[Gllug] NFS across firewall
Richard Turner
richard at rj-turner.freeserve.co.uk
Mon Jun 9 11:39:33 UTC 2003
> This is from the O'Reilly NIS / NFS book:
>
> mount command
> mount -o proto=tcp,public nfs.eisler.com:/export/home/mre /mre
>
> This is after allowing tcp port 2049 in your firewall
>
> The proto=tcp option forces mount to use the TCP/IP protocol.
Firewalls
> prefer to deal with TCP because it establishs the state that the
firewall
> can
> use to know if a TCP segment from the outside is a response from an
> external
> server or a call from an external client.
>
> The 'public' option does the following:
>
> Bypasses the portmapper entirely and always contacts the NFS server
port
> on
> 2049 (or a different port if the port= option is specified to the
mount
> command) It sends a NULL ping to the NFS Version 3 server first, and
if
> that
> fails, tries the NFS Version 2 server next.
>
> Makes the NFS client contact the NFS server directory to get an
initial
> file
> handle
>
> Marks the NFS mounts with the llock option. This is an undocumented
mount
> option that says to handle all locking requests for the file on the
NFS
> filesystem locally.
>
> Please also note that while the NFS server normally listens on 2049
you
> can
> specify when you start the NFS server to listen only for TCP rather
than
> UDP
> and TCP, and lock it to a specific port.
Xander, you're a star! Thanks for this.
Incidentally, since I don't have O'Reilly's NIS / NFS book, where else
might I have found this information? I do try to find stuff out for
myself before asking, (dreading the 'RTFM' response!), but had no joy
this time.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list