[mythtv-users] nfs related frontend issues

Ian Forde ian at duckland.org
Wed Mar 21 01:29:11 UTC 2007 

On Tue, 2007-03-20 at 18:14 -0400, Rich West wrote:
> R. G. Newbury wrote:
> > Blammo wrote:
> >   
> >> On 3/20/07, John Goulah <jgoulah at gmail.com> wrote:
> >>     
> >>> Hi,
> >>>
> >>>  I had recently switched all of my data partitions to an NFS mounted
> >>> filesystem.  Everything works fine, until the system is sitting for about a
> >>> day or so, and then when I try to go into the videos they are gone, and I
> >>> have to restart the frontend.  A similar problem happens with the music
> >>> portion, except it just freezes when I click it.  Again restarting the
> >>> frontend solves the problem. The NFS partitions stay mounted (I dont have to
> >>> remount anything).  Is there anything I can do to resolve this, or ideas on
> >>> where to look for the problem?
> >>>       
> >> You might check your firewall setup on both backend and frontend. I
> >> had an issue on a system I set up a few months ago, where iptables
> >> kept killing NFS sessions after a "idle timeout".
> >>
> >> You don't say what OS you're running, but if you're running a
> >> redhat-derivitive (centos, rhel, fedora etc) you should be able to
> >> stop the iptables service (as root) by typing "service iptables stop".
> >> Give it 24 hours and see if that helps.
> >>
> >> To stop the service from starting on boot (again on a redhat) you can
> >> type "chkconfig iptables off"
> >>
> >>     
> >
> > Better yet, if you are running Fedora (or RedHat derived) run the 
> > program 'lokkit' and select the box to allow NFS. Lokkit is a small 
> > program to configure the firewall/iptables in Fedora.
> >
> >
> > If you find that you cannot mount your NFS share, and get a 'permission 
> > denied' error, but that you can *then* get in, if you run 'iptables -F' 
> > on the NFS server end of the pair, then your firewall is set to refuse 
> > NFS access. Use lokkit.
> >
> > You should NOT just turn of iptables: That IS your firewall!
> 
> Off Topic, but if you are within your own internal (aka private) network 
> with a firewall between your network and the rest of the internet, there 
> is no need for individual firewalls on individual machines.

Actually, that's an individual choice, and a good basic security
practice...

	-I
-- 
                       _______________________________________
                       Ian Forde
                       RHCE (7,EL4), CCSE, SCNA, SCDME

More information about the mythtv-users mailing list