Home / ubuntu / Questions / 854941
In Process
Orian
Asked: 2016-11-30 04:45:01 +0800 CST

Ubuntu 16.04 NFS Exports/Shares not mounting on client machine

  • 772

I have followed the available posts as much as possible to configure NFS on two Ubuntu machines.

I have installed the nfs-kernel-server on the host system, set up the exports on the server. I even shut down the firewall to make sure it wasn't getting in the way. The client machine also has the server installed as well as the nfs-common client package.

When I attempt to mount ANY of the shares at the client. (current mount location is /home/nfs_local). The terminal hangs with no response for a very long time, when it just says "Connection Timed Out".

I am trying to mount using this command structure to mount the shares at the client's terminal:

$ sudo mount 192.168.10.111:/home/uname /home/nfs_local

Here is what my exports currently look like in /etc/exports

/home 192.168.10.128/255.255.255.0(ro,anonuid=65534,no_subtree_check,insecure,sync,nohide) /home/uname 192.168.10.128/255.255.255.0(rw,anonuid=65534,no_subtree_check,insecure,sync,nohide) /mnt/volumes/Massive_A 192.168.10.128/255.255.255.0(rw,nohide,no_subtree_check,insecure,sync) /mnt/volumes/Massive_B 192.168.10.128/255.255.255.0(rw,nohide,no_subtree_check,insecure,sync) /mnt/volumes/Massive_C 192.168.10.128/255.255.255.0(rw,nohide,no_subtree_check,insecure,sync) /mnt/volumes/SSD_B 192.168.10.128/255.255.255.0(rw,nohide,no_subtree_check,insecure,sync)

rpcinfo -p (server side) gives the following output:

100000    4   tcp    111  portmapper
100000    3   tcp    111  portmapper
100000    2   tcp    111  portmapper
100000    4   udp    111  portmapper
100000    3   udp    111  portmapper
100000    2   udp    111  portmapper
100005    1   udp  46285  mountd
100005    1   tcp  40996  mountd
100005    2   udp  37056  mountd
100005    2   tcp  56903  mountd
100005    3   udp  59774  mountd
100005    3   tcp  33079  mountd
100003    2   tcp   2049  nfs
100003    3   tcp   2049  nfs
100003    4   tcp   2049  nfs
100227    2   tcp   2049
100227    3   tcp   2049
100003    2   udp   2049  nfs
100003    3   udp   2049  nfs
100003    4   udp   2049  nfs
100227    2   udp   2049
100227    3   udp   2049

And, the firewall is inactive:

$ ufw status (server side and client side)

Status: Inactive

Can anyone spot what I am missing here? Eventually, I want to add these to fstab to be mounted automatically on boot... OR use a script for each share... Advice on the pros/cons of this usage also greatly appreciated.

Thank you for reading.

networking

1 Answers

  1. Thanks to @ridgy for pointing me in the direction of this solution.

    When using NFS, it is necessary to make sure the ports 111 and 2049 are open to TCP and UDP traffic. (If you are ONLY using NFS v4, you don't need the 111 PORTMAPPER port) You can restrict it to your local network as you see fit. But, it must be open on both client and server for both traffic types.

    If you want to use the command line, first check the status of the firewall, issuing

    $ sudo ufw status

    if the returned info states "Status: Inactive", Then you can either leave it off or activate it and enter rules to allow NFS and its PORTMAPPER data to pass through.

    Issue the directive:

    $ sudo ufw enable

    to start the firewall service

    Check the current rules by issuing the status directive again

    $ sudo ufw status

    You will see the list of rules that are currently defined (If any have been defined) However, you should now see that the status directive returns;

    Status: Active

    Look for any rules that apply to ports 2049 and 111. They should both be open to TCP and UDP traffic... from "anywhere" (This should be tightened up after your shares are operating - depending on your situation) *NOTE the firewall generally, allows you to apply rules based on "APPLICATION" defaults, however, save yourself some time. I found that NFS is not on the list.

    The output should look something like this:

     To                 Action          From 
111,2049/tcp       ALLOW           ANYWHERE 
111,2049/udp       ALLOW           ANYWHERE 
111,2049/tcp (v6)  ALLOW           ANYWHERE (v6) 
111,2049/udp (v6)  ALLOW           ANYWHERE (v6)

    If you do not see the ports explicity opened, then you can issue the following directives to open them. This must be done on host and client.

    $ sudo ufw allow 2049
$ sudo ufw allow 111

    NOTE: This will open these ports to ALL traffic not just NFS and PORTMAPPER. I highly recommend that - once you have your NFS exports/mounts working properly, that you revisit firewall configuration to tighten the security around these ports. (This is currently beyond my knowledge and the scope of this answer)

    Once again issue the ufw status directive to make sure the entries were properly added to your firewall rules.

    NOW... for the embarassing part... The firewall on the host and client systems may not be your only firewall problem. You must insure that your router is not blocking these ports as well. (This caused some hair pulling in my case. As I had tunnel-vision on the two machines. And, totally forgot the harware between them.) Thanks again @ridgy !

    I am using an ASUS AC3200 with DD-WRT. So, of course, your router system will, likely be different.

    If your router firewall is active (recommended), refer to your manufacturer's instructions on how to open ports 111 and 2049 to LAN traffic... Optionally, and just to get things working, you can TEMPORARILY disable your router's firewall (not recommended) until you get your exports/mounts working properly.

    I sincerely hope this experience is helpful to anyone having the same issues with implementing and NFS network environment.

    • 1