FreeBSD 8.4 - Can't mount nfs over tcp, but can mount over udp

Scott Schappell archon at silvertree.org
Thu Mar 26 19:34:39 UTC 2015 

I have a FreeNAS 9.3 server exporting an NFS share over UDP and TCP. 
Everything works great over UDP, but over TCP, everything times out.

I'm running ipfilter, but rebooting with it disabled didn't fix the 
issue.  Here's the relevant line in ipf.rules:

pass out log quick on em1 proto tcp/udp from any to any keep state
pass in log quick on em1 proto tcp/udp from any to any keep state

em1 is 192.168.0.0/24, em0 is the public facing NIC.

/etc/hosts.allow on both servers is set to just allow everything:

# Start by allowing everything (this prevents the rest of the file
# from working, so remove it when you need protection).
# The rules here work on a "First match wins" basis.
ALL : ALL : allow

Running ipmon I see the requests go out (eventually, note it takes about 
30 seconds or so to get this output):

26/03/2015 12:12:23.502793 em1 @0:2 p 192.168.0.126,870 -> 
192.168.0.12,111 PR tcp len 20 60 -S K-S OUT
26/03/2015 12:13:05.302609 em1 @0:2 p 192.168.0.126,825 -> 
192.168.0.12,111 PR tcp len 20 60 -S K-S OUT
26/03/2015 12:13:08.302618 em1 @0:2 p 192.168.0.126,825 -> 
192.168.0.12,111 PR tcp len 20 60 -S K-S OUT
26/03/2015 12:13:11.502684 em1 @0:2 p 192.168.0.126,825 -> 
192.168.0.12,111 PR tcp len 20 60 -S K-S OUT
26/03/2015 12:13:14.702750 em1 @0:2 p 192.168.0.126,825 -> 
192.168.0.12,111 PR tcp len 20 48 -S K-S OUT
26/03/2015 12:13:39.503401 em1 @0:2 p 192.168.0.126,825 -> 
192.168.0.12,111 PR tcp len 20 48 -S K-S OUT
26/03/2015 12:14:03.703756 em1 @0:2 p 192.168.0.126,825 -> 
192.168.0.12,111 PR tcp len 20 48 -S K-S OUT

Both hosts are in DNS, forward and reverse so IP validation should work. 
I set NFS ip paranoia to 0 in sysctl to no effect as well.

[root at arthur /etc/namedb/master]# rpcinfo -T tcp avalon.wlan.silvertree.org
rpcinfo: can't contact rpcbind: RPC: Remote system error - Operation 
timed out

[root at arthur /etc/namedb/master]# rpcinfo -T udp avalon.wlan.silvertree.org
    program version netid     address service    owner
     100000    4    tcp       0.0.0.0.0.111 rpcbind    superuser
     100000    3    tcp       0.0.0.0.0.111 rpcbind    superuser
     100000    2    tcp       0.0.0.0.0.111 rpcbind    superuser
     100000    4    udp       0.0.0.0.0.111 rpcbind    superuser
     100000    3    udp       0.0.0.0.0.111 rpcbind    superuser
     100000    2    udp       0.0.0.0.0.111 rpcbind    superuser
     100000    4    tcp6      ::.0.111 rpcbind    superuser
     100000    3    tcp6      ::.0.111 rpcbind    superuser
     100000    4    udp6      ::.0.111 rpcbind    superuser
     100000    3    udp6      ::.0.111 rpcbind    superuser
     100000    4    local     /var/run/rpcbind.sock rpcbind    superuser
     100000    3    local     /var/run/rpcbind.sock rpcbind    superuser
     100000    2    local     /var/run/rpcbind.sock rpcbind    superuser
     100005    1    udp6      ::.2.94 mountd     superuser
     100005    3    udp6      ::.2.94 mountd     superuser
     100005    1    tcp6      ::.2.94 mountd     superuser
     100005    3    tcp6      ::.2.94 mountd     superuser
     100005    1    udp       0.0.0.0.2.94 mountd     superuser
     100005    3    udp       0.0.0.0.2.94 mountd     superuser
     100005    1    tcp       0.0.0.0.2.94 mountd     superuser
     100005    3    tcp       0.0.0.0.2.94 mountd     superuser
     100003    2    udp       0.0.0.0.8.1 nfs        superuser
     100003    3    udp       0.0.0.0.8.1 nfs        superuser
     100003    2    udp6      ::.8.1 nfs        superuser
     100003    3    udp6      ::.8.1 nfs        superuser
     100003    2    tcp       0.0.0.0.8.1 nfs        superuser
     100003    3    tcp       0.0.0.0.8.1 nfs        superuser
     100003    2    tcp6      ::.8.1 nfs        superuser
     100003    3    tcp6      ::.8.1 nfs        superuser
     100024    1    udp6      ::.3.104 status     superuser
     100024    1    tcp6      ::.3.104 status     superuser
     100024    1    udp       0.0.0.0.3.104 status     superuser
     100024    1    tcp       0.0.0.0.3.104 status     superuser
     100021    0    udp6      ::.2.151 nlockmgr   superuser
     100021    0    tcp6      ::.2.191 nlockmgr   superuser
     100021    0    udp       0.0.0.0.3.2 nlockmgr   superuser
     100021    0    tcp       0.0.0.0.3.6 nlockmgr   superuser
     100021    1    udp6      ::.2.151 nlockmgr   superuser
     100021    1    tcp6      ::.2.191 nlockmgr   superuser
     100021    1    udp       0.0.0.0.3.2 nlockmgr   superuser
     100021    1    tcp       0.0.0.0.3.6 nlockmgr   superuser
     100021    3    udp6      ::.2.151 nlockmgr   superuser
     100021    3    tcp6      ::.2.191 nlockmgr   superuser
     100021    3    udp       0.0.0.0.3.2 nlockmgr   superuser
     100021    3    tcp       0.0.0.0.3.6 nlockmgr   superuser
     100021    4    udp6      ::.2.151 nlockmgr   superuser
     100021    4    tcp6      ::.2.191 nlockmgr   superuser
     100021    4    udp       0.0.0.0.3.2 nlockmgr   superuser
     100021    4    tcp       0.0.0.0.3.6 nlockmgr   superuser


My Google Fu has failed me miserably.Any suggestions would be helpful, 
even if that suggestion is "Use UDP, it's fine".

Thanks!

More information about the freebsd-questions mailing list