NFS over TCP really working thru F/W ??

[Ken Hardy <ken () bridge com>]

I've searched the archives of the firewalls mailing list about getting
Solaris' NFS over TCP working through a firewall, but I've not seen anyone
discuss how to actually get this working.  Has anyone made this work?  Can
you provide a cookbook synopsis and tell what ports are really needed? 

(Of course, >I< don't want to do this, but it's a necessity.  At least
it's not involving the public Internet.  Any pointers to white papers or
other discussions that convincingly ellucidate the evils of NFS that I
can show to other people?)


As for making it work, the closest I've seen in the archives is this:

> From: "Mike O'Connor" <mjo () dojo mi org>
> Date: Tue, 24 Jun 1997 13:10:48 -0400 (EDT)
> Subject: NFS port numbers (fwd)
>
> ...
> You'll want to do NFS over TCP instead of UDP.  NFS over TCP is supported
> in Solaris 2.5.  At that point, the ports you have to worry about are:
>
> nfsd            2049/udp        nfs             # NFS server daemon (clts)
> nfsd            2049/tcp        nfs             # NFS server daemon (cots)
> lockd           4045/udp                        # NFS lock daemon/manager
> lockd           4045/tcp


And:


> From: "William L. Hamlin" <whamlin () connetsys com>
> Date: Tue, 24 Jun 1997 14:20:14 -0700 (PDT)
> Subject: Re: NFS port numbers (fwd)
>
> ...
> And don't forget about mountd, which opens up a whole different ballgame.