July 9, 2008 08:09am pdt

1. mikelfritz 4,680
2. omarfarid 2,800
3. robocat 2,436
4. chops_uk 2,000
4. AllKnowing1 2,000
4. LinuxNtw... 2,000
4. plug1 2,000
4. and235100 2,000
4. kidwickid 2,000
4. Nopius 2,000
4. Rance_Hall 2,000
12. duncan_roe 1,500
12. MicheleM... 1,500
12. wombatOf... 1,500
15. ravenpl 1,300

1. omarfarid 6,300
2. mikelfritz 4,680
3. robocat 4,436
4. Nopius 4,000
5. ravenpl 3,175
6. meyersd 2,000
6. Rance_Hall 2,000
6. AllKnowing1 2,000
6. LinuxNtw... 2,000
6. plug1 2,000
6. elgrullo420 2,000
6. mmonge 2,000
6. Reducer01 2,000
6. ShineOn 2,000
6. alextoft 2,000
6. chops_uk 2,000
6. m1tk4 2,000
6. kidwickid 2,000
6. and235100 2,000
6. veedar 2,000
6. Phil_Agc... 2,000
6. TechSoEasy 2,000

04.07.2008 at 05:58PM PDT, ID: 23303311

	[x] Attachment Details

[x]

The Solution Rating System

With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.

The Grade of the Solution
The Zone Rank of the Expert Providing the Solution
The Number of Author and Expert Comments
The Number of Experts Contributing
The Feedback of the Community

Your Input Matters
Because of the way the system is set up, the most important variable in this equation is you. As a member of Experts Exchange, you are able to cast your vote on the quality of the solutions in regard to how complete, accurate, helpful and easy to understand each solution is. When you provide your feedback, each rating is adjusted accordingly. So, if you see a solution that has a poor rating that you think is a good solution, let us know by rating it. As you do, the rating will be adjusted and will become more accurate for other members of our site.

If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support.

Thank you!

7.6

RPC/portmap problems with NFS client

Zones: NFS File Server, Linux, Linux Administration

Tags: Linux, NFS

srv1: NFS server (working) and client (not working)
srv2: NFS server (not working) and client (working, connected to srv1)

srv1 is sharing out my home directories to various Linux machines via NFS, I have Debian, Ubuntu, Suse, and Fedora all connected to this server no problem. I want srv2 to share out a set of directories to all of the same Linux machines. I've setup NFS pretty much the same except for the exports. The hosts.allow, hosts.deny, and hosts files are all very similar.

If I "rpcinfo -p localhost" on srv2 I get:

program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100021 1 udp 32769 nlockmgr
100021 3 udp 32769 nlockmgr
100021 4 udp 32769 nlockmgr
100021 1 tcp 48227 nlockmgr
100021 3 tcp 48227 nlockmgr
100021 4 tcp 48227 nlockmgr
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100005 1 udp 618 mountd
100005 1 tcp 621 mountd
100005 2 udp 618 mountd
100005 2 tcp 621 mountd
100005 3 udp 618 mountd
100005 3 tcp 621 mountd
100024 1 udp 32784 status
100024 1 tcp 35334 status

But if I "rpcinfo -p srv2" from srv1 I get:

No remote programs registered.

"showmount -e srv2" from any client gives a similar error.

I've disabled IPv6 and flushed all of my firewall rules using

iptables -F
iptables-save

One minor difference that I don't know whether it matters or not is that If I execute "ps aux | grep portmap" on the working server it shows that /sbin/portmap is being run by rpc and on the one that doesn't work it is being run as daemon. Should this make a difference?

I've quadruple checked my files and I'm pretty much lost on what else to do.

Start your free trial to view this solution

Question Stats

Zone: Software

Question Asked By: coanda

Solution Provided By: duncan_roe

Participating Experts: 2

Solution Grade: B

Translate:

Loading Advertisement...

Microsoft

Internet Protocols
Applications

Development
OS

Hardware
Windows Security

Apple

Operating Systems
Hardware

Programming
Networking

Software

Internet

Search Engines
File Sharing
WebTrends / Stats
Spy / Ad Blockers

Web Browsers
New Net Users
Web Development
Chat / IM

Anti Spam
Web Servers
Anti-Virus
Email Clients

Gamers

Tips
Online / MMORPG
Puzzle
Emulators

Action / Adventure
Role Playing
Consoles
Game Programming

Strategy
Sports
Misc
Computer Games

Digital Living

Hardware
New Net Users
New Users

Software
Digital Music
Gaming World

Home Security
Apple
Networking Hardware

Virus & Spyware

Vulnerabilities
IDS
Encryption
Anti-Virus

Operating Systems Security
Software Firewalls
WebApplications
Cell Phones

Operating Systems
Internet
Hardware Firewalls

Hardware

Handhelds / PDAs
Displays / Monitors
Components
Networking Hardware

Peripherals
Laptops/Notebooks
Storage
Servers

Desktops
New Users
Misc
Apple

Software

System Utilities
Industry Specific
Network Management
Photos / Graphics
Page Layout
VMWare
Misc
Web Development

OS
CYGWIN
Voice Recognition
Message Queue
Quality Assurance
Security
Firewalls
MultiMedia Applications

Development
Database
Office / Productivity
Business Management
OS/2 Apps
Server Software
Internet / Email

ITPro

OS
Storage
Encryption
Operating Systems Security
Apple Hardware
Laptops & Notebooks
Servers
Networking Hardware
Peripherals

Devices
Displays / Monitors
WebTrends / Stats
Search Engines
Firewalls
WebApplications
IDS
Vulnerabilities
Email Clients

File Sharing
Spy / Ad Blockers
Web Browsers
Web Servers
Networking
Anti-Virus
Chat / IM
Anti Spam

Developer

Web Servers
Web Browsers
Game Programming
Dev Tools
Industry Specific
Office / Productivity

Database
CYGWIN
Web Development
Search Engines
File Sharing
WebTrends / Stats

Programming
Content Management
Application Servers
Protocols

Storage

Removable Backup Media
Storage Technology
Servers

Grid
Remote Access
Backup / Restore

Misc
Hard Drives

Miscellaneous
Security
Development
Linux
VMWare

MainFrame OS
Unix
Apple
OS / 2
AS / 400

BeOS
Microsoft
VMS / OpenVMS

Database

Oracle
Miscellaneous
MySQL
Software
Sybase
Contact Management
PostgreSQL
Data Manipulation
Clarion
InterSystems Cache

Siebel
MUMPS
OLAP
SQLBase
SAS
GIS & GPS
4GL
Berkeley DB
DB2
Informix

Interbase / Firebird
FoxPro
Reporting
LDAP
Filemaker Pro
MS SQL Server
dBase
MS Access

Security

Misc
Web Browsers
Software Firewalls
Operating Systems Security
File Sharing

Spy / Ad Blockers
Vulnerabilities
WebApplications
IDS
Anti-Virus

Encryption
Anti Spam
Email Clients
VPN
Chat / IM

Programming

Editors IDEs
Installation
Handhelds / PDAs
Multimedia Programming
System / Kernel

Algorithms
Game
Signal Processing
Project Management
Open Source

Database
Misc
Languages
Processor Platforms
Theory

Web Development

Scripting
Blogs
Web Servers
Software
Search Engines
Web Graphics
Images

Internet Marketing
Images and Photos
Components
Document Imaging
Web Languages/Standards
Illustration
WebApplications

Fonts
WebTrends / Stats
Authoring
Digital Camera Software
Miscellaneous

Networking

Protocols
Apple Networking
Network Management
Message Queue
Application Servers
Content Management
File Servers
Email Servers
Misc
Java Editors & IDEs

Wireless
Networking Hardware
Backup / Restore
System Utilities
ISPs & Hosting
Web Servers
Storage Technology
Removable Backup Media
Servers
Broadband

Grid
OS / 2
Novell Netware
Unix Networking
Windows Networking
Security
Telecommunications
Operating Systems
Linux Networking

Other

Community Advisor
Lounge
Community Support
New Net Users

Philosophy / Religion
Math / Science
Miscellaneous
URLs

Expert Lounge
Politics
Puzzles / Riddles

Community Support

Suggestions
New to EE
New Topics
Community Advisor

CleanUp
Announcements
General

Feedback
Input
EE Bugs

04.08.2008 at 03:43AM PDT, ID: 21303846

Rank: Wizard

duncan_roe:

What error do you get when on svr1 you try a mount of an svr2 disk?

04.08.2008 at 10:14AM PDT, ID: 21307409

coanda:

No remote programs registered.

04.08.2008 at 10:17AM PDT, ID: 21307440

coanda:

ignore that, I misunderstood.

mount: mount to NFS server 'srv2' failed: RPC Error: Program not registered.

04.08.2008 at 02:24PM PDT, ID: 21309790

Rank: Wizard

duncan_roe:

Can you telnet from svr1 to svr2 and verify you really land up on svr2 and not some other machine. On loging in, try rpcinfo -p localhost

04.08.2008 at 02:48PM PDT, ID: 21309980

coanda:

I don't have a telnet service enabled on srv2 but I can ssh into it from srv1 and rpcinfo -p localhost comes up with same output as it does from the srv2 console.

04.10.2008 at 10:40AM PDT, ID: 21327379

coanda:

This could possibly be a result of the kernel that I'm using, I've gone into menuconfig to reconfigure and I have nfs support compile with module support. Does anyone know if this will have an effect with network access to nfs shares?

04.10.2008 at 03:15PM PDT, ID: 21329853

Rank: Wizard

duncan_roe:

Unlikely to be a problem. You can do an lsmod on svr2 to verify that the nfs modules are loaded. Muntd or exportfs should have pulled them in. Worth checking though - as root you can modprobe them if by some chanve they're not loaded.
I just tried an experiment which might interest you: my router/ /firewall can nfs-mount file systems but doesn't usually (the facility is only there for maintenance). rpcinfo works fine to this system. The nfs module did not show in lsmod. I then did an nfs mount and the nfs module was mounted.
On my server system, the nfsd module is also mounted and there are nfsd daemons running

04.10.2008 at 03:16PM PDT, ID: 21329859

Rank: Wizard

duncan_roe:

Muntd should have been Mountd

04.10.2008 at 03:45PM PDT, ID: 21330049

coanda:

You're right, nfs was loaded my exportfs, lockd, and sunrpc as well as some others. Hopefully that means compiling a new kernel is not necessary since I seem to be running into troubles while doing that as well.

Is there a possibility that Debian uses NFSv4 by default? I've only been trying to access from clients using v3.

04.11.2008 at 04:10AM PDT, ID: 21333016

Rank: Wizard

duncan_roe:

I really don't know what they would have configured. You could check with make xconfig or make menuconfig - assuming you can find the .config your system was built with. It may be available as /proc/config.gz.
I think the real problem is whatever causes the failure of rpcinfo -p svr2 to show anything when issued from svr1. I did think that possibly svr1's /etc/hosts had svr2's IP address wrong, which is why I asked you to try a telnet. If using static addresses, it might still be worth checking that file for consistency on both systems. Otherwise, I'm starting to run out of ideas

04.11.2008 at 05:28AM PDT, ID: 21333512

elf_bin:

Your portmap is not running or answering correctly.
1) Disable the firewall completely!
2) Disable selinux
3) telnet from srv1 (the working one) to srv2 (the not-working one) on port 111 (telnet srv2 111), if you get a connection - even for just a short while, that proves *something* is listening on port 111, if you don't, nothing is listening on 111. To prove the successful case is portmap, switch off portmap (/etc/init.d/portmap stop) & repeat the test. If you get a connection, something else (apart from portmap) is listening there and portmap can't listen where something else is listening. If you don't get a connection portmap was listening there.

04.11.2008 at 01:57PM PDT, ID: 21338183

coanda:

1) How can I disable the firewall in Debian completely, I've flushed iptables, but I can't shut the service down because there is no /etc/init.d/iptables to stop
2) I changed /etc/selinux/config so that the policy is disabled, then rebooted
3) I can telnet into port 111 when portmap is running and I'm not able to when it isn't

04.11.2008 at 04:01PM PDT, ID: 21338852

Rank: Wizard

duncan_roe:

Iptables is not a service, it's part of the IP stack in linux. If you have flushed all the rules, it should have no effect.
As regards your point 3 - it seems you can definitely get a network connection to svr2's portmap. Does rpcinfo now report anything? How does rpcinfo -p svr2 behave when portmap is not running on svr2?

04.11.2008 at 04:20PM PDT, ID: 21338926

coanda:

rpcinfo -p srv2 (from srv1) still returns with the error "No remote programs registered" when the server is running, and when it's not I get the message "rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused"

04.11.2008 at 04:30PM PDT, ID: 21338955

Rank: Wizard

duncan_roe:

Think I found it - I can duplicate the scenario here anyway.
For remote requests, rpcinfo accesses /etc/hosts.allow and /etc/hosts.deny.
A typical hosts.deny file contains the line:
ALL:ALL
meaning that only hosts mentioned in hosts.allow get any service.
You can learn about the format of these files by typing "man -s 5 hosts_access"

                       
         
           
           
             09:13:49$ rpcinfo -p dullstar # ALL;ALL in dullstar's hosts.deny
No remote programs registered.
09:24:08$ rpcinfo -p dullstar # commented-out ALL:ALL
   program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100001    5   udp    911  rstatd
    100001    3   udp    911  rstatd
    100001    2   udp    911  rstatd
    100001    1   udp    911  rstatd
           
         

Open in New Window

04.11.2008 at 04:34PM PDT, ID: 21338963

Rank: Wizard

duncan_roe:

ALL;ALL is a typo - should be colon ALL:ALL

04.11.2008 at 04:50PM PDT, ID: 21339047

coanda:

These are my hosts. files on srv2

/etc/hosts.deny

portmap: ALL
lockd: ALL
mountd: ALL
#rpcbind: ALL
rquotad: ALL
statd: ALL

/etc/hosts.allow

portmap: srv1 , ubufs1 , ubufs2 , vmhost
lockd: srv1 , ubufs1 , ubufs2 , vmhost
mountd: srv1 , ubufs1 , ubufs2 , vmhost
#rpcbind: srv1 , ubufs1 , ubufs2 , vmhost
rquotad: srv1 , ubufs1 , ubufs2 , vmhost
statd: srv1 , ubufs1 , ubufs2 , vmhost

Maybe this is a source of some of my problems, but these files are almost identical to what I have working on a Fedora installation.

04.11.2008 at 05:18PM PDT, ID: 21339180

Rank: Wizard

duncan_roe:

Temporarily put ALL:ALL at the head of hosts.allow. That will fix it, if it is the problem.
If that doesn't fix it, monitor portmap with strace during a failed call. That's how I found out about hosts.allow/deny

Check spelling of srv1 on portmap line in hosts.allow

Accepted Solution

04.13.2008 at 12:25PM PDT, ID: 21345851

coanda:

Ok, now I get the correct response from rpcinfo on srv1, but this doesn't really feel like the proper way of setting it up. I don't know why it wasn't working before when I was just using the above hosts.allow file, the host names were all correct. Oh well, I'm not sure I care enough to do it by host name so I may try using a subnet later but for now this is good enough. Thanks.

20080236-EE-VQP-29 / EE_QW_2_20070628