We have a Linux NFS server (using ZFS) which supports NFS4. It uses
fixed ports for everything and those ports are allowed through the
firewall. We have a number of Linux clients which use this and other NFS
servers, they have a DROP ALL for all all packets arriving on
non-whitelisted ports.
I think that file delegations might not be working due to callbacks not
succeeding because the client port specified in SETCLIENTID by the
client is blocked by the firewall.
I have a couple of questions:
How do I check whether file delegations are working properly? Munin
graphs indicate 0 calls for some of the names which sound like they are
to do with delegations such as delagreturn or delagpurge but is there
some way of checking conclusively?
How do I specify what client port to provide in SETCLIENTID, there
should be some mount option? I can't find it. Or if it is a well defined
number, what is it?
Any pointers to answers?
Thank you,
Daniel
On Wed, Feb 25, 2015 at 8:59 AM, Daniel Thomas <[email protected]> wrote:
> We have a Linux NFS server (using ZFS) which supports NFS4. It uses
> fixed ports for everything and those ports are allowed through the
> firewall. We have a number of Linux clients which use this and other NFS
> servers, they have a DROP ALL for all all packets arriving on
> non-whitelisted ports.
>
> I think that file delegations might not be working due to callbacks not
> succeeding because the client port specified in SETCLIENTID by the
> client is blocked by the firewall.
>
> I have a couple of questions:
>
> How do I check whether file delegations are working properly? Munin
> graphs indicate 0 calls for some of the names which sound like they are
> to do with delegations such as delagreturn or delagpurge but is there
> some way of checking conclusively?
>
> How do I specify what client port to provide in SETCLIENTID, there
> should be some mount option? I can't find it. Or if it is a well defined
> number, what is it?
>
> Any pointers to answers?
>