Debian DokuWiki

User Tools

Site Tools

Trace: mysql_copy_between_servers streaming_replication tomcat squid iptables tuneup_guide solaris james check_service_and_restart_if_failed quick_tips_to_securing_windows_desktop
nfs

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
nfs [2011/11/10 17:16] k2patelnfs [2020/08/10 02:35] (current) – external edit 127.0.0.1
Line 3: Line 3:
 This is the notes from my setup. This is the notes from my setup.
  
-==== Server ====+===== Server ====
 + 
 +==== Export ==== 
 I am setting up server for NFSv4 without Security IP based access list.\\ I am setting up server for NFSv4 without Security IP based access list.\\
 **NOTE :** Match your uid with anonuid **NOTE :** Match your uid with anonuid
Line 13: Line 16:
 /home/net/Pictures  192.168.1.4(rw,nohide,sync,insecure,no_root_squash,no_subtree_check,anonuid=1000,anongid=100) /home/net/Pictures  192.168.1.4(rw,nohide,sync,insecure,no_root_squash,no_subtree_check,anonuid=1000,anongid=100)
 </code> </code>
 +
 +==== NFS Ports ====
 +
  
 Now change following settings.\\ Now change following settings.\\
 If any of the variable not exists please add as new line.\\ If any of the variable not exists please add as new line.\\
-**NOTE :** Use What ever port you like match to the iptables rule after.+These disables legacy version and NFS v3 Support.\\ 
 +As keeping NFSv3 Support lead you to open many port in firewall and might cause issue on permission.\\ 
 <code bash | /etc/sysconfig/nfs> <code bash | /etc/sysconfig/nfs>
-LOCKD_TCPPORT=59620 +MOUNTD_NFS_V1="no" 
-LOCKD_UDPPORT=59620 +MOUNTD_NFS_V2="no" 
-STATD_PORT=59622 +RPCNFSDARGS="-N 2 -N 3 -U"
-MOUNTD_PORT=59621+
 </code> </code>
 +
 +==== Firewall ====
  
 Add Following lines to your firewall rules. Add Following lines to your firewall rules.
  
 <code bash | /etc/sysconfig/iptables> <code bash | /etc/sysconfig/iptables>
--A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT +-A INPUT -s 192.168.1.4 -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT
--A INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT +
--A INPUT -m state --state NEW -m udp -p udp --dport 2049 -j ACCEPT +
--A INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT +
--A INPUT -m state --state NEW -m tcp -p tcp --dport 59620 -j ACCEPT +
--A INPUT -m state --state NEW -m tcp -p tcp --dport 59621 -j ACCEPT +
--A INPUT -m state --state NEW -m tcp -p tcp --dport 59622 -j ACCEPT +
--A INPUT -m state --state NEW -m udp -p udp --dport 59620 -j ACCEPT +
--A INPUT -m state --state NEW -m udp -p udp --dport 59621 -j ACCEPT +
--A INPUT -m state --state NEW -m udp -p udp --dport 59622 -j ACCEPT+
 </code> </code>
 +
 +==== Services ====
  
 Now restart / start all modified services.\\ Now restart / start all modified services.\\
Line 46: Line 48:
   * systemctl restart iptables.service   * systemctl restart iptables.service
   * systemctl restart nfs-idmap.service   * systemctl restart nfs-idmap.service
-  * systemctl resteart nfs-lock.service 
   * systemctl restart nfs-server.service   * systemctl restart nfs-server.service
  
 +===== Client =====
 +
 +To setup client to mount exported FS use following.
 +<code bash | /etc/fstab>
 +192.168.1.5:download /opt/download nfs4 proto=tcp,intr,rw 0 0
 +192.168.1.5:movies      /opt/movies nfs4 proto=tcp,intr,rw 0 0
 +192.168.1.5:net/Pictures /opt/Picture nfs4 proto=tcp,intr,rw 0 0
 +192.168.1.5:net/Music /opt/Music nfs4 proto=tcp,intr,rw 0 0
 +</code>
  
 +You can refer following manual for further information.\\
 +Since all these is some how i gathered from these documentation.\\
  
 [[http://docs.fedoraproject.org/en-US/Fedora/14/html/Storage_Administration_Guide/s1-nfs-server-export.html | Best Referance]] [[http://docs.fedoraproject.org/en-US/Fedora/14/html/Storage_Administration_Guide/s1-nfs-server-export.html | Best Referance]]
nfs.1320945368.txt.gz · Last modified: 2020/08/10 02:30 (external edit)