Understanding Portmap with NFSv3 and Port 111
Portmap is a service that converts RPC program numbers into protocol port numbers. It must be running in order to make RPC calls. Portmap makes the dynamic binding of remote programs possible. NFSv3 is based on portmap. We will dive into this today.
How Portmap works?
The portmap service maps RPC service and version numbers to transport-specific port numbers.
When an RPC service is started, it will tell portmap what port number it is listening to, and what RPC program numbers it is prepared to serve. When a client wishes to make an RPC call to a given program number, it will first contact portmap on the server machine to determine the port number where RPC packets should be sent.
The figure illustrates the following process:
- The server registers with portmap.
- The client gets the server’s port from portmap.
- The client calls the server.
NFSv3 and Portmap
NFSv3 is based on portmap. The following description applies to NFS version 3 mounts. The NFS version 4 mount process does not include the portmap service nor does it include the MOUNT protocol.
When a client needs to mount a file system from a server, the client must obtain a file handle from the server. The file handle must correspond to the file system. This process requires that several transactions occur between the client and the server. In this example, the client is attempting to mount /home/terry from the server. A snoop trace for this transaction follows.
client -> server PORTMAP C GETPORT prog=100005 (MOUNT) vers=3 proto=UDP
server -> client PORTMAP R GETPORT port=33492
client -> server MOUNT3 C Null
server -> client MOUNT3 R Null
client -> server MOUNT3 C Mount /export/home9/terry
server -> client MOUNT3 R Mount OK FH=9000 Auth=unix
client -> server PORTMAP C GETPORT prog=100003 (NFS) vers=3 proto=TCP
server -> client PORTMAP R GETPORT port=2049
client -> server NFS C NULL3
server -> client NFS R NULL3
client -> server NFS C FSINFO3 FH=9000
server -> client NFS R FSINFO3 OK
client -> server NFS C GETATTR3 FH=9000
server -> client NFS R GETATTR3 OK
NFS mount Process
- In this trace, the client first requests the mount port number from the portmap service on the NFS server.
- After the client receives the mount port number (33492), that number is used to test the availability of the service on the server.
- After the client has determined that a service is running on that port number, the client then makes a mount request.
- When the server responds to this request, the server includes the file handle for the file system (9000) being mounted.
- The client then sends a request for the NFS port number. When the client receives the number from the server, the client tests the availability of the NFS service (nfsd). Also, the client requests NFS information about the file system that uses the file handle.
Check Portmap Port 111 on Linux
The well known port number for portmap is 111. We can use rpcinfo -p to check which rpc service is registered to portmap. Normally this command will respond with all the registered RPC services running on the server.
The listing displays the program number, version, protocol, port, and service name. One of those listed is the mountd service.
program vers proto port service
100005 1 udp 33492 mountd
David is a Cloud & DevOps Enthusiast. He has years of experience as a Linux engineer. He had working experience in AMD, EMC. He likes Linux, Python, bash, and more. He is a technical blogger and a Software Engineer. He enjoys sharing his learning and contributing to open-source.
howtouselinux.com is dedicated to providing comprehensive information on using Linux.
We hope you find our site helpful and informative.
portmap(8) — Linux man page
Portmap is a server that converts RPC program numbers into DARPA protocol port numbers. It must be running in order to make RPC calls.
When an RPC server is started, it will tell portmap what port number it is listening to, and what RPC program numbers it is prepared to serve. When a client wishes to make an RPC call to a given program number, it will first contact portmap on the server machine to determine the port number where RPC packets should be sent.
Portmap must be started before any RPC servers are invoked.
Normally portmap forks and dissociates itself from the terminal like any other daemon. Portmap then logs errors using syslog(3).
-d' (debug) prevents portmap from running as a daemon, and causeserrors and debugging information to be printed to the standarderror output.
-l‘ (localhost only) causes portmap to only bind to the loopback interface (i.e. INADDR_LOOPBACK).
-v‘ (verbose) run portmap in verbose mode.
This portmap version is protected by the tcp_wrapper library. You have to give the clients access to portmap if they should be allowed to use it. To allow connects from clients of the .bar.com domain you could use the following line in /etc/hosts.allow:
You have to use the daemon name portmap for the daemon name (even if the binary has a different name). For the client names you can use the keyword ALL, IP addresses, hostnames or domain names.
For further information please have a look at the tcpd((8)), hosts_allow((5)) and hosts_access((5)) manual pages.
See Also
xinetd.conf((5)), rpcinfo((8)), pmap_set((8)), pmap_dump((8)), xinetd((8)) tcpd((8)) hosts_access((5)) hosts_options((5))
Bugs
If portmap crashes, all rpc servers must be restarted.
History
The portmap command appeared in BSDBSD 4.3.
4.3 Berkeley Distribution March 16, 1991 4.3 Berkeley Distribution
Linux OS service ‘portmap’
Portmap service maps RPC requests to the correct services. RPC processes notify portmap when they start, revealing the port number they are monitoring and the RPC program numbers they expect to serve. The client system then contacts portmap service on the server with a particular RPC program number. portmap then redirects the client to the proper port number to communicate with its intended service.
This service executes portmap daemon and portmap service must be started before any RPC servers are invoked. Portmap is needed for the programs which use SUN RPC. NFS and NIS are the typical service to need this portmap. This service is provided by portmap rpm package, which should be installed on any machine which acts as a server for protocols using RPC.
Service Control
Use the chkconfig utility to configure (enable and disable) the portmap service i.e.:
# chkconfig --list portmap portmap 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Use the service command to manage (stop, start, etc.) the portmap service interactively ie.:
# service portmap Usage: /etc/init.d/portmap
# service portmap start Starting portmap: [ OK ]
# service portmap stop Stopping portmap: [ OK ]
To check the status of the service :
# service portmap status portmap (pid 8951) is running.
# service portmap restart Stopping portmap: [ OK ] Starting portmap: [ OK ]
Conditionally restarting the service :
# service portmap condrestart Stopping portmap: [ OK ] Starting portmap: [ OK ]
# service portmap reload Reloading configuration: [ OK ]
Configuration
There is no configuration file for this service. The following options may be added by portmap daemon:
-d: prevents portmap from running as a daemon, and causes errors and debugging information to be printed to the standard error output.
-l: causes portmap to only bind to the loopback interface (i.e. INADDR_LOOPBACK).
-v: run portmap in verbose mode.
The rpcinfo tool, can be used to find all the RPC services registered on a specified host and to report their universal addresses and the transports for which they are registered. Following example shows all of the RPC services registered on the local machine :
# rpcinfo -p localhost program vers proto port 100000 2 tcp 111 portmapper 100000 2 udp 111 portmapper 100024 1 udp 980 status 100024 1 tcp 983 status