FC8 and NFS service

[Robin Laing]

Bill Davidsen wrote:
> Terry Polzin wrote:
>> On Wednesday 20 February 2008 14:32, Bill Davidsen wrote:
>>> I am trying to replace a bunch of NFS servers with new machines running
>>> FC8. The NFS server is doing some kind of evil security check which was
>>> not present in FC1, causing connection rejects like "invalid port
>>> XXXXXX" messages. Since the port works against the FC1 server, and there
>>> are 120-140 clients per server, running various operating systems, the
>>> solution lies in telling the NFS service to stop doing the unwanted
>>> security check and treat anything coming through iptables as valid.
>>>
>>> Has someone a thought on this? Changing clients isn't going to happen,
>>> and it seems the Solaris NFS server works (or the upgrade from FC1 might
>>> be dropped).
>>>
>>> -- 
>>> Bill Davidsen <davidsen at tmr.com>
>>>    "We have more to fear from the bungling of the incompetent than from
>>> the machinations of the wicked."  - from Slashdot
>> Can we see your /etc/exports file?  You may need to add insecure to 
>> your exports to use some ports in newer NFS instances. 
> I'm not that far along, I have just been exporting with exportfs at the 
> moment, and I have turned secure mounts off. If that gets all clients 
> working I'll change to using insecure.
> 
> Newer instances is right, I'm building a FC9alpha1 test box as I type, 
> I'll test both client and server on FC[6789] and client on everything.
> 
> More later, thanks.
> 


After having fought with NFS for a weekend I found that you have to 
define the ports in the NFS configuration files and then open them up in 
the firewall.

/etc/sysconfig/nfs

The ports are random now.

At home I have now moved to sshfs instead of nfs, more secure and easier 
to setup.

-- 
Robin Laing