Can't mount NFS shares on clients connected through HPE switch

  • I desperately need some assistance from some experts here to help me with NFS configuration.

    I have OMV running on a dedicated server and now I'm setting up a separate Proxmox VE server and wanted to mount a dedicated folder from OMV on Proxmox (primarily for backup purposes).


    Here's a brief description of the relevant areas of my network setup:

    • All relevant devices are on the same subnet:
      • OMV server ("piano") on 192.168.1.10
      • Proxmox VE host ("violin") on 192.168.1.11
      • My own PC on the same subnet (192.168.1.0/24)
      • Router (also acting as DNS) on 192.168.1.1
    • All devices connected through an HPE OfficeConnect switch, no filtering on ports applied


    Here's what I did in OMV:

    • Created a shared folder in OMV ("violin"), on a dedicated disk / EXT4 file system.
    • Set permissions to 777.
    • Enabled NFS service
    • Created an NFS share with default parameters

    Now, my problems started when I tried to do showmount -e 192.168.1.10 from Proxmox VE shell. Eventually it did return the shares, but it took ~5 mins to do so. When I tried to mount anything, it just timed out.


    Since I only have access to Proxmox as a Linux client, I've installed NFS Client Services on my own Win11 PC, for debugging purposes. Then I tried showmount -e 192.168.1.10 from the Windows terminal, and voila, it immediately returned the shares:

    Code
    PS > showmount -e 192.168.1.10
    Exports list on 192.168.1.10:
    /export/violin                     *
    /export                            *


    However, when I try to mount with mount -o anon \\192.168.1.10\export\violin y:, it timeouts with Network error 53 (The network path was not found) after ~2 mins of trying.


    Here's what I've tried so far to fix this, unfortunately none of them worked:

    • Reset permissions on the shared folder (777)
    • Disable / re-enable NFS service (rebooting OMV in between)
    • Disabling different flavors of NFS (3, 4.x etc.), rebooting OMV between changes
    • Adding a dedicated user with UID=1010 GID=100, explicitly giving this user access to the shared folder, and using all_squash / anonuid / anongid options in the NFS share parameters to map any user to this specific uid.

    As far as I can tell, everything seems to be working from OMV side, but unfortunately I'm no expert...

    Anyhow, here are the (hopefully) relevant dumps from OMV:


    Code
    ~# cat /proc/fs/nfsd/versions
    -2 +3 +4 +4.1 +4.2


    Code
    ~# cat /etc/exports
    # This file is auto-generated by openmediavault (https://www.openmediavault.org)
    # WARNING: Do not edit this file, your changes will get lost.
    
    # /etc/exports: the access control list for filesystems which may be exported
    #               to NFS clients.  See exports(5).
    /export/violin *(fsid=076d9aa1-321a-4049-a9a4-88763d95b877,rw,subtree_check,insecure)
    
    # NFSv4 - pseudo filesystem root
    /export *(ro,fsid=0,root_squash,no_subtree_check,hide)



    Code
    ~# rpc.nfsd -d
    rpc.nfsd: knfsd is currently up



    What am I doing wrong? :/

    Any help would be greatly appreciated.

  • macom

    Approved the thread.
  • After spending several more hours debugging this, I found the culprit and decided to share the information here, in case someone has the same problem. In fact the issue was very specific to my environment.


    The HPE OfficeConnect switch had Auto DoS (Denial of Service) settings enabled.

    Now, digging into some HPE forums I've found a hint to switch off Auto DoS and disable Prevent Invalid TCP Flags Attack.




    After doing this, NFS started working flawlessly. :D

    I'm not sure if the same ever happens on anything else other than an HPE switch, but it gave me a hard time to resolve, so maybe it helps others. FWIW I will also try to adjust the thread title to better reflect the scope of the problem.

  • lnorbi

    Changed the title of the thread from “Can't mount NFS shares on clients” to “Can't mount NFS shares on clients connected through HPE switch”.
  • chente

    Added the Label resolved

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!