systemdlete | I'm already asking this in #nfs but maybe someone here has already encountered this. I have a chimaera nfsv4 server but a client on the same subnet cannot mount it. I've checked over all the networking configuration of the server and client as well as the router. | 00:52 |
---|---|---|
systemdlete | Running tcpdump on the server side, I can see nfs requests (port 2049) coming in, but no replies to the client. | 00:53 |
systemdlete | If nfs3 is still available, I'm willing to try it. I just don't see it in apt search. | 00:54 |
phogg | my only suggestion, if you know the request hits the server, is to dial up nfs debug logging. Very informative | 00:57 |
phogg | even makes nfsv4 easy... well, easier | 00:57 |
systemdlete | I tried running nfstrace but got very little | 00:57 |
systemdlete | I also tried passing -s -d to the rpc.nfsd in the init file, which is hackerish, but that also gives little info | 00:58 |
systemdlete | hmmm | 00:59 |
systemdlete | tcpdump shows 2049 reaching tcpdump, but syslog is showing 2049 is blocked. | 00:59 |
systemdlete | I'm a bit confused on tcpdump's idea of traffic (before filtering i.e.). Does it get all the traffic even if blocked by the firewall? | 01:00 |
systemdlete | ok, I disabled the local firewall on the server and now it is responding.... but not with good news. | 01:02 |
systemdlete | access denied | 01:03 |
systemdlete | But still, I wonder why the firewall, which is configured to allow 2049 through, is still managing to block it. | 01:03 |
systemdlete | ok, removed and re-added the rule and now fw lets it through... | 01:05 |
systemdlete | anyway, now I'm getting access denied | 01:06 |
systemdlete | i used gufw to build my fw, and when I tried to modify the rule in gufw, it complained the rule was added by ufw | 01:08 |
systemdlete | but I deleted and re-added the rule and now it works. | 01:08 |
systemdlete | phogg, where are are the nfs debug flags listed? | 01:15 |
systemdlete | I'm gonna guess there is little to no docs on these flags | 01:18 |
systemdlete | ah, the old "-vh" option... | 01:25 |
systemdlete | missed that the first 2 times I read the man page | 01:25 |
systemdlete | well blow me down! It is working now | 01:30 |
systemdlete | fwiw, thanks for the assist. that debug tool is very handy as you said, phogg | 01:30 |
rwp | systemdlete, I know you opened port 2048 through the firewall but AFAIK NFS also requires UDP port 111 for the portmapper too. | 03:23 |
rwp | Since I never use NFS on an Internet WAN but only on private LANs I usually allow all UDP between the NFS server and the NFS client. That allows port 111 okay. | 03:23 |
rwp | And then specifically port 2048 tcp from the NFS client. Then everything works. Possibly more restriction would be possible. | 03:24 |
rwp | But again I only operate NFS on private LANs and never on the public Internet WAN as there is bound to be possible attacks as the Internet is a hostile place. | 03:24 |
rustyaxe | yea wireguard if you need nfs over internet | 03:42 |
rustyaxe | really any service that you want to use over the internet, without involving public access to the service is a good candidate to throw over a vpn (such as wireguard) | 03:42 |
systemdlete21 | I must have another webchat open somewhere. Anyway, I have a firefox browser that has lost its window manager controls. The open/close/minimize buttons are there, but they share the tab bar. It is the only window like this. I tried restarting the xfce4 wm but no change. | 10:38 |
systemdlete21 | I realize this is, like, computers 101, but I am just not too adept with the desktop. I'm still learning it after 20+ years... | 10:39 |
systemdlete21 | also tried closing and restarting firefox, but also no change. I think I must have used a shortcut it knows by accident. | 10:41 |
brocashelm | has anyone tried using xfce 4.12 (the entire xfce/thunar/tumbler/etc.) on chimaera? main reason is i want gtk2 back without being on beowulf | 10:49 |
FatPhil | I used to have terrible problems with NFS and portmapper not starting the right services, but that was over a decade ago. | 10:49 |
FatPhil | Every reboot would need a manual check that everything had been started, it was a right pain. Something to do with idiotic service start order dependencies. | 10:50 |
systemdlete21 | I solved the "NFS problem" | 10:50 |
FatPhil | good good | 10:50 |
systemdlete21 | it turned out to be a pebkam | 10:51 |
FatPhil | that's so often the case :) | 10:51 |
FatPhil | actually, only the computer's between the keyboard and monitor, did you mean chair? | 10:51 |
systemdlete21 | What I was seeing in tcpdump was not actually traffic to the host; rather it was traffic within eth0, which is bridged for a VM. I even have the address for it disabled so that it shouldn't allow traffic in or out. But tcpdump has more access and is still able to read that interface. I use a different interface to talk to the virtual | 10:52 |
systemdlete21 | network. | 10:52 |
systemdlete21 | If you don't specify an interface, tcpdump will use eth0, or whatever is the "first" interface | 10:53 |
brocashelm | ...never mind | 10:53 |
systemdlete21 | This is what happens when you work on one problem for too long... | 10:53 |
systemdlete21 | actually, it was really between the brain that drives my keyboard and the machine I think | 10:54 |
systemdlete21 | and that brain farts a lot | 10:54 |
systemdlete21 | brocashelm, I am using chimaera here and I have xfce 4.16 | 10:55 |
systemdlete21 | I didn't do anything extraordinary to get that. Just whatever came with the install plus updates. | 10:55 |
systemdlete21 | oh, you want to downgrade? | 10:56 |
systemdlete21 | you want to get old functionality back. I get it now. | 10:56 |
systemdlete21 | FatPhil, you are right. I got the acronym wrong. | 10:57 |
systemdlete21 | It's late, and I need to sleep soon... | 10:57 |
systemdlete21 | I guess I'll try restarting the whole desktop, maybe the whole VM, when netdiscover finishes, which should happen sometime before year's end :D | 10:59 |
brocashelm | systemdlete21: yeah, to get gtk2 back since gtk3 makes theming a pain and adds like 300-400 mb more | 10:59 |
systemdlete21 | today, it seems, more is better. And anyone who disagrees needs to get with it. | 11:00 |
systemdlete21 | bloat is good | 11:00 |
brocashelm | running apt autopurge libgtk-3-0 and seeing the "prompt" makes me nervous | 11:00 |
systemdlete21 | alt-space gives me the window menu, so I can use that for now | 11:02 |
browser | ircs://irc.libera.chat/devuan-offtopic | 22:13 |
Generated by irclog2html.py 2.17.0 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!