
 
Old 05-30-2005, 01:03 PM   #5
bcal
Member
 
Registered: Nov 2004
Distribution: FC3/winXP dual-boot
Posts: 61

Original Poster
Rep: Reputation: 15
OK thanks, I'm away at the moment but I'll give it a try once I'm back in a couple of days. Although I have a suspiscion that the article you linked to is one that lost me in jargon when I looked around for solutions before...not to worry, I'll have a crack at it

Is there an easier way to do what I'm trying to do? I'm pretty sure I read somewhere that linux is *the* system for networking - one of the reasons I thought I'd try to link the machines. To my simple mind (not kidding, very much a newbie) it seems anything but...I can get the linux machine talking to windows easier than to another linux box!

Last edited by bcal; 05-30-2005 at 01:05 PM.
 
Old 06-07-2005, 09:23 AM   #6
bcal
Member
 
Registered: Nov 2004
Distribution: FC3/winXP dual-boot
Posts: 61

Original Poster
Rep: Reputation: 15
OK, I'm back...

I had to stop both the client and server firewalls to get the mount command to work. Thanks for the suggestion, I had assumed stopping just the server firewall would be enough.

I had a look at the article at http://www.lowth.com/LinWiz/nfs_help.html. However, I'm not clear on which rules should be changed for which machine. Should both firewalls have all the changes implemented? Or should some changes be implemented for the server and others for the client? I had a look at the wizards linked from that page too, but still confused. Sorry, obviously security isn't my background! All help appreciated as always.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
NFS client = Linux, NFS server = Mac OS X Tiger --> Hell of a problem make Linux - Networking 9 03-10-2006 05:16 AM
nfs client on knoppix 3.9 - problem mounting nfs drive Rod Butcher Linux - Networking 1 09-21-2005 04:18 AM
SuSE 9.0 NFS client with RHL 7.3 NFS server ocjacob Linux - Networking 0 02-01-2005 01:01 PM
nfs client should it use tcp or udp to nfs serve rportmapper andersonas Linux - Networking 2 06-30-2004 12:05 PM
NFS<IRIX -> RH9 Client ibm1130 Linux - Networking 1 11-20-2003 11:47 AM


All times are GMT -5. The time now is 09:13 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration