NFS server behind firewall

Help and Support Vero 4K / Vero 4K +
1

Hello,
I’m trying to mount (via NFS) a folder from NAS that is behind firewall to Vero 4k plus. I have opened port 2049 on the firewall and put following to the /etc/fstab:
nas:/export/video /mnt/video nfs noauto 0 0

When trying to mount the folder using
$ mount /mnt/video
the command just times out (after about a minute)

The same exact setup works from ubuntu 18.4 desktop that is on the same network as vero, so the NAS as well as firewall seems to be fine.

Any Idea what could be wrong on Vero?
Thanks

2

2049 is not enough

3

For NFSv4 port 2049 is enough. And it works from Ubuntu client on the same network as Vero.

4

Are you ensuring that the Vero connects with v4?

5

Hi,

try

nas:/export/video /mnt/video nfs4 noauto 0 0

or

nas:/export/video /mnt/video nfs nfsvers=4, noauto 0 0

Thanks Tom.

6

Thanks guys,
I’m pretty sure vero is using NFSv4:

$ nfsstat -c
Client rpc stats:
calls      retrans    authrefrsh
188        0          188     

Client nfs v4:
null             read             write            commit           open             
0         0%     0         0%     0         0%     0         0%     0         0%
...

and even the error mentions nfs4:

$ sudo mount /mnt/video
mount.nfs4: Connection timed out

@Tom, I tried to specify nfs4 in fstab explicitly but it didn’t make any difference (there is typo in your second example, it should be nfsver=4)

7

Hi,

Please provide the output of:

`showmount -e nas`

maybe better to specify the ip.

Thanks Tom.

8

showmount fails on both vero and ubuntu:
$ showmount -e nas
clnt_create: RPC: Port mapper failure - Timed out

That is because portmap needs port 111 to be open and I have only open 2049.

I can try to use IP but DNS works fine - issuing ping nas returns correct IP of nas (though ping itself does not work because of firewall of course).

9

Opened port 111 but showmount still does not work…seems like it needs some other ports as well.

10

Hi,

I would check the export on your nas is allowing access from the vero4k.

You can normally specify an IP, a range or a mask.

Thanks Tom.

11

Thank Tom,
export on my nas allows access from 192.168.100.0/24. Vero’s IP is 192.168.100.240, ubuntu is 192.168.100.135.

One difference between Vero and Ubuntu is the linux kernel version:
Ubuntu: 4.4
Vero: 3.14 (I’m not sure about the exect version, do not have vero with me)

So while both clients do use NFSv4, there may be some differences in libraries and functionality, right? Any plans to upgrade kernel version in OSMC for Vero?
Thanks
Marian

12

Hi,

I believe plans to upgrade the kernel are on the roadmap, but I’d have thought improvements for nfs; would have been back ported.

I may be wrong but I’m inclined to think that the firewall is the issue here, I would check the the rules for 192.168.100.135. I’d also for testing would allow all traffic 192.168.100.240 through the firewall, if nfs for the vero then works; you then should be able to work about which ports are required.

Thanks Tom.

13

I guess we did check all the obvious things and I need to do a network trace (on vero and router/firewall) to find out what’s going on.
The firewall is set to block all traffic from 192.168.100.0/24 targeted to the network where NAS is (10.0.0.0/24) with exception of destination address 10.0.0.3 (nas) and port 2049. This work for ubuntu client but not for vero. So I suspect the NFS client on vero is trying to use some other ports not just 2049. But again, need to do more diagnostics to be sure.
Thanks for now, will probably get back once I collect more info.
Marian

14

@glypto: Could you try a manual mount like

mount -v -t nfs nas:/export/video /mnt/video

Perhaps -v gives some more information what happens. It should try the sequence nfs 4.2, 4.1, 4.0 … till success.
Just to be sure: nas:/export/video is the right nfs path to your data on your nas?

15

The -v option did give more info (thanks JimKnopf).

When run from behind the firewall with only port 2049 open:

$ sudo mount -v -t nfs4 nas:/export/video /mnt/video
mount.nfs4: timeout set for Mon Oct 15 16:43:00 2018
mount.nfs4: trying text-based options 'vers=4.2,addr=10.0.0.3,clientaddr=192.168.100.240'
mount.nfs4: mount(2): Invalid argument
mount.nfs4: trying text-based options 'vers=4.1,addr=10.0.0.3,clientaddr=192.168.100.240'
mount.nfs4: mount(2): Invalid argument
mount.nfs4: trying text-based options 'vers=4.0,addr=10.0.0.3,clientaddr=192.168.100.240'
mount.nfs4: mount(2): Invalid argument
mount.nfs4: trying text-based options 'addr=10.0.0.3'
mount.nfs4: prog 100003, trying vers=3, prot=6
mount.nfs4: portmap query retrying: RPC: Timed out
mount.nfs4: prog 100003, trying vers=3, prot=17
mount.nfs4: portmap query failed: RPC: Timed out
mount.nfs4: trying text-based options 'vers=4.0,addr=10.0.0.3,clientaddr=192.168.100.240'
mount.nfs4: mount(2): Invalid argument
mount.nfs4: trying text-based options 'addr=10.0.0.3'
mount.nfs4: prog 100003, trying vers=3, prot=6
mount.nfs4: portmap query retrying: RPC: Timed out
mount.nfs4: prog 100003, trying vers=3, prot=17
mount.nfs4: portmap query failed: RPC: Timed out
mount.nfs4: trying text-based options 'vers=4.0,addr=10.0.0.3,clientaddr=192.168.100.240'
mount.nfs4: mount(2): Invalid argument

When vero is on the same network as NAS (no firewall):

$ sudo mount -v -t nfs4 nas:/export/video /mnt/video
mount.nfs4: timeout set for Mon Oct 15 16:52:01 2018
mount.nfs4: trying text-based options 'vers=4.2,addr=10.0.0.3,clientaddr=10.0.0.240'
mount.nfs4: mount(2): Invalid argument
mount.nfs4: trying text-based options 'vers=4.1,addr=10.0.0.3,clientaddr=10.0.0.240'
mount.nfs4: mount(2): Invalid argument
mount.nfs4: trying text-based options 'vers=4.0,addr=10.0.0.3,clientaddr=10.0.0.240'
mount.nfs4: mount(2): Invalid argument
mount.nfs4: trying text-based options 'addr=10.0.0.3'
mount.nfs4: prog 100003, trying vers=3, prot=6
mount.nfs4: trying 10.0.0.3 prog 100003 vers 3 prot TCP port 2049
mount.nfs4: prog 100005, trying vers=3, prot=17
mount.nfs4: trying 10.0.0.3 prog 100005 vers 3 prot UDP port 56021

(mount is successful in this case)
Please notice the mount.nfs4: mount(2): Invalid argument error that appears every time the version is >= 4. It goes away when mount.nfs4 falls back to version 3. But NFSv3 needs more ports open on firewall, not just 2049…

Just for a reference, this is what I get from ubuntu client:

sudo mount -vvv -t nfs4 nas:/export/video /mnt/video
mount.nfs4: timeout set for Mon Oct 15 16:58:16 2018
mount.nfs4: trying text-based options 'addr=10.0.0.3,clientaddr=10.0.0.134'
16

whats the output with ubuntu client on 192.168.100.135?

17

Ok, tiny progress. Just to have some data to compare: My Vero4k with current development stand mounting NFSv4 from a Synology NAS that way:

root@osmc-vero4k:/mnt# mount -v -t nfs4 synology-ds214se:/volume1/music /mnt/blubb
mount.nfs4: timeout set for Mon Oct 15 17:35:22 2018
mount.nfs4: trying text-based options 'vers=4.2,addr=192.168.178.106,clientaddr=192.168.178.44'
mount.nfs4: mount(2): Protocol not supported
mount.nfs4: trying text-based options 'vers=4.1,addr=192.168.178.106,clientaddr=192.168.178.44'
mount.nfs4: mount(2): Protocol not supported
mount.nfs4: trying text-based options 'vers=4.0,addr=192.168.178.106,clientaddr=192.168.178.44'
root@osmc-vero4k:/mnt# cd blubb
root@osmc-vero4k:/mnt/blubb# ls
AC-DC   ...

so finally, protocol 4.0 was accepted. The error “mount(2): Invalid argument” is the one we have to understand and correct.

18

Ubuntu on 192.168.100.134:

$ sudo mount -v -t nfs4 nas:/export/video /mnt/video
mount.nfs4: timeout set for Mon Oct 15 17:52:34 2018
mount.nfs4: trying text-based options 'addr=10.0.0.3,clientaddr=192.168.100.134'
20

This looks similar: Arch Linux ARM • View topic - mount.nfs4 gives invalid argument

21

another idea, try one of these

mount -v -t nfs -o nfsvers=4.2 nas:/export/video /mnt/video

or

mount -v -t nfs -o nfsvers=4.1 nas:/export/video /mnt/video

or

mount -v -t nfs -o nfsvers=4.0 nas:/export/video /mnt/video

whether the invalid argument is caused by the automatic vers string.

1 Like