So I’ve been working with a very strict firewall on an AIX host which is mouting an NFS share on Red Hat 5.3 hosts and since NFSD on Red Hat utilises the RPC protocol (port 111) and NFS (port 2049) which are static, it unfortunately also uses rpc.mountd (aka mountd) which (by default) doesn’t run using a static port, instead, every time it starts up, it asks the RPC portmap service for a free port number, and uses that.

I just couldn’t have this happening on Red Hat, since the AIX firewall is locked down as tight as can be, with even anomalous outbound tcp/ack’s being disallowed. I know that the portmap service gets its free port numbers from (among other sources) /etc/services so I decided to grab the current port number that mountd was running on…

rpcinfo -p | grep mountd

and make an entry into /etc/services in the hope that rpc.mountd would see the mountd entry and automatically use that port number, and only that port number, such an example entry:

mountd          672/tcp                         # Rob's Edit - binds mountd to a static port
mountd          672/udp                         # Rob's Edit - binds mountd to a static port

I restarted portmap and nfs, and ran rpcinfo again…

service portmap restart
service nfs restart
rpcinfo -p | grep mountd

… and lo-and-behold rpc.mountd had binded to the static port specified.