On Mon, Dec 23, 2013 at 7:14 PM, Robert P. J. Day <rpjday(a)crashcourse.ca> wrote:
Quoting Tom H <tomh0665(a)gmail.com>:
> On Fri, Dec 20, 2013 at 2:34 PM, Robert P. J. Day <rpjday(a)crashcourse.ca>
> wrote:
>>
>> a long, long time ago, i reported an apparent glitch with NFS on
>> fedora:
>>
>>
https://lists.fedoraproject.org/pipermail/users/2010-January/097465.html
>>
>> in that, at the time, it *appeared* that you couldn't set up
>> NFS so that *only* version 4 was running. before i start messing
>> with this again, anyone know whether that's changed? that is,
>> is it possible to set up a network in which only NFSv4 is running,
>> and no earlier versions are supported? thanks.
>
> It's been possible to run nfsv4-only nfs for a long time, with only
> port 2049 being let through the firewall. It only appears that you
> can't because because rpc.mountd has to run on the server but it's
> only involved in the exporting and not the mounting.
a followup question, then -- i'm reading the RHEL docs (but i imagine
the contents are applicable here as long as we're talking about NFSv4);
the section on NFS reads:
"The mounting and locking protocols have been incorporated into the NFSv4
protocol. The server also listens on the well-known TCP port 2049. As such,
NFSv4 does not need to interact with rpcbind [3], lockd, and rpc.statd
daemons."
does that mean that if i configure my system(s) to run NFSv4 only,
those daemons no longer need to be run? better yet, if i configure
for NFSv4 *only*, will those daemons even be started? i guess i could
peruse /etc/rc.d/init.d/nfs to find out.
1) NFSv3
a) set up versions of nfsd, rpc.mountd in "/etc/sysconfig/nfs"
b) set up fixed ports for rpc.lockd, rpc.mountd, rpc.statd, rpc.quotad
in "/etc/sysconfig/nfs"
c) set up firewall rules to allow rpcbind, nfsd, rpc.lockd,
rpc.mountd, rpc.statd, rpc.quotad in "/etc/sysconfig/iptables"
1) NFSv4
a) set up versions of nfsd, rpc.mountd in "/etc/sysconfig/nfs"
b) set up firewall rule to allow nfsd in "/etc/sysconfig/iptables"