NFS Howto Troubleshooting
From Linux NFS
Line 1: | Line 1: | ||
- | + | ==== Troubleshooting ==== | |
+ | ===== Unable to See Files on a Mounted File System ===== | ||
+ | First, check to see if the file system is actually mounted. There are several ways of doing this. The most reliable way is to look at the file ''/proc/mounts'', which will list all mounted filesystems and give details about them. If this doesn't work (for example if you don't have the ''/proc'' filesystem compiled into your kernel), you can type '''mount -f''' although you get less information. | ||
+ | |||
+ | If the file system appears to be mounted, then you may have mounted another file system on top of it (in which case you should unmount and remount both volumes), or you may have exported the file system on the server before you mounted it there, in which case NFS is exporting the underlying mount point (if so then you need to restart NFS on the server). | ||
+ | |||
+ | If the file system is not mounted, then attempt to mount it. If this does not work, see 7.3. | ||
+ | ===== File requests hang or timeout waiting for access to the file. ===== | ||
+ | This usually means that the client is unable to communicate with the server. See 7.3.b. | ||
+ | ===== Unable to mount a file system ===== | ||
+ | There are two common errors that mount produces when it is unable to mount a volume. These are: | ||
+ | *failed, reason given by server: ''Permission denied''. This means that hte server does not recognize that you have access to the volume. | ||
+ | **Check your ''/etc/exports'' file and make sure that the volume is exported and that your client has the right kind of access to it. For example, if a client only has read access then you have to mount the volume with the '''ro''' option rather than the '''rw''' option. | ||
+ | **Make sure that you have told NFS to register any changes you made to ''/etc/exports'' since starting nfsd by running the exportfs command. Be sure to type '''exportfs -ra''' to be extra certain that the exports are being re-read. | ||
+ | **Check the file ''/proc/fs/nfs/exports'' and make sure the volume and client are listed correctly. (You can also look at the file ''/var/lib/nfs/xtab'' for an unabridged list of how all the active export options are set.) If they are not, then you have not re-exported properly. If they are listed, make sure the server recognizes your client as being the machine you think it is. For example, you may have an old listing for the client in /etc/hosts that is throwing off the server, or you may not have listed the client's complete address and it may be resolving to a machine in a different domain. One trick is login to the server from the client via '''ssh''' or '''telnet'''; if you then type '''who''', one of the listings should be your login session and the name of your client machine as the server sees it. Try using this machine name in your /etc/exports entry. Finally, try to '''ping''' the client from the server, and try to ping the server from the client. If this doesn't work, or if there is packet loss, you may have lower-level network problems. | ||
+ | **It is not possible to export both a directory and its child (for example both ''/usr'' and ''/usr/local''). You should export the parent directory with the necessary permissions, and all of its subdirectories can then be mounted with those same permissions. | ||
+ | *''RPC: Program Not Registered'': (or another "RPC error): This means that the client does not detect NFS running on the server. This could be for several reasons. | ||
+ | **Check that NFS actually is running on the server by typing rpcinfo -p on the server. See (link to NFS setup docs). If you do not see ''portmapper'',''nfs'', and ''mountd'', you need to restart NFS. If you are not able to restart successfully, see symptom 9. | ||
+ | **Check to make sure you can see ''portmapper'' from the client. On the client, type '''rpcinfo -p''' ''server'' where server is the DNS name or IP address of your server. If you get a listing, then make sure that the type of mount you are trying to perform is supported. For example, if you are trying to mount using Version 3 NFS, make sure Version 3 is listed; if you are trying to mount using NFS over TCP, make sure that is registered. (Some non-Linux clients default to TCP). Type '''man rpcinfo''' for more details on how to read the output. If the type of mount you are trying to perform is not listed, try a different type of mount. | ||
+ | **If you get the error ''No Remote Programs Registered'', then you need to check your ''/etc/hosts.allow'' and ''/etc/hosts.deny'' files on the server and make sure your client actually is allowed access. Again, if the entries appear correct, check /etc/hosts (or your DNS server) and make sure that the machine is listed correctly, and make sure you can ping the server from the client. Also check the error logs on the system for helpful messages: Authentication errors from bad ''/etc/hosts.allow'' entries will usually appear in ''/var/log/messages'', but may appear somewhere else depending on how your system logs are set up. The man pages for '''syslog''' can help you figure out how your logs are set up. Finally, some older operating systems may behave badly when routes between the two machines are asymmetric. Try typing '''tracepath''''' [server]'' from the client and see if the word "asymmetric" shows up anywhere in the output. If it does then this may be causing packet loss. However asymmetric routes are not usually a problem on recent linux distributions. | ||
+ | **If you get the error ''Remote system error - No route to host'', but you can '''ping''' the server correctly, then you are the victim of an overzealous firewall. Check any firewalls that may be set up, either on the server or on any routers in between the client and the server. Look at the man pages for '''ipchains''', '''netfilter''', and '''ipfwadm''', as well as the [http://www.linuxdoc.org/HOWTO/IPCHAINS-HOWTO.html IPChains-HOWTO] and the [http://www.linuxdoc.org/HOWTO/Firewall-HOWTO.html Firewall-HOWTO] for help. |
Revision as of 13:22, 6 April 2006
Contents |
Troubleshooting
Unable to See Files on a Mounted File System
First, check to see if the file system is actually mounted. There are several ways of doing this. The most reliable way is to look at the file /proc/mounts, which will list all mounted filesystems and give details about them. If this doesn't work (for example if you don't have the /proc filesystem compiled into your kernel), you can type mount -f although you get less information.
If the file system appears to be mounted, then you may have mounted another file system on top of it (in which case you should unmount and remount both volumes), or you may have exported the file system on the server before you mounted it there, in which case NFS is exporting the underlying mount point (if so then you need to restart NFS on the server).
If the file system is not mounted, then attempt to mount it. If this does not work, see 7.3.
File requests hang or timeout waiting for access to the file.
This usually means that the client is unable to communicate with the server. See 7.3.b.
Unable to mount a file system
There are two common errors that mount produces when it is unable to mount a volume. These are:
- failed, reason given by server: Permission denied. This means that hte server does not recognize that you have access to the volume.
- Check your /etc/exports file and make sure that the volume is exported and that your client has the right kind of access to it. For example, if a client only has read access then you have to mount the volume with the ro option rather than the rw option.
- Make sure that you have told NFS to register any changes you made to /etc/exports since starting nfsd by running the exportfs command. Be sure to type exportfs -ra to be extra certain that the exports are being re-read.
- Check the file /proc/fs/nfs/exports and make sure the volume and client are listed correctly. (You can also look at the file /var/lib/nfs/xtab for an unabridged list of how all the active export options are set.) If they are not, then you have not re-exported properly. If they are listed, make sure the server recognizes your client as being the machine you think it is. For example, you may have an old listing for the client in /etc/hosts that is throwing off the server, or you may not have listed the client's complete address and it may be resolving to a machine in a different domain. One trick is login to the server from the client via ssh or telnet; if you then type who, one of the listings should be your login session and the name of your client machine as the server sees it. Try using this machine name in your /etc/exports entry. Finally, try to ping the client from the server, and try to ping the server from the client. If this doesn't work, or if there is packet loss, you may have lower-level network problems.
- It is not possible to export both a directory and its child (for example both /usr and /usr/local). You should export the parent directory with the necessary permissions, and all of its subdirectories can then be mounted with those same permissions.
- RPC: Program Not Registered: (or another "RPC error): This means that the client does not detect NFS running on the server. This could be for several reasons.
- Check that NFS actually is running on the server by typing rpcinfo -p on the server. See (link to NFS setup docs). If you do not see portmapper,nfs, and mountd, you need to restart NFS. If you are not able to restart successfully, see symptom 9.
- Check to make sure you can see portmapper from the client. On the client, type rpcinfo -p server where server is the DNS name or IP address of your server. If you get a listing, then make sure that the type of mount you are trying to perform is supported. For example, if you are trying to mount using Version 3 NFS, make sure Version 3 is listed; if you are trying to mount using NFS over TCP, make sure that is registered. (Some non-Linux clients default to TCP). Type man rpcinfo for more details on how to read the output. If the type of mount you are trying to perform is not listed, try a different type of mount.
- If you get the error No Remote Programs Registered, then you need to check your /etc/hosts.allow and /etc/hosts.deny files on the server and make sure your client actually is allowed access. Again, if the entries appear correct, check /etc/hosts (or your DNS server) and make sure that the machine is listed correctly, and make sure you can ping the server from the client. Also check the error logs on the system for helpful messages: Authentication errors from bad /etc/hosts.allow entries will usually appear in /var/log/messages, but may appear somewhere else depending on how your system logs are set up. The man pages for syslog can help you figure out how your logs are set up. Finally, some older operating systems may behave badly when routes between the two machines are asymmetric. Try typing tracepath [server] from the client and see if the word "asymmetric" shows up anywhere in the output. If it does then this may be causing packet loss. However asymmetric routes are not usually a problem on recent linux distributions.
- If you get the error Remote system error - No route to host, but you can ping the server correctly, then you are the victim of an overzealous firewall. Check any firewalls that may be set up, either on the server or on any routers in between the client and the server. Look at the man pages for ipchains, netfilter, and ipfwadm, as well as the IPChains-HOWTO and the Firewall-HOWTO for help.