[geeks] An NFS conundrum
Phil Stracchino
phil.stracchino at speakeasy.net
Sun Feb 18 21:29:53 CST 2007
I have a puzzle, upon which I solicit the advice of the Collective.
My internal network is 10.24.32.0/23. This is divided into two subnets:
10.24.32.0/24 (backbone) and 10.24.33.0/24 (wireless).
My main NAS is on minbar (10.24.32.12), available via NFS and Samba. It
runs Solaris 9. minbar's /etc/dfs/dfstab contains the following:
share -F nfs -o root=@10.24.32.10/32,rw=@10.24.32.10/32
-d "minbar root" /
share -F nfs -o root=@10.24.32.10/32,rw=@10.24.32.10/32
-d "minbar home" /home
share -F nfs -o root=@10.24.32.0/24,rw=@10.24.32.0/24,ro=@10.24.33.0/24
-d "exports" /export
The workstation I'm using right now is babylon5 (10.24.32.10). It runs
a very heavily customized Linux that was originally Slackware 7.
babylon5's /etc/fstab contains the following lines relating to NFS mounts:
### remote filesystems
minbar:/ /mnt/minbar nfs
ro,rsize=8192,wsize=8192,soft,suid 0 0
minbar:/home /mnt/minbar/home nfs
rw,rsize=8192,wsize=8192,soft,suid 0 0
minbar:/export /minbar nfs
rw,rsize=8192,wsize=8192,soft,suid 0 0
babylon5:alaric:~:3 $ showmount -e minbar
Export list for minbar:
/ @10.24.32.10/32
/home @10.24.32.10/32
/export @10.24.32.0/24, at 10.24.33.0/24
babylon5, needless to say, mounts all the shares perfectly.
llioness (10.24.33.50) is a Thinkpad 600E running Slackware 11.
root at llioness:~# showmount -e minbar
Export list for minbar:
/ @10.24.32.10/32
/home @10.24.32.10/32
/export @10.24.32.0/24, at 10.24.33.0/24
root at llioness:~# grep nfs /etc/fstab
minbar:/export /minbar nfs
rw,rsize=8192,wsize=8192,soft,suid 0 0
root at llioness:~# mount /minbar
root at llioness:~# mount
/dev/hda1 on / type ext3 (rw)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
none on /proc/bus/usb type usbfs (rw,devmode=0666,devgid=10)
tmpfs on /tmp type tmpfs (rw,size=128M)
minbar:/export on /minbar type nfs
(rw,rsize=8192,wsize=8192,soft,addr=10.24.32.12)
So far, so good, right?
root at llioness:~# ls /minbar/
/bin/ls: reading directory /minbar/: Input/output error
The 10.24.32.0/24 and 10.24.33.0/24 subnets are linked through yama, my
router/firewall machine, an Ultra5 with four 10/100 interfaces running
OpenBSD 3.6 and pf. 10.24.32.0/24 is on fxp1, 10.24.33.0/24 is on fxp2.
Applicable firewall rules and macros:
if_external = "xl0"
ad_external = "66.92.72.93"
if_backbone = "fxp0"
if_wireless = "fxp1"
if_internal = "{fxp0, fxp1}"
if_all = "{fxp0, fxp1, xl0}"
table <ad_backbone> persist {10.24.32.0/24}
table <ad_wireless> persist {10.24.33.0/24}
table <ad_internal> persist {10.24.32.0/23}
nat_proto = "{tcp,udp,icmp}"
no nat on $if_external proto $nat_proto from ($if_wireless) to
($if_backbone)
no nat on $if_external proto $nat_proto from ($if_backbone) to
($if_wireless)
pass log quick on $if_internal from ($if_backbone) to ($if_wireless)
pass log quick on $if_internal from ($if_wireless) to ($if_backbone)
(These rules are here just while I'm debugging this problem. Once I
have it solved, access to 10.24.32.0/24 from hosts on 10.24.33.0 will be
restricted much as is access from the outside world, which is to say
that only trusted hosts on 10.24.33.0/24 can access all hosts on
10.24.32.0/24.)
When I initially started this, llioness could see minbar's mounts, but
couldn't mount anything. I determined that it was trying to mount them
using NFSv4. I did find that NFSv4 support was not enabled in the
kernel. I'd gone to look at kernel NFS support thinking that maybe if I
*disabled* NFSv4 support, it'd force it to use an earlier version.
Since it was already disabled, I tried enabling it instead. That got me
the improvement of being able to mount minbar's NFS shares, but not do
anything with them once mounted.
I'm baffled. Anyone have any ideas? Is there anything stupid that I
missed?
--
It's not the years, it's the mileage.
Phil Stracchino phil.stracchino at speakeasy.net
Renaissance Man, Unix generalist, Perl hacker, Free Stater
Landline: 603-429-0220 Mobile: 603-320-5438
More information about the geeks
mailing list