[
https://issues.apache.org/jira/browse/HDFS-6439?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14036356#comment-14036356
]
Brandon Li commented on HDFS-6439:
----------------------------------
I've committed the patch. Thanks again, Aaron.
> NFS should not reject NFS requests to the NULL procedure whether port
> monitoring is enabled or not
> --------------------------------------------------------------------------------------------------
>
> Key: HDFS-6439
> URL: https://issues.apache.org/jira/browse/HDFS-6439
> Project: Hadoop HDFS
> Issue Type: Bug
> Components: nfs
> Affects Versions: 2.5.0
> Reporter: Brandon Li
> Assignee: Aaron T. Myers
> Fix For: 2.5.0
>
> Attachments: HDFS-6439.003.patch, HDFS-6439.004.patch,
> HDFS-6439.005.patch, HDFS-6439.patch, HDFS-6439.patch,
> linux-nfs-disallow-request-from-nonsecure-port.pcapng,
> mount-nfs-requests.pcapng
>
>
> As discussed in HDFS-6406, this JIRA is to track the follow update:
> 1. Port monitoring is the feature name with traditional NFS server and we may
> want to make the config property (along with related variable
> allowInsecurePorts) something as dfs.nfs.port.monitoring.
> 2 . According to RFC2623 (http://www.rfc-editor.org/rfc/rfc2623.txt):
> {quote} Whether port monitoring is enabled or not, NFS servers SHOULD NOT
> reject NFS requests to the NULL procedure (procedure number 0). See
> subsection 2.3.1, "NULL procedure" for a complete explanation. {quote}
> I do notice that NFS clients (most time) send mount NULL and nfs NULL from
> non-privileged port. If we deny NULL call in mountd or nfs server, the client
> can't mount the export even as user root.
> 3. it would be nice to have the user guide updated for the port monitoring
> feature.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
