Ports to open for NFS on Firewall (1346 Views)
Reply
Occasional Contributor
MoaAM
Posts: 5
Registered: ‎07-10-2012
Message 1 of 3 (1,346 Views)

Ports to open for NFS on Firewall

I have not set static port for statd,  lockd and mountd. Please let me know which port should I open at Firewall level for this Server for NFS client to connect . Below is O/P from rpcinfo. my os version is 11.11

 

program vers proto port service
100000 4 tcp 111 rpcbind
100000 3 tcp 111 rpcbind
100000 2 tcp 111 rpcbind
100000 4 udp 111 rpcbind
100000 3 udp 111 rpcbind
100000 2 udp 111 rpcbind
100007 2 tcp 49152 ypbind
100007 2 udp 49153 ypbind
100007 1 tcp 49152 ypbind
100007 1 udp 49153 ypbind
100068 2 udp 49163 cmsd
100068 3 udp 49163 cmsd
100068 4 udp 49163 cmsd
100068 5 udp 49163 cmsd
100083 1 tcp 49153 ttdbserver
100024 1 tcp 51285 status
100024 1 udp 56327 status
100021 1 tcp 51286 nlockmgr
100021 1 udp 56330 nlockmgr
100021 3 tcp 51287 nlockmgr
100021 3 udp 56331 nlockmgr
100021 4 tcp 51288 nlockmgr
100021 4 udp 56332 nlockmgr
100020 1 udp 4045 llockmgr
100020 1 tcp 4045 llockmgr
100021 2 tcp 51289 nlockmgr
100005 1 udp 56335 mountd
100005 3 udp 56335 mountd
100005 1 tcp 51290 mountd
100005 3 tcp 51290 mountd
100003 2 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 udp 2049 nfs
100003 3 tcp 2049 nfs

Please use plain text.
Honored Contributor
Matti_Kurkela
Posts: 6,271
Registered: ‎12-02-2001
Message 2 of 3 (1,334 Views)

Re: Ports to open for NFS on Firewall

As you haven't set static ports for statd, lockd and mountd, you would have to open ports 111 (rpcbind/portmapper), 2049 (nfsd), and the whole dynamic port number range 49152 - 65535 (for statd, lockd and mountd, because their port numbers might change on reboot and/or nfs daemon restart).

 

It would be better to make sure that you have the patch PHNE_34662 (or a newer patch that supersedes that one) installed, and specify static ports for statd, lockd and mountd. Once the required patch is installed, this is as simple as adding three lines to /etc/rc.config.d/nfsconf:

LOCKD_PORT=4045 
STATD_PORT=4046
MOUNTD_PORT=4047

After adding those lines, you'll need to restart the NFS daemons or reboot the system.

 

When static ports are set, you would only need a total of five ports for NFS:

  • 111 (rpcbind/portmapper)
  • 2049 (nfsd)
  • 4045 (lockd)
  • 4046 (statd)
  • 4047 (mountd)
MK
Please use plain text.
Occasional Contributor
unix_3608
Posts: 8
Registered: ‎07-05-2011
Message 3 of 3 (455 Views)

Re: Ports to open for NFS on Firewall

hi ,

 

please let me know only this need to be done at client side rite

Please use plain text.
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation