NFS mount fails with permission denied error because client not using IP allowed in export policy rule
Applies to
- ONTAP 9
- NFS
- IPv4 and IPv6
Issue
- When try to mount the NFS on client, getting below error:
[root@linux ~]# mount -t nfs Ontap_IP:/NFS_IPV6 /mnt
mount.nfs: mount(2): Permission denied
- Client fails to evaluate an export policy when multiple IP address are assigned.
- IP "
2620:118:8010:1096:250:56ff:fea6:fbb7
" is allowed in clientmatch in export policy on Ontap:
cluster::*> export-policy rule show -vserver vs1 -policyname NFS_policy -instance
List of Client Match Hostnames, IP Addresses, Netgroups, or Domains: 2620:118:8010:1096:250:56ff:fea6:fbb7
- However, there are multiple interfaces on client and has multiple IP addresses assigned:
Example for IPv6:
[root@linux ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 2620:118:8010:1096:250:56ff:fea6:a895 prefixlen 64 scopeid 0x0<global>
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 2620:118:8010:1096:250:56ff:fea6:fbb7 prefixlen 64 scopeid 0x0<global>
Example for IPv4:
[root@xcpserver2 ~]# ifconfig
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.216.41.xx netmask 255.255.255.0 broadcast 10.216.41.255
inet6 fe80::af37:bb4:1eff:ebb prefixlen 64 scopeid 0x20<link>
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.xx netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:42:dd:94 txqueuelen 1000 (Ethernet)