Solved

RHEL 6.5 Workstation, NFS Server Setup, Cannot mount drive from another workstaiton.

Posted on 2014-02-10
12
851 Views
Last Modified: 2014-02-11
Here is the scenario. I have two RHEL 6.5 Workstations. Workstation1 has a partition that needs to be mounted on Workstation2.

The following is what I did to configure Workstation1 to be able to export the /share partion.
1. I set up the /etc/export file on Workstation1 to read
/share IPWorkstation2(rw)
2. ran exportfs -ra to make the changes in th export file take place
3. Made sure that NFS Service was running and retarted the service and the machine and checked it again.
4. No entries were made to the host.allow or deny files so NFS should let Worstation2 through.
5. On Workstation2 I created the /share mount point.
6. From Workstation2 I ran mount IPWorkstation1:/share /share

NFS times out like it cannot reach Workstation1. Workstation1 can be pinged by name or IP. I can ssh into Workstation1 from Worstation2, so connectivity does not seem to be the issue.

I have looked at the file /proc/fs/nfs/exports and there is no info in that file. This may be the problem, but this file is supposed to populate automatically when I run exportfs -ra and/or a reboot happens and Linux sees a change to the /etc/exports file.

Anyway I have exhausted all Google searches and spent too much time, so reaching out for some ideas. I must be missing something very simple...
--------------------------------------------------------------------------------
0
Comment
Question by:capperdog13
12 Comments
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 39849134
if you do exportfs -av does it say it is exporting /share ?
if you do netstat -at | grep nfs does it show nfs as listening?
0
 
LVL 21

Expert Comment

by:Mazdajai
ID: 39849256
Have you ever try to open the filter to * to begin with? What errors are you getting?

/share *(rw)

Open in new window

0
 
LVL 13

Expert Comment

by:Sandy
ID: 39849320
#service rpcbind restart
#service nfs restart

#service iptables status
#sestatus

#showmount -e localhost

#netstat -alnp | grep 111
#netstat -alnp | grep 2049

Please paste output of these commands.

TY/SA
0
 

Author Comment

by:capperdog13
ID: 39850073
if you do exportfs -av does it say it is exporting /share ?
if you do netstat -at | grep nfs does it show nfs as listening?

Yes - Says it is exporting IPWorkstaion2:/share
Yes - tcp 0 0 *.nfs *:* LISTEN
0
 

Author Comment

by:capperdog13
ID: 39850090
Have you ever try to open the filter to * to begin with? What errors are you getting?


/share *(rw)


Are you talking about editing the /etc/exports with this?
0
 

Author Comment

by:capperdog13
ID: 39850119
# service rpcbind restart
Stopping rpcbind:                                          [  OK  ]
Starting rpcbind:                                          [  OK  ]

# service iptables status
Table: filter
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination        
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0          
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0          
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22
5    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain FORWARD (policy ACCEPT)
num  target     prot opt source               destination        
1    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT)
num  target     prot opt source               destination        

# sestatus
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

# showmount -e localhost
clnt_create: RPC: Program not registered

# netstat -alnp | grep 111
tcp        0      0 0.0.0.0:111                 0.0.0.0:*                   LISTEN      6586/rpcbind        
tcp        0      0 :::111                      :::*                        LISTEN      6586/rpcbind        
udp        0      0 0.0.0.0:111                 0.0.0.0:*                               6586/rpcbind        
udp        0      0 :::111                      :::*                                    6586/rpcbind        

# netstat -alnp | grep 2049
tcp        0      0 0.0.0.0:2049                0.0.0.0:*                   LISTEN      -                  
tcp        0      0 :::2049                     :::*                        LISTEN      -                  
udp        0      0 0.0.0.0:2049                0.0.0.0:*                               -                  
udp        0      0 :::2049                     :::*                                    -                  
unix  2      [ ACC ]     STREAM     LISTENING     20492  2943/seahorse-daemo /tmp/orbit-root/linc-b7f-0-4eecf742e9cbd
unix  2      [ ACC ]     STREAM     LISTENING     22049  2972/nautilus       /tmp/orbit-root/linc-b9c-0-2214c727672b7
unix  3      [ ]         STREAM     CONNECTED     20495  2943/seahorse-daemo /tmp/orbit-root/linc-b7f-0-4eecf742e9cbd
unix  3      [ ]         STREAM     CONNECTED     20494  2933/gconfd-2      
unix  3      [ ]         STREAM     CONNECTED     20491  2933/gconfd-2       /tmp/orbit-root/linc-b75-0-582a8fe4f2252
unix  3      [ ]         STREAM     CONNECTED     20490  2943/seahorse-daemo
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 13

Expert Comment

by:Sandy
ID: 39850140
Just for testing if you can ignore security for some time use below

#service iptables stop
#setenfore 0

Then try to mount it on another node.

TY/SA
0
 

Author Comment

by:capperdog13
ID: 39850171
Bingo!

Mounted immediately. Can you give brief description of what we just did and how to edit the IPTables to allow the mounting?
0
 
LVL 13

Accepted Solution

by:
Sandy earned 500 total points
ID: 39850173
You need to add a rule to allow 2049 and 111 port connections in your firewall..

TY/SA
0
 

Author Comment

by:capperdog13
ID: 39850185
TY SA! Will have a few happy campers today.
0
 
LVL 13

Expert Comment

by:Sandy
ID: 39850187
0
 

Author Closing Comment

by:capperdog13
ID: 39850198
Would be nice to have an admin of this calibre to work with. I spent 13 years in Windows and was made a Linux/Unix admin out of necessity. At times just Google and EE at the helm here. Can be very overwhelming at times. Thanks SA!
0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Daily system administration tasks often require administrators to connect remote systems. But allowing these remote systems to accept passwords makes these systems vulnerable to the risk of brute-force password guessing attacks. Furthermore there ar…
Using 'screen' for session sharing, The Simple Edition Step 1: user starts session with command: screen Step 2: other user (logged in with same user account) connects with command: screen -x Done. Both users are connected to the same CLI sessio…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now