NFS on 11.0 - Suse

This is a discussion on NFS on 11.0 - Suse ; I have not been able to get an 11.0 NFS server system to work on my local network. It is set up via Yast and I checked all of the configuration files I could find references to, including on the ...

+ Reply to Thread
Results 1 to 13 of 13

Thread: NFS on 11.0

  1. NFS on 11.0

    I have not been able to get an 11.0 NFS server system to work on my local
    network. It is set up via Yast and I checked all of the configuration
    files I could find references to, including on the openSUSE howto pages for
    NFS. Firewalls are all turned off. All IPs are fixed. I have Apache2
    enabled and browsers able to see all three systems from any of the systems.

    Problems:
    1 - the first attempt was with an 11.0 NFS client. It would mount and could
    only read with (that with NFS4). It was mounting read only on the client,
    even though everyplace (server and client) had rw rather than ro. The top
    level directory on the server is setup for 777 access. The directory on
    the client is set for 777 access.
    Without NFS4 it cannot read - it can't even mount the remote partition.

    2 - 11.0 wants to do NFS4 and 10.3 cannot do NFS4. So now I have removed
    all references to NFS4. I have to maintain a 10.3 until skype can run on
    11.0, and NFS on all 10.3 systems worked.

    3 - in the process of setting up a client with Yast - it never finds the
    server under 'search'. If I manually enter the IP, it very quickly sees
    the directory that is being served, so there is no net setup or link
    problem.

    Thanks, John



  2. Re: NFS on 11.0

    John Bowling wrote:

    > I have not been able to get an 11.0 NFS server system to work on my local
    > network. It is set up via Yast and I checked all of the configuration
    > files I could find references to, including on the openSUSE howto pages
    > for
    > NFS. Firewalls are all turned off. All IPs are fixed. I have Apache2
    > enabled and browsers able to see all three systems from any of the
    > systems.
    >
    > Problems:
    > 1 - the first attempt was with an 11.0 NFS client. It would mount and
    > could
    > only read with (that with NFS4). It was mounting read only on the client,
    > even though everyplace (server and client) had rw rather than ro. The top
    > level directory on the server is setup for 777 access. The directory on
    > the client is set for 777 access.
    > Without NFS4 it cannot read - it can't even mount the remote partition.
    >
    > 2 - 11.0 wants to do NFS4 and 10.3 cannot do NFS4. So now I have removed
    > all references to NFS4. I have to maintain a 10.3 until skype can run on
    > 11.0, and NFS on all 10.3 systems worked.
    >
    > 3 - in the process of setting up a client with Yast - it never finds the
    > server under 'search'. If I manually enter the IP, it very quickly sees
    > the directory that is being served, so there is no net setup or link
    > problem.
    >
    > Thanks, John


    Just a NFS newbie but I believe you must have the firewall enabled on all
    machines and then you have to specifically allow NFS client/server on each
    machine you want to serve from and read from. This is based on very little
    experience but I think this is correct. Try it one machine at a time and
    see what happens.

    P.S. I did say I am a NFS newbie so I could be wrong. But it wont hurt to
    try.... I'll watch this thread to see what you come up with.

  3. Re: NFS on 11.0

    On Thu, 07 Aug 2008 12:15:22 -0700, John Bowling typed this message:

    > I have not been able to get an 11.0 NFS server system to work on my
    > local network. It is set up via Yast and I checked all of the
    > configuration files I could find references to, including on the
    > openSUSE howto pages for NFS. Firewalls are all turned off. All IPs
    > are fixed. I have Apache2 enabled and browsers able to see all three
    > systems from any of the systems.
    >
    > Problems:
    > 1 - the first attempt was with an 11.0 NFS client. It would mount and
    > could only read with (that with NFS4). It was mounting read only on the
    > client, even though everyplace (server and client) had rw rather than
    > ro. The top level directory on the server is setup for 777 access. The
    > directory on the client is set for 777 access.
    > Without NFS4 it cannot read - it can't even mount the remote partition.
    >
    > 2 - 11.0 wants to do NFS4 and 10.3 cannot do NFS4. So now I have
    > removed all references to NFS4. I have to maintain a 10.3 until skype
    > can run on 11.0, and NFS on all 10.3 systems worked.
    >
    > 3 - in the process of setting up a client with Yast - it never finds the
    > server under 'search'. If I manually enter the IP, it very quickly sees
    > the directory that is being served, so there is no net setup or link
    > problem.
    >
    > Thanks, John


    It would help if you had posted the servers /etc/exports
    and the /etc/fstab or mount commands from the client.

    NFS4 requires an FSID=n for partitions exported on the server.

    /home 192.168.0.0/24(fsid=0,rw,root_squash,sync,no_subtree_check)
    /public 192.168.0.0/24(fsid=1,rw,root_squash,sync,no_subtree_check)

    the client
    192.168.0.8:/home /mnt/MNTPT1 nfs rw,noauto,users,defaults 0 0
    or
    192.168.0.8:/home /mnt/MNTPT1 nfs4 rw,noauto,users,defaults 0 0

    I find
    $ mount -t nfs4
    doesn't work as well as
    $ mount -t nfs

    gfvss4 (or something) security is a real headache unless you know what
    you're doing.


  4. Re: NFS on 11.0

    John Bowling wrote:

    > I have to maintain a 10.3 until skype can run on 11.0


    I'm running Skype version 2.0.0.72 running on openSuse 11.0. What problems
    are you having?

    --
    mochilero


  5. Re: NFS on 11.0

    noi ance wrote:

    > On Thu, 07 Aug 2008 12:15:22 -0700, John Bowling typed this message:
    >
    >> I have not been able to get an 11.0 NFS server system to work on my
    >> local network. It is set up via Yast and I checked all of the
    >> configuration files I could find references to, including on the
    >> openSUSE howto pages for NFS. Firewalls are all turned off. All IPs
    >> are fixed. I have Apache2 enabled and browsers able to see all three
    >> systems from any of the systems.
    >>
    >> Problems:
    >> 1 - the first attempt was with an 11.0 NFS client. It would mount and
    >> could only read with (that with NFS4). It was mounting read only on the
    >> client, even though everyplace (server and client) had rw rather than
    >> ro. The top level directory on the server is setup for 777 access. The
    >> directory on the client is set for 777 access.
    >> Without NFS4 it cannot read - it can't even mount the remote partition.
    >>
    >> 2 - 11.0 wants to do NFS4 and 10.3 cannot do NFS4. So now I have
    >> removed all references to NFS4. I have to maintain a 10.3 until skype
    >> can run on 11.0, and NFS on all 10.3 systems worked.
    >>
    >> 3 - in the process of setting up a client with Yast - it never finds the
    >> server under 'search'. If I manually enter the IP, it very quickly sees
    >> the directory that is being served, so there is no net setup or link
    >> problem.
    >>
    >> Thanks, John

    >
    > It would help if you had posted the servers /etc/exports
    > and the /etc/fstab or mount commands from the client.
    >
    > NFS4 requires an FSID=n for partitions exported on the server.
    >
    > /home 192.168.0.0/24(fsid=0,rw,root_squash,sync,no_subtree_check)
    > /public 192.168.0.0/24(fsid=1,rw,root_squash,sync,no_subtree_check)
    >
    > the client
    > 192.168.0.8:/home /mnt/MNTPT1 nfs rw,noauto,users,defaults 0 0
    > or
    > 192.168.0.8:/home /mnt/MNTPT1 nfs4 rw,noauto,users,defaults 0 0
    >
    > I find
    > $ mount -t nfs4
    > doesn't work as well as
    > $ mount -t nfs
    >
    > gfvss4 (or something) security is a real headache unless you know what
    > you're doing.


    On the server (192.168.1.201), /etc/exports
    /Arena 192.168.1.202(fsia=8,rw,root_squash,sync,no_subtre e_check)
    /Arena 192.168.1.203(fsia=8,rw,root_squash,sync,no_subtre e_check)

    From /etc/fstab of server
    /dev/disk/by-id/scsi-SATA_Maxtor_4R120L0_R35F59NE-part8 /Arena ext3
    rw,users,defaults 1 2

    From /etc/hosts.allow
    nfs-utils : 192.168.1.202 : /usr/sbin/rpc.mountd : mountd
    nfs-utils : 192.168.1.202 : /sbin/rpc.statd : statd
    nfs-utils : 192.168.1.203 : /usr/sbin/rpc.mountd : mountd
    nfs-utils : 192.168.1.203 : /sbin/rpc.statd : statd

    From fstab of 192.168.1.202 (11.0)
    192.168.1.201:/Arena /SArena nfs rw,noauto,users,defaults 0 0

    Mounts properly and is fully readable.
    Errors on write:
    Could not write to /SArena/System/xyz
    Could not make folder /SArena/System/abc

    la /SArena from 192.168.1.202:
    drwsrwxrwx 7 root root 4096 2008-08-01 09:36 .
    drwxr-xr-x 35 root root 4096 2008-08-07 22:26 ..
    drwxrwxrwx 7 john users 4096 2008-07-30 09:22 Images
    drwx------ 2 root root 16384 2008-07-11 14:22 lost+found
    drwxrwxrwx 5 john users 4096 2008-07-30 11:54 System
    drwxrwxrwx 4 john users 4096 2008-07-29 17:01 .Trash-1000
    drwxrwxrwx 2 john users 4096 2008-07-30 11:54 WP

    From /etc/fstab of 192.168.1.203 (10.3)
    192.168.1.201:/Arena /SArena nfs rw,noauto,users,defaults 0 0

    Error:
    Mount failed: 192.168.1.201:/Arena.
    Reason given by server: Permission denied

    I have re-enabled the firewalls - all three systens have the ethernet card
    as external zone.

    I have a difference of interpretation of what the various zones mean.
    My understanding of the words, from an American English standpoint (enough
    years to be retired) are

    Internal Access from inside this specific computer
    Demilitarized Access from all computers within local net but not outside
    the proxy interface (a Linksys BFSR41 with a cable modem to cox)
    to the full Internet
    External Access from anywhere on the full Internet (or at least
    every thing the the proxy provides)

    From my interpretation, all the nfs links should be under demilitarized,
    especially for a local net without a proxy server.

    Obviously, the interpretation in openSUSE is different, and I haven't yet
    found any description or definition of what these words mean to the
    openSUSE firewall.

    The results are very similar to having all firewalls turned off.

    Thanks, John

  6. Re: NFS on 11.0

    mochilero wrote:

    > John Bowling wrote:
    >
    >> I have to maintain a 10.3 until skype can run on 11.0

    >
    > I'm running Skype version 2.0.0.72 running on openSuse 11.0. What problems
    > are you having?
    >


    I was having problems with getting the Skype to pickup and send the
    microphone data. I checked the record function and the local system worked.
    There was an earlier discussion about it here started 7/23/08.

    One reply from mpresley stated:
    "I sent an email to Skype. *They know that Skype-PulseAudio is a no go. *The
    reply I received indicated that they are working on a new version which
    will, hopefully, solve these problems. *It is not just Suse, but any distro
    using PA"

    I don't recall the version I had at that time, but they have made no
    announcement of an update.

    Thanks, John

  7. Re: NFS on 11.0

    John Bowling wrote:

    > mochilero wrote:
    >
    >> I'm running Skype version 2.0.0.72 running on openSuse 11.0. What
    >> problems are you having?
    >>

    >
    > I was having problems with getting the Skype to pickup and send the
    > microphone data. I checked the record function and the local system
    > worked.


    Oh, ok. I have the additional problem that my friend (on Windows XP) can
    start a chat with me but I can't start one with her. Or, at least, I can
    start a chat but she doesn't get my messages, only the ones I type in reply
    to her when she initiates the chat. Strange...

    --
    mochilero


  8. Re: NFS on 11.0

    noi ance wrote:
    > NFS4 requires an FSID=n for partitions exported on the server.


    On a sidenote: What is the domain name for that is asked (optionally?)
    te be filled out with NFSv4?
    Another question: What is the difference between nfs-server and
    nfs-kernel-server? Advatages? Disadvantages?

    houghi
    --
    ________________________ Open your eyes, open your mind
    | proud like a god don't pretend to be blind
    | trapped in yourself, break out instead
    http://openSUSE.org | beat the machine that works in your head

  9. Re: NFS on 11.0

    houghi wrote:

    > noi ance wrote:
    >> NFS4 requires an FSID=n for partitions exported on the server.

    >
    > On a sidenote: What is the domain name for that is asked (optionally?)
    > te be filled out with NFSv4?
    > Another question: What is the difference between nfs-server and
    > nfs-kernel-server? Advatages? Disadvantages?
    >
    > houghi

    I created a name that represents what I call the server here. I don't think
    that there are any specific names unless you use a DNS, which I don't on my
    local net.

    No idea on the nfs-server vs nfs-kernel-server.

    From /var/lib/messages (extranious removed):

    Aug 9 07:39:14 linux-jlb-ds nfsd[4088]: Could not bind TCP socket to
    0.0.0.0:2049: Address already in use
    Aug 9 07:39:14 linux-jlb-ds startproc: startproc: exit status of parent
    of /usr/sbin/rpc.nfsd: 1
    Aug 9 07:41:02 linux-jlb-ds nfsd[2727]: Unknown keyword "fsia=" in export
    file
    Aug 9 07:41:02 linux-jlb-ds nfsd[2727]: Comma expected in opt list for clnt
    192.168.1.203 (found '8')
    Aug 9 07:41:02 linux-jlb-ds nfsd[2727]: Unknown keyword "" in export file
    Aug 9 07:41:02 linux-jlb-ds nfsd[2727]: Unknown keyword "no_subtree_check"
    in export file
    Aug 9 08:20:55 linux-jlb-ds mountd[2711]: NFS mount of /Arena attempted
    from 192.168.1.203
    Aug 9 08:20:55 linux-jlb-ds mountd[2711]: NFS request from 192.168.1.203
    originated on insecure port, psychoanalysis suggested

    I tried it with nfs and got an 11.0 machine to mount read only and the 10.3
    would not mount. Now I have it as nfs4 and get exactly the same results.

    John



  10. Re: NFS on 11.0

    John Bowling wrote:
    > I created a name that represents what I call the server here. I don't think
    > that there are any specific names unless you use a DNS, which I don't on my
    > local net.


    I just put the names in my /etc/hosts but still it is confusing, because
    you already enter the name once, so it must be something else.

    > No idea on the nfs-server vs nfs-kernel-server.


    Well, with me nfs-server give the following on the client:
    root@penne : mount /media/pizza
    mount.nfs: mount to NFS server 'rpcbind' failed: timed out, giving up
    mount.nfs: internal error

    And nfs-kernel-server gives me no error. Also I could write to it
    without a problem. I did all the settings with YaST and just changed the
    ro to rw.

    So perhaps the solution is ti try nfs-server of nfs-kernel-server if the
    other cause you problems.

    houghi
    --
    ________________________ Open your eyes, open your mind
    | proud like a god don't pretend to be blind
    | trapped in yourself, break out instead
    http://openSUSE.org | beat the machine that works in your head

  11. Re: NFS on 11.0

    On Fri, 08 Aug 2008 10:55:01 -0700, John Bowling typed this message:

    > noi ance wrote:
    >
    >> On Thu, 07 Aug 2008 12:15:22 -0700, John Bowling typed this message:
    >>
    >>> I have not been able to get an 11.0 NFS server system to work on my
    >>> local network. It is set up via Yast and I checked all of the
    >>> configuration files I could find references to, including on the
    >>> openSUSE howto pages for NFS. Firewalls are all turned off. All IPs
    >>> are fixed. I have Apache2 enabled and browsers able to see all three
    >>> systems from any of the systems.
    >>>
    >>> Problems:
    >>> 1 - the first attempt was with an 11.0 NFS client. It would mount and
    >>> could only read with (that with NFS4). It was mounting read only on
    >>> the client, even though everyplace (server and client) had rw rather
    >>> than ro. The top level directory on the server is setup for 777
    >>> access. The directory on the client is set for 777 access. Without
    >>> NFS4 it cannot read - it can't even mount the remote partition.
    >>>
    >>> 2 - 11.0 wants to do NFS4 and 10.3 cannot do NFS4. So now I have
    >>> removed all references to NFS4. I have to maintain a 10.3 until skype
    >>> can run on 11.0, and NFS on all 10.3 systems worked.
    >>>
    >>> 3 - in the process of setting up a client with Yast - it never finds
    >>> the server under 'search'. If I manually enter the IP, it very
    >>> quickly sees the directory that is being served, so there is no net
    >>> setup or link problem.
    >>>
    >>> Thanks, John

    >>
    >> It would help if you had posted the servers /etc/exports and the
    >> /etc/fstab or mount commands from the client.
    >>
    >> NFS4 requires an FSID=n for partitions exported on the server.
    >>
    >> /home 192.168.0.0/24(fsid=0,rw,root_squash,sync,no_subtree_check)
    >> /public 192.168.0.0/24(fsid=1,rw,root_squash,sync,no_subtree_check)
    >>
    >> the client
    >> 192.168.0.8:/home /mnt/MNTPT1 nfs rw,noauto,users,defaults 0 0 or
    >> 192.168.0.8:/home /mnt/MNTPT1 nfs4 rw,noauto,users,defaults 0 0
    >>
    >> I find
    >> $ mount -t nfs4
    >> doesn't work as well as
    >> $ mount -t nfs
    >>
    >> gfvss4 (or something) security is a real headache unless you know what
    >> you're doing.

    >
    > On the server (192.168.1.201), /etc/exports /Arena
    > 192.168.1.202(fsia=8,rw,root_squash,sync,no_subtre e_check) /Arena
    > 192.168.1.203(fsia=8,rw,root_squash,sync,no_subtre e_check)
    >


    Okay, I'm unfamiliar with fsia but if the intention was fsid those
    numbers are unique within /etc/exports

    On the server (192.168.1.201), /etc/exports /Arena
    192.168.1.202(fsid=0,rw,root_squash,sync,no_subtre e_check) /Arena
    192.168.1.203(fsid=8,rw,root_squash,sync,no_subtre e_check) /Arena

    fsid=0 for a root and unique numbers afterwards.

    Also, since you are defining 2 machines you should specify target
    directory /Arena for both clients.
    Or use a @group naming or IP addresss range with
    subnet masks 192.168.1.200/255.255.255.248 or something.


    > From /etc/fstab of server
    > /dev/disk/by-id/scsi-SATA_Maxtor_4R120L0_R35F59NE-part8 /Arena ext3
    > rw,users,defaults 1 2
    >
    > From /etc/hosts.allow
    > nfs-utils : 192.168.1.202 : /usr/sbin/rpc.mountd : mountd nfs-utils :
    > 192.168.1.202 : /sbin/rpc.statd : statd nfs-utils : 192.168.1.203
    > : /usr/sbin/rpc.mountd : mountd nfs-utils : 192.168.1.203 :
    > /sbin/rpc.statd : statd
    >
    > From fstab of 192.168.1.202 (11.0)
    > 192.168.1.201:/Arena /SArena nfs rw,noauto,users,defaults 0 0
    >
    > Mounts properly and is fully readable. Errors on write:
    > Could not write to /SArena/System/xyz Could not make folder
    > /SArena/System/abc
    >
    > la /SArena from 192.168.1.202:
    > drwsrwxrwx 7 root root 4096 2008-08-01 09:36 . drwxr-xr-x 35 root
    > root 4096 2008-08-07 22:26 .. drwxrwxrwx 7 john users 4096
    > 2008-07-30 09:22 Images drwx------ 2 root root 16384 2008-07-11 14:22
    > lost+found drwxrwxrwx 5 john users 4096 2008-07-30 11:54 System
    > drwxrwxrwx 4 john users 4096 2008-07-29 17:01 .Trash-1000 drwxrwxrwx
    > 2 john users 4096 2008-07-30 11:54 WP
    >
    > From /etc/fstab of 192.168.1.203 (10.3) 192.168.1.201:/Arena /SArena
    > nfs rw,noauto,users,defaults 0 0
    >
    > Error:
    > Mount failed: 192.168.1.201:/Arena.
    > Reason given by server: Permission denied


    I think this failed because you did not specify a valid directory to
    be exported to 192.168.1.203 also use an unique fsid= for the
    192.168.1.203 export.

    >
    > I have re-enabled the firewalls - all three systens have the ethernet
    > card as external zone.
    >
    > I have a difference of interpretation of what the various zones mean. My
    > understanding of the words, from an American English standpoint (enough
    > years to be retired) are
    >
    > Internal Access from inside this specific computer Demilitarized
    > Access from all computers within local net but not outside
    > the proxy interface (a Linksys BFSR41 with a cable modem to cox) to
    > the full Internet
    > External Access from anywhere on the full Internet (or at least
    > every thing the the proxy provides)
    >
    > From my interpretation, all the nfs links should be under demilitarized,
    > especially for a local net without a proxy server.


    If I understand it correctly, the External zone is used for services on
    the local network that will be used/viewed on the internet.
    Demilitarized is a special local network machine exposed to the
    Internet while the remaining machines are not exposed, like
    NNTP or file server. Internal zone is strictly local network with no
    exposure
    to the Internet and all external traffic is forwarded outside your local
    network
    through a gateway, router or otherwise secure channels.

    Basically, if all your machines are locally connected and you use a
    gateway or router
    then the firewall should be using Internal zone. Your router's
    connection to your
    local network will be in your Internal zone.

    >
    > Obviously, the interpretation in openSUSE is different, and I haven't
    > yet found any description or definition of what these words mean to the
    > openSUSE firewall.
    >
    > The results are very similar to having all firewalls turned off.
    >
    > Thanks, John



  12. Re: NFS on 11.0

    noi ance wrote:

    > On Fri, 08 Aug 2008 10:55:01 -0700, John Bowling typed this message:
    >
    >> noi ance wrote:
    >>
    >>> On Thu, 07 Aug 2008 12:15:22 -0700, John Bowling typed this message:
    >>>
    >>>> I have not been able to get an 11.0 NFS server system to work on my
    >>>> local network. It is set up via Yast and I checked all of the
    >>>> configuration files I could find references to, including on the
    >>>> openSUSE howto pages for NFS. Firewalls are all turned off. All IPs
    >>>> are fixed. I have Apache2 enabled and browsers able to see all three
    >>>> systems from any of the systems.
    >>>>
    >>>> Problems:
    >>>> 1 - the first attempt was with an 11.0 NFS client. It would mount and
    >>>> could only read with (that with NFS4). It was mounting read only on
    >>>> the client, even though everyplace (server and client) had rw rather
    >>>> than ro. The top level directory on the server is setup for 777
    >>>> access. The directory on the client is set for 777 access. Without
    >>>> NFS4 it cannot read - it can't even mount the remote partition.
    >>>>
    >>>> 2 - 11.0 wants to do NFS4 and 10.3 cannot do NFS4. So now I have
    >>>> removed all references to NFS4. I have to maintain a 10.3 until skype
    >>>> can run on 11.0, and NFS on all 10.3 systems worked.
    >>>>
    >>>> 3 - in the process of setting up a client with Yast - it never finds
    >>>> the server under 'search'. If I manually enter the IP, it very
    >>>> quickly sees the directory that is being served, so there is no net
    >>>> setup or link problem.
    >>>>
    >>>> Thanks, John
    >>>
    >>> It would help if you had posted the servers /etc/exports and the
    >>> /etc/fstab or mount commands from the client.
    >>>
    >>> NFS4 requires an FSID=n for partitions exported on the server.
    >>>
    >>> /home 192.168.0.0/24(fsid=0,rw,root_squash,sync,no_subtree_check)
    >>> /public 192.168.0.0/24(fsid=1,rw,root_squash,sync,no_subtree_check)
    >>>
    >>> the client
    >>> 192.168.0.8:/home /mnt/MNTPT1 nfs rw,noauto,users,defaults 0 0 or
    >>> 192.168.0.8:/home /mnt/MNTPT1 nfs4 rw,noauto,users,defaults 0 0
    >>>
    >>> I find
    >>> $ mount -t nfs4
    >>> doesn't work as well as
    >>> $ mount -t nfs
    >>>
    >>> gfvss4 (or something) security is a real headache unless you know what
    >>> you're doing.

    >>
    >> On the server (192.168.1.201), /etc/exports /Arena
    >> 192.168.1.202(fsia=8,rw,root_squash,sync,no_subtre e_check) /Arena
    >> 192.168.1.203(fsia=8,rw,root_squash,sync,no_subtre e_check)
    >>

    >
    > Okay, I'm unfamiliar with fsia but if the intention was fsid those
    > numbers are unique within /etc/exports
    >
    > On the server (192.168.1.201), /etc/exports /Arena
    > 192.168.1.202(fsid=0,rw,root_squash,sync,no_subtre e_check) /Arena
    > 192.168.1.203(fsid=8,rw,root_squash,sync,no_subtre e_check) /Arena
    >
    > fsid=0 for a root and unique numbers afterwards.
    >
    > Also, since you are defining 2 machines you should specify target
    > directory /Arena for both clients.
    > Or use a @group naming or IP addresss range with
    > subnet masks 192.168.1.200/255.255.255.248 or something.
    >
    >
    >> From /etc/fstab of server
    >> /dev/disk/by-id/scsi-SATA_Maxtor_4R120L0_R35F59NE-part8 /Arena ext3
    >> rw,users,defaults 1 2
    >>
    >> From /etc/hosts.allow
    >> nfs-utils : 192.168.1.202 : /usr/sbin/rpc.mountd : mountd nfs-utils :
    >> 192.168.1.202 : /sbin/rpc.statd : statd nfs-utils : 192.168.1.203
    >> : /usr/sbin/rpc.mountd : mountd nfs-utils : 192.168.1.203 :
    >> /sbin/rpc.statd : statd
    >>
    >> From fstab of 192.168.1.202 (11.0)
    >> 192.168.1.201:/Arena /SArena nfs rw,noauto,users,defaults 0 0
    >>
    >> Mounts properly and is fully readable. Errors on write:
    >> Could not write to /SArena/System/xyz Could not make folder
    >> /SArena/System/abc
    >>
    >> la /SArena from 192.168.1.202:
    >> drwsrwxrwx 7 root root 4096 2008-08-01 09:36 . drwxr-xr-x 35 root
    >> root 4096 2008-08-07 22:26 .. drwxrwxrwx 7 john users 4096
    >> 2008-07-30 09:22 Images drwx------ 2 root root 16384 2008-07-11 14:22
    >> lost+found drwxrwxrwx 5 john users 4096 2008-07-30 11:54 System
    >> drwxrwxrwx 4 john users 4096 2008-07-29 17:01 .Trash-1000 drwxrwxrwx
    >> 2 john users 4096 2008-07-30 11:54 WP
    >>
    >> From /etc/fstab of 192.168.1.203 (10.3) 192.168.1.201:/Arena /SArena
    >> nfs rw,noauto,users,defaults 0 0
    >>
    >> Error:
    >> Mount failed: 192.168.1.201:/Arena.
    >> Reason given by server: Permission denied

    >
    > I think this failed because you did not specify a valid directory to
    > be exported to 192.168.1.203 also use an unique fsid= for the
    > 192.168.1.203 export.
    >
    >>
    >> I have re-enabled the firewalls - all three systens have the ethernet
    >> card as external zone.
    >>
    >> I have a difference of interpretation of what the various zones mean. My
    >> understanding of the words, from an American English standpoint (enough
    >> years to be retired) are
    >>
    >> Internal Access from inside this specific computer Demilitarized
    >> Access from all computers within local net but not outside
    >> the proxy interface (a Linksys BFSR41 with a cable modem to cox) to
    >> the full Internet
    >> External Access from anywhere on the full Internet (or at least
    >> every thing the the proxy provides)
    >>
    >> From my interpretation, all the nfs links should be under demilitarized,
    >> especially for a local net without a proxy server.

    >
    > If I understand it correctly, the External zone is used for services on
    > the local network that will be used/viewed on the internet.
    > Demilitarized is a special local network machine exposed to the
    > Internet while the remaining machines are not exposed, like
    > NNTP or file server. Internal zone is strictly local network with no
    > exposure
    > to the Internet and all external traffic is forwarded outside your local
    > network
    > through a gateway, router or otherwise secure channels.
    >
    > Basically, if all your machines are locally connected and you use a
    > gateway or router
    > then the firewall should be using Internal zone. Your router's
    > connection to your
    > local network will be in your Internal zone.
    >

    I just changed /etc/exports to:
    /Arena 192.168.1.202(fsid=1,rw,root_squash,sync,no_subtre e_check) \
    /192.168.1.203(fsid=2,rw,root_squash,sync,no_subtre e_check)

    I also rebooted all systems after making the changes.
    The 11.0 system is still asking that I start-statd when mounting it after a
    reboot, and after that can mount and read. The 10.3 does not ask.

    Now both the 11.0 and 10.3 systems can see the remote partition and read
    files. Neither are able to write to it.

    The fsia was a typing mistake.



  13. Re: NFS on 11.0

    And there is another real bug around nfs4. It's been around since before
    mid 2007 per posts google found. That is with the start-statd, and on
    multiple other distros of Linux. Apparently, the client needs to
    start-statd before attempting to mount, or disable locks, and it is not
    doing it. This also prevents any auto mount after a power fail. Not
    appropriate for a production system!

    Anyone know which script to stick it into so it's there before mounting
    remotes?

    Any why are we still having this issue more than a year later on any distro?

    John

+ Reply to Thread