Mount export of an nfs share

Question

I have two machines A and B that are not on the same network, and I'd like to export an nfs share from one machine to the other.

In the middle, I have a machine M that is on both network.

I successfully mounted my A's share on M. Now, I'd like to export this mount to B.

I created an export on M, like this:

/mnt/path/to/mountpoint/of/A's/nfsshare <B's IP address>(rw,insecure,secure,root_squash,wdelay,sync,no_subtree_check)

And tried to mount it on B, like this :

<M's hostname>:/mnt/path/to/mountpoint/of/A's/nfsshare /some/empty/directory  nfs auto,rw,rsize=65535 0 0

When I try to mount M's export, I get this message on B:

mount.nfs: vm-dc:/mnt/dcstore01/data02/formats_exploitation failed, reason given by server: Permission denied

And I get this message in M's syslog :

Dec  6 13:53:05 vm-dc rpc.mountd[27916]: authenticated mount request from 10.0.0.1:773 for /mnt/dcstore01/data02/formats_exploitation (/mnt/dcstore01/data02)
Dec  6 13:53:05 vm-dc rpc.mountd[27916]: qword_eol: fflush failed: errno 22 (Invalid argument)
Dec  6 13:53:05 vm-dc rpc.mountd[27916]: Cannot export /mnt/dcstore01/data02, possibly unsupported filesystem or fsid= required

What should I do ?

Answer 1

This is called nfs re-export and disallowed by modern linux kernels/distributions. As workaround, try port forwarding on the host M:

  iptables -t nat -A PREROUTING -p tcp --dport 2049 -j DNAT --to-destination 10.10.10.10:2049
  iptables -t nat -A POSTROUTING -p tcp --dport 2049 -j MASQUERADE

Do the same for mountd as well, but better to fix mountd port in /etc/sysconfig/nfs on host A first

 RPCMOUNTDOPTS="--port 2052"

Keep in the mind, that mountd may use udp as well.