Linux

掛載在 VM 中執行的 NFS 伺服器:連接超時

  • February 2, 2018

我偶然發現了虛擬機中 NFS 的這個普遍問題。長話短說,我嘗試建立一個使用 NFS 的 FOG 伺服器。

  • NFS-server VM-host 處於橋接模式,IP:10.0.0.136
  • 可以從物理主機上的其他 VM 掛載 NFS 共享,但不能從其他 LAN 設備掛載。
  • 無論我使用什麼 VM 平台,虛擬機都處於 NAT 橋接模式。
  • 防火牆已禁用 - 埠.. 正在.. 打開..
  • 執行 VM 平台的物理機是 Windows 10 Home、禁用的防火牆和 Intel 網路適配器。

問題: 當我從其他 LAN 設備安裝時,我得到“連接超時”,但 showmount 在 2 分 10 秒後響應。此測試是從同一 LAN 網路上的 Synology-NAS 執行的。

# mount -v -t nfs nfsserver:/images /volume1/test
mount.nfs: timeout set for Tue Jan 30 23:43:55 2018
mount.nfs: trying text-based options 'vers=3,tcp,soft,nolock,addr=10.0.0.136'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 10.0.0.136 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=6
mount.nfs: trying 10.0.0.136 prog 100005 vers 3 prot TCP port 56755
mount.nfs: mount(2): Connection timed out
mount.nfs: trying text-based options 'vers=3,tcp,soft,nolock,addr=10.0.0.136'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 10.0.0.136 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=6
mount.nfs: trying 10.0.0.136 prog 100005 vers 3 prot TCP port 56755
mount.nfs: mount(2): Connection timed out
mount.nfs: trying text-based options 'vers=3,tcp,soft,nolock,addr=10.0.0.136'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 10.0.0.136 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=6
mount.nfs: trying 10.0.0.136 prog 100005 vers 3 prot TCP port 56755

# showmount -e nfsserver
Export list for 10.0.0.136:
/images/dev 10.0.0.0/24
/images     10.0.0.0/24

當我從同一 VM 平台上的另一個 VM 主機掛載時,它按預期工作 - 在本例中為 Debian 9/VirtualBox:即時掛載和即時“showmount -e”-response。

# mount -vt nfs nfsserver:/images /mnt/test
mount.nfs: timeout set for Wed Jan 31 01:03:30 2018
mount.nfs: trying text-based options 'vers=4.2,addr=10.0.0.136,clientaddr=10.0.0.108'
mount.nfs: mount(2): No such file or directory
mount.nfs: trying text-based options 'addr=10.0.0.136'
mount.nfs: prog 100003, trying vers=3, prot=6
mount.nfs: trying 10.0.0.136 prog 100003 vers 3 prot TCP port 2049
mount.nfs: prog 100005, trying vers=3, prot=17
mount.nfs: trying 10.0.0.136 prog 100005 vers 3 prot UDP port 33485

這是我在 nfsserver 上的 /etc/exports:

# cat /etc/exports
/images 10.0.0.0/24(ro,sync,no_wdelay,no_subtree_check,insecure_locks,no_root_squash,insecure,fsid=0)
/images/dev 10.0.0.0/24(rw,async,no_wdelay,no_subtree_check,no_root_squash,insecure,fsid=1)

這是防火牆(已禁用):

# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

服務正在監聽:

# rpcinfo -p
  program vers proto   port  service
   100000    4   tcp    111  portmapper
   100000    3   tcp    111  portmapper
   100000    2   tcp    111  portmapper
   100000    4   udp    111  portmapper
   100000    3   udp    111  portmapper
   100000    2   udp    111  portmapper
   100005    1   udp  48327  mountd
   100005    1   tcp  47113  mountd
   100005    2   udp  50106  mountd
   100005    2   tcp  46029  mountd
   100005    3   udp  38832  mountd
   100005    3   tcp  46131  mountd
   100003    2   tcp   2049  nfs
   100003    3   tcp   2049  nfs
   100003    4   tcp   2049  nfs
   100227    2   tcp   2049
   100227    3   tcp   2049
   100003    2   udp   2049  nfs
   100003    3   udp   2049  nfs
   100003    4   udp   2049  nfs
   100227    2   udp   2049
   100227    3   udp   2049
   100021    1   udp  36259  nlockmgr
   100021    3   udp  36259  nlockmgr
   100021    4   udp  36259  nlockmgr
   100021    1   tcp  45767  nlockmgr
   100021    3   tcp  45767  nlockmgr
   100021    4   tcp  45767  nlockmgr

來自 LAN 設備的埠掃描超時,顯示打開的埠:

# nmap -p 111,2049 -T4 -A nfsserver
Starting Nmap 7.40 ( https://nmap.org ) at 2018-01-31 00:22 CET
Nmap scan report for nfsserver (10.0.0.136)
Host is up (0.00079s latency).
rDNS record for 10.0.0.136: nfsserver
PORT     STATE SERVICE VERSION
111/tcp  open  rpcbind 2-4 (RPC #100000)
| rpcinfo:
|   program version   port/proto  service
|   100000  2,3,4        111/tcp  rpcbind
|   100000  2,3,4        111/udp  rpcbind
|   100003  2,3,4       2049/tcp  nfs
|   100003  2,3,4       2049/udp  nfs
|   100005  1,2,3      38832/udp  mountd
|   100005  1,2,3      46131/tcp  mountd
|   100021  1,3,4      36259/udp  nlockmgr
|   100021  1,3,4      45767/tcp  nlockmgr
|   100227  2,3         2049/tcp  nfs_acl
|_  100227  2,3         2049/udp  nfs_acl
2049/tcp open  nfs_acl 2-3 (RPC #100227)
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 6.33 seconds

/etc/hosts.allow並且/etc/hosts.deny都是空的:

# cat /etc/hosts.allow /etc/hosts.deny
#

到目前為止,我已經複製了這個問題:

  • RHEL 7 / 虛擬機
  • Debian 9 / 虛擬機
  • Fedora 13 / 虛擬盒子
  • Debian 9 / VMWare 工作站播放器 14
  • Ubuntu 16 / VMWare 工作站播放器 14

真奇怪!在嘗試了將近一周之後,我向您投降,強大的 Serverfault 之神

我既無知又謙虛!

如何掛載到在虛擬機中執行的 NFS 伺服器而不超時?

**編輯:**感謝您的格式化。我嘗試了 tcpdumping 兩端,似乎有些數據包永遠不會到達 VM 內的 NFS 伺服器。它看起來像是virtualbox內部的網路問題。雖然還是一頭霧水。。

我不知道為什麼這個問題會發生在虛擬機中,但是如果我使用版本 3 安裝它就可以了。

mount -t nfs -o vers=3,nolock,proto=tcp nfsserver:/images /volume1/test

找到了解決方案,但無法真正解釋..?

引用自:https://serverfault.com/questions/894881