1831275
Members
2861
Online
110022
Solutions
SOLVED
Hello Alessandro,
Your question is very clear. Unfortunately there is no way to accomplish this on HP-UX 11.0. The Network Lock Manager (nlockmgr), Network Status Monitor (status), and Mount (mountd) protocols are all designed to bind to any available port number in the non-reserved range and there is no way to "set" them to a specific port number.
In fact, looking at your rpcinfo output, it appears you haven't patched this system in a very long time, at least from an ONC perspective. Your daemons are all requesting ports in the reserved range (1-1024). We changed the behavior of these daemons to use non-reserved ports a long time ago. I believe the first patch that instituted non-reserved ports for 11.0 was PHNE_19620, which was released in November 1999.
If you install a recent ONC patch on this system you will find these daemons will start acquiring ports in the non-reserved range (48K-64K), however they will still use different ports each time they start.
We will be changing this behavior in a future OS release when we ship the ONC 2.3 KLM (Kernel Lock Manager) code. This code will allow the nlockmgr registration to always use port 4045.
Is there a specific reason why you want to specifically set the port numbers for NLM?
I hope this information helps.
Regards,
Dave
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
Your question is very clear. Unfortunately there is no way to accomplish this on HP-UX 11.0. The Network Lock Manager (nlockmgr), Network Status Monitor (status), and Mount (mountd) protocols are all designed to bind to any available port number in the non-reserved range and there is no way to "set" them to a specific port number.
In fact, looking at your rpcinfo output, it appears you haven't patched this system in a very long time, at least from an ONC perspective. Your daemons are all requesting ports in the reserved range (1-1024). We changed the behavior of these daemons to use non-reserved ports a long time ago. I believe the first patch that instituted non-reserved ports for 11.0 was PHNE_19620, which was released in November 1999.
If you install a recent ONC patch on this system you will find these daemons will start acquiring ports in the non-reserved range (48K-64K), however they will still use different ports each time they start.
We will be changing this behavior in a future OS release when we ship the ONC 2.3 KLM (Kernel Lock Manager) code. This code will allow the nlockmgr registration to always use port 4045.
Is there a specific reason why you want to specifically set the port numbers for NLM?
I hope this information helps.
Regards,
Dave
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
> Did this issues ever get resolved?
The NFS lab is getting ready to release a patch for 11i v2 (11.23) that will allow you to configure fixed port numbers for rpc.lockd, rpc.statd and rpc.mountd. In other words, you could configure your system to always make mountd run on port 32000, lockd always run on 4045 and statd run on 32001.
This would then allow you to put an NFS server behind a firewall and only open up ports 111 (rpcbind), 2049 (nfsd) and the three other ports used by mountd, lockd, statd. This should greatly simplify the firewall configuration of HP-UX NFS servers.
I've given feedback to the lab that the same fix should be ported back to 11i v1 (11.11). The lab is considering that request now.
The 11i v2 patch should be coming out in the next couple of months. 11i v3 will have this capability when it releases.
Regards,
Dave
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
The NFS lab is getting ready to release a patch for 11i v2 (11.23) that will allow you to configure fixed port numbers for rpc.lockd, rpc.statd and rpc.mountd. In other words, you could configure your system to always make mountd run on port 32000, lockd always run on 4045 and statd run on 32001.
This would then allow you to put an NFS server behind a firewall and only open up ports 111 (rpcbind), 2049 (nfsd) and the three other ports used by mountd, lockd, statd. This should greatly simplify the firewall configuration of HP-UX NFS servers.
I've given feedback to the lab that the same fix should be ported back to 11i v1 (11.11). The lab is considering that request now.
The 11i v2 patch should be coming out in the next couple of months. 11i v3 will have this capability when it releases.
Regards,
Dave
I work at HPE
HPE Support Center offers support for your HPE services and products when and how you need it. Get started with HPE Support Center today.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]