Mounting NFS-server running in VM: Connection timed out
I have no clue why this problem happens in VMs, but if I mount with version 3 it works.
mount -t nfs -o vers=3,nolock,proto=tcp nfsserver:/images /volume1/test
Solution found, but not really explainable..?
Frederik Bjørn
Updated on September 18, 2022Comments
-
Frederik Bjørn over 1 year
I have stumbled upon this general problem with NFS in virtualized machines it seems. Long story short, I tried to roll up a FOG-server, that uses NFS.
- The NFS-server VM-host is in bridged mode with IP: 10.0.0.136
- can mount the NFS-share from other VMs on the physical host, but not from other LAN-devices.
- The virtual machine is in NAT Bridge-mode no matter what VM-platform I use.
- Firewall disabled - ports.. are.. open..
- The physical machine running the VM-platform is a Windows 10 Home, disabled firewall and Intel-network adapter.
The problem: When I mount from other LAN-devices I get 'Connection timed out', but showmount responds after 2 min and 10 sec. This test is performed from a Synology-NAS on the same LAN-network.
# mount -v -t nfs nfsserver:/images /volume1/test mount.nfs: timeout set for Tue Jan 30 23:43:55 2018 mount.nfs: trying text-based options 'vers=3,tcp,soft,nolock,addr=10.0.0.136' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 10.0.0.136 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=6 mount.nfs: trying 10.0.0.136 prog 100005 vers 3 prot TCP port 56755 mount.nfs: mount(2): Connection timed out mount.nfs: trying text-based options 'vers=3,tcp,soft,nolock,addr=10.0.0.136' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 10.0.0.136 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=6 mount.nfs: trying 10.0.0.136 prog 100005 vers 3 prot TCP port 56755 mount.nfs: mount(2): Connection timed out mount.nfs: trying text-based options 'vers=3,tcp,soft,nolock,addr=10.0.0.136' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 10.0.0.136 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=6 mount.nfs: trying 10.0.0.136 prog 100005 vers 3 prot TCP port 56755 # showmount -e nfsserver Export list for 10.0.0.136: /images/dev 10.0.0.0/24 /images 10.0.0.0/24
It works as intended, when I mount from another VM-host on the same VMplatform - in this case Debian 9/VirtualBox: Instant mount and instant 'showmount -e'-response.
# mount -vt nfs nfsserver:/images /mnt/test mount.nfs: timeout set for Wed Jan 31 01:03:30 2018 mount.nfs: trying text-based options 'vers=4.2,addr=10.0.0.136,clientaddr=10.0.0.108' mount.nfs: mount(2): No such file or directory mount.nfs: trying text-based options 'addr=10.0.0.136' mount.nfs: prog 100003, trying vers=3, prot=6 mount.nfs: trying 10.0.0.136 prog 100003 vers 3 prot TCP port 2049 mount.nfs: prog 100005, trying vers=3, prot=17 mount.nfs: trying 10.0.0.136 prog 100005 vers 3 prot UDP port 33485
This is my /etc/exports on the nfsserver:
# cat /etc/exports /images 10.0.0.0/24(ro,sync,no_wdelay,no_subtree_check,insecure_locks,no_root_squash,insecure,fsid=0) /images/dev 10.0.0.0/24(rw,async,no_wdelay,no_subtree_check,no_root_squash,insecure,fsid=1)
This is the firewall (disabled):
# iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination
The services are listening:
# rpcinfo -p program vers proto port service 100000 4 tcp 111 portmapper 100000 3 tcp 111 portmapper 100000 2 tcp 111 portmapper 100000 4 udp 111 portmapper 100000 3 udp 111 portmapper 100000 2 udp 111 portmapper 100005 1 udp 48327 mountd 100005 1 tcp 47113 mountd 100005 2 udp 50106 mountd 100005 2 tcp 46029 mountd 100005 3 udp 38832 mountd 100005 3 tcp 46131 mountd 100003 2 tcp 2049 nfs 100003 3 tcp 2049 nfs 100003 4 tcp 2049 nfs 100227 2 tcp 2049 100227 3 tcp 2049 100003 2 udp 2049 nfs 100003 3 udp 2049 nfs 100003 4 udp 2049 nfs 100227 2 udp 2049 100227 3 udp 2049 100021 1 udp 36259 nlockmgr 100021 3 udp 36259 nlockmgr 100021 4 udp 36259 nlockmgr 100021 1 tcp 45767 nlockmgr 100021 3 tcp 45767 nlockmgr 100021 4 tcp 45767 nlockmgr
A portscan from a LAN-device timing out, shows open ports:
# nmap -p 111,2049 -T4 -A nfsserver Starting Nmap 7.40 ( https://nmap.org ) at 2018-01-31 00:22 CET Nmap scan report for nfsserver (10.0.0.136) Host is up (0.00079s latency). rDNS record for 10.0.0.136: nfsserver PORT STATE SERVICE VERSION 111/tcp open rpcbind 2-4 (RPC #100000) | rpcinfo: | program version port/proto service | 100000 2,3,4 111/tcp rpcbind | 100000 2,3,4 111/udp rpcbind | 100003 2,3,4 2049/tcp nfs | 100003 2,3,4 2049/udp nfs | 100005 1,2,3 38832/udp mountd | 100005 1,2,3 46131/tcp mountd | 100021 1,3,4 36259/udp nlockmgr | 100021 1,3,4 45767/tcp nlockmgr | 100227 2,3 2049/tcp nfs_acl |_ 100227 2,3 2049/udp nfs_acl 2049/tcp open nfs_acl 2-3 (RPC #100227) Service detection performed. Please report any incorrect results at https://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 6.33 seconds
/etc/hosts.allow
and/etc/hosts.deny
are both empty:# cat /etc/hosts.allow /etc/hosts.deny #
So far I've replicated the problem on:
- RHEL 7 / VirtualBox
- Debian 9 / VirtualBox
- Fedora 13 / VirtualBox
- Debian 9 / VMWare Workstation Player 14
- Ubuntu 16 / VMWare Workstation Player 14
It's strange! After trying this for almost a week, I surrender to you, mighty Gods of Serverfault
I'm clueless and humble!
How do I mount to an NFS-server running in a virtual machine without timing out?
Edit: Thanks for the formating. I tried tcpdumping both ends, and it seems some packets never arrive at the NFS-server inside the VM. It looks like a network issue deep inside virtualbox. Still clueless though..