Page 1 of 2 12 LastLast
Results 1 to 10 of 18

Thread: How to set up NFSv4 Server through YaST2

  1. #1

    Lightbulb How to set up NFSv4 Server through YaST2

    I recently tried to set up a NFS share using YaST and experienced some rather frustrating difficulties.

    The most significant one was the YaST2 NFS Server module telling me that the firewall was not configurable.

    Firewall not configurable
    Some firewalld services are not available:
    -nfs-kernel-server (Not available)
    (I tried pasting a screenshot using https://susepaste.org, but after clicking Create I get: 404 Page Not Found
    I also tried Insert Image from a URL. It doesn't show up.)
    Here's the screenshot: https://pasteboard.co/K7Yf90b.png

    I went ahead with the configuration and manually added the 'nfs' service to the appropriate zone in the Firewall module. That didn't work. No exported mounts were visible from the client machine. I knew it was a firewall issue because stopping it on the server machine allowed the mounts to be found by the client machine.

    After quit a bit of time researching, I learned from this StackExchange answer that 'rpc-bind' and 'mountd' services are also required for NFSv4. So, I added those services to the zone in Firewall.

    And, yes, that worked.

    This, then, begs the question: why is there no 'nfs-kernel-server' service available to firewalld? There is no nfs-kernel-server.xml file anywhere on the system. [Ref. https://firewalld.org/documentation/...-service.html] (There are, though, still remnants of SuSEfirewall2.)

    Knowing what does work, I then created a nfs-kernel-server.xml file from content in nfs.xml, rpc-bind.xml, and mountd.xml. I copied it to /etc/firewalld/services and reloaded the firewall. Back in the Firewall module of YaST2, I added the now-available service 'nfs-kernel-server' and removed 'nfs', 'rpc-bind', and 'mountd'.

    That works too.

    Here's the the content of nfs-kernel-server.xml:
    Code:
    <?xml version="1.0" encoding="utf-8"?>
    <service>
      <short>nfs-kernel-server</short>
      <description>Service ports required for NFS Kernel Server</description>
      <!-- NFS -->
      <port protocol="tcp" port="2049"/>
      <!-- RPC Bind -->
      <port protocol="tcp" port="111"/>
      <port protocol="udp" port="111"/>
      <!-- mountd -->
      <port protocol="tcp" port="20048"/>
      <port protocol="udp" port="20048"/>
    </service>
    I thought about posting this in the "How To/FAQ Forums", but hopefully this will be a temporary issue.

    Lee

  2. #2
    Join Date
    Aug 2010
    Location
    Chicago suburbs
    Posts
    15,266
    Blog Entries
    3

    Default Re: How to set up NFSv4 Server through YaST2

    I have been adding "nfs", "nfs3", "mountd" and "rpc-bind" to the firewall allowed services.

    Yes, back when we were using the old firewall, Yast did that automatically on setting up NFS.
    openSUSE Leap 15.3; KDE Plasma 5.18.6;

  3. #3
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    28,863

    Default Re: How to set up NFSv4 Server through YaST2

    I am not running 15.3, thus thi is a bit of a guess.

    Did you check if the YaST firewall module is installed?

    I ask, because in another thread they found that 15.3 did not by default install some YaST modules.
    Henk van Velden

  4. #4

    Default Re: How to set up NFSv4 Server through YaST2

    Quote Originally Posted by hcvv View Post
    Did you check if the YaST firewall module is installed?
    I had no need to check (unless I've misunderstood your question). The YaST Firewall module was what I was using to manage the firewall:
    I ... manually added the 'nfs' service to the appropriate zone in the Firewall module.
    I think the issue is that the nfs-kernel-server package does not include the nfs-kernel-server.xml firewalld service definition file. `rpm -ql nfs-kernel-server` does not list any XML file.

    Lee

  5. #5
    Join Date
    Jun 2008
    Location
    Netherlands
    Posts
    28,863

    Default Re: How to set up NFSv4 Server through YaST2

    Quote Originally Posted by tleedavidson View Post
    I had no need to check (unless I've misunderstood your question). The YaST Firewall module was what I was using to manage the firewall:
    I was not sure about what you used. AFAIK firewald brings it's own GUI and CLI configuration tools.
    Henk van Velden

  6. #6

    Red face Re: How to set up NFSv4 Server through YaST2

    Quote Originally Posted by hcvv View Post
    I was not sure about what you used. AFAIK firewald brings it's own GUI and CLI configuration tools.
    That's interesting. I was aware that firewalld has CLI config tools, but I did not know it also provided a GUI config tool. (It's in the 'firewall-config' package.)

    I apologize for not being clear on that.

    Lee

  7. #7
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,056
    Blog Entries
    1

    Default Re: How to set up NFSv4 Server through YaST2

    Quote Originally Posted by tleedavidson View Post
    I recently tried to set up a NFS share using YaST and experienced some rather frustrating difficulties.

    The most significant one was the YaST2 NFS Server module telling me that the firewall was not configurable.



    (I tried pasting a screenshot using https://susepaste.org, but after clicking Create I get: 404 Page Not Found
    I also tried Insert Image from a URL. It doesn't show up.)
    Here's the screenshot: https://pasteboard.co/K7Yf90b.png

    I went ahead with the configuration and manually added the 'nfs' service to the appropriate zone in the Firewall module. That didn't work. No exported mounts were visible from the client machine. I knew it was a firewall issue because stopping it on the server machine allowed the mounts to be found by the client machine.

    After quit a bit of time researching, I learned from this StackExchange answer that 'rpc-bind' and 'mountd' services are also required for NFSv4. So, I added those services to the zone in Firewall.

    And, yes, that worked.

    This, then, begs the question: why is there no 'nfs-kernel-server' service available to firewalld? There is no nfs-kernel-server.xml file anywhere on the system. [Ref. https://firewalld.org/documentation/...-service.html] (There are, though, still remnants of SuSEfirewall2.)

    Knowing what does work, I then created a nfs-kernel-server.xml file from content in nfs.xml, rpc-bind.xml, and mountd.xml. I copied it to /etc/firewalld/services and reloaded the firewall. Back in the Firewall module of YaST2, I added the now-available service 'nfs-kernel-server' and removed 'nfs', 'rpc-bind', and 'mountd'.

    That works too.

    Here's the the content of nfs-kernel-server.xml:
    Code:
    <?xml version="1.0" encoding="utf-8"?>
    <service>
      <short>nfs-kernel-server</short>
      <description>Service ports required for NFS Kernel Server</description>
      <!-- NFS -->
      <port protocol="tcp" port="2049"/>
      <!-- RPC Bind -->
      <port protocol="tcp" port="111"/>
      <port protocol="udp" port="111"/>
      <!-- mountd -->
      <port protocol="tcp" port="20048"/>
      <port protocol="udp" port="20048"/>
    </service>
    I thought about posting this in the "How To/FAQ Forums", but hopefully this will be a temporary issue.
    This reads like you're actually using NFSv3. NFSv4 requires one single port only (TCP port 2049).

    https://sniansfblog.org/the-advantages-of-nfsv4-1/
    https://www.oreilly.com/library/view/learning-rhel-networking/9781785287831/ch06s05.html
    Last edited by deano_ferrari; 23-Jun-2021 at 13:20.
    openSUSE Leap 15.2; KDE Plasma 5

  8. #8

    Default Re: How to set up NFSv4 Server through YaST2

    Quote Originally Posted by deano_ferrari View Post
    This reads like you're actually using NFSv3. NFSv4 requires one single port only (TCP port 2049).

    https://sniansfblog.org/the-advantages-of-nfsv4-1/
    https://www.oreilly.com/library/view/learning-rhel-networking/9781785287831/ch06s05.html
    Granted, that StackExchange answer is from 2015.

    I had enabled NSFv4 in the YaST2 NFS Server Configuration dialog, and the client was set to "Any (Highest Available)".

    As a test, I removed the 'nfs-kernel-service' service and added back in 'nfs' to the Firewall configuration on the server, and forced the client to NSFv4.

    Showmount doesn't like it:
    Code:
    linux-desktop:/ # showmount -e 192.168.0.100
    clnt_create: RPC: Unable to receive
    linux-desktop:/ #
    I don't know why that is. But, I do know that with rpc-bind and mountd services allowed in the firewall, it works; without, it does not (operator error?).

    Lee

  9. #9
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,056
    Blog Entries
    1

    Default Re: How to set up NFSv4 Server through YaST2

    Quote Originally Posted by tleedavidson View Post
    Granted, that StackExchange answer is from 2015.

    I had enabled NSFv4 in the YaST2 NFS Server Configuration dialog, and the client was set to "Any (Highest Available)".

    As a test, I removed the 'nfs-kernel-service' service and added back in 'nfs' to the Firewall configuration on the server, and forced the client to NSFv4.
    Hmmm...NFSv4 doesn't use mountd as it has pseudo file system that does the job of determining mount-points, and the server and client interact via a single TCP port. What does the /etc/sysconfig/nfs server config look like?
    Code:
    grep -v "^#" /etc/sysconfig/nfs
    On the client...
    Code:
    grep vers /etc/nfs.conf
    Showmount doesn't like it:
    Code:
    linux-desktop:/ # showmount -e 192.168.0.100
    clnt_create: RPC: Unable to receive
    linux-desktop:/ #
    I don't know why that is. But, I do know that with rpc-bind and mountd services allowed in the firewall, it works; without, it does not (operator error?).
    This is appearing like NFSv3 behaviour.

    Check
    Code:
    nfsstat -m
    This may be useful...
    https://www.thegeeksearch.com/how-to-find-nfs-version/
    openSUSE Leap 15.2; KDE Plasma 5

  10. #10
    Join Date
    Sep 2012
    Posts
    6,593

    Default Re: How to set up NFSv4 Server through YaST2

    Quote Originally Posted by tleedavidson View Post
    forced the client to NSFv4.

    Showmount doesn't like it:
    showmount will not work with pure NFSv4 at all. It queries mountd which is not used by NFSv4. If your server exports the same directories via both NFSv3 and NFSv4 then showmount will query NFSv3 exports and may look like it works, but it gives you the answer to different question

Page 1 of 2 12 LastLast

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •