NFS 4 client callback port
J. Bruce Fields
bfields at fieldses.org
Fri Jun 6 15:37:38 EDT 2008
On Fri, Jun 06, 2008 at 09:18:44PM +0200, Guillaume Rousse wrote:
> J. Bruce Fields a écrit :
>>> From reading
>>> http://www.vanemery.com/Linux/NFSv4/NFSv4-no-rpcsec.html#notes, In
>>> understand than callback requires a client port to be accessible from
>>> a server-initiated connection.
>>
>> Yes. Note, though, that if the callback doesn't work, that's not a
>> fatal problem.
> Sure, but it is supposed to enhance perfs. And there is also this issue
> in 2.6.24.4:
> https://linux-nfs.org/pipermail/nfsv4/2008-April/008440.html
The bug described there should be fixed in more recent kernels.
> Given than we can change our firewall settings much easier than have
> patches included in regular distribution kernels, I'd rather make it work
> :)
>
>>> I found nowhere which port it is exactly (2049 again ?)
>>
>> It's not a fixed port.
> OK, but I think there is some kind of range for it ? Or at least a fixed
> source port ?
No. Well, probably you could find some range that would work for
current Linux kernels. I don't think we want to promise that it would
continue to work for all future versions. And certainly it won't work
for non-linux clients or servers.
So unfortunately the only real solutions are probably either to just
open everything up, or give up on callbacks, or wait for 4.1 (which will
use the same tcp connection for callbacks as for regular rpc calls).
--b.
More information about the NFSv4
mailing list