NFS Problem

Hi Folks,
I have some trouble getting an nfs connection up and running...
All relevant services are running on both machines. The machines are
connected through WAN via VPN.
Server IP: 212.62.88.42
Client IP: 192.168.139.84; This IP is restricted for ssh. For NFS use,
the client is listed in the DMZ of the foreign firewall with the IP
195.227.98.137

I tried showmount -e foreign_host from both computers, but I got no
usefull output, e.g.
"rpc mount export: RPC: Timed out"

Shared directorys on the server are /data1 & /data2
Content of /etc/exports:
/data1 *(rw,no_root_squash,sync)
/data2 *(rw,no_root_squash,sync)

rpcinfo -p (server)
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32768 status
100024 1 tcp 32768 status
100021 1 udp 32770 nlockmgr
100021 3 udp 32770 nlockmgr
100021 4 udp 32770 nlockmgr
100021 1 tcp 32779 nlockmgr
100021 3 tcp 32779 nlockmgr
100021 4 tcp 32779 nlockmgr
100011 1 udp 812 rquotad
100011 2 udp 812 rquotad
100011 1 tcp 815 rquotad
100011 2 tcp 815 rquotad
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100005 1 udp 826 mountd
100005 1 tcp 829 mountd
100005 2 udp 826 mountd
100005 2 tcp 829 mountd
100005 3 udp 826 mountd
100005 3 tcp 829 mountd

rpcinfo -p (client)
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 32768 status
100024 1 tcp 32768 status
100011 1 udp 901 rquotad
100011 2 udp 901 rquotad
100011 1 tcp 904 rquotad
100011 2 tcp 904 rquotad
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100021 1 udp 32776 nlockmgr
100021 3 udp 32776 nlockmgr
100021 4 udp 32776 nlockmgr
100021 1 tcp 36046 nlockmgr
100021 3 tcp 36046 nlockmgr
100021 4 tcp 36046 nlockmgr
100005 1 udp 917 mountd
100005 1 tcp 920 mountd
100005 2 udp 917 mountd
100005 2 tcp 920 mountd
100005 3 udp 917 mountd
100005 3 tcp 920 mountd

Both machines are able to ping each other. There are no firewalls
running on the machines. The persons which are responsible for the
firewalls on both sides of the WAN/VPN told me, that there should be no
problems with blocked ports.
Hosts.allow/Hosts.deny are unfilled.
I already used a PC NFS Client, which was even able to locate the
shares on both computers!

Any suggestions?
regards Stefan Steimann

Stefan Steimann wrote:
> Hi Folks,
> I have some trouble getting an nfs connection up and running...
> All relevant services are running on both machines.

As i understand, you are running NFS servers on both boxes, correct?

> The machines are
> connected through WAN via VPN.
> Server IP: 212.62.88.42
> Client IP: 192.168.139.84; This IP is restricted for ssh. For NFS use,
> the client is listed in the DMZ of the foreign firewall with the IP
> 195.227.98.137

This is the most confusing part! Server IP and Client IP of what? If you
are running the NFS server on both machines, which one would be the
server and which one the client?

Is it setup like:
SRV (212.62.88.42) - (195.227.98.137) FW (?) - (192.168.139.84) ClI
or what?

Do the systems know about each other (via NFS, hosts or whatever) even
through the firewall? What about the foreign IP, what does it mean? Is
the firewall using source NAT?

>
> I tried showmount -e foreign_host from both computers, but I got no
> usefull output, e.g.
> "rpc mount export: RPC: Timed out"
>
> Shared directorys on the server are /data1 & /data2
> Content of /etc/exports:
> /data1 *(rw,no_root_squash,sync)
> /data2 *(rw,no_root_squash,sync)
>
> rpcinfo -p (server)
> program vers proto port
> 100000 2 tcp 111 portmapper
> 100000 2 udp 111 portmapper

<snip>

> 100003 2 udp 2049 nfs
> 100003 3 udp 2049 nfs
> 100003 4 udp 2049 nfs
> 100003 2 tcp 2049 nfs
> 100003 3 tcp 2049 nfs
> 100003 4 tcp 2049 nfs

>
> rpcinfo -p (client)
> program vers proto port
> 100000 2 tcp 111 portmapper
> 100000 2 udp 111 portmapper

<snip>

> 100003 2 udp 2049 nfs
> 100003 3 udp 2049 nfs
> 100003 4 udp 2049 nfs
> 100003 2 tcp 2049 nfs
> 100003 3 tcp 2049 nfs
> 100003 4 tcp 2049 nfs

the processes seem to be ok.

>
> Both machines are able to ping each other. There are no firewalls
> running on the machines. The persons which are responsible for the
> firewalls on both sides of the WAN/VPN told me, that there should be no
> problems with blocked ports.
> Hosts.allow/Hosts.deny are unfilled.
> I already used a PC NFS Client, which was even able to locate the
> shares on both computers!

If you are able to see the shares from another system, nfs should be ok.
Clarify, that each system (ip addresses) is known to the other one in
any way.

In my opinion, it is not a NFS problem.

Eric

--
replace NOSPAM.com by w e b . d e