From: Neil Horman <nhorman@redhat.com>
To: Dan Stromberg <strombrg@dcs.nac.uci.edu>
Cc: naveen a <naveen2005@india.com>, nfs@lists.sourceforge.net
Subject: Re: Help needed in understanding allocation of ports in NFS
Date: Fri, 18 Feb 2005 07:12:02 -0500 [thread overview]
Message-ID: <4215DB92.30006@redhat.com> (raw)
In-Reply-To: <1108678086.5897.62.camel@seki.nac.uci.edu>
Dan Stromberg wrote:
> Generally speaking, being RPC services, the portmapper (portmap or
> rpcbind) are free to allocate whatever ports to these services they feel
> like, and then client programs will contact the portmapper, give it the
> RPC program number, protocol and version, and then the portmapper will
> tell the client program which port to use.
>
> However, I've gotten the impression that some NFS-related rpc services
> always come up on the same ports in practice.
>
> Still, if you want to combine NFS with a firewall, you likely either
> want to allow anything from a list of hosts, or configure NFS to use
> specific ports...
>
Some firewalls are available on the market (I think the cisco pix is
one) that snoop for portmap dump and getport transactions, and use the
information in them to dynamically open ports for services you wish to
allow. You can also use the ip_queue target in iptables to write some
extra intellegence into your linux firewall to do the same thing.
Neil
> On Wed, 2005-02-16 at 18:04 +0800, naveen a wrote:
>
>>Hi,
>>
>>I wanted some info related to port selection in NFS.
>>
>>What happens when the port number is not specified in the command line switch or configuration
>>file for mountd and statd?
>>
>>In man pages it is mentioned as statd/mountd will select the port from portmapper.
>>
>>Can you please let me know how a port is allotted and the code path in source.
>>
>>What is the criteria for allocation of ports by portmapper ?
>>
>>Please educate me on this.
>>
>>Thanks
>>Naveen
--
/***************************************************
*Neil Horman
*Software Engineer
*Red Hat, Inc.
*nhorman@redhat.com
*gpg keyid: 1024D / 0x92A74FA1
*http://pgp.mit.edu
***************************************************/
-------------------------------------------------------
SF email is sponsored by - The IT Product Guide
Read honest & candid reviews on hundreds of IT Products from real users.
Discover which products truly live up to the hype. Start reading now.
http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click
_______________________________________________
NFS maillist - NFS@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs
prev parent reply other threads:[~2005-02-18 12:12 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-02-16 10:04 Help needed in understanding allocation of ports in NFS naveen a
2005-02-17 22:08 ` Dan Stromberg
2005-02-18 12:12 ` Neil Horman [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4215DB92.30006@redhat.com \
--to=nhorman@redhat.com \
--cc=naveen2005@india.com \
--cc=nfs@lists.sourceforge.net \
--cc=strombrg@dcs.nac.uci.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.