Today, I tried to refresh my knowledge based on my post here (Securely Sharing Storage with NFS and Tailscale) because I added one idle VPS from Virmach and connect it to Tailscale.
My plan is to resurrect it from idle VPS to Active VPS by installing Cyberpanel on it and hosting some PHP applications.
But I faced mount.nfs: Operation not permitted
Archlinux wiki page explains more about NFS Troubleshooting, in this case mount.nfs: Operation not permitted
, it said I should make sure the client and server clocks are correct if I use Kerberos. But I'm not using Kerberos.
Solved by :
The problem can be solved by checking the /var/log/syslog
to know what happened:
Aug 15 09:48:14 snakeman kernel: [112887.611620] Firewall: *TCP_OUT Blocked* IN= OUT=tailscale0 SRC=100.87.151.111 DST=100.76.255.112 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=27462 DF PROTO=TCP SPT=963 DPT=2049 WINDOW=64480 RES=0x00 SYN URGP=0 UID=0 GID=0
This explains that my new VPS (with internal IP 100.87.151.111) is blocking to connect of my storage VPS (with internal IP 100.76.255.112) with port 2049 (NFS Port)
-- I forgot that I have installed CSF Firewall on this cyberpanel (my new VPS) 😂
And lastly, I opened port 2049 TCP and UDP to make sure both nfs-server and nfs-client are connected by opening Cyberpanel dashboard -> Firewall configuration -> IPv4 Port Settings -> TCP_IN/OUT and UDP_IN/OUT and restarting CSF/lfd
I can check the /var/log/syslog
again to prove nfs-client and nfs-server are connected.
# tail -f /var/log/syslog | grep 2049
Aug 15 10:21:40 idlevps tailscaled[35559]: Accept: TCP{100.87.151.111:781 > 100.76.255.112:2049} 180 ok out
Aug 15 10:21:40 idlevps tailscaled[35559]: Accept: TCP{100.76.255.112:2049 > 100.87.151.111:781} 136 tcp non-syn
Aug 15 10:21:40 idlevps tailscaled[35559]: Accept: TCP{100.87.151.111:781 > 100.76.255.112:2049} 52 ok out
And.. thanks for reading!