The primary port used by NFS (Network File System) is 2049 for both TCP and UDP protocols.
Understanding NFS Ports
Network File System (NFS) is a distributed file system protocol that allows a user on a client computer to access files over a computer network much like local storage is accessed. For NFS to function correctly, specific ports need to be open on the server side, where the NFS daemon runs.
According to the provided SUSE support information, the NFS Daemon, which operates exclusively on NFS servers, uses a static port. This static port is crucial for reliable communication between NFS clients and the server.
- Port Number: 2049
- Protocols: TCP and UDP
This means that network traffic related to core NFS operations primarily flows through port 2049, utilizing either the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP).
Why Static Ports are Important for NFS
Historically, some NFS components used dynamic ports assigned by a port mapper service (like rpcbind or portmap). This made firewall configuration challenging. Using static ports simplifies network management and security setup. The SUSE reference explicitly states that the NFS Daemon runs on a static port, 2049, for both protocols, highlighting this simplification for modern NFS configurations.
Firewall Configuration
Proper firewall configuration is essential for allowing NFS traffic while maintaining network security. Based on the reference, firewalls on the NFS server should be configured to permit incoming connections specifically to port 2049.
- Allow incoming traffic on TCP port 2049.
- Allow incoming traffic on UDP port 2049.
This ensures that NFS clients can establish connections and communicate with the NFS daemon running on the server. While port 2049 is the main port for the NFS protocol itself, other services like rpcbind (port 111 TCP/UDP) are often also required for the initial connection setup and for other related RPC services like mountd or statd, which might use different ports (potentially dynamic unless configured statically). However, the core NFS daemon specifically uses 2049.
Summary Table
| Service | Port | Protocol | Notes |
|---|---|---|---|
| NFS Daemon (Core) | 2049 | TCP, UDP | Primary NFS traffic; needs firewall rule |
| RPC Portmapper | 111 | TCP, UDP | Used for initial handshake; often required |
| Other RPC Services | Varies | Varies | mountd, statd; may need static mapping |
Note: While port 2049 is central, a full NFS setup often requires access to port 111 as well, and potentially other ports depending on the configuration and services used.
Configuring firewalls correctly using the specified ports is a key step in deploying NFS servers securely and effectively.
