Basic NFSv4 / Cannot Mount / Firewall Problem?

Just setup my new Rocky server and after adding NFS exports I cannot mount them from a client that happily mounted these exports on the previous server.

# mount -t nfs4 rocky.soho.lan:/disk3/stuff /mnt
mount.nfs4: No route to host
# ping rocky.soho.lan
PING rocky.soho.lan ( 56(84) bytes of data.
64 bytes from rocky.soho.lan ( icmp_seq=1 ttl=64 time=0.372 ms
64 bytes from rocky.soho.lan ( icmp_seq=2 ttl=64 time=0.335 ms

Is there an NFS log file?

How does one go about debugging NFS?

Got a WireShark capture and it shows the client requests are going completely unanswered. This might suggest a firewall is involved but the RedHat 8 documentation section 4.8 Installing NFS doesn’t say anything about a firewall. There is discussion about firewalls but in ways that seem to be unrelated to NFSv4 (such as wrt rpcbind which I get the impression is specific to NFSv3).

I’m guessing there is some command that I have to run to add firewall rules for NFSv4 but I’m struggling to find something about it in the RedHat docs.




For posterity, this appears to be the basic minimal NFSv4-only procedure:

# vi /etc/exports:
/disk3/stuff *(rw)
# exportfs -rav
# systemctl enable --now nfs-server
# firewall-cmd --permanent --add-service nfs
# firewall-cmd --reload

“No route to host…” means the firewall is blocking. On the server running nfs, you need to add firewall rules to allow.