NFS Share Openwrt 23.05

I followed the instructions here
https://openwrt.org/docs/guide-user/services/nas/nfs_configuration
I created an arbitrary new ip for a new network share. Here is my /etc/exports

/mnt    *(ro,all_squash,insecure,sync)
/mnt/sda4 10.0.0.251(rw,sync,no_subtree_check)

The problem is: I can neither ping 10.0.0.251 from a linux machine in my network nor from my router when I ssh into it.
10.0.0.251 doesn't even appear in Luci under: IPv4 Neighbours

If I try to run this on a linux machine in my local network

sudo mount 10.0.0.251:/mnt/sda5 /mnt/attempt
sudo mount -t nfs 10.0.0.251:/mnt/sda5 /mnt/attempt

I get the error

mount.nfs: No route to host

When I ssh into my OpenWRT router:
If I run ps the following entries are present

/usr/sbin/rpc.mountd -p 32780    
/usr/sbin/rpc.statd -p 32778 -o 32779
/usr/sbin/portmap

I can also restart them manually with

root@10.0.0.1:~# service rpcbind start && service rpcbind enable
root@10.0.0.1:~# service nfsd start && service nfsd enable

No improvements by doing so.

I am trying to mount an NTFS USB storage device. I know it works if I use SMB instead of NFS, but I want to make the switch to NFS.
I am running the official OpenWRT software on my NanoPI R4S (natively supported).

Things started working when I used
10.0.0.1/24 instead of 10.0.0.251

Impeccable speeds

Currently, my /etc/exports is like this

/mnt    *(ro,all_squash,insecure,sync)
/mnt/sda4 10.0.0.1/24(rw,sync,no_subtree_check) 2a00:aaaa:aaaa:aaaa::/64(rw,sync,no_subtree_check)

Any advice about how to limit access? I suppose now I am exposide the drive to all devices in my network.

What am I doing now? It works but I don't know how and why.

In this configuration, 10.0.0.251 is the IP address of the eventual client that is allowed to access the share (if you need restrictions), not a new address that the service will listen on...

1 Like

Thank you for the clarification!

Is there an easy way to create a group of IPs identified as trusted? (or MAC addresses instead of IPs)
It would be good to know.

Practically speaking, I have a separate WiFi access point, but in the software of the access point I cannot define a guest network. My network switch the WiFi access point is connected to doesn't support VLANs, but I didn't think I would need them to begin with.

If the trusted clients are not too many, you can list them separated by a space (with options included).

/mnt/sda4 10.0.0.8(rw) 10.0.0.10(rw) 10.0.0.12(ro)

If the IP addresses are consecutive, you can use CIDR notation.
For example for addresses from .8 to .11:

/mnt/sda4 10.0.0.8/30(rw)
1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.