I have an NFS server and NFS client separated by a firewall. Both
servers are FreeBSD 7.1.
Server configuration:
nfs_server_enable="YES"
nfs_server_flags="-t -n 4"
rpcbind_enable="YES"
mountd_flags="-r -p 737"
mountd_enable="YES"
The firewall allows tcp and udp to port 111, but only tcp to ports 2049
and 737 (configured for mountd, see above).
On the client I use e.g. the following command for mounting:
mount -t nfs -o nfsv3,tcp,intr,rdirplus,-r=32768,-w=32768
XXXX:/export/usr/obj /usr/obj
Mounting and subsequent fs operations work flawlessly.
When I unmount umount command hangs but can be interrupted with ^C.
Everything seems to be clean after that - the filesystem is unmounted,
there are no post-effects on both client and server.
I used ktrace and tcpdump to investigate this and it seems that umount
command tries to send something to server's mountd via udp:
...
13181 umount CALL sendto(0x4,0x2823e354,0x70,0,0x2823c008,0x10)
13181 umount GIO fd 4 wrote 112 bytes
...
000477 IP (tos 0x0, ttl 64, id 19976, offset 0, flags [none], proto UDP
(17), length 140) 10.99.15.160.960 > 10.99.10.87.737: UDP, length 112
If wonder if this is correct behavior of umount.
Do I need to get mountd udp port allowed in the firewall?
Or is there a way to configure "everything" to tcp only?
--
Andriy Gapon