[RndTbl] NFS issues

Trevor Cordes trevor at tecnopolis.ca
Wed Sep 26 22:20:09 CDT 2007 

I've had this problem for a long time and I've never been able to solve 
it.  I have a simple NFS setup between 2 FC5 boxes.  I've never been able 
to get (what I think is) locking to work.  NFS works great for 99% of 
uses/apps, but things that appear to do locking fail in strange ways.

1. OpenOffice's oocalc will take a long time to open a file across NFS and 
when it finally does, it's read-only.

2. Flock calls in perl will hang indefinitely over NFS.

Here's my /etc/exports on the server:

/data 192.168.100.1(rw,insecure,async,no_subtree_check,no_root_squash)

Here's my fstab on the client:

192.168.100.2:/data /data nfs rw,hard,intr,timeo=10,nosuid,bg,udp,rsize=8192,wsize=8192 0 0

server:

#cat /etc/sysconfig/nfs
STATD_PORT=32765
STATD_OUTGOING_PORT=32766
MOUNTD_PORT=32767
RQUOTAD_PORT=32764

server:

#ps -ef | grep -P '\[(lock|nfs)|statd|portmap' | grep -v grep
rpc       2169     1  0  2006 ?        00:00:00 portmap
root      2970     7  0  2006 ?        00:00:00 [nfsd4]
root      2971     1  0  2006 ?        05:40:06 [nfsd]
root      2972     1  0  2006 ?        05:34:22 [nfsd]
root      2973     1  0  2006 ?        05:26:16 [nfsd]
root      2974     1  0  2006 ?        00:00:00 [lockd]
root      2976     1  0  2006 ?        05:33:17 [nfsd]
root      2977     1  0  2006 ?        05:27:06 [nfsd]
root      2978     1  0  2006 ?        05:29:35 [nfsd]
root      2979     1  0  2006 ?        05:25:46 [nfsd]
root      2980     1  0  2006 ?        05:33:20 [nfsd]
rpcuser  23364     1  0  2006 ?        00:00:00 rpc.statd -p 32765 -o 32766

client:

#ps -ef | grep -P '\[(lock|nfs)|statd|portmap' | grep -v grep
rpc       3077     1  0 Jun15 ?        00:00:03 portmap
root      3095     1  0 Jun15 ?        00:00:00 [lockd]

server iptables rules (abbreviated version!):

  [ "$HAVE_NFS" = 1 ] && iptables -A fragments -s $nfsallow -j RETURN
  iptables -A fragments -j DROP
  iptables -A aad_first -f -j fragments

  if [ "$HAVE_NFS" = 1 ]; then
    iptables -N nfs
    iptables -A nfs -p tcp --dport sunrpc       -j ACCEPT
    iptables -A nfs -p udp --dport sunrpc       -j ACCEPT
    iptables -A nfs -p tcp --dport nfs          -j ACCEPT
    iptables -A nfs -p udp --dport nfs          -j ACCEPT
    iptables -A nfs -p tcp --dport 32765:32768  -j ACCEPT
    iptables -A nfs -p udp --dport 32765:32768  -j ACCEPT
    iptables -A iint -s "$nfsallow" -j nfs

    iptables -A aaa_persist -s "$nfsallow" -p tcp --dport sunrpc        -j RETURN
    iptables -A aaa_persist -s "$nfsallow" -p udp --dport sunrpc        -j RETURN
    iptables -A aaa_persist -s "$nfsallow" -p tcp --dport nfs           -j RETURN
    iptables -A aaa_persist -s "$nfsallow" -p udp --dport nfs           -j RETURN
    iptables -A aaa_persist -s "$nfsallow" -p tcp --dport 32765:32768   -j RETURN
    iptables -A aaa_persist -s "$nfsallow" -p udp --dport 32765:32768   -j RETURN
  fi

rules are the same on both client & server.

What am I missing to make locking work and have a happy NFS setup?

More information about the Roundtable mailing list