Hi all,
While it seems that most folks use iptables to restrict access to single
interfaces when multihomed hosts are acting as NFS servers, I do see
that there is a "--host" option that can be provided to rpc.nfsd when it
starts so that it only binds to a specific IP/interface.
This does seem to work nicely, but when I try to use it, it throws an
error/warning (where nfs-server is defined in /etc/hosts for the IPv4
address of the interface I wish for TCP port 2049 to be opened on):
rpc.nfsd: unable to resolve nfs-server:nfs to inet6 address: Name or
service not known
Commenting out the following lines in /etc/netconfig (as suggested by
the Google) allows the daemon to start without error:
udp6 tpi_clts v inet6 udp - -
tcp6 tpi_cots_ord v inet6 tcp - -
But I'm wondering if that is the only means for this to work,
particularly considering that I'd expect changes to /etc/netconfig to
apply to more than just rpc.nfsd.
It is worth noting that 1) this seems to apply equally to Debian-based
and RHEL-based systems and 2) things seem to work even with the error,
but I wouldn't have expected to see that message for something
(seemingly) so simple.
Any and all thoughts are welcome.
Thanks,
Sean
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
