Home IT Linux Windows Database Network Programming Server Mobile  
           
  Home \ Server \ CentOS of NFS     - Linux Network Programming - raw socket Example: sending a UDP packet (Programming)

- Oracle table Access Control (Database)

- Ubuntu 14.04 and derivative versions of the user install Pantheon Photos 0.1 (Linux)

- Use Swift remove the spaces in the string (Programming)

- ThinkPad X201i installation notes Debian 7.5 (Linux)

- Guide: Trickle restrict application bandwidth usage (Linux)

- Let Markdown code syntax highlighting and support Django1.6 (Linux)

- Let 32 Linux / CentOS system to support more than 4G memory (Linux)

- EXP-00091 Error resolved (Database)

- String JavaScript type system (Programming)

- Usage logs Python library (Programming)

- MongoDB fragmentation (Cluster) (Database)

- Linux use iptables ban Ping (Linux)

- Upgrade to Linux Mint 16 petra Mint 17 Qiana (Linux)

- Ubuntu 14.04 LTS next upgrade gcc to gcc-4.9, gcc-5 version (Linux)

- GitHub multiplayer co-development configuration (Linux)

- B-tree - ideas and implementation of C language code (Programming)

- To create a file in Linux directory by setfacl (Linux)

- Java Prototype Pattern (Programming)

- Installation through the network Debian 7 (Wheezy) (Linux)

 
         
  CentOS of NFS
     
  Add Date : 2017-03-08      
         
       
         
  NFS is the old agreement, and to the Linux constantly updated and improved from the previous only supports UDP, now supports TCP, and now to the V4 version. But still unsafe, the biggest problem is that does not require authentication, only recommendations, including the network with it.
NFS is one serving, one is the client.
The client uses need to enable portmap service (service portmap start), or can not access, there are a lot of articles saying you need to enable NFS-related services, in fact, it is not necessary as a client of, as the RPC portmap access it. And to CentOS6, portmap is no, but became rpcbind, is enabled by default, you do not need to deal with the trouble.
Server is installed by default, but not enabled.
Either portmap or rpcbind listens for UDP and TCP port 111 on the Web
NFS and TCP listening on UDP port 2049, and some dynamic in the following elaborate.
It's shared directory configuration files in / etc / exports, service configuration file in / etc / sysconfig / nfs

Shared directory
/ Var / tmp / share 172.26.1.0/24(rw,no_all_squash)
General is the directory location and license IP address ranges plus (), brackets provides read-only or read-write rw ro,
Is to provide a mapping between the server and client in Linux users, no_all_squash is mapping between users and groups, but not including the root, all_squash mapped to anonymous groups and anonymous users, the so-called nfsnobody, if the client is not installed NFS, then its owner and group are 65534, 65534 in fact nfsnobody is, if you enable NFS service group will be established, it will automatically map out the group's name, in fact, the most essential is the group number and the number of users, such as root user is 0, root group is 0. root_squash is mapped to the root anonymous, no_root_squash root is mapped to the root, as well as anonuid = xxx, anongid = xxx mapped to specific users and groups, xxx is the user and groups of digital numbers.
Other parameters are basically irrelevant. For example: sync: synchronize data written to the buffer memory and disk, low efficiency, but it can ensure data consistency; async: the data is first stored in the memory buffer is written to disk when necessary.

Service profile
This file is usually not configured by default on it.
But when the firewall is enabled iptable had to configure.
By capturing Packet can be seen not only need the connection process nfs ports 111 and 2049, and some dynamic port, these dynamic ports at each restart nfs service will change, iptable firewall can not see that intelligence can dynamically open port, this time on the need to solidify the listening port.
Edit / etc / sysconfig / nfs file
RQUOTAD_PORT = 875
LOCKD_TCPPORT = 32803
LOCKD_UDPPORT = 32769
MOUNTD_PORT = 892
I did not change the port number is the # removed.
Restart Service
netstat -lpn | grep -v unix
tcp 0 0.0.0.0:892 0.0.0.0:* LISTEN 3959 / rpc.mountd
tcp 0 0.0.0.0:875 0.0.0.0:* LISTEN 3954 / rpc.rquotad
tcp 0 0 0.0.0.0:32803 0.0.0.0:* LISTEN -
udp 0 0 0.0.0.0:32769 0.0.0.0:* -
Then of course, is to configure the firewall, these ports added.
cat / etc / sysconfig / iptables
-A INPUT -p udp -m udp --dport 111 -j ACCEPT
-A INPUT -p udp -m udp --dport 32769 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 32803 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 892 -j ACCEPT
-A INPUT -p udp -m udp --dport 892 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 875 -j ACCEPT
-A INPUT -p udp -m udp --dport 875 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 2049 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 111 -j ACCEPT

Service-Terminal
View Status command
nfsstat
View Configuration
exportfs
See RPC case
rpcinfo -p
Check the current situation has been even into the machine
showmount -a

Client
Establish temporary command
mount 172.26.1.73:/var/tmp/share / home / shenxu / source
172.26.1.73 server IP
/ Var / tmp / share server shared directory
/ Home / shenxu / source mapped to the local directory
Long-established mapping, edit / etc / fstab, add the following line
172.26.1.73:/var/tmp/share / home / shenxu / source nfs defaults 0 0

Other times with showmount -a can see no connection traces previously connected, there are also restarted. Although nothing impact, but we are striving for perfection, Linux is basically in the form of a file, then there certainly exists a file on the hard disk after the restart, it is the / var / lib / nfs / rmtab, Clear the project needs to clear enough.
     
         
       
         
  More:      
 
- CentOS 7 install Hadoop-cdh-2.6 (Server)
- Ubuntu 15.04 install Complete Guide (Linux)
- Linux system security knowledge (Linux)
- CentOS7 yum install third-party source EPEL (Linux)
- Reason C ++ program running under Linux a segmentation fault core dumped in (Programming)
- Linux System Getting Started Learning: In RedHat Linux driver compiled Ixgbe (Linux)
- Each catalog Detailed Linux (Linux)
- Windows environment Android Studio v1.0 Installation Guide (Linux)
- MySQL binlog group to submit XA (two-phase commit) (Database)
- Nginx + uWSGI + Django + Python Application Architecture Deployment (Server)
- OpenVPN offsite interconnecting room availability and load balancing solution (Server)
- Linux Defensive / mitigate DDOS attacks (Linux)
- Samba file sharing server set up (Server)
- nginx.conf Optimization (Server)
- Use OpenSSL to generate a certificate detailed process (Linux)
- Linux common network tools: ping host sweep (Linux)
- Shell generated using automated configuration script Orabbix (Database)
- How to find out a Unix system library files are 32-bit or 64-bit (Linux)
- MySQL full-index scan bug (Database)
- What is Unikernel? (Linux)
     
           
     
  CopyRight 2002-2016 newfreesoft.com, All Rights Reserved.