NFS export from Linux and mount on AIX

Posted on by a blogger

I have a similar article here which discusses the steps to mount a NFS exported directory from Linux.  However, I never really went into the steps on the Linux side of actually mounting it and what-not, so I’ll give a real world example here.
On the Linux box, I have already downloaded AIX 6.1 TL6 DVD1 as an .iso file, and I am planning on mounting and exporting to one of the AIX servers (newly build AIX 6.1 w/o openssh or openssl installed).  However, before proceeding with that, we should confirm that the NFS server is setup appropriately.

Debian *nix Setup

There are three main files for the NFS configuration on a Debian style machine.  They are the /etc/exports /etc/hosts.allow and /etc/hosts.deny.  So let’s setup the deny file so it “by default” will deny access to anyone attempting access with the following command:

echo "portmap:ALL" >> /etc/hosts.deny
echo "lockd:ALL" >> /etc/hosts.deny
echo "mountd:ALL" >> /etc/hosts.deny
echo "rquotad:ALL" >> /etc/hosts.deny
echo "statd:ALL" >> /etc/hosts.deny

Next, we add the specific server we want into the /etc/hosts.allow file with this command: (NOTE: This file will also allow netmasks if you wish to allow an entire range)

echo "portmap: 192.168.2.32" >> /etc/hosts.allow
echo "lockd: 192.168.2.32" >> /etc/hosts.allow
echo "mountd: 192.168.2.32" >> /etc/hosts.allow
echo "rquotad: 192.168.2.32" >> /etc/hosts.allow
echo "statd: 192.168.2.32" >> /etc/hosts.allow

Now restart the portmapper service with: service portmap restart

To determine what services are being offered by portmapper, run the command: rpcinfo -p 127.0.0.1. This should give output similar to the following:
program vers proto port
100000 2 tcp 111 portmapper
100021 1 udp 4001 nlockmgr
100021 3 udp 4001 nlockmgr
100021 4 udp 4001 nlockmgr
100021 1 tcp 4001 nlockmgr
100021 3 tcp 4001 nlockmgr
100021 4 tcp 4001 nlockmgr
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 4 udp 2049 nfs
100005 1 udp 4002 mountd
100005 1 tcp 4002 mountd
100005 2 udp 4002 mountd
100005 2 tcp 4002 mountd
100005 3 udp 4002 mountd
100005 3 tcp 4002 mountd
100024 1 udp 4000 status
100024 1 tcp 4000 status
100000 2 udp 111 portmapper

This shows you which ports you will want to open up. So now we’ll add these info iptables.

iptables -A INBOUND -s 192.168.2.32/8 -p udp -m udp --dport 111 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p tcp -m tcp --dport 111 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p udp -m udp --dport 2049 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p tcp -m tcp --dport 2049 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p udp -m udp --dport 4000 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p tcp -m tcp --dport 4000 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p udp -m udp --dport 4001 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p tcp -m tcp --dport 4001 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p udp -m udp --dport 4002 -j ACCEPT
iptables -A INBOUND -s 192.168.2.32/8 -p tcp -m tcp --dport 4002 -j ACCEPT

Next save iptables to activate the changes with iptables-save > /home/default.fw. If the changes aren’t done automatically on reboot, then under Debian OSs open /etc/network/interfaces file. Under the eth0 section add “post-up iptables-restore < /home/default.fw”. This of course is assuming you are using eth0 as your network interface. Otherwise, modify that for whatever interface you are using.

Next mount the CD.
mount -o loop /home/user/iso/AIX_6.1_Base_Operating_System_TL_6100-06-06_DVD_1_of_2_112011.iso /mnt/

Now that the .iso is mounted, we will add the information to the exports file.
echo "/mnt sandbox(ro,sync,no_subtree_check)" >> /etc/exports

sandbox from the line above is the name of the server. If it isn’t in DNS, then it should be added to your local system using the IP address and hostname. Such as echo "192.168.2.200 sandbox" >> /etc/hosts.

Next, you will want to restart some of the services on the Linux box, followed by refreshing your export list of NFS exports.
/etc/init.d/portmap restart
/etc/init.d/nfs-common restart
exportfs -a

Confirm the directory is exported (from the Linux box) with: showmount -e 127.0.0.1

If your Linux server is running a firewall, it may cloud the issue. So you should configure NFS to use dedicated ports, then open that up in your firewall config (iptables).

Firewall Configuration

Modify the nfs configuration with vi /etc/sysconfig/nfs (Redhat or Centos style *Nixs)

Category: AIX, Linux