When large read and write operations are conducted on a NFSv4 share on a CentOS 7.3 client, I notice that the NFS mounts often time out.
Does a fresh, out-of-the-box installation of CentOS 7.3 require letting the NFS service through the default firewall? If so, how?
Theoretically, any network device like router or firewall may drop packages under load. However, it's more probable that your NFS server unable to handle large IO or your client is not optimally configured.
One of the problems that we have observed, that if client has lot of memory, then flush of dirty pages happens to late. As a result we had lot of nfs timeouts. Try to set
to reasonable numbers, like 500mb and 1GB. The defaults are ~ 10% and 20%, which might be too much.
Either the firewall lets the traffic pass or it blocks it. It won’t randomly block it only sometimes. If you can mount the share and transfer data, you have some other issues.
Turns out that this was a bug in the application itself on the client. Developer fixed it with a software update. NFS was configured properly on client, switch, and server.