On Fri, 2005-11-18 at 09:21 -0500, James Pifer wrote: > On Fri, 2005-11-18 at 09:36 +0000, Nigel Wade wrote: > > James Pifer wrote: > > > Hi. I have a server in our DMZ and I'm exporting a specific directory > > > with NFS. I have an internal server that I want to mount it on. The > > > internal server is allowed through the firewall without restriction. > > > Firewall guy tells me it's wide open for this internal server, TCP and > > > UDP. > > > > > > When I try to mount the drive I get this error: > > > pmap_getmaps rpc problem: RPC: Unable to receive; errno = Connection > > > reset by peer > > > > > > On the server running NFS I get this: > > > rpc.mountd: authenticated mount request from [internal_server]:680 > > > for /usr/test (/usr/test) > > > > > > If I do an nmap from the internal server to the external server running > > > I get: > > > > > > (The 1648 ports scanned but not shown below are in state: closed) > > > PORT STATE SERVICE > > > 22/tcp open ssh > > > 80/tcp open http > > > 111/tcp open rpcbind > > > 443/tcp open https > > > 933/tcp open unknown > > > 5001/tcp open commplex-link > > > 5801/tcp open vnc-http-1 > > > 5901/tcp open vnc-1 > > > 10000/tcp open snet-sensor-mgmt > > > > > > A UDP port scan seems to hang. > > > > > > If I do an rpcinfo on the external server running NFS I get: > > > # rpcinfo -p 127.0.0.1 > > > program vers proto port > > > 100000 2 tcp 111 portmapper > > > 100000 2 udp 111 portmapper > > > 100024 1 udp 32768 status > > > 100024 1 tcp 32768 status > > > 391002 2 tcp 32769 sgi_fam > > > 100011 1 udp 930 rquotad > > > 100011 2 udp 930 rquotad > > > 100011 1 tcp 933 rquotad > > > 100011 2 tcp 933 rquotad > > > 100003 2 udp 2049 nfs > > > 100003 3 udp 2049 nfs > > > 100021 1 udp 32781 nlockmgr > > > 100021 3 udp 32781 nlockmgr > > > 100021 4 udp 32781 nlockmgr > > > 100005 1 udp 32782 mountd > > > 100005 1 tcp 59483 mountd > > > 100005 2 udp 32782 mountd > > > 100005 2 tcp 59483 mountd > > > 100005 3 udp 32782 mountd > > > 100005 3 tcp 59483 mountd > > > > > > Any thoughts on what the problem is? > > > > > > Thanks, > > > James > > > > > > > Check that all firewalls have been setup to allow UDP. It looks as though TCP is > > being allowed, but UDP is being blocked. > > > > What version of the kernel are you running on the server? It's only registering > > NFS vers 2&3 over UDP, not TCP. > > > > Although it took a while, it does appears that udp is working: > (The 1473 ports scanned but not shown below are in state: closed) > PORT STATE SERVICE > 123/udp open ntp > 676/udp open unknown > 743/udp open unknown > 2049/udp open nfs > 32768/udp open omad > ---- don't you need port 111 open? Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
