nfs over ppp over ssh
/dev/null
Two boxes on two separate networks both connected to the Internet. One box
establishes a ppp over ssh connection via the Internet to the other box.
The ppp/ssh "client" box is 172.16.0.2, the ppp/ssh server is 172.16.0.1.
x.2 has a nfs share, "/exports", that local boxes all mount without any
problems.
x.1 mounts other shares from other boxes on his local network without any
problems.
x.1 can't mount the share that x.2 has. Whenever I try to mount I get the
following output:
mount: RPC: Port mapper failure - RPC: Unable to receive
here's the x.1 setup:
fstab:
172.16.0.2:/exports /mnt/lima nfs auto,rw 0 0
host.allow:
172.16.0.1/255.255.255.0
iptables:
INPUT default - DENY
OUTPUT default - DENY
FORWARD - default -DENY
then on the INPUT and OUTPUT I specify that for ppp0 everything is allowed
if dest/source is 172.16.0.2
x.2 setup:
hosts.allow:
ALL:172.16.0.1/255.255.255.0
exports:
/exports 172.16.0.1/255.255.255.0(rw,no_root_squash,no_subtree_check)
There are no iptable rules running on x.2, and the defaults are ACCEPT.
It appears from the error that RPC thinks it can't receive a response (or
isn't getting one) when it tries to do a port map for NFS.
Any light on this would be great.
Thanks!
Paul Lutus
/ ...
> Any light on this would be great.
Can you mutually ping by name?
Have you tried not using ssh, just as a test to reduce the number of
possibilities?
Are these machines on dialup or faster Internet connections? I ask becaue
RPC will time out if allowed to.
--
Paul Lutus
http://www.arachnoid.com
/dev/null
yes.
> Have you tried not using ssh, just as a test to reduce the number of
> possibilities?
The only way to connect these two boxes is via ssh/ppp vpn. Their networks
are miles apart, only connected via Internet.
> Are these machines on dialup or faster Internet connections? I ask becaue
> RPC will time out if allowed to.
Yes. One has T1, the other is cable modem.
I've found further ideas:
on both boxes rpc.portmap wasn't running. After starting it on both boxes
and restarting nfs daemons on both boxes I get this from "mount /mnt/lima":
mount: RPC: Program not registered
Paul Lutus
>> Can you mutually ping by name?
>
> yes.
>
>> Have you tried not using ssh, just as a test to reduce the number of
>> possibilities?
>
> The only way to connect these two boxes is via ssh/ppp vpn. Their
> networks are miles apart, only connected via Internet.
The conclusion does not follow from the premise. NFS works over any TCP/IP
connection. I am only suggesting this as a brief test.
/ ...
> I've found further ideas:
>
> on both boxes rpc.portmap wasn't running. After starting it on both
> boxes and restarting nfs daemons on both boxes I get this from "mount
> /mnt/lima":
>
> mount: RPC: Program not registered
This means the mount is not listed in /etc/fstab. You simply need to state
the mount explicitly:
mount machine-name:/share-name /local-mount-point
/dev/rob0
> host.allow:
------^s missing
> 172.16.0.1/255.255.255.0
-----------^0 not 1? IAC you're using a network's netmask, not a host's.
> hosts.allow:
> ALL:172.16.0.1/255.255.255.0
Same here.
What about the route table? Does each have a static route to the other
host through ppp0? ISTM if you went through the default route you'd get
such errors. You said they can ping by name. Can they ping by IP? Check
your /usr/sbin/pppstats to see if there's activity on ppp0.
--
/dev/rob0 - preferred_email=i$((28*28+28))@softhome.net
or put "not-spam" or "/dev/rob0" in Subject header to reply
/dev/null
mount an export from x.2.
> What about the route table? Does each have a static route to the other
> host through ppp0? ISTM if you went through the default route you'd get
> such errors. You said they can ping by name. Can they ping by IP? Check
> your /usr/sbin/pppstats to see if there's activity on ppp0.
This is pinging by their 172 addresses, and it works.
What may help is I can make a nfs export on the x.1, and x.2 can mount it,
copy files to and from etc...
Just mounting a x.2 export on x.1 doesn't work.
In case you didn't see my other post (I imagine you have), I had to start
portmapper, restarted nfs clients on both ends, ran exportfs -r on both
ends, and also kill -HUP inetd on both ends (just in case). After this I
get
mount: RPC: Program not registered
when I try to mount the x.2 export on the x.1 box.
And more ideas?
Thanks!
Paul Lutus
/ ...
> In case you didn't see my other post (I imagine you have), I had to
> start portmapper, restarted nfs clients on both ends, ran exportfs -r on
> both ends, and also kill -HUP inetd on both ends (just in case). After
> this I get
>
> mount: RPC: Program not registered
>
> when I try to mount the x.2 export on the x.1 box.
This means you tried to mount implicitly without specifying the details in
/etc/fstab. But you can stil mount explicitly, like this:
# mount dest-machine:/share-name /local-mount-point
/dev/null
> /etc/fstab. But you can stil mount explicitly, like this:
>
> # mount dest-machine:/share-name /local-mount-point
No I can't mount explicitly like that. I do both of the following, each
give the same "not registered" error:
# mount 172.16.0.2:/exports /mnt/lima
and
# mount lima:/exports /mnt/lima
neither work. It's the same as the entry I have in the fstab:
lima:/exports /mnt/lima nfs auto,rw 0 0
puzzler, isn't it?
Paul Lutus
>> This means you tried to mount implicitly without specifying the details
>> in /etc/fstab. But you can stil mount explicitly, like this:
>>
>> # mount dest-machine:/share-name /local-mount-point
>
> No I can't mount explicitly like that. I do both of the following, each
> give the same "not registered" error:
>
> # mount 172.16.0.2:/exports /mnt/lima
Try this first:
# ping 172.16.0.2
And if this fails, turn off your firewall temporarily.
> and
>
> # mount lima:/exports /mnt/lima
>
> neither work. It's the same as the entry I have in the fstab:
>
> lima:/exports /mnt/lima nfs auto,rw 0 0
>
> puzzler, isn't it?
No, it's simple -- you don't have network connectivity between the
machines for NFS, maybe for anything.
This really is the simplest kind of connection. The NFS server must be
running on the remote machine (that hosts the share):
# service nfs restart
# chkconfig --level 345 nfs on
Michael Heiming
> 2.14.18 kernel.
>
> Two boxes on two separate networks both connected to the Internet.
> One box establishes a ppp over ssh connection via the Internet to the
> other box. The ppp/ssh "client" box is 172.16.0.2, the ppp/ssh server
> is 172.16.0.1.
>
> x.2 has a nfs share, "/exports", that local boxes all mount without
> any problems.
> x.1 mounts other shares from other boxes on his local network without
> any problems.
Simply because you can't tunnel nfs (udp) over ssh, try switching to tcp
or even better use Ie. zebedee, which is better suited for something
like this:
http://www.winton.org.uk/zebedee/
Good luck
Michael Heiming
--
RHCE
Remove +SIGNS and www. if you expect an answer, sorry for inconvenience,
but I get tons of SPAM
/dev/null
I'm not tunneling nfs over ssh. I'm tunneling nfs over a ppp connection
over ssh. Read some of my other posts in this thread, the nfs works one way
but not the other. Obviously this isn't a tunneling problem.
> , try switching to tcp
> or even better use Ie. zebedee, which is better suited for something
> like this:
> http://www.winton.org.uk/zebedee/
zebedee itself says it "doesn't pretend to compete with ssh". So why would
I want to use that?
Michael Heiming
[..]
>> , try switching to tcp
>> or even better use Ie. zebedee, which is better suited for something
>> like this:
>> http://www.winton.org.uk/zebedee/
>
> zebedee itself says it "doesn't pretend to compete with ssh". So why
> would I want to use that?
Just a hint what could be tried and is known to work.
Michael Heiming
--