Setting up a user-specified port range
The /etc/services file must define the port number entries for services mountd, mvsmount, pcnfsd, showattr , network status monitor (status), and network lock manager (nlockmgr) of the z/OS NFS server. Figure 1 outlines the port numbers for these services, with contiguous port numbers 2043-2049 as examples.
# NFS server
#
# Port 2049 must be used for nfsd.
#
# Consecutive port numbers must be assigned for the NFS status,
# nlockmgr, mountd, mvsmount, showattr, and pcnfsd services.
# The example belows uses ports 2043-2048.
#
# When the NFS callback function is being used the services
# nfsscb_b and nfsscb_e should reserve 100 consecutive ports.
# The example below uses port 10300 for the beginning port
# and port 10399 as the ending port.
# For additional information see the Network File System Guide
# and Reference manual.
#
Service port/protocol Alias Description
status 2043/tcp nfs_statd # NFS State daemon (NSM)
status 2043/udp nfs_statd # NFS State daemon (NSM)
nlockmgr 2044/tcp nfs_lockd # NFS Lock daemon (NLM)
nlockmgr 2044/udp nfs_lockd # NFS Lock daemon (NLM)
mountd 2045/tcp mount # NFS mount daemon
mountd 2045/udp mount # NFS mount daemon
mvsmount 2046/tcp nfs_mvsmnt # NFS mvsmount daemon
mvsmount 2046/udp nfs_mvsmnt # NFS mvsmount daemon
showattr 2047/tcp nfs_showattr # NFS showattr daemon
showattr 2047/udp nfs_showattr # NFS showattr daemon
pcnfsd 2048/udp nfs_pcnfs # NFS pcnfsd daemon
pcnfsd 2048/tcp nfs_pcnfs # NFS pcnfsd daemon
nfsd 2049/tcp nfs # NFS server daemon
# - do not change
nfsd 2049/udp nfs # NFS server daemon
# - do not change
#
# NFS Callback function port range
#
nfsscb_b 10300/tcp # NFSS callback port begin
nfsscb_e 10399/tcp # NFSS callback port end
nfsscb_b 10300/udp # NFSS callback port begin
nfsscb_e 10399/udp # NFSS callback port end The user specified range of ports provides a flexible port range to accommodate programs such as a firewall that supports a range of ports for security purposes between the NFS Client and the NFS Server. Firewall security honors a limited port range so the NFS server has to allow the user to specify a few server ports in /etc/services to narrow the port ranges used for programs mountd, mvsmount, pcnfsd and showattr.
The tcpip.profile file must define the port range entries for services nfsd, mountd, mvsmount, pcnfsd, showattr, status, and nlockmgr of the z/OS NFS server. Figure 2 outlines the port ranges for these seven services with contiguous port numbers 2043-2049 as examples, starting with port 2043 for the network status monitor.
PORTRANGE 2043 7 UDP mvsnfs ; Reserved for startup JCL,
; mvsnfs
PORTRANGE 2043 7 TCP mvsnfs ; Reserved for startup JCL,
; mvsnfs
PORTRANGE 10300 100 UDP mvsnfs ; Reserved for startup JCL,
; mvsnfs
PORTRANGE 10300 100 TCP mvsnfs ; Reserved for startup JCL,
; mvsnfsIf the z/OS NFS server is started in the TCP/IP Autolog section, then the NOAUTOLOG parameter should be specified on the PORTRANGE statement, unless there will always be listeners/sockets on all ports defined in the statement. For additional information, refer to the section on AUTOLOG in z/OS Communications Server: IP Configuration Reference.
mvsmount 100044 mvsmount
showattr 100059 showattr# rpcinfo -p hostname
program vers proto port service
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100024 1 udp 2043 status
100024 1 tcp 2043 status
100021 1 udp 2044 nlockmgr
100021 1 tcp 2044 nlockmgr
100021 3 tcp 2044 nlockmgr
100021 3 udp 2044 nlockmgr
100021 4 tcp 2044 nlockmgr
100021 4 udp 2044 nlockmgr
100005 1 udp 2045 mountd
100005 1 tcp 2045 mountd
100005 3 udp 2045 mountd
100005 3 tcp 2045 mountd
100044 1 udp 2046 mvsmount
100044 1 tcp 2046 mvsmount
100059 2 udp 2047 showattr
100059 2 tcp 2047 showattr
150001 1 udp 2048 pcnfsd
150001 2 udp 2048 pcnfsd
150001 1 tcp 2048 pcnfsd
150001 2 tcp 2048 pcnfsd
100003 2 udp 2049 nfs
100003 2 tcp 2049 nfs
100003 3 udp 2049 nfs
100003 3 tcp 2049 nfs
100003 4 tcp 2049 nfs