Bug 122294
Summary: | autofs rpc_ping function always uses UDP | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Dan Morrill <morrildl> | ||||
Component: | autofs | Assignee: | Jeff Moyer <jmoyer> | ||||
Status: | CLOSED NEXTRELEASE | QA Contact: | |||||
Severity: | medium | Docs Contact: | |||||
Priority: | medium | ||||||
Version: | rawhide | ||||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2006-04-05 14:13:33 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Dan Morrill
2004-05-02 19:05:34 UTC
When checking to see if a host is available, the autofs4 code tries to do an RPC ping using UDP. This just calls function 0, and then checks the latency of the test. So, your firewall scripts should be reworked to allow this packet through. Please let me know if this works for you. -Jeff That's consistent with what I am seeing, and yes letting UDP in does work. However, I would call that behavior a bug. Here's my reasoning: 1. If I added the "tcp" option to the autofs config line, I wasn't just kidding around; I don't want it using UDP. :) I realize that's for the NFS mount and not for RPC, but still... NFS honors it, why doesn't autofs? 2. If I can mount the same NFS export directly from command line and THAT doesn't require an RPC ping over UDP, then why does autofs? I mean, what's it going to do? Refuse to perform the mount if the latency is over a certain amount? :) 3. If the intent of the RPC ping is just to see if the host is up or not (i.e. latency isn't the ultimate goal) then if the "tcp" option is set (or alternatively, perhaps "noudp") I would argue for a TCP ping. As a disclaimer, I don't really know why autofs is doing the ping in the first place. I suppose it could be using the latency to select a rsize/wsize or cache or something equally exotic, but that would be... well, exotic. So, maybe I'm just ignorant, but it seems like this is weird behavior for a tool which is just shorthand for mount/umount. But either way, tweaking the firewall rule does work. If you choose to close the bug, then perhaps a note in the documentation about this behavior is in order. (Unless one already is and I just forgot to RTFM. :) You make some valid points. I will take this up with the author and see what we can come up with. FYI, the rpc_ping is a side effect of the replicated server functionality. It checks to see if each server in the list is alive, and also for the latency to each server. In this way, it can choose the best server from which to mount. This bit of code is generic, so even if you only have one server listed, you go through this path. Autofs itself, as you mentioned, in the end just calls mount. As such, it never has the need to interpret mount options. You are suggesting that autofs looks at the mount options to determine how it should behave itself. I'm not completely against this, but it is ugly. Ahhhh... neat. I figured there was probably something I was missing about why autofs was even trying. Also a good point about parsing the mount options -- though I had assumed that autofs was already doing that. (i.e. -fstype=foo is an argument to autofs, not to mount, so autofs has to extract at least that much. Or so I assumed.) Anyway, a workaround exists, so... thanks much. Hi Dan, Could you try the latest test rpm from my people page? It should take the rpc_ping logic out of the non-multi mount case. Also, I'll attach a test program here for you to run. Please give it a go and post the output to the bug report. I'm interested in the output from this program when your NFS server is configured for only TCP. Thanks! Jeff Created attachment 100210 [details]
rpc ping program which tests for nfs v2 and nfs v3
Compile with gcc rpcping.c -o rpcping
Run as rpcping <hostname>
Thanks, Jeff! Here is the output of your rpcping.c program (gcc -g -Wall): [morrildl@eponymous morrildl]$ ./rpcpinger alex detected NFS V2 on host alex detected NFS V3 on host alex No more logs about unexpected UDP packets from the NFS server's firewall. Quick comment about rpcping.c, though: if the default firewall rule on the server is "-j DROP" intead of "-j REJECT --reject-with..." then rpcping (as you would expect) takes a while to timeout on the UDP requests since it gets no response at all. AFAIR, the rule on Fedora if you select "high security" version of the firewall during install is (or was) "-j DROP"; you might want to be aware of this. Requiring NFS servers not to use DROP is probably reasonable though; I have no issue with it at least. Anyway, autofs 4.1.2-6 from /~jmoyer/autofs/fc2/4.1.2-6/i386/ mounts the NFS drive quite happily, no problem. Ship it! :) Thanks for your help! - Dan I notice this (by that I mean the patched autofs you have on your people page) hasn't made it into updates yet for FC2. Will it be included in FC3? Regards, - Dan This was fixed in FC-3; any packages versioned 4.1.3-15 and later should work. |