LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices

Reply
 
Search this Thread
Old 05-01-2009, 02:24 AM   #1
danielmesserli
LQ Newbie
 
Registered: Apr 2008
Distribution: Fedora 8
Posts: 5

Rep: Reputation: 0
NFS and firewall in Fedora 8 environment


Hi all,
1 Can somebody explain the difference between PORTMAP and RPCbind ?
2 When I disable IPtables from the command line, then NFS functions
normally BUT
3 When (with IPtables started) I configure the firewall from the GUI tool (System --> Administration --> Firewall) to allow NFS as trusted service, and this is done of BOTH client and NFS server machine) then I get the famous " no route to host " error.

Then I am also unsure how NFS works in Fedora 8... is RPCbind something new or what is it ?
Do the nfs ports have to configured as static ?

I have read and looked around for docs and howto's etc. but I can not find any explanations or clear directives regarding this issue.

Can you please help ?

Thanks.
dan
 
Old 05-01-2009, 07:00 PM   #2
custangro
Senior Member
 
Registered: Nov 2006
Location: California
Distribution: Fedora , CentOS , Solaris 10, RHEL
Posts: 1,933
Blog Entries: 1

Rep: Reputation: 188Reputation: 188
Quote:
Originally Posted by danielmesserli View Post
Hi all,
1 Can somebody explain the difference between PORTMAP and RPCbind ?
2 When I disable IPtables from the command line, then NFS functions
normally BUT
3 When (with IPtables started) I configure the firewall from the GUI tool (System --> Administration --> Firewall) to allow NFS as trusted service, and this is done of BOTH client and NFS server machine) then I get the famous " no route to host " error.

Then I am also unsure how NFS works in Fedora 8... is RPCbind something new or what is it ?
Do the nfs ports have to configured as static ?

I have read and looked around for docs and howto's etc. but I can not find any explanations or clear directives regarding this issue.

Can you please help ?

Thanks.
dan
The problem is portmap.

Portmap "dynamically" assigns ports for NFS which makes firewall configurations difficult. This can be adjusted with the /etc/sysconfig/nfs file. Open the /etc/sysconfig/nfs and uncomment/add these entries...

Code:
LOCKD_TCPPORT=32803
LOCKD_UDPPORT=32769
MOUNTD_PORT=892
STATD_PORT=662
Now use system-config-network and add/checkon the following...

Quote:
nfs tcp/upd
111 tcp/upd
32803 tcp/udp
32769 tcp/udp
892 tcp/udp
662 tcp/udp
Now make sure that these start on boot...

Code:
root@fedora# chkconfig nfs on
root@fedora# chkconfig portmap on

Restart nfs...sometimes this isn't enough and you have to reboot.

-C

Last edited by custangro; 05-01-2009 at 07:08 PM.
 
1 members found this post helpful.
Old 05-07-2009, 11:24 AM   #3
danielmesserli
LQ Newbie
 
Registered: Apr 2008
Distribution: Fedora 8
Posts: 5

Original Poster
Rep: Reputation: 0
Hi Custangro,
sorry for the late reply...

So I am attempting to follow your instructions and run into a question:
After locking the ports in /etc/sysconfig/nfs ... did you not mean to write "system-config-securitylevel" to edit
the
nfs tcp/upd
111 tcp/upd
32803 tcp/udp
32769 tcp/udp
892 tcp/udp
662 tcp/udp
?
because I don't see anywhere where I could make changes in "system-config-network" ...

Cheers,
 
Old 05-07-2009, 11:54 AM   #4
custangro
Senior Member
 
Registered: Nov 2006
Location: California
Distribution: Fedora , CentOS , Solaris 10, RHEL
Posts: 1,933
Blog Entries: 1

Rep: Reputation: 188Reputation: 188
Quote:
Originally Posted by danielmesserli View Post
Hi Custangro,
sorry for the late reply...

So I am attempting to follow your instructions and run into a question:
After locking the ports in /etc/sysconfig/nfs ... did you not mean to write "system-config-securitylevel" to edit
the
nfs tcp/upd
111 tcp/upd
32803 tcp/udp
32769 tcp/udp
892 tcp/udp
662 tcp/udp
?
because I don't see anywhere where I could make changes in "system-config-network" ...

Cheers,
Sorry...it was a typo...

Try system-config-securitylevel
 
Old 05-08-2009, 05:28 AM   #5
danielmesserli
LQ Newbie
 
Registered: Apr 2008
Distribution: Fedora 8
Posts: 5

Original Poster
Rep: Reputation: 0
Hi Custangro,
..that's what I figured, a typo.

So now I am at the part where I ought to do:

[root@veda1201 ~]# chkconfig nfs on
[root@veda1201 ~]# chkconfig portmap on
error reading information on service portmap: No such file or directory
[root@veda1201 ~]# chkconfig rpcbind on
[root@veda1201 ~]#

as you see... portmap does not respond, I guess it isn't installed but rpcbind seems to respond.

So the portmap service is NOT running on my Fedora 8 system. That is where my original question sort of comes in, which was if RPCBind is simply a rename of PORTMAP... and it doesn't seem to be. There seems to be more to it...

Where do I go from here ? Is this the way it should be or am I barking up the wrong tree ?

Thanks for your continued help - really appreciate it !
dan
 
Old 05-08-2009, 09:52 AM   #6
custangro
Senior Member
 
Registered: Nov 2006
Location: California
Distribution: Fedora , CentOS , Solaris 10, RHEL
Posts: 1,933
Blog Entries: 1

Rep: Reputation: 188Reputation: 188
Quote:
Originally Posted by danielmesserli View Post
Hi Custangro,
..that's what I figured, a typo.

So now I am at the part where I ought to do:

[root@veda1201 ~]# chkconfig nfs on
[root@veda1201 ~]# chkconfig portmap on
error reading information on service portmap: No such file or directory
[root@veda1201 ~]# chkconfig rpcbind on
[root@veda1201 ~]#

as you see... portmap does not respond, I guess it isn't installed but rpcbind seems to respond.

So the portmap service is NOT running on my Fedora 8 system. That is where my original question sort of comes in, which was if RPCBind is simply a rename of PORTMAP... and it doesn't seem to be. There seems to be more to it...

Where do I go from here ? Is this the way it should be or am I barking up the wrong tree ?

Thanks for your continued help - really appreciate it !
dan
It seems that in Fedora 7 and Fedora 8, portmap has been replaced by RPCBind...so yes...

Also make sure the following is on/enabled...

Code:
rpcbind
nfs
nfslock
I haven't had to deal with RPCbind (since I'm more familiar with portmap) but I assume you also have to open the RPCBIND port...

What is the output of...

Code:
root@fedora# grep -i rpcbind /etc/services
-C
 
Old 12-07-2012, 07:11 PM   #7
kamaleshbv1
LQ Newbie
 
Registered: Apr 2011
Posts: 29

Rep: Reputation: 0
grep -i rpcbind /etc/services
sunrpc 111/tcp portmapper rpcbind # RPC 4.0 portmapper TCP
sunrpc 111/udp portmapper rpcbind # RPC 4.0 portmapper UDP
 
  


Reply

Tags
fedora, nfs, portmap


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
File integrity in Samba/NFS environment lqtim Linux - General 2 01-05-2009 05:22 PM
File integrity in Samba/NFS environment lqtim Linux - Software 1 01-04-2009 03:23 PM
File integrity in Samba/NFS environment lqtim Linux - Server 1 01-04-2009 03:22 PM
what nfs performance considerations are there for lamp environment globaltree Linux - Enterprise 1 01-07-2008 01:09 PM


All times are GMT -5. The time now is 06:10 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration