[NTLUG:Discuss] nfs from one network to another

terry trryhend at gmail.com
Thu Dec 24 10:38:55 CST 2009 

On Mon, Dec 21, 2009 at 2:53 PM, Eric Schnoebelen <eric at cirr.com> wrote:
>
> terry writes:
> - On Sun, Dec 20, 2009 at 2:35 PM, ./aal <al_h at technologist.com> wrote:
> - > On Sun, Dec 20, 2009 at 6:32 AM, terry <trryhend at gmail.com> wrote:
> - > > I took a stab at just forwarding port 2049 but that didn't do it, I
> - > > still can't mount the share.  Is there a different port that needs to
> - > > be forwarded?
> - > >
> - > > I'm wondering if the mount request uses  one port while another port
> - > > is used to access the share?  Or...?
> - > >
> - > > In other words:
> - > > I'm trying to mount an nfs share from one network to another. I first
> - > > tried just forwarding port 2049 to the server's IP address, but that
> - > > did not do it.  (I used iptables on the firewall that is between the
> - > > two networks). So?
> - >
> - > Are you allowing both udp and tcp fwding?
> - >
> -
> - At this point I've only made provision for  tcp, and am now thinking that I
> - was trying to do what's not supposed to be done - nfs is probably designed
> - to be used over one network and not intended to be bridged to another.
> - Correct me if I'm wrong but I think it's just  a service that should remain
> - on a single network and one should not try to poke wholes enough to cram
> - through into another.
>
> NFS works over routed networks.. I've seen it done in large
> environments.
>
> But, by default, NFS runs over UDP, and not TCP.  (although on
> most OS's you can specify connections over TCP in the mount
> options.)

Ok, well, I do not  know how to forward UDB through a NAT firewall, so...

>
> Make sure you've got the forwarding going bidirectionally as
> well.
>
> Oh, and it is possible (at least on some OS's) to specify an
> alternate port for NFS to use, again, in the mount options.

I tried using an alternative port and just forward that port to the
target PC on the other side and that didn't seem to do it either...
but, maybe it is the bidirectional thing, I don't know how to do that
either..

>
> --
> Eric Schnoebelen                eric at cirr.com           http://www.cirr.com
>  There are two ways of constructing a software design: one way is to make
>  it so simple that there are obviously no deficiencies, and the other is
>  to make it so complicated there are no obvious deficiencies - CAR Hoare
>
> _______________________________________________
> http://www.ntlug.org/mailman/listinfo/discuss
>



-- 
<><

More information about the Discuss mailing list