Re: NFS through firewall

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

James Pifer wrote:

Hi. I have a server in our DMZ and I'm exporting a specific directory
with NFS. I have an internal server that I want to mount it on. The
internal server is allowed through the firewall without restriction.
Firewall guy tells me it's wide open for this internal server, TCP and
UDP. 
When I try to mount the drive I get this error:
pmap_getmaps rpc problem: RPC: Unable to receive; errno = Connection
reset by peer

On the server running NFS I get this:
rpc.mountd: authenticated mount request from [internal_server]:680
for /usr/test (/usr/test)

If I do an nmap from the internal server to the external server running
I get:

(The 1648 ports scanned but not shown below are in state: closed)
PORT      STATE SERVICE
22/tcp    open  ssh
80/tcp    open  http
111/tcp   open  rpcbind
443/tcp   open  https
933/tcp   open  unknown
5001/tcp  open  commplex-link
5801/tcp  open  vnc-http-1
5901/tcp  open  vnc-1
10000/tcp open  snet-sensor-mgmt
A UDP port scan seems to hang. 
If I do an rpcinfo on the external server running NFS I get:
# rpcinfo -p 127.0.0.1
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  32768  status
    100024    1   tcp  32768  status
    391002    2   tcp  32769  sgi_fam
    100011    1   udp    930  rquotad
    100011    2   udp    930  rquotad
    100011    1   tcp    933  rquotad
    100011    2   tcp    933  rquotad
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100021    1   udp  32781  nlockmgr
    100021    3   udp  32781  nlockmgr
    100021    4   udp  32781  nlockmgr
    100005    1   udp  32782  mountd
    100005    1   tcp  59483  mountd
    100005    2   udp  32782  mountd
    100005    2   tcp  59483  mountd
    100005    3   udp  32782  mountd
    100005    3   tcp  59483  mountd

Any thoughts on what the problem is?

Thanks,
James
Check that all firewalls have been setup to allow UDP. It looks as though TCP is being allowed, but UDP is being blocked.
What version of the kernel are you running on the server? It's only registering NFS vers 2&3 over UDP, not TCP. 

--
Nigel Wade, System Administrator, Space Plasma Physics Group,
            University of Leicester, Leicester, LE1 7RH, UK
E-mail :    nmw@xxxxxxxxxxxx
Phone :     +44 (0)116 2523548, Fax : +44 (0)116 2523555
[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux