outofspace
Cadet
- Joined
- Dec 13, 2021
- Messages
- 5
I am using NFSv3 for server to server data shares, and I wanted to avoid the absolute disaster that is the default port selection of NFS ( I actually care about creating properly locked down firewall rules).
I listed very specific ports in the NFS service section in the GUI.
Unfortunately, it appears that the rpc port mapper is still serving random high ports for clients to connect to, which is absolutely unacceptable.
It appears NFS is listening on the port (cannot confirm what program, even as root).
Client (Debian 11) trying to connect to the RHP:
I've remounting from the client, restarting the client, restarting truenas, and restarting the NFS service on truenas.
All of that only resulted in the RHP that the client tries to connect to being changed to another RHP (this is the unacceptable part...)
So, couple of questions:
Why? Is there another hidden NFS config that the GUI doesnt allow configuration of?
Is it possible to change whatever subprocess of NFS this port is serving?
And if its possible, How (wheres the file) can I change the port?
I do have to say I am not using NFSv4 because of the huge performance hit for low latency single connections.
Update: rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100005 3 udp 2050 mountd
100005 3 tcp 2050 mountd
100003 3 tcp 2049 nfs
100227 3 tcp 2049
100021 1 udp 54513 nlockmgr
100021 3 udp 54513 nlockmgr
100021 4 udp 54513 nlockmgr
100021 1 tcp 40301 nlockmgr
100021 3 tcp 40301 nlockmgr
100021 4 tcp 40301 nlockmgr
So I guess my actual question is how do I change the nlockmgr port?
I listed very specific ports in the NFS service section in the GUI.
Unfortunately, it appears that the rpc port mapper is still serving random high ports for clients to connect to, which is absolutely unacceptable.
It appears NFS is listening on the port (cannot confirm what program, even as root).
Client (Debian 11) trying to connect to the RHP:
I've remounting from the client, restarting the client, restarting truenas, and restarting the NFS service on truenas.
All of that only resulted in the RHP that the client tries to connect to being changed to another RHP (this is the unacceptable part...)
So, couple of questions:
Why? Is there another hidden NFS config that the GUI doesnt allow configuration of?
Is it possible to change whatever subprocess of NFS this port is serving?
And if its possible, How (wheres the file) can I change the port?
I do have to say I am not using NFSv4 because of the huge performance hit for low latency single connections.
Update: rpcinfo -p
program vers proto port service
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100005 3 udp 2050 mountd
100005 3 tcp 2050 mountd
100003 3 tcp 2049 nfs
100227 3 tcp 2049
100021 1 udp 54513 nlockmgr
100021 3 udp 54513 nlockmgr
100021 4 udp 54513 nlockmgr
100021 1 tcp 40301 nlockmgr
100021 3 tcp 40301 nlockmgr
100021 4 tcp 40301 nlockmgr
So I guess my actual question is how do I change the nlockmgr port?
Last edited: