Results 1 to 9 of 9

Thread: Lost NFS connection and cannot restore.

  1. #1
    Join Date
    Nov 2008
    Posts
    2,378
    Blog Entries
    1

    Default Lost NFS connection and cannot restore.

    I have two Leap 15.3 machines on the same subnet, one serving multimedia on NFS and one connected as a NFS client and all had been well until recently when I switched from Network Manager to Wicked, set static IPs and installed KVM and several VMs.

    At some point in this process I have lost my NFS connection, which was understandable. I therefore tried to re-build the NFS server and NFS client connection using Yast.

    I have followed the opensuse documentation guide using nfsv4 and using IP address rather than names, all as before. I have I believe opened the firewall on the lan connections, both using br0 and "work" for the zones with ssh, nfs, mdns and slp services enabled but I have not set any specific ports.

    When I try and set up the client the scanning fails to find the server on the network.

    Where am I going wrong please.
    Budge

  2. #2
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,990
    Blog Entries
    1

    Default Re: Lost NFS connection and cannot restore.

    Quote Originally Posted by Budgie2 View Post
    I have two Leap 15.3 machines on the same subnet, one serving multimedia on NFS and one connected as a NFS client and all had been well until recently when I switched from Network Manager to Wicked, set static IPs and installed KVM and several VMs.

    At some point in this process I have lost my NFS connection, which was understandable. I therefore tried to re-build the NFS server and NFS client connection using Yast.

    I have followed the opensuse documentation guide using nfsv4 and using IP address rather than names, all as before. I have I believe opened the firewall on the lan connections, both using br0 and "work" for the zones with ssh, nfs, mdns and slp services enabled but I have not set any specific ports.

    When I try and set up the client the scanning fails to find the server on the network.

    Where am I going wrong please.
    Budge
    Have you tried stopping the firewall briefly to test?

    Show us
    Code:
    sudo firewall-cmd --list-all-zones
    openSUSE Leap 15.3; KDE Plasma 5

  3. #3
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,990
    Blog Entries
    1

    Default Re: Lost NFS connection and cannot restore.

    Quote Originally Posted by Budgie2 View Post
    When I try and set up the client the scanning fails to find the server on the network.

    Where am I going wrong please.
    Budge
    Can you ping the server from the client successfully?
    Code:
    ping <server IP address>
    Using nmap (install it if required), check from client that server port is reported as open...
    Code:
    nmap -sV -p 2049 <server IP address>
    openSUSE Leap 15.3; KDE Plasma 5

  4. #4
    Join Date
    Jun 2008
    Location
    Auckland, NZ
    Posts
    23,990
    Blog Entries
    1

    Default Re: Lost NFS connection and cannot restore.

    The following thread may be worth a read...
    https://forums.opensuse.org/showthre...ighlight=NFSv4
    openSUSE Leap 15.3; KDE Plasma 5

  5. #5
    Join Date
    Nov 2008
    Posts
    2,378
    Blog Entries
    1

    Default Re: Lost NFS connection and cannot restore.

    Quote Originally Posted by deano_ferrari View Post
    Can you ping the server from the client successfully?
    Code:
    ping <server IP address>
    Using nmap (install it if required), check from client that server port is reported as open...
    Code:
    nmap -sV -p 2049 <server IP address>
    Hi deano,
    Many thanks for your help. I have read the thread in the link you posted but will need to study it more closely. Meanwhile this is what I have from the server on which I normally work:-


    Code:
    alastair@ibmserv2:~> sudo firewall-cmd --list-all-zones 
    [sudo] password for root:  
    block 
      target: %%REJECT%% 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services:  
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    dmz 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    docker (active) 
      target: ACCEPT 
      icmp-block-inversion: no 
      interfaces: docker0 
      sources:  
      services:  
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    drop 
      target: DROP 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services:  
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    external 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: yes 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    home 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: dhcpv6-client mdns samba-client ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    internal 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: dhcpv6-client mdns samba-client ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    libvirt 
      target: ACCEPT 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: dhcp dhcpv6 dns ssh tftp 
      ports:  
      protocols: icmp ipv6-icmp 
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
            rule priority="32767" reject 
    
    public (active) 
      target: default 
      icmp-block-inversion: no 
      interfaces: br0 
      sources:  
      services: dhcpv6-client ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    trusted 
      target: ACCEPT 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services:  
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    work (active) 
      target: default 
      icmp-block-inversion: no 
      interfaces: eth0 
      sources:  
      services: mdns nfs slp ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    alastair@ibmserv2:~> ping 192.168.169.134 
    PING 192.168.169.134 (192.168.169.134) 56(84) bytes of data. 
    64 bytes from 192.168.169.134: icmp_seq=1 ttl=64 time=0.055 ms 
    64 bytes from 192.168.169.134: icmp_seq=2 ttl=64 time=0.038 ms 
    64 bytes from 192.168.169.134: icmp_seq=3 ttl=64 time=0.038 ms 
    64 bytes from 192.168.169.134: icmp_seq=4 ttl=64 time=0.036 ms 
    ^C 
    --- 192.168.169.134 ping statistics --- 
    4 packets transmitted, 4 received, 0% packet loss, time 3060ms 
    rtt min/avg/max/mdev = 0.036/0.041/0.055/0.011 ms 
    alastair@ibmserv2:~> nmap -sV -p 2049 192.168.169.134 
    Starting Nmap 7.70 ( https://nmap.org ) at 2022-05-08 12:07 BST 
    Nmap scan report for 192.168.169.134 
    Host is up (0.00015s latency). 
    
    PORT     STATE SERVICE VERSION 
    2049/tcp open  nfs     3-4 (RPC #100003) 
    
    Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . 
    Nmap done: 1 IP address (1 host up) scanned in 6.45 seconds 
    alastair@ibmserv2:~> 
    
    On a client machine with firewall stopped I still cannot create a connection to the server. I can see the NAS boxes which are also servers but not looking for them here!

    With firewall stopped on server I can see and create the NFS connection as usual. I conclude it is a firewall issue but...

    Will read the linked thread again.

  6. #6
    Join Date
    Sep 2012
    Posts
    7,690

    Default Re: Lost NFS connection and cannot restore.

    Quote Originally Posted by Budgie2 View Post
    Code:
    alastair@ibmserv2:~> ping 192.168.169.134

    You were requested to do it on client. Showing that server can ping itself does not help in any way.
    Code:
    alastair@ibmserv2:~> nmap -sV -p 2049 192.168.169.134

    Ditto.
    With firewall stopped on server I can see and create the NFS connection as usual. I conclude it is a firewall issue but...
    There is one zone that includes NFS service (port 2049). But we have no idea what zone is used for communication between your NFS server and NFS client. You provided zero information so far. Explain your network layout, which interface is used for communication between client and server. What IP address client has, what IP address server has. Show output of "ip address show".

  7. #7
    Join Date
    Nov 2008
    Posts
    2,378
    Blog Entries
    1

    Default Re: Lost NFS connection and cannot restore.

    Hi well I have read the thread but it doesn't make it much easier. It would help for simple folk like me to have a line by line instruction on how I can get this working. If the tool, in this case Yast, is the "go to" for me it should just work.
    I had forgotten the simple requirement which I actually reported myself. Getting senile but there really should be a way of preventing this happening. The Yast tool is flawed in this.
    Many thanks again for all the reminders, including to myself!!!

  8. #8
    Join Date
    Nov 2008
    Posts
    2,378
    Blog Entries
    1

    Default Re: Lost NFS connection and cannot restore.

    Quote Originally Posted by arvidjaar View Post

    You were requested to do it on client. Showing that server can ping itself does not help in any way.

    Ditto.

    There is one zone that includes NFS service (port 2049). But we have no idea what zone is used for communication between your NFS server and NFS client. You provided zero information so far. Explain your network layout, which interface is used for communication between client and server. What IP address client has, what IP address server has. Show output of "ip address show".
    Sorry if I had been making a meal of this. I am working on two machines which are on the same network but only one screen with KVM switch and can toggle between each machine connection. Both are using Leap 15.3 and many windows appear identical so I included the ping on the server machine so that I could be sure it was indeed the right machine when checking the various issues. I then switched to the client and after another think remembered the solution so I was able to stop wasting your time. I confess I did not sign off correctly on this thread but did leave the plea for others. Please forgive me and many thanks for your help once more.
    Budge.

  9. #9
    Join Date
    Nov 2008
    Posts
    2,378
    Blog Entries
    1

    Default Re: Lost NFS connection and cannot restore.

    Quote Originally Posted by Budgie2 View Post
    Sorry if I had been making a meal of this. I am working on two machines which are on the same network but only one screen with KVM switch and can toggle between each machine connection. Both are using Leap 15.3 and many windows appear identical so I included the ping on the server machine so that I could be sure it was indeed the right machine when checking the various issues. I then switched to the client and after another think remembered the solution so I was able to stop wasting your time. I confess I did not sign off correctly on this thread but did leave the plea for others. Please forgive me and many thanks for your help once more.
    Budge.
    I am sorry to have to revisit this thread but I have now lost my NFS connection.
    My nfs server is running on Leap 15.3 and was set up using Yast using the force NFSv4.2 option on the server.
    My connection on the server is using lan with network set up using Wicked.
    Working through ssh connection I have:-

    Code:
    alastair@ibmserv2:~> sudo firewall-cmd --list-all-zones 
    [sudo] password for root:  
    block 
      target: %%REJECT%% 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services:  
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    dmz 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    docker (active) 
      target: ACCEPT 
      icmp-block-inversion: no 
      interfaces: docker0 
      sources:  
      services:  
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    drop 
      target: DROP 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services:  
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    external 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: yes 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    home 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: dhcpv6-client mdns samba-client ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    internal 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: dhcpv6-client mdns samba-client ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    libvirt 
      target: ACCEPT 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: dhcp dhcpv6 dns ssh tftp 
      ports:  
      protocols: icmp ipv6-icmp 
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
            rule priority="32767" reject 
    
    public 
      target: default 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services: dhcpv6-client ssh 
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    trusted 
      target: ACCEPT 
      icmp-block-inversion: no 
      interfaces:  
      sources:  
      services:  
      ports:  
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    work (active) 
      target: default 
      icmp-block-inversion: no 
      interfaces: br0 eth0 eth1 
      sources:  
      services: mdns nfs slp ssh 
      ports: 2049/tcp 
      protocols:  
      forward: no 
      masquerade: no 
      forward-ports:  
      source-ports:  
      icmp-blocks:  
      rich rules:  
    
    alastair@ibmserv2:~> 
    
    A recent change to the server was when I was starting with virtual machines but I am not, afaik using any virtual machine at the moment.


    From my laptop with wifi connection and using Network Manager I can ping the server but the nmap scan doesn't work although I know that port 2049 is opened on the server in the "work" interface.

    Here are the results on my laptop client machine:-

    Code:
    alastair@IBMW530:~> ping 192.168.169.134 
    PING 192.168.169.134 (192.168.169.134) 56(84) bytes of data. 
    64 bytes from 192.168.169.134: icmp_seq=1 ttl=64 time=5.84 ms 
    64 bytes from 192.168.169.134: icmp_seq=2 ttl=64 time=3.22 ms 
    64 bytes from 192.168.169.134: icmp_seq=3 ttl=64 time=3.25 ms 
    64 bytes from 192.168.169.134: icmp_seq=4 ttl=64 time=3.26 ms 
    64 bytes from 192.168.169.134: icmp_seq=5 ttl=64 time=3.26 ms 
    ^C 
    --- 192.168.169.134 ping statistics --- 
    5 packets transmitted, 5 received, 0% packet loss, time 4007ms 
    rtt min/avg/max/mdev = 3.224/3.767/5.843/1.037 ms 
    alastair@IBMW530:~> nmap -sV -p 2049 192.168.169.134   
    Starting Nmap 7.92 ( https://nmap.org ) at 2022-06-19 19:43 BST 
    Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn 
    Nmap done: 1 IP address (0 hosts up) scanned in 0.23 seconds 
    alastair@IBMW530:~> 
    
    What am I missing please?
    Budge.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •