Fixed Ports in \/etc\/sysconfig\/nfs

NFSv4 is easier to configure, especially with respect to firewalls. To enablecommunication with an NFSv4 server, the only ports you absolutely need to openare TCP port 2049 and UDP port 111. Port 2049 is the standard for NFSv4communications. Port 111 supports RPC communications over a network. However,that does not support full functionality of the commands associated with NFS.

While NFSv4 is the default, RHEL 6 still supports NVSv2 and NFSv3. So given the publicly available information on the RHCE exam, you also need to know howto handle those versions of NFS. With associated services, NFSv2 and NFSv3 usesdynamic port numbers. Even for NFSv4, you may want to fix some of the associated ports, to support the use of the showmount command. With fixed ports, you canconfigure a firewall with appropriate open ports to support an NFS server.

For that purpose, review the \/etc\/sysconfig\/nfs file. It is already preconfigured withcomments suggesting appropriate fixed port numbers. While you don’t have tofollow the suggested port numbers in the commented version of the file, you can.Generally, such port numbers do not cause trouble, as they do not conflict with anycommonly used RHEL 6 services. For convenience, however, many administratorsset up a series of consecutive unused ports for this purpose, such as 4000 through4003.

The port numbers listed in Table 16-3 are listed in the order shown in the defaultversion of the \/etc\/sysconfig\/nfs file. The table does not include now-obsoletereferences to the rpc.lockd daemon, as that’s not available for RHEL 6.

Once changes are made and saved to the \/etc\/sysconfig\/nfs file, restart theassociated service with the /etc/init.d/nfs restart command. If successful, you’ll seethe associated ports in the output to the rpcinfo command, which lists allcommunication channels associated with RPC. The following command is moreprecise, as it isolates actual port numbers:

# rpcinfo -p

Sample output is shown in Figure 16-1. At first glance, the lines may appearrepetitive; however, every line has a purpose. Unless another RPC-related servicesuch as the Network Information Service (NIS) is running, all of the lines shownhere are required for NFS communications, when NFSv2 or NFSv3 is used. Examinethe first line shown here:

program vers proto port service
100000   4    tcp  111 portmapper