Re: NFS on 11.0
- From: noi ance <noi@xxxxxxxx>
- Date: Sat, 09 Aug 2008 23:05:13 GMT
On Fri, 08 Aug 2008 10:55:01 -0700, John Bowling typed this message:
noi ance wrote:
On Thu, 07 Aug 2008 12:15:22 -0700, John Bowling typed this message:
I have not been able to get an 11.0 NFS server system to work on my
local network. It is set up via Yast and I checked all of the
configuration files I could find references to, including on the
openSUSE howto pages for NFS. Firewalls are all turned off. All IPs
are fixed. I have Apache2 enabled and browsers able to see all three
systems from any of the systems.
Problems:
1 - the first attempt was with an 11.0 NFS client. It would mount and
could only read with (that with NFS4). It was mounting read only on
the client, even though everyplace (server and client) had rw rather
than ro. The top level directory on the server is setup for 777
access. The directory on the client is set for 777 access. Without
NFS4 it cannot read - it can't even mount the remote partition.
2 - 11.0 wants to do NFS4 and 10.3 cannot do NFS4. So now I have
removed all references to NFS4. I have to maintain a 10.3 until skype
can run on 11.0, and NFS on all 10.3 systems worked.
3 - in the process of setting up a client with Yast - it never finds
the server under 'search'. If I manually enter the IP, it very
quickly sees the directory that is being served, so there is no net
setup or link problem.
Thanks, John
It would help if you had posted the servers /etc/exports and the
/etc/fstab or mount commands from the client.
NFS4 requires an FSID=n for partitions exported on the server.
/home 192.168.0.0/24(fsid=0,rw,root_squash,sync,no_subtree_check)
/public 192.168.0.0/24(fsid=1,rw,root_squash,sync,no_subtree_check)
the client
192.168.0.8:/home /mnt/MNTPT1 nfs rw,noauto,users,defaults 0 0 or
192.168.0.8:/home /mnt/MNTPT1 nfs4 rw,noauto,users,defaults 0 0
I find
$ mount -t nfs4
doesn't work as well as
$ mount -t nfs
gfvss4 (or something) security is a real headache unless you know what
you're doing.
On the server (192.168.1.201), /etc/exports /Arena
192.168.1.202(fsia=8,rw,root_squash,sync,no_subtree_check) /Arena
192.168.1.203(fsia=8,rw,root_squash,sync,no_subtree_check)
Okay, I'm unfamiliar with fsia but if the intention was fsid those
numbers are unique within /etc/exports
On the server (192.168.1.201), /etc/exports /Arena
192.168.1.202(fsid=0,rw,root_squash,sync,no_subtree_check) /Arena
192.168.1.203(fsid=8,rw,root_squash,sync,no_subtree_check) /Arena
fsid=0 for a root and unique numbers afterwards.
Also, since you are defining 2 machines you should specify target
directory /Arena for both clients.
Or use a @group naming or IP addresss range with
subnet masks 192.168.1.200/255.255.255.248 or something.
From /etc/fstab of server
/dev/disk/by-id/scsi-SATA_Maxtor_4R120L0_R35F59NE-part8 /Arena ext3
rw,users,defaults 1 2
From /etc/hosts.allow
nfs-utils : 192.168.1.202 : /usr/sbin/rpc.mountd : mountd nfs-utils :
192.168.1.202 : /sbin/rpc.statd : statd nfs-utils : 192.168.1.203
: /usr/sbin/rpc.mountd : mountd nfs-utils : 192.168.1.203 :
/sbin/rpc.statd : statd
From fstab of 192.168.1.202 (11.0)
192.168.1.201:/Arena /SArena nfs rw,noauto,users,defaults 0 0
Mounts properly and is fully readable. Errors on write:
Could not write to /SArena/System/xyz Could not make folder
/SArena/System/abc
la /SArena from 192.168.1.202:
drwsrwxrwx 7 root root 4096 2008-08-01 09:36 . drwxr-xr-x 35 root
root 4096 2008-08-07 22:26 .. drwxrwxrwx 7 john users 4096
2008-07-30 09:22 Images drwx------ 2 root root 16384 2008-07-11 14:22
lost+found drwxrwxrwx 5 john users 4096 2008-07-30 11:54 System
drwxrwxrwx 4 john users 4096 2008-07-29 17:01 .Trash-1000 drwxrwxrwx
2 john users 4096 2008-07-30 11:54 WP
From /etc/fstab of 192.168.1.203 (10.3) 192.168.1.201:/Arena /SArena
nfs rw,noauto,users,defaults 0 0
Error:
Mount failed: 192.168.1.201:/Arena.
Reason given by server: Permission denied
I think this failed because you did not specify a valid directory to
be exported to 192.168.1.203 also use an unique fsid= for the
192.168.1.203 export.
I have re-enabled the firewalls - all three systens have the ethernet
card as external zone.
I have a difference of interpretation of what the various zones mean. My
understanding of the words, from an American English standpoint (enough
years to be retired) are
Internal Access from inside this specific computer Demilitarized
Access from all computers within local net but not outside
the proxy interface (a Linksys BFSR41 with a cable modem to cox) to
the full Internet
External Access from anywhere on the full Internet (or at least
every thing the the proxy provides)
From my interpretation, all the nfs links should be under demilitarized,
especially for a local net without a proxy server.
If I understand it correctly, the External zone is used for services on
the local network that will be used/viewed on the internet.
Demilitarized is a special local network machine exposed to the
Internet while the remaining machines are not exposed, like
NNTP or file server. Internal zone is strictly local network with no
exposure
to the Internet and all external traffic is forwarded outside your local
network
through a gateway, router or otherwise secure channels.
Basically, if all your machines are locally connected and you use a
gateway or router
then the firewall should be using Internal zone. Your router's
connection to your
local network will be in your Internal zone.
Obviously, the interpretation in openSUSE is different, and I haven't
yet found any description or definition of what these words mean to the
openSUSE firewall.
The results are very similar to having all firewalls turned off.
Thanks, John
.
- References:
- NFS on 11.0
- From: John Bowling
- Re: NFS on 11.0
- From: noi ance
- NFS on 11.0
- Prev by Date: Re: Suse 11.0 and dual-core processor
- Next by Date: Re: Suse 11.0 and dual-core processor
- Previous by thread: Re: NFS on 11.0
- Next by thread: Re: NFS on 11.0
- Index(es):
Relevant Pages
|
