Error:
On Client (192.169.32.17)
# mount 192.169.32.10:/export/home/deepak /mnt
mount.nfs: access denied by server while mounting 192.169.32.10:/export/home/deepak
On NFS Server (192.169.32.10)
# tail -n 1 /var/log/messages
Sep 13 00:00:32 cc01-nds-ins rpc.mountd[29613]: refused mount request from 192.169.32.17 for /export/home/deepak (/export/home/deepak): unmatched host
Solution:
This error is occurring because the NFS server is unaware of the client network attempting to access the NFS shares.
As for my case below are the list of directories which are shared using NFS server
# exportfs -v
/export/home/deepak 10.10.10.0/255.0.0.0(ro,wdelay,root_squash,no_subtree_check)
/export/home/rahul 10.10.10.0/255.0.0.0(ro,wdelay,no_root_squash,no_subtree_check)
/root/upgrade/scripts 10.10.10.0/255.0.0.0(rw,wdelay,no_root_squash,no_subtree_check)
As you see the directories are shared for 10.10.10.0/255.0.0.0 subnet while my client server IP is in a different subnet 192.169.32.0/255.255.255.224
So I need to add this subnet in my exports share
On NFS Server (192.169.32.10)
Add a new line in /etc/exports file as shown below
# vi /etc/exports
/export/home/deepak 192.169.32.0/255.255.255.224(ro,sync,no_subtree_check)
Refresh the share
# exportfs -ra
List the updated share information
# exportfs -v
/export/home/deepak 10.10.10.0/255.0.0.0(ro,wdelay,root_squash,no_subtree_check)
/export/home/deepak 192.169.32.0/255.255.255.224(ro,wdelay,root_squash,no_subtree_check)
/export/home/rahul 10.10.10.0/255.0.0.0(ro,wdelay,no_root_squash,no_subtree_check)
/ISS/export-upgrade 10.10.10.0/255.0.0.0(rw,wdelay,no_root_squash,no_subtree_check)
Let us re-attempt to access the NFS share from our client
On Client (192.169.32.17)
# mount -t nfs 192.169.32.10:/export/home/deepak /mnt
# mount | grep export
192.169.32.10:/export/home/deepak on /mnt type nfs (rw,addr=192.169.32.10)
I hope this tutorial was helpful.
I can see how you came up with 192.169.32.0/255.255.255.224 but have no clue what my equivalent value of 10.10.10.0/255.0.0.0 would be. Our old documentation at work used ’10.YYY.XX.0/19′ which no longer works, how does one figure out the needed values for a client to connect to a server!?!?!?!
After searching in 100s of webpages, adding that subnet mask solved the issue. Countless Thanks!