Storage Filer: NetApp configured with NFS license.
Linux Client: SLES 11 SP2 with nfs-client-1.2.3-18.17.2
While trying to mount the exported File System via NFS, you may see this common error:
# mount /software/export/ mount.nfs: access denied by server while mounting filer_name:/vol/Some_vol01_nfs_software
Further Troubleshooting from the client:
Its always good idea to enable full debug for NFS client requests:
# echo "65535" > /proc/sys/sunrpc/nfs_debug
From there, you need to look for your local messages, like so:
# tail -f /var/log/messages Jul 9 14:07:50 servername kernel: [605981.673777] NFS: received 1 auth flavors Jul 9 14:07:50 servername kernel: [605981.673782] NFS: auth flavor: 0 Jul 9 14:07:50 servername kernel: [605981.673807] NFS: MNT request succeeded Jul 9 14:07:50 servername kernel: [605981.673812] NFS: server does not support requested auth flavor Jul 9 14:07:50 servername kernel: [605981.673828] NFS: sending UMNT request for filer_name:/vol/Some_vol01_nfs_software
From those messages, we can conclude that the Filer somehow its not providing an auth-method the client can understand.
Further troubleshooting from the Filer:
Its always good idea to return to the basics, and make some ICMP tests, both by IP and by hostname, in case you are using them.
Since this was an already working volume exported using NFS, we needed to ensure the exports where properly configured, this is the affected line in the Filer:
cat exports #Auto-generated by setup Tue May 11 19:01:33 GMT 2010 for Filer #/vol/vol0 -sec=sys,rw,anon=0,nosuid /vol/Some_vol01_nfs_software -sec=none,ro=192.168.100.X:192.168.100.X:hostname1
Also, The option nfs.mountd.trace can be turned on to help debug access requests
The usage of the option sec=none was causing no auth-mechanism was presented to the client. I’ve seen other versions of SLES not being affected by this, but I suppose there’s some new security concerns resolved on this specific version.
To avoid this situation, just go to the default sec setting for Linux clients:
After changing the filer exporfs file, and typing exportfs -a to reload its configuration, now the client was able to mount the File Systems properly.