Network File Sharing (NFS) is a protocol that allows us to share directories and files with other Linux clients over a network. The ports for NFS are confusing for many people. We will deep dive into this today.
NFSv3 and NFSv2 include portmapper, nfsd, and other NFS services like mountd, nlockmgr, status, pcnfs, quotad, etc.
For portmapper services, NFSv3 and NFSv2 use TCP or UDP port 111. The portmapper service is consulted to get the port numbers for services used with NFSv3 or NFSv2 protocols such as mountd, statd, and nlm etc. NFSv4 does not require the portmapper service.
For nfsd, we usually use TCP or UDP port 2049.
The ports for other NFS services like mounted, nlockmgr, status are product-dependent.
Example of NFSv3 Ports
The following are the NFSv3 ports that are used for NetApp data Ontap and NetApp 7 mode. These are two different products for NetApp company. We can see that the ports for portmapper and nfsd are the same. Other ports are different.
Data ONTAP: 111 TCP/UDP portmapper 2049 TCP/UDP nfsd 635 TCP/UDP mountd 4045 TCP/UDP nlockmgr 4046 TCP/UDP status
Data ONTAP 7-Mode: 111 TCP/UDP portmapper 2049 TCP/UDP nfsd 4046 TCP/UDP mountd 4045 TCP/UDP nlockmgr 4047 TCP/UDP status
How NFSv3 works
Here are the steps for how the NFS client works.
The client contacts the server’s portmapper to find out which network port is assigned as the NFS mount service.
The client contacts the mount service and requests to mount a file system. The mount service checks to see if the client has permission to mount the requested partition. (Permission for a client to mount a resource is based on directives or options in the /etc/exports file.) If all is well, the mount service returns an affirmative.
The client contacts the portmapper again—this time to determine on which port the NFS server is located. (Typically, this is port 2049.)
Whenever the client wants to make a request to the NFS server (for example, to read a directory), an RPC is sent to the NFS server.
When the client is done, it updates its own mount tables but doesn’t inform the server.
Configure NFSv3 Ports in RedHat
In Redhat, ports will change when each time NFS is restarted. We can assign a permanent port number to each of the NFS services (rquotad, mountd, statd, and lockd). It will make our management work easier.
The port numbers for these services are configured through the file /etc/sysconfig/nfs. We will need to create this file if it does not exist. It should look similar to the following example:
# Port rquotad should listen on. RQUOTAD_PORT=875 # TCP port rpc.lockd should listen on. LOCKD_TCPPORT=32803 # UDP port rpc.lockd should listen on. LOCKD_UDPPORT=32769 # Port rpc.mountd should listen on. MOUNTD_PORT=892 # Port rpc.statd should listen on. STATD_PORT=662 # Outgoing port statd should used. The default is port # is random # STATD_OUTGOING_PORT=2020
Check NFSv3 port with Rpcinfo Command
$ rpcinfo -p 10.1.1.4 program vers proto port 100000 2 udp 111 rpcbind 100000 2 tcp 111 rpcbind 100000 3 udp 111 rpcbind 100000 3 tcp 111 rpcbind 100000 4 udp 111 rpcbind 100000 4 tcp 111 rpcbind 100003 3 udp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100005 1 udp 635 mountd 100005 2 udp 635 mountd 100005 3 udp 635 mountd 100005 1 tcp 635 mountd 100005 2 tcp 635 mountd 100005 3 tcp 635 mountd 100021 4 udp 4045 nlockmgr 100021 4 tcp 4045 nlockmgr 100024 1 udp 4046 status 100024 1 tcp 4046 status
NFSv4 does not need to interact with rpcbind, lockd, and rpc-statd services. The mounting and locking protocols have been incorporated into the NFSv4 protocol. The nfs-mountd service is still required on the NFS server to set up the exports but is not involved in any over-the-wire operations.
For NFSv4, we only use port 2049 for nfsd service.
If we want to use tools like showmount remotely or if we have NFSv3 clients, we will need to open more ports.