Having problems getting the NFS Server working

I am unable to mount to my NFS Server mount point after starting the NFS server on openSUSE TW.

On both the host and client, I have opened the firewall for NFS ports.
I am able to ping from the client to the NFS Server host.

On the NFS Host here is my mount point:

$ ls -ld /mnt/Docs4TB/share/
drwxrwxrwx 2 nobody nogroup 4096 Oct 3 18:26 /mnt/Docs4TB/share/

For the NFS server I have the following permissions set for the mount point:

host: *
Options: rw,sync,no_root_squash,no_subtree_check

However when I try to mount from the client, it just hangs and I don’t know what is going on?

sudo mount 10.0.0.184:/mnt/Docs4TB/share /mnt/share/

Note: I did get the NSF Server working the other way around, with my openSUSE TW being the client side and my Ubuntu being the host. I should also mention that my Ubuntu host is running off KVM, don’t think it should matter and its host ip is 192.168.xx.xx/24

Try disabling the firewall

systemctl stop firewalld

(or use Yast → System → Services manager

If it works that way, then you will know that it is a firewall issue.

As best I recall, I allow “nfs”, “nfs3”, “mountd” and “rpcbind” through the firewall.

1 Like

Thanks that did it, I tried the command and it didn’t work but then disable the firewall using the service manager and not the mount point is working!

It is only a question: Are you sure that the IPs are correct? The 192.x.x.x seems right as it is a local network. But the 10.x.x.x seems strange…it is normaly used for routers/gateways and stuff like that…

Currently I have the following ports open on my NFS server host

dhcpv6-client
ftp
hppt
https
mountd
nfs
nfs3
rpc-bind
rsyncd
samba
ssh
tfpt

What else am I missing to stop the firewall from blocking the client from mounting?

Show output of

rpcinfo -p

on NFS server.

 rpcinfo -p

   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  60952  status
    100024    1   tcp  54419  status
    100005    1   udp  20048  mountd
    100005    1   tcp  20048  mountd
    100005    2   udp  20048  mountd
    100005    2   tcp  20048  mountd
    100005    3   udp  20048  mountd
    100005    3   tcp  20048  mountd
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    3   tcp   2049  nfs_acl
    100021    1   udp  45196  nlockmgr
    100021    3   udp  45196  nlockmgr
    100021    4   udp  45196  nlockmgr
    100021    1   tcp  40521  nlockmgr
    100021    3   tcp  40521  nlockmgr
    100021    4   tcp  40521  nlockmgr

This looks OK, the port numbers are those defined in firewalld services. Do you still have issues if firewalld is active on NFS server?

Yes when I activated the firewall on the NFS server, the client will just hang.

It looks like the connection is getting rejected, not sure why?

dev@love:~$ sudo mount 10.0.0.184:/mnt/Docs4TB/share /mnt/share/ -vvv
mount.nfs: timeout set for Fri Oct 13 15:24:16 2023
mount.nfs: trying text-based options ‘vers=4.2,addr=10.0.0.184,clientaddr=192.168.122.201’
mount.nfs: mount(2): Connection refused
mount.nfs: trying text-based options ‘addr=10.0.0.184’
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query retrying: RPC: Unable to receive
mount.nfs: prog 100003, trying vers=3, prot=17
mount.nfs: portmap query failed: RPC: Unable to receive - Connection refused
mount.nfs: trying text-based options ‘vers=4.2,addr=10.0.0.184,clientaddr=192.168.122.201’
mount.nfs: mount(2): Connection refused
mount.nfs: trying text-based options ‘addr=10.0.0.184’
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: portmap query retrying: RPC: Unable to receive
mount.nfs: prog 100003, trying vers=3, prot=17
mount.nfs: portmap query failed: RPC: Unable to receive - Connection refused

Are service defined for the correct zone in firewalld?

Yes under “Interface” I am using the public zone and in the public zone I have all the ports open I listed above.

I have no idea what it means. Show output of

firewall-cmd --get-active-zones

with firewalld active.

1 Like

Thanks you helped me figure the problem out, I needed to open ports (nfs, nfs3) for libvert since I am using KVM!

$ sudo firewall-cmd --get-active-zones
docker
  interfaces: docker0 br-357d29394b92 br-84ff6432c215
libvirt
  interfaces: virbr1 virbr0
public
  interfaces: enp37s0

It’s odd zone ‘virbr1 virbr0’ doesn’t show up in the GUI of the firewall under Interfaces.