On Wed, Feb 25, 2015 at 8:59 AM, Daniel Thomas <drt24@xxxxxxxxx> wrote:
> We have a Linux NFS server (using ZFS) which supports NFS4. It uses
> fixed ports for everything and those ports are allowed through the
> firewall. We have a number of Linux clients which use this and other NFS
> servers, they have a DROP ALL for all all packets arriving on
> non-whitelisted ports.
>
> I think that file delegations might not be working due to callbacks not
> succeeding because the client port specified in SETCLIENTID by the
> client is blocked by the firewall.
>
> I have a couple of questions:
>
> How do I check whether file delegations are working properly? Munin
> graphs indicate 0 calls for some of the names which sound like they are
> to do with delegations such as delagreturn or delagpurge but is there
> some way of checking conclusively?
>
> How do I specify what client port to provide in SETCLIENTID, there
> should be some mount option? I can't find it. Or if it is a well defined
> number, what is it?
>
> Any pointers to answers?
>
>From Documentation/kernel-parameters.txt:
nfs.callback_tcpport=
[NFS] set the TCP port on which the NFSv4 callback
channel should listen.
IOW: If your clients are using modules instead of having NFS compiled
in, then do something along the lines of
echo "options nfs callback_tcpport=9001" >/etc/modprobe.d/options-local.conf
and then reboot your client to set the callback listener to the fixed
port number 9001.
If the NFS client is compiled into the kernel, then you'll have to
edit your grub.conf or whatever to add the kernel command line option
"nfs.callback_tcpport=9001".
..and yes, monitoring the "delegreturn" numbers is a good way to
figure out if your clients are receiving and later returning
delegations.
--
Trond Myklebust
Linux NFS client maintainer, PrimaryData
trond.myklebust@xxxxxxxxxxxxxxx
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
