User Tools

Site Tools


doc:howto:nfs.server

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:howto:nfs.server [2013/03/08 19:48]
fathom
doc:howto:nfs.server [2013/12/25 15:17] (current)
yeti mention kmod-loop ... https://dev.openwrt.org/ticket/11541
Line 38: Line 38:
  
 **NOTE:** You do not need all packages: **''​nfs-kernel-server''​** should suffice. **NOTE:** You do not need all packages: **''​nfs-kernel-server''​** should suffice.
 +
 +**NOTE:** You may need to install kmod-loop manually to fix "​mount:​ can't setup loop device: No such file or directory"​ errors. (see https://​dev.openwrt.org/​ticket/​11541)
  
 === Client (your PCs) === === Client (your PCs) ===
Line 61: Line 63:
 $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p tcp --dport 32777:32780 #​----------- nfsd $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p tcp --dport 32777:32780 #​----------- nfsd
 $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p udp --dport 32777:32780 #​----------- nfsd $IPT -A INPUT -j ACCEPT -i eth0.1 -s $NET_LAN -p udp --dport 32777:32780 #​----------- nfsd
-$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK ​#-- don't track nfs +$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack ​#-- don't track nfs 
-$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j NOTRACK ​#-- don't track nfs +$IPT -t raw -A INPUT -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j CT --notrack ​#-- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK ​#- don't track nfs +$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack ​#- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --dport 32777:32780 -j NOTRACK ​#- don't track nfs+$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --dport 32777:32780 -j CT --notrack ​#- don't track nfs
 </​code>​ </​code>​
  
Line 81: Line 83:
  
 Assuming the daemons are already running, use the command ''​exportfs -ar''​ to reload and apply changes on the fly. Assuming the daemons are already running, use the command ''​exportfs -ar''​ to reload and apply changes on the fly.
 +
 +=== Start on boot ===
 +Since //​opkg//​-installed init.d scripts are not enabled nor started by default, you need to do this manually. Same procedure as with most (all?) OpenWrt packages: The first commands will will start them right now, the third and fourth will create the symlinks ''/​etc/​rc.d/​S??​portmap''​ and  ''/​etc/​rc.d/​S??​nfsd''​ so they get started on boot:
 +
 +<​code>​
 +root@OpenWrt:​~#​ /​etc/​init.d/​portmap start
 +root@OpenWrt:​~#​ /​etc/​init.d/​nfsd start
 +root@OpenWrt:​~#​ /​etc/​init.d/​portmap enable
 +root@OpenWrt:​~#​ /​etc/​init.d/​nfsd enable
 +</​code>​
 +
 +After start (and after a reboot) verify with ''​top''​ or ''​ps''​ whether the services are running.\\
 +The following entries should appear in the process list:
 +
 +<​code>​
 +/​usr/​sbin/​rpc.mountd -p 32780    ​
 +/​usr/​sbin/​rpc.statd -p 32778 -o 32779
 +/​usr/​sbin/​portmap
 +</​code>​
 +
 +Use the ''​netstat -l''​ command to see whether //portmap// is listening on port 111 for both tcp and udp. The //nfsd// process may use varying ports.
  
 ==== Client configuration ==== ==== Client configuration ====
Line 104: Line 127:
 Java client: . Java client: .
 TODO TODO
- 
-===== Start on boot ===== 
-Since //​opkg//​-installed init.d scripts are not enabled nor started by default, you need to do this manually. Same procedure as with most (all?) OpenWrt packages: The first commands will will start them right now, the third and fourth will create the symlinks ''/​etc/​rc.d/​S??​portmap''​ and  ''/​etc/​rc.d/​S??​nfsd''​ so they get started on boot: 
- 
-<​code>​ 
-root@OpenWrt:​~#​ /​etc/​init.d/​portmap start 
-root@OpenWrt:​~#​ /​etc/​init.d/​nfsd start 
-root@OpenWrt:​~#​ /​etc/​init.d/​portmap enable 
-root@OpenWrt:​~#​ /​etc/​init.d/​nfsd enable 
-</​code>​ 
- 
-After start (and after a reboot) verify with ''​top''​ or ''​ps''​ whether the services are running.\\ 
-The following entries should appear in the process list: 
- 
-<​code>​ 
-/​usr/​sbin/​rpc.mountd -p 32780    ​ 
-/​usr/​sbin/​rpc.statd -p 32778 -o 32779 
-/​usr/​sbin/​portmap 
-</​code>​ 
- 
-Use the ''​netstat -l''​ command to see whether //portmap// is listening on port 111 for both tcp and udp. The //nfsd// process may use varying ports. 
  
 ===== Problems ===== ===== Problems =====
Line 153: Line 155:
 Since [[doc:​howto:​netfilter]] will track every connection, if you use MASQUERADING for example, you could disable con-tracking for data connections:​ Since [[doc:​howto:​netfilter]] will track every connection, if you use MASQUERADING for example, you could disable con-tracking for data connections:​
 <code sh> <code sh>
-$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j NOTRACK ​#---------- don't track nfs +$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p tcp --dport 32777:32780 -j CT --notrack ​#---------- don't track nfs 
-$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j NOTRACK ​#---------- don't track nfs +$IPT -t raw -A PREROUTING -i $IF_LAN -s $NET_LAN -p udp --dport 32777:32780 -j CT --notrack ​#---------- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --sport 32777:32780 -j NOTRACK ​#---------- don't track nfs +$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p tcp --sport 32777:32780 -j CT --notrack ​#---------- don't track nfs 
-$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --sport 32777:32780 -j NOTRACK ​#---------- don't track nfs+$IPT -t raw -A OUTPUT -o $IF_LAN -d $NET_LAN -p udp --sport 32777:32780 -j CT --notrack ​#---------- don't track nfs
 </​code>​ </​code>​
doc/howto/nfs.server.1362768495.txt.bz2 · Last modified: 2013/03/08 19:48 by fathom