Fog NFS issue

luism

Hello,

I have a new fog install that is having issues with mounting the NFS folder. I get this error when I schedule an upload task: could not mount images folder (/bin/fog.upload)

Reason: mount: mounting x.x.x.x:/images/dev on /images failed: connection timed out.

I scheduled an upload task with debug set and I am unable to manually mount the NFS filesystem from within the debug environment on the laptop I am testing with. I get the same timeout. There are no firewalls turned on on the fogserver.

I am running the latest stable version of fog and have set NFS to use version 3 by setting --no-nfs-version 4 in /etc/default/nfs-kernel-server. I have tested that NFS works from one of my CentOS 7 systems. I am able to mount the /images folder on the CentOS system and I am also able to mount a test export from my CentOS system on my Debian 9.5 fog server. It seems that NFS works everywhere except for from the PXE booted fog environment. I have verified the permissions on /images and /images/dev.

What am I missing? Any help would be appreciated.

luism

@tom-elliott
It turns out that the crappy HP procurve 1900 switch that my xenserver was connected to has a feature called “auto DOS” that was blocking the NFS packets. I installed a couple of physical Linux systems to test with and found that I could mount the NFS shares when I was plugged into a different switch.

All works as it should after turning off “auto Dos” under security settings on the switch. The crazy thing is that I had a working fog server for years on this same switch/xenserver. Time to upgrade that switch. Anyway, thanks for all your help. Much appreciated!

Tom Elliott

Whats the output of sudo sestatus?

luism

Disabled. Thanks, forgot to mention that.

Tom Elliott

@luism Whats the output of iptables -L -n?

luism

no rules in iptables. I flushed them with iptables -F.

root@fogserver:/# iptables -L -n
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@fogserver:/#

Tom Elliott

@luism Can you look at the chat bubble, I’ll try to help in more realtime.

Tom Elliott

So remoted in and sure enough for couldn’t mount the share. That said, I believe the issue is specific to the vm environment. OP is using XenServer, and machines that are on the same server appear to be working perfectly fine. Once an external machine tries, however, we get a connection timeout. I’m thinking the network adapters need to be in bridged mode, but I’m also not too familiar with XenServer as a hypervisor.

Sebastian Roth

Well if network works in general (web interface an so on) you wouldn’t think, that it’s timing out because of a network VM issue. Maybe NFS somehow configured to listen on loopback only?

netstat -antup | grep LISTEN

luism

@tom-elliott
It turns out that the crappy HP procurve 1900 switch that my xenserver was connected to has a feature called “auto DOS” that was blocking the NFS packets. I installed a couple of physical Linux systems to test with and found that I could mount the NFS shares when I was plugged into a different switch.

All works as it should after turning off “auto Dos” under security settings on the switch. The crazy thing is that I had a working fog server for years on this same switch/xenserver. Time to upgrade that switch. Anyway, thanks for all your help. Much appreciated!