Unix/Linux Go Back    


AIX AIX is IBM's industry-leading UNIX operating system that meets the demands of applications that businesses rely upon in today's marketplace.

TCP/UDP port range for default AIX NFS?

AIX


Tags
aix, unix

Closed Linux or Unix Question    
 
Thread Tools Search this Thread Display Modes
    #1  
Old Unix and Linux 04-07-2011
famasutika's Unix or Linux Image
famasutika famasutika is offline
Registered User
 
Join Date: Jun 2010
Last Activity: 20 June 2013, 1:44 AM EDT
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Unix or Linux Question TCP/UDP port range for default AIX NFS?

May I know what is the TCP/UCP port range for any default AIX NFS? Based on rpcinfo -p, I got the following output:

program vers proto port service
100000 4 udp 111 portmapper
100000 3 udp 111 portmapper
100000 2 udp 111 portmapper
100000 4 tcp 111 portmapper
100000 3 tcp 111 portmapper
100000 2 tcp 111 portmapper
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs
200006 1 udp 2049
200006 4 udp 2049
200006 1 tcp 2049
200006 4 tcp 2049
100005 1 tcp 32769 mountd
100005 2 tcp 32769 mountd
100005 3 tcp 32769 mountd
100005 1 udp 32793 mountd
100005 2 udp 32793 mountd
100005 3 udp 32793 mountd
400005 1 udp 32794
100024 1 tcp 32770 status
100024 1 udp 32795 status
100133 1 tcp 32770
100133 1 udp 32795
200001 1 tcp 32770
200001 1 udp 32795
200001 2 tcp 32770
200001 2 udp 32795
100021 1 udp 32820 nlockmgr
100021 2 udp 32820 nlockmgr
100021 3 udp 32820 nlockmgr
100021 4 udp 32820 nlockmgr
100021 1 tcp 32771 nlockmgr
100021 2 tcp 32771 nlockmgr
100021 3 tcp 32771 nlockmgr
100021 4 tcp 32771 nlockmgr
200012 2 udp 702
200012 3 udp 703

I didn't see any NFS port range in /etc/environment. In order to setup NFS behind a firewall, what are the ports/port range we should open?

Thanks.
Sponsored Links
    #2  
Old Unix and Linux 04-08-2011
bakunin bakunin is offline Forum Staff  
Bughunter Extraordinaire
 
Join Date: May 2005
Last Activity: 21 March 2015, 4:46 AM EDT
Location: In the leftmost byte of /dev/kmem
Posts: 4,485
Thanks: 50
Thanked 919 Times in 721 Posts
You might want to consult this post.

I hope this helps.

bakunin
Sponsored Links
    #3  
Old Unix and Linux 04-08-2011
ram1729 ram1729 is offline
Registered User
 
Join Date: May 2008
Last Activity: 3 January 2015, 6:19 AM EST
Posts: 16
Thanks: 0
Thanked 1 Time in 1 Post
Can you provide me the nfs reserved ports value ?

nfso -a | grep nfs_use_reserved_ports

If nfs_use_reserved_ports=0 AIX server uses nonreserved IP port numbers above 1024 when the NFS client communicates with the NFS server.

If nfs_use_reserved_ports=1 AIX server uses nonreserved IP port numbers below 1024
when the NFS client communicates with the NFS server.
    #4  
Old Unix and Linux 04-11-2011
famasutika's Unix or Linux Image
famasutika famasutika is offline
Registered User
 
Join Date: Jun 2010
Last Activity: 20 June 2013, 1:44 AM EDT
Posts: 7
Thanks: 0
Thanked 0 Times in 0 Posts
Quote:
Originally Posted by ram1729 View Post
Can you provide me the nfs reserved ports value ?

nfso -a | grep nfs_use_reserved_ports

If nfs_use_reserved_ports=0 AIX server uses nonreserved IP port numbers above 1024 when the NFS client communicates with the NFS server.

If nfs_use_reserved_ports=1 AIX server uses nonreserved IP port numbers below 1024
when the NFS client communicates with the NFS server.
From my nfso -a output, my nfs_use_reserved_ports=0.

Is there a way to fix the NFS server/client port range so that we could have NFS setup behind a firewall?

What are the best practice for NFS setup behind a firewall?

My security team was asking whehter NFS client supports keep alive feature, whereby NFS client connection will re-establish a new connection automatically after timed out? Anyway, is there any client session timed out settings on NFS server?
Sponsored Links
    #5  
Old Unix and Linux 04-11-2011
bakunin bakunin is offline Forum Staff  
Bughunter Extraordinaire
 
Join Date: May 2005
Last Activity: 21 March 2015, 4:46 AM EDT
Location: In the leftmost byte of /dev/kmem
Posts: 4,485
Thanks: 50
Thanked 919 Times in 721 Posts
Quote:
Originally Posted by famasutika View Post
Is there a way to fix the NFS server/client port range so that we could have NFS setup behind a firewall?

What are the best practice for NFS setup behind a firewall?
As i have said in the post i linked for you: there is probably no such way. The best practice is to use some other protocol/means for file sharing.

What is the point of using a firewall between two hosts when you share diskspace between them?

I hope this helps.

bakunin
Sponsored Links
Closed Linux or Unix Question

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Unix or Linux Image More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
print range between two patterns if it contains a pattern within the range joyan321 Shell Programming and Scripting 2 06-18-2009 05:27 PM



All times are GMT -4. The time now is 02:34 AM.