DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD General

OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 12th July 2014
astouffer astouffer is offline
New User
 
Join Date: Jul 2014
Posts: 3
Default OpenBSD 5.5 and Solaris 10 NFS

Hello all, I am having a rough time trying to get a fresh OpenBSD 5.5 amd64 install to mount an NFS share from a Solaris 10 Sparc server.

The showmount command works and then I can mount the share successfully but as soon as I cd into the directory and try to ls it hangs and eventually gives an NFS timeout. I can't kill any of the processes forcing a reboot. While shutting down the kernel panics and drops me to the debugger. I can provide the output if anyone wishes.

I don't have any problems mounting the shares under other operating systems like NetBSD, FreeBSD, and Windows 7. Any ideas what is wrong?
Reply With Quote
  #2   (View Single Post)  
Old 12th July 2014
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

It is unlikely that anybody can help you with such a report. What are the mount options? It looks like you hang the system by executing some kind binaries on NFS. What happen if you use the following mount options?

Code:
 nosuid,nodev,noexec,soft,noatime

Are you using nfs or nfs4 as a file type? Disable pf on OpenBSD machine until you get NFS to work.

Last edited by Oko; 12th July 2014 at 03:43 AM.
Reply With Quote
  #3   (View Single Post)  
Old 12th July 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Hello, and welcome!

OpenBSD's built-in NFS client only supports the NFS Version 2 and 3 protocols. According to Oracle, the server and clients can be restricted to using Version 4 by configuration settings in the Solaris configuration file /etc/default/nfs. You may want to ensure you permit Version 3, which is the default protocol used by mount_nfs(8).

But Oko is right; a LOT more information about the network environment would be helpful. It's hard for us to help you when we're over here, way far away at the other end of the Internet. We only have what you tell us to try to help you. Some of the things we might want to know:
  • Is the interconnection between Solaris server to OpenBSD wired end-to-end, or is there any network segment using wireless?
  • Are VLANs in use?
  • Are the two devices on the same network segment, or is there a router or bridge between them? (And yes, a WiFi access point on a wired network is actually a bridge.)
  • What NIC/PHY are being used on the OpenBSD client?
  • How is the media configured? (Duplex, speed, etc.)
  • Are you using UDP or TCP for NFS? OpenBSD's client uses UDP by default.
  • Have you run tcpdump(8) or other network monitors to watch the traffic between client and server? Was there an indication of which platform ceased communication?
These are the questions I would have, as a starting point.



Luckily, everything of interest about the OpenBSD components and the hardware you are using for OpenBSD can pretty much be answered by providing a dmesg(8).

Last edited by jggimi; 12th July 2014 at 01:45 AM. Reason: clarity, clarity, clarity. One typo, too.
Reply With Quote
  #4   (View Single Post)  
Old 12th July 2014
astouffer astouffer is offline
New User
 
Join Date: Jul 2014
Posts: 3
Default

Thanks for the quick replies. Oko's suggestion of disabling pf worked Although I'm still not clear on how pf allowed the mount to happen but not function.
Reply With Quote
  #5   (View Single Post)  
Old 12th July 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

I'm glad to learn you have a root cause.

NFS uses ports indirectly. NFS is one of a number of RPC services that can use a variety of port numbers. To find out the port numbers, the client contacts the portmap daemon listening on the server (at port 111 for both UDP and TCP) to learn what destination port numbers to use for further communication. With the -p option of the rpcinfo(8) command, you can have your OpenBSD client list all of the port numbers offered by the portmap daemon running on your Solaris server.

When I probe one of my NFS servers, I see:
Code:
$ rpcinfo -p netbook
   program vers proto    port
    100000    2      tcp     111  portmapper
    100000    2      udp     111  portmapper
    100005    1      udp     901  mountd
    100005    3      udp     901  mountd
    100005    1      tcp     747  mountd
    100005    3      tcp     747  mountd
    100003    2      udp    2049  nfs
    100003    3      udp    2049  nfs
    100003    2      tcp    2049  nfs
    100003    3      tcp    2049  nfs
    100026    1      udp     714  bootparam
$
Reply With Quote
  #6   (View Single Post)  
Old 12th July 2014
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

Quote:
Originally Posted by astouffer View Post
Thanks for the quick replies. Oko's suggestion of disabling pf worked Although I'm still not clear on how pf allowed the mount to happen but not function.
Ok so now we know that you have misconfigured NFS server running on Solaris 10. For NFS to work you need 5 TCP and UDP ports open.

Code:
[root@athena ~]# rpcinfo -p gaia
   program vers proto   port  service
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100000    4     7    111  portmapper
    100000    3     7    111  portmapper
    100000    2     7    111  portmapper
    100005    1   udp   4002  mountd
    100005    3   udp   4002  mountd
    100005    1   tcp   4002  mountd
    100005    3   tcp   4002  mountd
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100024    1   udp   4000  status
    100024    1   tcp   4000  status
    100021    0   udp   4001  nlockmgr
    100021    0   tcp   4001  nlockmgr
    100021    1   udp   4001  nlockmgr
    100021    1   tcp   4001  nlockmgr
    100021    3   udp   4001  nlockmgr
    100021    3   tcp   4001  nlockmgr
    100021    4   udp   4001  nlockmgr
    100021    4   tcp   4001  nlockmgr
While 111 and 2049 are standard you will have to force NFS server to use 4000, 4001, and 4002 for status, nlock, and mount daemon (both UDP and TCP). I only have FreeNAS and RedHat NFS servers. On RedHat there is a file /etc/sysconfig/nfs where you configure options for nfs server. On FreeNAS you have to separately call status, nlock, and mountd with specific flags. Then you can configure your OpenBSD client to allow outgoing traffic on those 5 ports in 2 different protocols (TCP and UDF).

Last edited by Oko; 12th July 2014 at 06:49 AM.
Reply With Quote
  #7   (View Single Post)  
Old 12th July 2014
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 7,977
Default

Quote:
Originally Posted by Oko View Post
Ok so now we know that you have misconfigured NFS server ...
I would rather assume astouffer's PF configuration needs revision.
Quote:
...you will have to force NFS server to use...
Any destination ports that are passed by PF would be fine. Typically, admins set statically assigned ports as you have, or they open UDP (or TCP) traffic broadly between client and server.

I suppose that an admin could script dynamic PF configuration changes with rpcinfo(8) and PF's anchor facility, but I'm not aware of anyone who has bothered.

Last edited by jggimi; 12th July 2014 at 03:26 PM. Reason: typos
Reply With Quote
  #8   (View Single Post)  
Old 12th July 2014
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

Quote:
Originally Posted by jggimi View Post
I suppose that an admin could script dynamic PF configuration changes with rpcinfo(8) and PF's anchor facility, but I'm not aware of anyone who has bothered.
Unfortunately the age of NFS shows. It has never been designed to work well with the firewalls. In my experience most people don't run firewalls on NFS server/clients and automatic assumption is that server and clients are on the same subnet. I am not one of those people. I run firewall on all NFS both clients and servers and I have even NFS exported throught VPN which is filtered. Forcing NFS to use specific ports is the best thing in my experience but depending on the host OS you can hit many bugs when you try to force such behavior.
Reply With Quote
  #9   (View Single Post)  
Old 12th July 2014
astouffer astouffer is offline
New User
 
Join Date: Jul 2014
Posts: 3
Default

The need for mounting NFS is just temporary to migrate some home directories to the OpenBSD box. For the sake of completeness here is the output from rpcinfo
Code:
# rpcinfo -p sunfire
   program vers proto   port
    100000    4   tcp    111  portmapper
    100000    3   tcp    111  portmapper
    100000    2   tcp    111  portmapper
    100000    4   udp    111  portmapper
    100000    3   udp    111  portmapper
    100000    2   udp    111  portmapper
    100024    1   udp  32778  status
    100024    1   tcp  32772  status
    100133    1   udp  32778
    100133    1   tcp  32772
1073741824    1   tcp  32773
    100021    1   udp   4045  nlockmgr
    100021    2   udp   4045  nlockmgr
    100021    3   udp   4045  nlockmgr
    100021    4   udp   4045  nlockmgr
    100021    1   tcp   4045  nlockmgr
    100021    2   tcp   4045  nlockmgr
    100021    3   tcp   4045  nlockmgr
    100021    4   tcp   4045  nlockmgr
    100001    2   udp  32780  rstatd
    100001    3   udp  32780  rstatd
    100001    4   udp  32780  rstatd
    100068    2   udp  32781
    100068    3   udp  32781
    100068    4   udp  32781
    100068    5   udp  32781
    100083    1   tcp  32778
    100002    2   tcp  32779  rusersd
    100002    3   tcp  32779  rusersd
    100002    2   udp  32782  rusersd
    100002    3   udp  32782  rusersd
    100011    1   udp  32783  rquotad
    300598    1   udp  32787
    300598    1   tcp  32782
 805306368    1   udp  32787
 805306368    1   tcp  32782
    100249    1   udp  32788
    100249    1   tcp  32783
    100005    1   udp  61866  mountd
    100005    1   tcp  33836  mountd
    100005    2   udp  61866  mountd
    100005    2   tcp  33836  mountd
    100005    3   udp  61866  mountd
    100005    3   tcp  33836  mountd
    100003    2   udp   2049  nfs
    100003    3   udp   2049  nfs
    100227    2   udp   2049
    100227    3   udp   2049
    100003    2   tcp   2049  nfs
    100003    3   tcp   2049  nfs
    100227    2   tcp   2049
    100227    3   tcp   2049
Hey I didn't misconfigure NFS, Oracle did. All I did was add my exports and enable the service
Reply With Quote
Old 12th July 2014
Oko's Avatar
Oko Oko is offline
Rc.conf Instructor
 
Join Date: May 2008
Location: Kosovo, Serbia
Posts: 1,102
Default

Quote:
Originally Posted by astouffer View Post

Hey I didn't misconfigure NFS, Oracle did. All I did was add my exports and enable the service
I am sure I would be really curious to see if NFS is better implemented on Solaris than on Linux.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Oracle Solaris goes to 11 J65nko News 0 10th November 2011 11:49 PM
All awk's on Solaris are broken! s0xxx Solaris 1 20th January 2010 10:49 PM
Solaris by Megadeth was way more fun, Solaris 8 hanging on boot bleepingnetwork Solaris 2 18th November 2009 07:39 PM
Kde on Solaris whispersGhost Solaris 25 28th July 2008 07:06 PM
Fat 32 from Solaris whispersGhost Solaris 17 9th June 2008 09:08 PM


All times are GMT. The time now is 07:08 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick