Portmap is a service that converts RPC program numbers into protocol port numbers. It must be running in order to make RPC calls. Portmap makes the dynamic binding of remote programs possible. NFSv3 is based on portmap. We will dive into this today.
How Portmap works?
The portmap service maps RPC service and version numbers to transport-specific port numbers.
When an RPC service is started, it will tell portmap what port number it is listening to, and what RPC program numbers it is prepared to serve. When a client wishes to make an RPC call to a given program number, it will first contact portmap on the server machine to determine the port number where RPC packets should be sent.
The figure illustrates the following process:
The server registers with portmap.
The client gets the server's port from portmap.
The client calls the server.
NFSv3 and Portmap
NFSv3 is based on portmap. The following description applies to NFS version 3 mounts. The NFS version 4 mount process does not include the portmap service nor does it include the MOUNT protocol.
When a client needs to mount a file system from a server, the client must obtain a file handle from the server. The file handle must correspond to the file system. This process requires that several transactions occur between the client and the server. In this example, the client is attempting to mount /home/terry from the server. A snoop trace for this transaction follows.
client -> server PORTMAP C GETPORT prog=100005 (MOUNT) vers=3 proto=UDP
server -> client PORTMAP R GETPORT port=33492
client -> server MOUNT3 C Null
server -> client MOUNT3 R Null
client -> server MOUNT3 C Mount /export/home9/terry
server -> client MOUNT3 R Mount OK FH=9000 Auth=unix
client -> server PORTMAP C GETPORT prog=100003 (NFS) vers=3 proto=TCP
server -> client PORTMAP R GETPORT port=2049
client -> server NFS C NULL3
server -> client NFS R NULL3
client -> server NFS C FSINFO3 FH=9000
server -> client NFS R FSINFO3 OK
client -> server NFS C GETATTR3 FH=9000
server -> client NFS R GETATTR3 OK
In this trace, the client first requests the mount port number from the portmap service on the NFS server.
After the client receives the mount port number (33492), that number is used to test the availability of the service on the server.
After the client has determined that a service is running on that port number, the client then makes a mount request.
When the server responds to this request, the server includes the file handle for the file system (9000) being mounted.
The client then sends a request for the NFS port number. When the client receives the number from the server, the client tests the availability of the NFS service (nfsd). Also, the client requests NFS information about the file system that uses the file handle.
Check Portmap on Linux
The well known port number for portmap is 111. We can use rpcinfo -p to check which rpc service is registered to portmap. Normally this command will respond with all the registered RPC services running on the server.
The listing displays the program number, version, protocol, port, and service name. One of those listed is the mountd service.
program vers proto port service 100005 1 udp 33492 mountd