Can access NFS to and from at most 3 (of 5) computers [closed]

https://stackoverflow.com/questions/20412231

29-08-2022
|

Domanda

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.

Closed 8 years ago.

This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.

Improve this question

I have 5 computers which we will label as such:

Ubuntu 13.10 Desktop --> U13.10
Ubuntu 11.10 Desktop --> U11.10
Raspberry Pi Raspbian --> R1
Raspberry Pi Raspbian --> R2
Raspberry Pi Raspbian --> R3

I have NFS shares set up like so:

U13.10 (192.168.7.1)
- exporting to U11.10
U11.10 (192.168.7.10)
- importing from U13.10
- importing from R1 (FAILS)
- importing from R2
- importing from R3 (FAILS)
- exporting to R1
- exporting to R2
- exporting to R3
R1 (192.168.7.104)
- importing from U11.10
- exporting to U11.10
R2 (192.168.7.105)
- importing from U11.10
- exporting to U11.10
R3 (192.168.7.106)
- importing from U11.10
- exporting to U11.10

Finally here is the output of my iptables on the server (U13.10) acting as a router:

U13.10$ sudo iptables -nL
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:111
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:111
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:2049
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:32803
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:32769
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:892
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:892
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:875
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:875
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:662
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:662
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10000
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10000
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10001
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10001
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10002
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10002
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10003
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10003
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10004
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10004
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10005
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10005
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10006
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10006
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10007
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10007
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10008
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10008
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10009
ACCEPT     udp  --  0.0.0.0/0            0.0.0.0/0            state NEW udp dpt:10009
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10000
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10000
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10001
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10001
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10002
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10002
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10003
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10003
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10004
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10004
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10005
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10005
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10006
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10006
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10007
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10007
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10008
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10008
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10009
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            state NEW tcp dpt:10009
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp flags:0x3F/0x00
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp flags:!0x17/0x02 state NEW
DROP       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp flags:0x3F/0x3F
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:25
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:465
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:110
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:995
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:143
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:993
ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:6000
ACCEPT     udp  --  0.0.0.0/0            192.168.7.11         udp dpt:6001
ACCEPT     udp  --  0.0.0.0/0            192.168.7.12         udp dpt:6002
ACCEPT     udp  --  0.0.0.0/0            192.168.7.13         udp dpt:6003
ACCEPT     udp  --  0.0.0.0/0            192.168.7.14         udp dpt:6004
ACCEPT     udp  --  0.0.0.0/0            192.168.7.15         udp dpt:6005
ACCEPT     udp  --  0.0.0.0/0            192.168.7.16         udp dpt:6006
ACCEPT     udp  --  0.0.0.0/0            192.168.7.17         udp dpt:6007
ACCEPT     udp  --  0.0.0.0/0            192.168.7.18         udp dpt:6008
ACCEPT     udp  --  0.0.0.0/0            192.168.7.19         udp dpt:6009
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:6000
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.11         tcp dpt:6001
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.12         tcp dpt:6002
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.13         tcp dpt:6003
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.14         tcp dpt:6004
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.15         tcp dpt:6005
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.16         tcp dpt:6006
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.17         tcp dpt:6007
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.18         tcp dpt:6008
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.19         tcp dpt:6009
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7000
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7001
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7002
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7003
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7004
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7005
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7006
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7007
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7008
ACCEPT     udp  --  0.0.0.0/0            192.168.7.10         udp dpt:7009
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7000
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7001
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7002
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7003
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7004
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7005
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7006
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7007
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7008
ACCEPT     tcp  --  0.0.0.0/0            192.168.7.10         tcp dpt:7009

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

As indicated above, I fail to mount from either R1 or R3. Observe the following output as well, as I think it may be helpful:

U11.10$ rpcinfo -p R1
rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused
U11.10$ showmount -e R1
clnt_create: RPC: Port mapper failure - Unable to receive: errno 111 (Connection refused)

U11.10$ rpcinfo -p R2
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  39036  status
    100024    1   tcp  35998  status
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100003    4   tcp   2049  nfs
    100227    2   tcp   2049
    100227    3   tcp   2049
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    4   udp   2049  nfs
    100227    2   udp   2049
    100227    3   udp   2049
    100021    1   udp  55799  nlockmgr
    100021    3   udp  55799  nlockmgr
    100021    4   udp  55799  nlockmgr
    100021    1   tcp  50119  nlockmgr
    100021    3   tcp  50119  nlockmgr
    100021    4   tcp  50119  nlockmgr
    100005    1   udp  49361  mountd
    100005    1   tcp  48407  mountd
    100005    2   udp  37991  mountd
    100005    2   tcp  47634  mountd
    100005    3   udp  41386  mountd
    100005    3   tcp  35740  mountd
U11.10$ showmount -e R2
Export list for R2:
/ U11.10

U11.10$ rpcinfo -p R3
rpcinfo: can't contact portmapper: RPC: Remote system error - Connection refused
U11.10$ showmount -e R3
clnt_create: RPC: Port mapper failure - Unable to receive: errno 111 (Connection refused)

I can ping R1-R3 from U11.10, and as alluded to earlier I can mount onto R1 and R3 from U11.10. I suspect there is something wrong with my iptables, I just can't figure out why it would let one raspi through, but not the other two.

Soluzione

Better ask that on serverfault than on stackoverflow. But to make it short, if i were you, i'd drop ALL my iptables rules first, then check if it works. When you have everything running, check netstat -nap on U11.10 to make sure each process is using the ports you expect it to. Then, re-enable your iptables one by one.

Also, when you try something like the rpcinfo that doesn't work, you might want to have a tcpdump running on your U11.10, and examine the result with wireshark. This gives you an idea if packets are sent, received, and which ports are used, as well.

Autorizzato sotto: CC-BY-SA insieme a attribuzione

Non affiliato a StackOverflow