We have discussed a lot about NFS. I wonder if you have any questions. Today, we will mainly explain how to set NFS ports. In many network environments, different port settings may cause different functions. To use NFS in a firewall environment, open the following ports on the firewall:
- 1. portmap port 111 udp/tcp;
- 2. nfsd port 2049 udp/tcp;
- 3. mountd port "xxx" udp/tcp
When the system RPC service starts the nfs service, a random port 32768--65535 is dynamically selected for mountd by default. You can specify a fixed port for mountd by editing the/etc/services file:
- # vi /etc/services
Add at the end
- mountd 1011/udp
- mountd 1011/tcp
Save this file
- # stopsrc -s rpc.mountd
- # startsrc -s rpc.mountd
- # exportfs -a
- # rpcinfo -p Hostname
Now we will find that mountd has been bound to port 1011.
In addition, the services that need to be communicated in nfs include rpc. lockd and rpc. statd. For lockd, we can use a similar method to specify a fixed port,
- # vi /etc/services
Add
- lockd 35000/ucp
- lockd 35000/tdp
- # stopsrc -s rpc.lockd
- # startsrc -s rpc.lockd
- # exportfs -a
Nfs client mount file system
- # rpcinfo -p Hostname
However, rpc. statd cannot be used to specify a port. It can only use a random port. If necessary, open the random port based on the display of the following command on the firewall:
- # no -a |grep ephemeral
- tcp_ephemeral_high = 65535
- tcpp_ephemeral_low = 32768
- udp_ephemeral_high = 65535
- udp_ephemeral_low = 32768
You can also disable rpc. the random port required by statd is affected by the failure of nfs connections, such as server or client). The system cannot restore the status before the disconnection through statd, the nfs file system must be mounted again.
For more information about statd functionality, see http://publib.boulder.ibm.com/infocenter/
Pseries/v5r3/topic/com. ibm. aix. cmds/doc/aixcmds5/statd.htm