I am not using the default policy.

I have created the policy("NfsPolicy").

Regards

Rao.

What is the output of "vol show -inst"

Sent from my iPhone 5

Hi Gelb,

find the output below...

Clu1::> vol show -volume NFSvol  -instance
  (volume show)

                                 Vserver Name: DataServe02
                                  Volume Name: NFSvol
                               Aggregate Name: aggr2
                                  Volume Size: 500MB
                           Volume Data Set ID: 1039
                    Volume Master Data Set ID: 2147484687
                                 Volume State: online
                                  Volume Type: RW
                                 Volume Style: flex
                       Is Cluster-Mode Volume: true
                        Is Constituent Volume: false
                                Export Policy: NfsPolicy
                                      User ID: 0
                                     Group ID: 1
                               Security Style: unix
                             UNIX Permissions: ---rwxr-xr-x
                                Junction Path: /nfs
                         Junction Path Source: RW_volume
                              Junction Active: true
                       Junction Parent Volume: vol0
                                      Comment:
                               Available Size: 474.9MB
                              Filesystem Size: 500MB
                      Total User-Visible Size: 475MB
                                    Used Size: 144KB
                              Used Percentage: 5%
         Volume Nearly Full Threshold Percent: 95%
                Volume Full Threshold Percent: 98%
         Maximum Autosize (for flexvols only): 600MB
       Autosize Increment (for flexvols only): 25MB
                             Minimum Autosize: 500MB
           Autosize Grow Threshold Percentage: 85%
         Autosize Shrink Threshold Percentage: 50%
                                Autosize Mode: off
         Autosize Enabled (for flexvols only): false
          Total Files (for user-visible data): 15182
           Files Used (for user-visible data): 96
                        Space Guarantee Style: file
                    Space Guarantee in Effect: true
            Snapshot Directory Access Enabled: true
                 Space Reserved for Snapshots: 5%
                        Snapshot Reserve Used: 3%
                              Snapshot Policy: default
  Creation Time: Sat Jul 13 13:02:09 2013

                                 Clone Volume: false

                   Antivirus On-Access Policy: default

                                    Node name: Clu1-02

                                NVFAIL Option: off

                    Is File System Size Fixed: false

                                Extent Option: off

                Reserved Space for Overwrites: 0B

                           Fractional Reserve: 100%

                  Snapshot Cloning Dependency: off

            Primary Space Management Strategy: volume_grow

                     Read Reallocation Option: off

             Inconsistency in the File System: false

                 Is Volume Quiesced (On-Disk): false

               Is Volume Quiesced (In-Memory): false

    Volume Contains Shared or Compressed Data: false

            Space Saved by Storage Efficiency: 0B

       Percentage Saved by Storage Efficiency: 0%

                 Space Saved by Deduplication: 0B

            Percentage Saved by Deduplication: 0%

                Space Shared by Deduplication: 0B

                   Space Saved by Compression: 0B

        Percentage Space Saved by Compression: 0%

                                   Block Type: 64-bit

                  FlexCache Connection Status: -

                             Is Volume Moving: false

               Flash Pool Caching Eligibility: read-write

Flash Pool Write Caching Ineligibility Reason: -

                   Managed By Storage Service: -

Create Namespace Mirror Constituents For SnapDiff Use: -

                      Constituent Volume Role: -

                        QoS Policy Group Name: -

              Is Volume Move in Cutover Phase: false

      Number of Snapshot Copies in the Volume: 9

Does the parent volume / ...the vsroot volume have permission to traverse this mount path at vol0?

Also if ls mirrors of vsroot and you add a volume junction it won't be available until a snapmirror update since the mirror of the namespace doesn't have the new junction yet.

I also would run showmount -e ipofvserver from the Linux client.

Sent from my iPhone 5

A few things...

1) Showmount -e won't work. It doesn't work in cDOT yet, so don't be surprised when you get "/ everyone" as output.

2) The export policy rule client match might be incorrect. I don't think the format  you have it in is correct. Pretty sure you have to specify subnet in network bit. Try this instead:

192.168.72.0/24

http://www.pantz.org/software/tcpip/subnetchart.html

3) I don't think volume permissions have anything to do with this. The error is at mount, which means it's checking export policy rules for access to mount. If the error was access denied after mounting, then it might be vol permissions. However, it *could* possibly be an export policy rule problem at the parent volume. Check the vsroot export policy and ensure rules exist there.

4) I also don't think LS mirrors are the issue. If the issue was with a volume not showing up in the namespace, the error would be "file not found" or something similar.

Permission errors on mount are almost always export policy rule issues.

Thanks Guys,It worked now.

I have applied the Export policy(NfsPolicy ) on the Root volume(vol0).Now i m able to mount from the client.

Regards

Rao.

Storageteam.  

Actually there is no need to apply the policy to the root volume at all. Did you try my other command. let me know.

Can you show me how you did the export policy on vol0?

Thanks

Hi Murugappan,

Clu1::> export-policy  rule create -vserver DataServe02 -policyname NfsPolicy  -clientmatch 192.168.72.0/24  -protocol nfs -rorule  sys -rwrule sys -superuser  sys
  (vserver export-policy rule create)

Clu1::> export-policy show -vserver DataServe02 -policyname NfsPolicy -instance                                                                                (vserver export-policy show)

    Vserver: DataServe02
Policy Name: NfsPolicy

removed the NfsPolicy from the Vol0.

Now again i m getting below error.

[root@stglinux02 ~]# mount 192.168.72.117:/nfs /clunfs

mount.nfs: access denied by server while mounting 192.168.72.117:/nfs

The behavior of parent volumes/export policy rules depends on the version of clustered Data ONTAP being used. In 8.2, export policies do apply at the parent volume level and affect child permissions.

Example:

::*> export-policy create -vserver nfs -policyname empty

  (vserver export-policy create)

::*> vol modify -vserver nfs -policy empty -volume nfs_root

  (volume modify)

Volume modify successful on volume: nfs_root

[root@centos64 ~]# mount -o nfsvers=3 10.61.92.40:/unix /mnt

mount.nfs: access denied by server while mounting 10.61.92.40:/unix

::*> vol modify -vserver nfs -policy default -volume nfs_root

  (volume modify)

Volume modify successful on volume: nfs_root

[root@centos64 ~]# mount -o nfsvers=3 10.61.92.40:/unix /mnt

[root@centos64 ~]#

This behavior changed around 8.1 with bug 429128.

http://support.netapp.com/NOW/cgi-bin/bol?Type=Detail&Display=429128

I filed an RFE today to add the policy inheritance option to volumes.

Thanks guys for you help:-)