Manualshelf

Installation guide

ManualsBrandsRed Hat ManualsComputer equipmentENTERPRISE LINUX 4 - ADMINISTRATION
81828384858687888990
Running NFS Behind a Firewall
71
same way they are specified in /etc/exports. Refer to Section 10.6.1, “ The /etc/exports
Configuration File” for more information on /etc/exports syntax. This option is often used to
test an exported file system before adding it permanently to the list of file systems to be exported.
-i
Ignores /etc/exports; only options given from the command line are used to define exported
file systems.
-u
Unexports all shared directories. The command /usr/sbin/exportfs -ua suspends NFS file
sharing while keeping all NFS daemons up. To re-enable NFS sharing, use exportfs -r.
-v
Verbose operation, where the file systems being exported or unexported are displayed in greater
detail when the exportfs command is executed.
If no options are passed to the exportfs command, it displays a list of currently exported file
systems. For more information about the exportfs command, refer to man exportfs.
10.6.2.1. Using exportfs with NFSv4
The exportfs command is used to maintain the NFS table of exported file systems. When used with
no arguments, exportfs shows all the exported directories.
Since NFSv4 no longer utilizes the MOUNT protocol, which was used with the NFSv2 and NFSv3
protocols, the mounting of file systems has changed.
An NFSv4 client now has the ability to see all of the exports served by the NFSv4 server as a single
file system, called the NFSv4 pseudo-file system. On Red Hat Enterprise Linux, the pseudo-file
system is identified as a single, real file system, identified at export with the fsid=0 option.
10.6.3. Running NFS Behind a Firewall
NFS requires rpcbind, which dynamically assigns ports for RPC services and can cause problems
for configuring firewall rules. To allow clients to access NFS shares behind a firewall, edit the /etc/
sysconfig/nfs configuration file to control which ports the required RPC services run on.
The /etc/sysconfig/nfs may not exist by default on all systems. If it does not exist, create it and
add the following variables, replacing port with an unused port number (alternatively, if the file exists,
un-comment and change the default entries as required):
MOUNTD_PORT=port
Controls which TCP and UDP port mountd (rpc.mountd) uses.
STATD_PORT=port
Controls which TCP and UDP port status (rpc.statd) uses.
LOCKD_TCPPORT=port
Controls which TCP port nlockmgr (rpc.lockd) uses.
LOCKD_UDPPORT=port
Controls which UDP port nlockmgr (rpc.lockd) uses.
If NFS fails to start, check /var/log/messages. Normally, NFS will fail to start if you specify a port
number that is already in use. After editing /etc/sysconfig/nfs, restart the NFS service using
service nfs restart. Run the rpcinfo -p command to confirm the changes.