Instalation linux with NFS

NFS Configuration
Choose a directory in which to place the CD ISO images. For /media/cdrom, we'll call the directory /mnt/cdrom.

Export that directory via NFS
Do all this as user root. Once the install CD's are properly loaded in the directory, that directory must be made available on the local network. Add the following to /etc/exports:

vi /etc/exports

/mnt/cdrom 192.168.1.0/24 localhost(ro)


mkdir -p /mnt/cdrom


mount -t iso9660 -o ro /media/cdrom /mnt/cdrom

/etc/init.d/portmap restart
/etc/init.d/nfs start

test nfs for localhost

mkdir /mnt/nfs

mount -t nfs localhost:/mnt/cdrom /mnt/nfs

Now, you cek nfs for network

mount -t nfs 192.168.1.110:/mnt/cdrom /mnt/nfs

if mount success, then you make diskboot.

cd /mnt/cdrom/images

dd if=diskboot.img of=/dev/sda1

client
you must setting BIOS to firstboot to USB or Floppy, if its ok you type commnad :
boot: linux askmethod




If that command fails, or if you can't see the files and directories inside /mnt/cdrom, then something's wrong and you need to troubleshoot before moving on to the next step.
Check that you're not blocked by iptables
The iptables software relies on portmap to map some ports at high addresses. These high ports can change each time iptables is restarted. Therefore, these high ports can be blocked by the client machine's firewall, preventing NFS access. The solution is:

1. Force the high port to be known
2. Fix the firewall to pass these ports

Diagnosing the Problem
If you can't mount NFS shares and can't figure out why, try mounting them from localhost on the share host:

mount -t nfs -o ro localhost:/media/cdrom /mnt/cdrom

If the preceding works whereas mounts from other hosts do not, it's an excellent indication that you're firewall blocking your NFS. To really make sure, *very temporarily* create an overly permissive firewall. If the NFS mounting problem goes away, you have an iptables problem that can be fixed with iptables configuration.

Creation of an overly permissive firewall is described later in this article.
Finding or Creating Your iptables Configuration File
The usual config file for iptables is /etc/sysconfig/iptables., but it could be elsewhere. To find the location of the iptables configuration file, look in /etc/rc.d/init.d/iptables at the code in save(). This code contains an environment variable set to the intended location of the config file. On Mandy 9 boxes this is called $IPTABLES_CONFIG. Next look through /etc/rc.d/init.d/iptables to determine how that variable is set. In Mandy 9.0 it's set near the top of the file. Once you know the intended config file, you can look for it, and if it doesn't exist, you can create it.

Instead, the boot process builds up iptablescommand by command. In my opinion having the config file is much easier for troubleshooting. So if you don't have /etc/sysconfig/iptables, your first step is to create it.

WARNING

ALWAYS make absolutely sure there's no existing iptables config file before creating one, because overwriting your existing firewall is a terrible thing.

If you're sure you don't have a config file (look elsewhere besides /etc/sysconfig/iptables), use the following command to create one:

service iptables restart
service iptables save

The first command restarts iptables, putting it in a known state. The second writes the config file.

service iptables save


Don't create an overly permissive firewall if you're in an extremely hostile environment. Either disconnect the machine from the main network and test it with a small one not connected to the Internet (i.e. null modem cable or equivalent), or perform more troubleshooting steps to determine the nature of the problem without undue exposure to crackers.

Edit your firewall config file (probably /etc/sysconfig/iptables). Go to the filter chain, which starts with the string *filter. Right above the first -Aline in the filter chain, insert the following line:

[0:0] -A INPUT -j ACCEPT

The preceding line tells the filter chain to accept all packets from everywhere. Restart iptables and try your mount again. If it succeeds, you've toggled the symptom with the client firewall, so now you know where to troubleshoot.

To foil script kiddies, IMMEDIATELY remove the line you just inserted.
Allowing NFS Through Your Client Firewall
Your first step is to view the output of rpcinfo to see what ports you're using. The session might look something like this:

rpcinfo -p 192.168.100.2
program vers proto port
100000 2 tcp 111 portmapper
100000 2 udp 111 portmapper
100021 1 udp 32886 nlockmgr
100021 3 udp 32886 nlockmgr
100021 4 udp 32886 nlockmgr
100011 1 udp 808 rquotad
100011 2 udp 808 rquotad
100011 1 tcp 811 rquotad
100011 2 tcp 811 rquotad
100003 2 udp 2049 nfs
100003 3 udp 2049 nfs
100005 1 udp 32888 mountd
100005 1 tcp 33448 mountd
100005 2 udp 32888 mountd
100005 2 tcp 33448 mountd
100005 3 udp 32888 mountd
100005 3 tcp 33448 mountd
[root@mydesk root]#


In the preceding notice that the mountd daemon is assigned two different ports. Restart nfs, run rpcinfo again, and you'll likely see the ports change. The changes are due to the actions of the portmapper program. I think you'll agree that makes firewalling somewhat challenging.

The simplest solution is to hard code the mountd ports to a specific value. To do this, ON THE NFS SERVERedit the /etc/rc.d/init.d/nfsscript.

One solution is to create a script that grep's the output of the rpcinfo command, turns the mountd lines into iptables commands, and updates iptables. Workable, but a challenge, especially because each time you rerun the command you must remove the iptables lines from the previous run. An

Create one or more NFS aware boot floppies
WARNING

When using the dd command to write to device /dev/fd0, always wait until the command finishes AND the floppy light goes out before removing the floppy.

NOTE

If you have trouble finding reliable floppy media, you can Use the floppy image to create a bootable CD equivalent to the bootable floppy.

On most distros, the first CD contains a directory called images. This directory contains various images to make bootable floppies. Place a known good, write enabled floppy in the server's drive, and make your boot floppies:

umount /mnt/cdrom
mount -o loop,ro /media/cdrom/rh8iso /mnt/cdrom
dd if=/mnt/images/bootnet.img of=/dev/fd0

umount /mnt/cdrom
dd if=//images/network.img of=/dev/fd0