Operating System - HP-UX
1748282 Members
4126 Online
108761 Solutions
New Discussion

Ports to open for NFS on Firewall

 
MoaAM
Occasional Contributor

Ports to open for NFS on Firewall

I have not set static port for statd,  lockd and mountd. Please let me know which port should I open at Firewall level for this Server for NFS client to connect . Below is O/P from rpcinfo. my os version is 11.11

 

program vers proto port service
100000 4 tcp 111 rpcbind
100000 3 tcp 111 rpcbind
100000 2 tcp 111 rpcbind
100000 4 udp 111 rpcbind
100000 3 udp 111 rpcbind
100000 2 udp 111 rpcbind
100007 2 tcp 49152 ypbind
100007 2 udp 49153 ypbind
100007 1 tcp 49152 ypbind
100007 1 udp 49153 ypbind
100068 2 udp 49163 cmsd
100068 3 udp 49163 cmsd
100068 4 udp 49163 cmsd
100068 5 udp 49163 cmsd
100083 1 tcp 49153 ttdbserver
100024 1 tcp 51285 status
100024 1 udp 56327 status
100021 1 tcp 51286 nlockmgr
100021 1 udp 56330 nlockmgr
100021 3 tcp 51287 nlockmgr
100021 3 udp 56331 nlockmgr
100021 4 tcp 51288 nlockmgr
100021 4 udp 56332 nlockmgr
100020 1 udp 4045 llockmgr
100020 1 tcp 4045 llockmgr
100021 2 tcp 51289 nlockmgr
100005 1 udp 56335 mountd
100005 3 udp 56335 mountd
100005 1 tcp 51290 mountd
100005 3 tcp 51290 mountd
100003 2 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 udp 2049 nfs
100003 3 tcp 2049 nfs

2 REPLIES 2
Matti_Kurkela
Honored Contributor

Re: Ports to open for NFS on Firewall

As you haven't set static ports for statd, lockd and mountd, you would have to open ports 111 (rpcbind/portmapper), 2049 (nfsd), and the whole dynamic port number range 49152 - 65535 (for statd, lockd and mountd, because their port numbers might change on reboot and/or nfs daemon restart).

 

It would be better to make sure that you have the patch PHNE_34662 (or a newer patch that supersedes that one) installed, and specify static ports for statd, lockd and mountd. Once the required patch is installed, this is as simple as adding three lines to /etc/rc.config.d/nfsconf:

LOCKD_PORT=4045 
STATD_PORT=4046
MOUNTD_PORT=4047

After adding those lines, you'll need to restart the NFS daemons or reboot the system.

 

When static ports are set, you would only need a total of five ports for NFS:

  • 111 (rpcbind/portmapper)
  • 2049 (nfsd)
  • 4045 (lockd)
  • 4046 (statd)
  • 4047 (mountd)
MK
unix_3608
Occasional Contributor

Re: Ports to open for NFS on Firewall

hi ,

 

please let me know only this need to be done at client side rite