Friday, March 8, 2013

sharing folders using nfs on rhel

This tutorial guide you how to configure nfs share on rhel system.
Below is the details of nfs Server and client, both running Redhat enterprise Linux 6.2 64-bit

NFS Server :- host-name is server and ip address is 192.168.5.5/24
NFS Client :-  host-name is client and ip address is  192.168.5.3/24

NFS Server Configuration

[1]  Edit /etc/sysconfig/nfs

 To allow nfs traffic , should need to uncomment following variable LOCKD_TCPPORT ,LOCKD_UDPPORT, MOUNTD_PORT,  STATD_PORT on /etc/sysconfig/nfs as following


# TCP port rpc.lockd should listen on.

LOCKD_TCPPORT=32803



# UDP port rpc.lockd should listen on.

LOCKD_UDPPORT=32769



# Port rpc.mountd should listen on.

MOUNTD_PORT=892



# Port rpc.statd should listen on.

STATD_PORT=662



[2] Configure Firewall to allow nfs traffic .


TCP port 2049 for NFS.
TCP and UDP port 111 (rpcbind/sunrpc).

So let's edit the iptables file
[root@server ~]# vim /etc/sysconfig/iptables

By default this file contain few rules . Find following rule 
-A INPUT -j REJECT --reject-with icmp-host-prohibited
and insert bellow rules before that line

-A INPUT -m state --state NEW -m tcp -p tcp --dport 2049 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 111 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 111 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 32803 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 32769 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 892 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 892 -j ACCEPT

-A INPUT -m state --state NEW -m tcp -p tcp --dport 662 -j ACCEPT

-A INPUT -m state --state NEW -m udp -p udp --dport 662 -j ACCEPT


save and quit the iptabales file, then issue follwing command apply the new rules to system
[root@server ~]# service iptables restart

you can verify it by using following command
[root@server ~]#iptables -L


[3] Create a direcory to share with client


my share folder is /svrfile and i have assigned 
rwx (read write execute) permission for ugo (user group others).
[root@server ~]# mkdir /svrfile
[root@server ~]# chmod 777 /svrfile

[4] Edit exports file

[root@server ~]# vim  /etc/exports
and insert following line

/svrfile 192.168.5.3(rw,sync,no_root_squash)


192.168.5.3 is nfs client where i'm going share /svrfile . you can specify client host as  192.168.5.3/24
however /24 is default for class C network. If you wish to share with any host you can use '*' (without qutoes) instead of ipaddress.
Several parameters are available.I used rw,sync and no_root_squash . here is brief explanation.

rw :- enable read write
sync :-  Syncs write operations on request. Active by default
no_root_squash :- Treat remote root user as local root; remote root users get root privileges
on the shared directory

[5] restart rpcbind and nfs 

By default RHEL system is installed this services , If it is not you should have
to install .

[root@server ~]# service rpcbind restart

Stopping rpcbind:                                          [  OK  ]

Starting rpcbind:                                          [  OK  ]

[root@server ~]# 



[root@server ~]# service nfs restart

Shutting down NFS mountd:                                  [  OK  ]

Shutting down NFS daemon:                                  [  OK  ]

Shutting down NFS quotas:                                  [  OK  ]

Shutting down NFS services:                                [  OK  ]

Starting NFS services:                                     [  OK  ]

Starting NFS quotas:                                       [  OK  ]

Starting NFS daemon:                                       [  OK  ]

Starting NFS mountd:                                       [  OK  ]

[root@server ~]#



[6] refresh the export file


[root@server ~]# exportfs -r
if it is successful , no message will be displayed
please remember to refresh export file by issuing above command, If you are done any modification to export file.

further you can verify export file using following commands

[root@server ~]# exportfs -rv
exporting 192.168.5.3:/svrfile
[root@server ~]# 


[root@server ~]# showmount -e
Export list for server:
/svrfile 192.168.5.3
[root@server ~]#




NFS Client configuration


[7] enable services and create folder on client

we are done with NFS server configuration , so lets configure client, first of all create directory to share with server and then restart rpcbind and nfs services.

[root@client ~]# mkdir /clientfile

[root@client ~]# service rpcbind restart
[root@client ~]# service nfs restart


[8] Finally let's mount the nfs

[root@client ~]#mount -t nfs 192.168.5.3:/svrfile /clientfile



That's all , Don't hesitate to comment if you have question . have a nice day  !

1 comment:

  1. Thanks for sharing the procedure.I am having one doubt that in these process any insecurity or dangerous of warm, malicious files are therewhen i Send Files.

    ReplyDelete

Related Posts