Centos serves as the server and provides the NFS file system. AIX acts as the client and mounts the specified directory of centos.
(1) NFS installation Configuration:
Centos 5:
Yum-y install nfs-utils Portmap
Centos 6 (in centos 6.3, The Portmap service is undertaken by rpcbind ):
Yum-y install nfs-utils rpcbind
(2)
Iii. Server Configuration:
1. Create a shared directory:
[[Email protected]/] # mkdir/usr/local/test
2. NFS file Configuration:
[[Email protected]/] # vi/etc/exports
# Add a row:
/Usr/local/test/192.168.1.226 (RW, no_root_squash, no_all_squash, sync)
: X save and exit;
Make the configuration take effect:
[[Email protected]/] # exportfs-R must be executed without execution errors
Note: configuration file description:
/Usr/local/test/is the shared directory. Use the absolute path.
192.168.1.226 (RW, no_root_squash, no_all_squash, sync) is the client address and permission. The address can be a network segment, an IP address or a domain name. The domain name supports wildcards, such as * .youxia.com, there is no space between the address and permission. Permission description:
RW: read-write, which can be read and written;
RO: Read-only, read-only;
Sync: writes files to both the hard disk and memory;
Async: files are stored in memory instead of directly written into memory;
No_root_squash: If the NFS client uses root to connect to the server, it also has root permissions for the Directory shared by the server. It is obviously not safe to enable this feature.
Root_squash: If the NFS client uses root to connect to the server, it has anonymous user permissions for the Directory shared by the server. Generally, it uses nobody or nfsnobody;
All_squash: No matter which user the NFS client uses to connect to the server, the directory shared by the server is anonymous;
Anonuid: uid value of an anonymous user, usually nobody or nfsnobody, which can be set here;
Anongid: the GID value of an anonymous user.
3. Start:
Centos6:
[[Email protected]/] # service rpcbind start
Starting rpcbind: [OK]
[[Email protected]/] # service NFS start
Starting NFS services: [OK]
Starting NFS quotas: [OK]
Starting NFS mountd: [OK]
Stopping RPC idmapd: [OK]
Starting RPC idmapd: [OK]
Starting NFS daemon: [OK]
[[Email protected]/] #
Centos 5
[[Email protected]/] # service Portmap start
[[Email protected]/] # service NFS start
3. Client mounting
Test: showmount-e 172.18.1.30
Check whether the data is shared.
Mount-O rsize = 32768, wsize = 32768, hard 172.18.1.30:/arichlog1/home/Oracle/audit_hrb/heart
Centos mounting on AIX is not the same as centos mounting on centos.
4. Problems Encountered
# Mount nfsserver:/share/mnt/nfs
Mount: giving up on:
Nfsserver:/share
Vmount: Not owner
After searching the information, we found that the Linux operating system needs to use the NFS reserved port when responding to the Mount Request of the AIX operating system. This port is not opened by default.
# Nfso-O nfs_use_reserved_ports = 1
Setting nfs_use_reserved_ports to 1
The NFS shared directory is mounted again.
5. Uninstall
Umount/usr/local/test
Vi. server-side firewall settings (enable firewall protection for NFS ):
1. Modify/etc/service and add the following content (the port number must be less than 1024 and is not in use)
# Local services
MOUNTD 1011/tcp # rpc. mountd
MOUNTD 1011/udp # rpc. mountd
Rquotad 1012/tcp # rpc. rquotad
Rquotad 1012/udp # rpc. rquotad
2. Restart the Linux NFS service
Service NFS restart
3. Now the RPC-related port has been fixed. You can add firewall rules for Linux NFS.
# Portmap
/Sbin/iptables-A input-s 192.168.1.0/254-p tcp -- dport 111-J accept
/Sbin/iptables-A input-s 192.168.1.0/254-p udp -- dport 111-J accept
# Nfsd
/Sbin/iptables-A input-s 192.168.1.0/254-p tcp -- dport 2049-J accept
/Sbin/iptables-A input-s 192.168.1.0/254-p udp -- dport 2049-J accept
# Mountd
/Sbin/iptables-A input-s 192.168.1.0/254-p tcp -- dport 1011-J accept
/Sbin/iptables-A input-s 192.168.1.0/254-p udp -- dport 1011-J accept
# Rquotad
/Sbin/iptables-A input-s 192.168.1.0/254-p tcp -- dport 1012-J accept
/Sbin/iptables-A input-s 192.168.1.0/254-p udp -- dport 1012-J accept
# Rpc. statd
/Sbin/iptables-A input-s 192.168.1.0/254-p tcp -- dport 32768-J accept
/Sbin/iptables-A input-s 192.168.1.0/254-p udp -- dport 32768-J accept
--- TCP method success -------------------------------------------
-A input-M state -- state new-m tcp-p tcp -- dport 111-J accept
-A input-M state -- state new-m tcp-p tcp -- dport 2049-J accept
-A input-M state -- state new-m tcp-p tcp -- dport 1011-J accept
-A input-M state -- state new-m tcp-p tcp -- dport 1012-J accept
-A input-M state -- state new-m tcp-p tcp -- dport 32768-J accept
When the client is mounted, the following problem occurs: the network may be unstable. By default, NFS uses the UDP protocol instead of the TCP protocol:
Mount-t nfs 192.168.1.225:/usr/local/test-O proto = TCP-O nolock