Solved

NFS setup

Posted on 2002-05-28
23
745 Views
Last Modified: 2010-03-18
I have two Red Hat 7.3 boxes. One a server. The other a workstation. I seem to have NFS running and /etc/exports configured. However, I try to mount the workstation to the server and all I get back is "mount: RPC: timed out".

Obviously I'm missing something.

I would like to get file sharing between server/workstation. If there is a better way to do this instead of NFS, I would be open to try that too.
0
Comment
Question by:emherman
  • 11
  • 6
  • 4
  • +1
23 Comments
 
LVL 4

Expert Comment

by:newmang
Comment Utility
Are the nfsd and portmap daemons running on the server?
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
what does following report:

   rpcinfo -p servername
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
Below are the results of rpcinfo -p on my server, requested from the workstation:


program vers proto   port
    100000    2   tcp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp   1024  status
    100024    1   tcp   1024  status
    391002    2   tcp   1025  sgi_fam
    100011    1   udp    819  rquotad
    100011    2   udp    819  rquotad
    100011    1   tcp    822  rquotad
    100011    2   tcp    822  rquotad
    100005    1   udp   1025  mountd
    100005    1   tcp   1026  mountd
    100005    2   udp   1025  mountd
    100005    2   tcp   1026  mountd
    100005    3   udp   1025  mountd
    100005    3   tcp   1026  mountd
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100021    1   udp   1026  nlockmgr
    100021    3   udp   1026  nlockmgr
    100021    4   udp   1026  nlockmgr

I believe that this answers newmang's question as well.
0
 
LVL 4

Expert Comment

by:newmang
Comment Utility
OK, it looks like the dameons are running and registered with portmap.

Can you please post the contents of /etc/exports and /etc/hosts files on the server and /etc/fstab and /etc/hosts files on the client please.

Also, have you checked the log files on the server /var/log/..... to see if there are any errors being reported.

Cheers - Gavin
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
sounds like a NFS version mismatch,
can you please post:
   rpcinfo -u servername 100005
   rpcinfo -u servername 100003
where 100003 and 100005 are the program numbers for nfs and mountd reported by rpcinfo -p.

Also check the /var/log/messages on both boxes.
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
Might be a silly question, but is the default firewall running on the server? If it is it'll block access to the NFS exports. If the server is inside of a firewall you can simply turn off the firewall with:

# chkconfig --level 2345 ipchains off
# chkconfig --level 2345 iptables off
/etc/init.d/ipchains stop
 
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
/etc/exports (server)
/home  192.168.1.21(rw) 192.168.1.17(rw)

/etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1     localhost.localdomain     localhost
192.168.1.5     troll.sis.com     troll
192.168.1.4     hen.sis.com     hen
192.168.1.2     ntserver.sis.com     ntserver

---------------------------------------------
I hope I got ALL the relevant messages from the server.
/var/log/messages

May 27 16:22:26 hen kernel: Installing knfsd (copyright (C) 1996 okir@monad.swb.de).
May 27 16:22:26 hen nfs: Starting NFS services:  succeeded
May 27 16:22:26 hen nfs: rpc.rquotad startup succeeded
May 27 16:22:27 hen nfs: rpc.mountd startup succeeded
May 27 16:22:27 hen nfs: rpc.nfsd startup succeeded

May 27 17:00:01 hen rpc.mountd: authenticated mount request from 192.168.1.21:703 for /home/eric (/home)
May 27 17:00:19 hen last message repeated 6 times

May 28 22:22:25 hen rpc.mountd: authenticated mount request from 192.168.1.21:897 for /home/eric (/home)
May 28 22:22:43 hen last message repeated 6 times

May 29 20:05:49 hen rpc.mountd: authenticated mount request from 192.168.1.17:922 for /home/eric (/home)
May 29 20:06:29 hen rpc.mountd: authenticated mount request from 192.168.1.17:922 for /home/eric (/home)

May 29 20:08:29 hen rpc.mountd: authenticated mount request from 192.168.1.17:922 for /home/eric (/home)

May 30 08:59:17 hen rpc.mountd: authenticated mount request from 192.168.1.17:944 for /home/eric (/home)
May 30 10:04:54 hen rpc.mountd: authenticated unmount request from 192.168.1.17:696 for /home/eric (/home)
May 30 10:04:58 hen rpc.mountd: authenticated unmount request from 192.168.1.17:696 for /home/eric (/home)
May 30 10:06:50 hen rpc.mountd: authenticated mount request from 192.168.1.17:951 for /home/eric (/home)
May 30 15:16:46 hen rpc.mountd: authenticated unmount request from 192.168.1.17:902 for /home/eric (/home)



I'll grab the ones off the client later...

---------------

rpcinfo -u servername 10005 yeilded:
program 10005 version 1 ready and waiting
.............. version 2 ...............
.............. version 3 ...............

servername 10003 yielded only versions 2 and 3.


It appeared that the 192.168.1.17 was mounting the devices. However I think that it was being done improperly since my Red Hat interactive startup was giving me errors on the boot process. Also, I couldn't write to the mounted files. On 192.168.1.21, I can't mount the exported files at all. I'll try to get more info on that tomorrow.

jlevie:
I'm going to try a few things first, then I will kill firewall settings. BTW - I think that you suggested this in another question that I asked. What are your thoughts on the Red Hat firewall during the setup. Would it be better to configure this after the server is set up?
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
The default RedHat firewall blocks all incoming ports to a box. That's fine if you've got an workstation that will only be doing ordinary consumer things, like initiating web sessions, opening telnet or ssh connections to other nodes, etc. When you start doing other more collabrative things with a workstation the firewall can get in the way of some of the protocols needed.

Presumably, if you are doing NIS mounts between machines all of the nodes involved are located on a protected network and all nodes are trustworthy. NFS is an insecure protocol and only does host based checking of mount requests. So there's usually little need to run a firewall on each of the machines on such a network.

I've got RedHat nodes running everything from 7.0 through 7.3 on a network that also contains Solaris 5.6-5.8 and Irix 6.5. We haven't seen any problems mounting volumes exported from any of those. Now, I do keep everything up to date w/respect to the vendor's errata/patches, which might affect some of the older OS versions.

Are you trying to mount the NFS volumes via fstab or manually after the system boots? I make it a practice to avoid nfs mounts via fstab because that can easily lead to deadlocks if two systems are cross mounting NFS volumes. If you are defining the mounts in fstab a simple thing to try would be to remove those mounts, reboot the box and try a manual mount.
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
OK. The weird thing. Today on .17, on boot up I successfully mounted hen (.4) using manual mounting:

"mount 192.168.1.4:/home/eric /home/eric/hen"

It worked perfectly, so I added it to fstab. I could shutdown, boot, reboot from the workstation (.17) and still mount the server directory on the workstation. All was great.

I was stepping out today and there was a pretty good sized lightning storm so I powered down all machines and left for a few hours.

When I returned, I rebooted the server, and fired up the laptop (.21) to see if I could mount the server directory to the laptop. I tried to mount it and got the now infamous:

"mount: RPC: timed out"

I started up the other workstation (.17) and found the same error. I wish I had tried to mount the server to the laptop when things were working for the workstation.

By now you know that there are really three machines in here. I started the question by saying two for simplicity.

My gut feeling is that the problem is in the server.

jlevie: I have not edited the firewall settings yet and the server directory mounted the workstation (.17).

Does this change the thinking with the new information?

in my /var/log/messages, I am getting:

"hen rpc.mountd:authenticated mount request from 192.168.1.21:804 for /home/eric (/home)"

(the notebook)

I also get a similar thing for 192.168.1.17 (the workstation)
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
I turned off ipchains and iptables as per jlevie and the problem did not change...
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
Okay, you turned off any firewalls on the clients and that didn't have any affect, so it's not a problem with blocked ports on the client. And from server logs posted earlier it does appear that the mount/umount requests from the clients do reach the server.

Besides exporting NFS volumes does the server provide any other services, like being an Internet gateway for the local network? It's probably a silly question, but does 'chkconfig --list nfs' on the server show nfs enabled for run levels 3, 4, & 5?

If you temporarily change the export definition on the server to:

/home     *(rw)

and re-export the volume with 'exportfs -av' and you then do:

# mkdir /mnt/nfs
# mount localhost:/home /mnt/nfs

can you see the contents of the exported volume in /mnt/nfs (i.e., 'ls /mnt/nfs' as root shows the home dirs)?

Another thing... What is the user ID of eric on the server and the client? The default perms for a user's home dir are  0700 (rwx------) which means that the UID for eric has to be the same on the server and the client for user eric to be able to see /home/eric/hen/eric. Any other home dirs in the mount point that have the default permission would also not be visible.
0
Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

 
LVL 1

Author Comment

by:emherman
Comment Utility
I have had the "permission denied" thing on previous installs due to conflicting User ID's between server and workstation. I did verify that all UID's are the same.

I'll look into the other part.
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
chkconfig --list nfs

NFS  0:off 1:off 2:off 3:on 4:on 5:on 6:off

-----------------------------------------

I changed the export definition as you requested and was able to "mount localhost:/home /mnt/nfs" and view the files while logged on to the server.

Since the export definition is *(rw), I "umount"ed /mnt/nfs (just for troubleshooting clarity) and tried to "mount 192.168.1.4:/home/eric /home/eric/hen" from the laptop (.21). I got the RPC timeout again.

Do I have a routing problem? I can ping, ssh, to the server from the workstations, just not NFS.
0
 
LVL 40

Accepted Solution

by:
jlevie earned 200 total points
Comment Utility
By the IP's I'd assume that everything is on the local net and routing issues shouldn't be a factor. From what you show the server to be logging it looks like the mount request reaches the server. Since the clients see an RPC timeout I wonder if the reply is reaching the client.

Firewalls in the clients are disable, right? Is there any sort of firewall running on the server? Are the clients and the server configured for the same netmask?
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
please post corresponding entries from /etc/exports on the server
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
/etc/exports (server)
/home  192.168.1.21(rw) 192.168.1.17(rw)

Right now they are set to:
/home     *(rw)
0
 
LVL 51

Expert Comment

by:ahoffmann
Comment Utility
depending on your kernel and/or NFS-software version, *(rw) does not work. You need to use IPs, one for each host. Or you need to use something like:
  /home *.allowed.dom(rw)
but this requires that there is a working reverse hostname lookup.
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
jlevie:

I think you got it. When installing the RH7.3 on the clients, I had let the install set the default firewall rules on the machines. I disabled the firewall settings on both clients and it is working fine now.

The reason that NFS worked for a little while from one of the worksations is that it was a 7.2 machine that I must have installed with no firewall. To keep consistent with the question, I turned it into a 7.3 machine and left the default firewall settings during the reinstall.

I would like to test this out for a little while before I close out the question.


Also my /etc/exports are now and are still working:
/etc/exports (server)
/home  192.168.1.21(rw) 192.168.1.17(rw)

0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
He's using RH 7.3 and that kernel (assuming the distro version or the errata version) works fine with * or IP or Net/mask. Besides, when he tried a mount on the localhost with  *(rw) it worked. It looks to me like something else is going on here,
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
btw - *(rw) worked too
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
btw - *(rw) worked too
0
 
LVL 1

Author Comment

by:emherman
Comment Utility
The default firewall settings on the client machines seemed to be the culprits. I changed the firewall settings in "setup" to "no firewall" and they are working fine.

One thing to note: I made the changes to /etc/fstab as per the NFS HOWTO and it frequently seems to fail to mount the directory during the boot process. It will do it sometimes. If it fails, I can get it to mount using the "mount" command in root.

Thanks ALL for the help
0
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
I've seen enough problems over the years with mounting NFS shares via fstab that I don't bother to anymore. My solution now is to automount the share when access is required. Depending on what shares you are trying to mount there are several technniques that can be used. It appears that these are home dirs that you are exporting. Will you have all home dirs on the server, or will there be some on the server and some on local machines? Different solutions are called for in those two cases. Let me know and I can walk you though a set procedure for the automounter.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now