Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad)

linux-nfs.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad)
@ 2015-09-14 13:11 Soumya Koduri
  2015-09-14 18:22 ` Steve Dickson
  0 siblings, 1 reply; 6+ messages in thread
From: Soumya Koduri @ 2015-09-14 13:11 UTC (permalink / raw)
  To: linux-nfs, nfs-ganesha-devel@lists.sourceforge.net, Bruce Fields,
	Steve Dickson
  Cc: Niels de Vos

Hi,

In the latest Linux distributions (Fedora), ports 2049 (nfs) and 20048 
(mountd) are configured to be opened by default by firewalld service.

Files: '/usr/lib/firewalld/services/nfs.xml' & 
'/usr/lib/firewalld/services/mountd.xml'.

We would like to know what ports could be used by default for service 
daemons providing other NFS side-band protocols (NLM/NSM/RQUOTA), so 
that we can define *.xml files for those services as well to be included 
in firewalld if required.

Request your inputs.

Thanks,
Soumya

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad)
  2015-09-14 13:11 Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad) Soumya Koduri
@ 2015-09-14 18:22 ` Steve Dickson
  2015-09-14 18:30   ` Malahal Naineni
  0 siblings, 1 reply; 6+ messages in thread
From: Steve Dickson @ 2015-09-14 18:22 UTC (permalink / raw)
  To: Soumya Koduri, linux-nfs, nfs-ganesha-devel@lists.sourceforge.net,
	Bruce Fields
  Cc: Niels de Vos

Hello,

On 09/14/2015 09:11 AM, Soumya Koduri wrote:
> Hi,
> 
> In the latest Linux distributions (Fedora), ports 2049 (nfs) and 20048 (mountd) are configured to be opened by default by firewalld service.
> 
> Files: '/usr/lib/firewalld/services/nfs.xml' & '/usr/lib/firewalld/services/mountd.xml'.
Hmm... I didn't know about this... We should probably 
set the -p 20048 by default via /etc/sysconfig/nfs file or maybe the systemd script?

> 
> We would like to know what ports could be used by default for service 
> daemons providing other NFS side-band protocols (NLM/NSM/RQUOTA), so 
> that we can define *.xml files for those services as well to be included in 
> firewalld if required.
The actual port number really does not matter, as long as its
not a  privileged port (< 1024). What matters is the port you assign 
to the servers are actually used... Which means the default configuration 
files (like /etc/sysconfig/nfs) are updated with the given port numbers.

steved.

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad)
  2015-09-14 18:22 ` Steve Dickson
@ 2015-09-14 18:30   ` Malahal Naineni
  2015-09-15 19:15     ` Soumya Koduri
  0 siblings, 1 reply; 6+ messages in thread
From: Malahal Naineni @ 2015-09-14 18:30 UTC (permalink / raw)
  To: Steve Dickson
  Cc: Soumya Koduri, linux-nfs, nfs-ganesha-devel@lists.sourceforge.net,
	Bruce Fields, Niels de Vos

Steve Dickson [SteveD@redhat.com] wrote:
> Hello,
> 
> On 09/14/2015 09:11 AM, Soumya Koduri wrote:
> > Hi,
> > 
> > In the latest Linux distributions (Fedora), ports 2049 (nfs) and 20048 (mountd) are configured to be opened by default by firewalld service.
> > 
> > Files: '/usr/lib/firewalld/services/nfs.xml' & '/usr/lib/firewalld/services/mountd.xml'.
> Hmm... I didn't know about this... We should probably 
> set the -p 20048 by default via /etc/sysconfig/nfs file or maybe the systemd script?

I believe, mountd already uses /etc/services file by default. So
specifying it in /etc/services would be good. I think RHEL7 has one for
mountd. This is specific to NFSv3 anyway...


Regards, Malahal.


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad)
  2015-09-14 18:30   ` Malahal Naineni
@ 2015-09-15 19:15     ` Soumya Koduri
  2015-09-16 13:25       ` [Nfs-ganesha-devel] " Steve Dickson
  0 siblings, 1 reply; 6+ messages in thread
From: Soumya Koduri @ 2015-09-15 19:15 UTC (permalink / raw)
  To: Steve Dickson, linux-nfs, nfs-ganesha-devel@lists.sourceforge.net,
	Bruce Fields, Niels de Vos



On 09/15/2015 12:00 AM, Malahal Naineni wrote:
> Steve Dickson [SteveD@redhat.com] wrote:
>> Hello,
>>
>> On 09/14/2015 09:11 AM, Soumya Koduri wrote:
>>> Hi,
>>>
>>> In the latest Linux distributions (Fedora), ports 2049 (nfs) and 20048 (mountd) are configured to be opened by default by firewalld service.
>>>
>>> Files: '/usr/lib/firewalld/services/nfs.xml' & '/usr/lib/firewalld/services/mountd.xml'.
>> Hmm... I didn't know about this... We should probably
>> set the -p 20048 by default via /etc/sysconfig/nfs file or maybe the systemd script?
>
> I believe, mountd already uses /etc/services file by default. So
> specifying it in /etc/services would be good. I think RHEL7 has one for
> mountd. This is specific to NFSv3 anyway...
>

 From '/etc/services' & [1], looks like port# '20048' has been 
registered to be used by mountd service. Does it help if we have ports 
registered for other services too then? Or is it better to keep them 
dynamic and leave it to admin to choose & edit '/etc/sysconfig/nfs' file 
as required.

[1] http://www.iana.org/assignments/port-numbers

Thanks,
Soumya

>
> Regards, Malahal.
>

^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [Nfs-ganesha-devel] Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad)
  2015-09-15 19:15     ` Soumya Koduri
@ 2015-09-16 13:25       ` Steve Dickson
  2015-09-16 13:42         ` Trond Myklebust
  0 siblings, 1 reply; 6+ messages in thread
From: Steve Dickson @ 2015-09-16 13:25 UTC (permalink / raw)
  To: Soumya Koduri, linux-nfs, nfs-ganesha-devel@lists.sourceforge.net,
	Bruce Fields, Niels de Vos



On 09/15/2015 03:15 PM, Soumya Koduri wrote:
> 
> 
> On 09/15/2015 12:00 AM, Malahal Naineni wrote:
>> Steve Dickson [SteveD@redhat.com] wrote:
>>> Hello,
>>>
>>> On 09/14/2015 09:11 AM, Soumya Koduri wrote:
>>>> Hi,
>>>>
>>>> In the latest Linux distributions (Fedora), ports 2049 (nfs) and 20048 (mountd) are configured to be opened by default by firewalld service.
>>>>
>>>> Files: '/usr/lib/firewalld/services/nfs.xml' & '/usr/lib/firewalld/services/mountd.xml'.
>>> Hmm... I didn't know about this... We should probably
>>> set the -p 20048 by default via /etc/sysconfig/nfs file or maybe the systemd script?
>>
>> I believe, mountd already uses /etc/services file by default. So
>> specifying it in /etc/services would be good. I think RHEL7 has one for
>> mountd. This is specific to NFSv3 anyway...
>>
> 
> From '/etc/services' & [1], looks like port# '20048' has been registered to be used by mountd service. Does it help if we have ports registered for other services too then? Or is it better to keep them dynamic and leave it to admin to choose & edit '/etc/sysconfig/nfs' file as required.
> 
> [1] http://www.iana.org/assignments/port-numbers
> 

I'm thinking its better to leave it up to the admins... 

steved.


^ permalink raw reply	[flat|nested] 6+ messages in thread

* Re: [Nfs-ganesha-devel] Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad)
  2015-09-16 13:25       ` [Nfs-ganesha-devel] " Steve Dickson
@ 2015-09-16 13:42         ` Trond Myklebust
  0 siblings, 0 replies; 6+ messages in thread
From: Trond Myklebust @ 2015-09-16 13:42 UTC (permalink / raw)
  To: Steve Dickson
  Cc: Soumya Koduri, Linux NFS Mailing List,
	nfs-ganesha-devel@lists.sourceforge.net, Bruce Fields,
	Niels de Vos

On Wed, Sep 16, 2015 at 9:25 AM, Steve Dickson <SteveD@redhat.com> wrote:
>
>
>
> On 09/15/2015 03:15 PM, Soumya Koduri wrote:
> >
> >
> > On 09/15/2015 12:00 AM, Malahal Naineni wrote:
> >> Steve Dickson [SteveD@redhat.com] wrote:
> >>> Hello,
> >>>
> >>> On 09/14/2015 09:11 AM, Soumya Koduri wrote:
> >>>> Hi,
> >>>>
> >>>> In the latest Linux distributions (Fedora), ports 2049 (nfs) and 20048 (mountd) are configured to be opened by default by firewalld service.
> >>>>
> >>>> Files: '/usr/lib/firewalld/services/nfs.xml' & '/usr/lib/firewalld/services/mountd.xml'.
> >>> Hmm... I didn't know about this... We should probably
> >>> set the -p 20048 by default via /etc/sysconfig/nfs file or maybe the systemd script?
> >>
> >> I believe, mountd already uses /etc/services file by default. So
> >> specifying it in /etc/services would be good. I think RHEL7 has one for
> >> mountd. This is specific to NFSv3 anyway...
> >>
> >
> > From '/etc/services' & [1], looks like port# '20048' has been registered to be used by mountd service. Does it help if we have ports registered for other services too then? Or is it better to keep them dynamic and leave it to admin to choose & edit '/etc/sysconfig/nfs' file as required.
> >
> > [1] http://www.iana.org/assignments/port-numbers
> >
>
> I'm thinking its better to leave it up to the admins...
>

If that is the case, is there any way to tie the ports assigned to
/etc/sysconfig/nfs etc to a set of firewall rules that open those
ports for incoming traffic? Having to adjust 2 sets of configurations
every time you want to assign a new port is a potential source of
errors.

Trond

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2015-09-16 13:42 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-09-14 13:11 Default ports to be used by NFS side-band protocol services (lockd, statd, rquotad) Soumya Koduri
2015-09-14 18:22 ` Steve Dickson
2015-09-14 18:30   ` Malahal Naineni
2015-09-15 19:15     ` Soumya Koduri
2015-09-16 13:25       ` [Nfs-ganesha-devel] " Steve Dickson
2015-09-16 13:42         ` Trond Myklebust

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).