On Wed, Jul 6, 2011 at 6:54 AM, Louis Lagendijk <louis at lagendijk.xs4all.nl> wrote: > On Tue, 2011-07-05 at 22:13 -0400, Tom H wrote: >> On Tue, Jul 5, 2011 at 1:11 PM, Rob Kampen <rkampen at kampensonline.com> wrote: >> > Boris Epstein wrote: >> >>> >> >>> Is the OS X firewall blocking nfs? >> >>> >> >>> How are you mounting the export? If you're not trying it from within >> >>> Terminal, does it work from within it? >> >> >> >> The OS X firewall dos not appear to be a factor. Actually it works >> >> just fine when I turn off the firewall on the CentOS end. >> >> >> >> Could it be that even when I am trying to mount over the TCP the NFS >> >> client on the Mac OS X side still tried to connect to some UDP port? I >> >> am asking that because everyone else mounts just fine with the >> >> firewall up on the server end. >> > >> > As I recall OS X only does NFS via TCP - other clients can use UDP - make >> > sure your CentOS firewall has the TCP ports open. >> >> OS X does use TCP but I've just run tcpdump on an F15 VM while >> mounting and unmounting an NFS share from my Mac. Both the mount and >> umount result in four UDP packets, two to the portmapper and two to >> random ports. >> >> I don't have time to experiment further right now but perhaps opening >> up 111 UDP will allow your Macs to mount the NFS shares. > > NFSv3 uses the nfs port (TCP or UDP), portmapper (UDP) and some random > UDP ports for quota, lockd, mount, and statd. These random ports can be > fixed by setting them in /etc/sysconfig/nfs. They are normally commented > out, but uncommenting them (and setting them to different values if so > required) will fix them so you can firewall them. Thanks doe the reminder! :) My mind's been corrupted by recent Linux releases; I assumed that OS X defaulted to nfsv4 and tcp and my mind didn't connect the random ports with the pre-nfsv4 nfs elements (probably also because I always make them static!). It does default to tcp but doesn't default to nfsv4. Specifying "-o tcp" produces the udp packets as not specifying "-o tcp" so OS X's trying tcp and then falls back to udp. Specifying "-o vers=4.0alpha" produces no udp packets. Perhaps the version of OS X being released this summer'll have a non-alpha nfsv4 mount_nfs...