NFS woes

[krisse]

NFS server and client, both gentoo machines. Used to work, stopped after some upgrade or another --- unfortunately unsure. There's been updates to both kernel and userspace programs.

Server to server, I can mount NFS.

I can SSH from client to server --- but server isn't pingable from client. Any idea what could be causing that?

[krisse]

So ping from client to server fails.

But a whole bunch of ports are open at the server from the clients point of view.

Previously, I used ports in the range of 32*** for NFS (/etc/conf.d/nfs), but changed them to 40** in case that mattered.

nmap finds, among others, open ports 111, 2049, and the aforementioned 40** as setup in /etc/conf.d/nfs.

Additionally, if I change the port for mountd in /etc/conf.d/nfs, the client does try to connect to the proper port.

In other words, almost everything seems to be working properly, but in practice fails.

[krinn]

Many routers are setup to drop external icmp request to hide themself. If set, ping will never get answer, but other request and service will work as expected, a dedicated tiny-firewall option if you prefer (with 0 relation to the router or host firewall setup).

As you hide your IP i suppose your server and client are on two networks, facing router setup so.
If they are on the same network, this shouldn't apply, so yes you have a connection problem.

Your nfs trouble could just be another trouble, with no relation to your ping problem.

[krisse]

Thanks for chiming in, krinn!

You're right. There's two separate networks (in two separate countries for that matter), and two separate routers.

Managed to get ping working after a thorough look in the router's firewall-settings, serverside.

Still not getting any luck with nfs though.

Ports are being forwarded (serverside, router). Firewall is letting said ports through.

These ports are: (nfs config)

[krinn]

you can pass -vvv to get a verbose output with the client request.

newer nfsutils doesn't allow anymore the lazzy mount of nfsv3 for nfsv4 server.
previously an nfsv4 server offering nfsv3 & 4 service could be mount with a buggy client requesting an nfsv3 mount

damnit i'm not sure how to explain that
- if your client try to mount an nfsv4 mount, the mount must comply with strict nfsv4 (this mean having a nfsroot present, and subdirectories bind to it)
- if your client try to mount an nfsv3 mount from an nfsv4 server, the client must specifically query that, passing nfsvers=3,ver=3

anyway, assuming your ports are forward and open as they should, trying to mount with -vvv will gave a better clue of your problem.

[krisse]

Thanks for the input!

I tried with explicit NFS3, but didn't work, and -vvv unfortunately didn't give me anything new --- just a bunch of tries at correct port and address (and nfs version), ending up with timing out. :-/