Cisco Catalyst Center Administrator Guide, Release 3.2.x

PDF

Set up a file share

Updated: May 5, 2026

Want to summarize with AI?

Log in

Overview

Explains how to set up Linux- and Windows-based NFS.

There are a few use cases that require the use of a file share, such as

  • completing backup and restore operations

  • installing Catalyst Center remotely, and

  • creating a repository to store RCA log bundles.

The topics in this section describe how to set up both Linux- and Windows-based NFS.

Configure a Linux-based NFS file share

This section describes how to configure an NFS file share in Ubuntu and Red Hat Linux distributions.

Note

If you are configuring a VMware VM, we recommend that you use the vmxnet driver, which provides 10G support and low overhead.

Configure a file share in an Ubuntu distribution

To configure a file share in an Ubuntu distribution, complete the steps that are detailed here.

Procedure

1.

Install the NFS package: apt-get install -y nfs-kernel-server
2.

Enable and start the NFS service:

systemctl enable nfs-server
systemctl start nfs-server
3.

Verify that the NFS service is enabled and has started (this should happen by default): systemctl status nfs-kernel-server

The resulting output should resemble this example:

nfs-server.service - NFS server and services
Loaded: loaded (/lib/systemd/system/nfs-server.service; enabled; vendor preset: enabled)
Active: active (exited) since Sun 2020-03-22 15:35:12 UTC; 18min ago
Main PID: 19253 (code=exited, status=0/SUCCESS)
Tasks: 0 (limit: 4915)
CGroup: /system.slice/nfs-server.service
Mar 22 15:35:12 k8smaster systemd[1]: Starting NFS server and services...
Mar 22 15:35:12 k8smaster systemd[1]: Started NFS server and services.
4.

Configure NFS export by completing these tasks.

  1. Set up the NFS file share directory:

    sudo mkdir -p /srv/nfs
sudo chmod 755 -R /srv/nfs/
sudo chown -R nobody:nobody /srv/nfs/

  2. Add the NFS file share entry to the /etc/exports file.

    • Open the file: sudo vim /etc/exports

    • Add this line: /srv/nfs *(rw,sync,no_subtree_check,all_squash)

  3. Export the NFS file share: sudo exportfs -rv

    You should see this message: exporting *:/srv/nfs

  4. Verify the NFS export.

    To check the availability of NFS file share, enter the showmount -e NFS-server-IP-address command from a different Linux machine. The resulting output should resemble this example.

    Export list for NFS-server-IP-address:
/srv/nfs *
5.

Configure the firewall rules to allow NFS.

  1. Confirm whether a firewall is enabled (its status is active): sudo ufw status

    By default, a firewall is disabled in Ubuntu/Debian distributions. If necessary, enable a firewall before completing this step.

  2. Set the static port for mountd:

    • Open the /etc/default/nfs-kernel-server file.

    • Find the RPCMOUNTDOPTS="--manage-gids line.

    • Add a space and --port 32767 to the end of this line.

  3. Add the mountd port by adding these lines to the /etc/services file:

    mountd 32767/tcp
mountd 32767/udp

  4. Restart NFS services: sudo systemctl restart nfs-kernel-server nfs-mountd portmap

  5. Add the firewall rules to allow NFS:

    sudo ufw allow portmapper
sudo ufw allow nfs
sudo ufw allow mountd

Configure a file share in a Red Hat or CentOS distribution

To configure a file share in Red Hat or CentOS distribution, complete the steps that are detailed here.

Procedure

1.

Install the NFS package: yum install -y nfs-utils
2.

Enable and start the NFS service:

systemctl enable nfs-server
systemctl start nfs-server
3.

Check the service's status: systemctl status nfs-server

The resulting output will resemble this example.

nfs-server.service - NFS server and services
Loaded: loaded (/usr/lib/systemd/system/nfs-server.service; enabled; vendor preset: disabled)
Active: active (exited) since Sun 2020-03-22 12:14:30 EDT; 2s ago
Process: 10418 ExecStart=/bin/sh -c if systemctl -q is-active gssproxy; then systemctl reload gssproxy ; fi (code=exited, status=0/SUCCESS)
Process: 10404 ExecStart=/usr/sbin/rpc.nfsd (code=exited, status=0/SUCCESS)
Process: 10402 ExecStartPre=/usr/sbin/exportfs -r (code=exited, status=0/SUCCESS)
Main PID: 10418 (code=exited, status=0/SUCCESS)
Mar 22 12:14:30 cene8.ecrt.local systemd[1]: Starting NFS server and services...
Mar 22 12:14:30 cene8.ecrt.local systemd[1]: Started NFS server and services.
4.

Configure the NFS export by completing these tasks.

  1. Set up the NFS file share directory:

    sudo mkdir -p /srv/nfs
sudo chmod 755 -R /srv/nfs/
sudo chown -R nobody:nobody /srv/nfs/

  2. Add the NFS file share entry to the /etc/exports file.

    • Open the file: sudo vim /etc/exports

    • Add this line: /srv/nfs *(rw,sync,no_subtree_check,all_squash)

  3. Export the NFS file share: sudo exportfs -rv

    You should see this message: exporting *:/srv/nfs

  4. Verify the NFS export.

    To check the availability of NFS file share, enter the showmount -e NFS-server-IP-address command from a different Linux machine. The resulting output should resemble this example.

    Export list for NFS-server-IP-address:
/srv/nfs *

  5. Check whether a mountd port has been configured in the nfs.conf file: grep -A2 mountd /etc/nfs.conf

    If the resulting output looks like this, it indicates that you need to configure the mountd port.

    #[mountd]
# debug=0
# manage-gids=n

    In this is the case, add these lines to the nfs.conf file:

    [mountd]
manage-gids = 1
port = 20048

  6. Restart NFS services: sudo systemctl restart nfs-server rpcbind nfs-mountd

    By default, a firewall (managed by the firewalld service) is enabled in Red Hat/CentOS version 7 and later (earlier versions use iptables). When NFS is running on the server, this will prevent file share access. From an external client, enter the showmount -e NFS-server-IP-address command. The resulting output should resemble this example.

    clnt_create: RPC: Port mapper failure - Unable to receive: errno 113 (No route to host)
5.

Add the firewall rules to allow NFS:

firewall-cmd --permanent --add-service={nfs,rpc-bind,mountd}
firewall-cmd --reload
6.

Configure SELinux for NFS.

Note

SELinux is enabled by default in Red Hat and CentOS distributions.

  1. Enable NFS read/write boolean options.

    If you want to ... Then ...

    enable read-only NFS exports,

    enter the setsebool -P nfs_export_all_ro 1 command.

    enable read/write NFS exports,

    enter these commands:

    • setsebool nfsd_anon_write on

    • setsebool -P nfs_export_all_rw 0
  2. Verify booleans are set: 
    getsebool -a |grep nfs_expo
nfs_export_all_ro --> on
nfs_export_all_rw --> off

  3. Set the SELinux context on the NFS directory:

    semanage fcontext -a -t public_content_rw_t "/srv/nfs(/.*)?"
restorecon -Rv /srv/nfs/

Configure a Windows-based NFS file share

Complete these steps to configure a Windows-based NFS file share for your Catalyst Center deployment.

Procedure

1.

Start Server Manager.
2.

Install the NFS service:

  1. Choose Manage > Add Roles and Features to start the Add Roles and Features wizard.

  2. Click Next three times to skip the Before You Begin, Installation Type, and Server Selection wizard screens.

  3. In the Server Roles wizard screen, check the Server for NFS check box, and then click Next.

  4. In the Features wizard screen, check the Services for Network File System Management check box, and then click Next.

  5. In the Confirmation wizard screen, verify that the options you selected are listed.

  6. Click Install.
3.

Start the New Share wizard:

  1. In Server Manager's navigation pane, click File and Storage Services.

    The File and Storage Services page opens.

  2. In this page's navigation pane, click Shares.

  3. Click Tasks, then choose New Share.

    The New Share wizard opens.
4.

Complete the New Share wizard:

  1. In the Select the profile for this share wizard screen, click the NFS Share - Advanced profile, and then click Next.

  2. In the Select the server and path for this share wizard screen, specify where the file share will reside, and then click Next.

    If... Then...

    you want the share to reside on a dedicated disk or partition within a folder in the Shares directory,

    1. Click the Select by volume radio button.

    2. Click the disk or partition you want to use.

    you want to navigate to the location where the share will reside,

    1. Click the Type a custom path radio button.

    2. Click the text field to open the Select Folder dialog box.

    3. Navigate to the folder where you want the share to reside.

    4. Click Select Folder.

  3. In the Specify share name wizard screen, enter the share's name and then click Next.

  4. In the Specify authentication methods wizard screen, choose these options and then click Next:

    • No server authentication (AUTH/SYS)

    • Enable unmapped user access

    • Allow unmapped user access by UID/GID

  5. In the Specify the share permissions wizard screen, click Add.

  6. Complete these tasks in the Add Permissions dialog box, then click Next:

    1. Click Add.

    2. Set the host, client group, or netgroup that can access this share.

    3. In the Share permissions drop-down list, choose Read/Write.

    4. Leave the Allow root access (not recommended) check box unchecked.

  7. Complete these tasks in the Permissions wizard screen, then click Next:

    1. Click Customize permissions to open the Advanced Security Settings for share-name dialog box.

    2. Click Add to open the Permission Entry for share-name dialog box.

    3. Click the Select a principal link to open the Select User, Computer, Service Account, or Group dialog box.

    4. In the last text box, enter Everyone and then click Check Names. When Everyone is displayed, click OK.

    5. In the Basic permissions area, select all available options (including Full control) and then click OK.

    6. Repeat the previous two steps for the Anonymous LOGON user.

  8. Click Next twice to skip the Management Properties and Quota wizard screens.

  9. In the Confirmation wizard screen, click Create.
5.

Secure the Windows NFS server:

  1. In Server Manager's main menu, choose Tools > Windows Firewall with Advanced Security.

  2. In the Inbound Rules table, there are two Server for NFS services (NFS-TCP-in and NFS-UDP-in). Complete these tasks for both services:

    1. Double-click a service to open its Properties dialog box.

    2. Click the Scope tab.

    3. In the Remote IP address section, restrict host access by entering the IP addresses configured for Catalyst Center (including the VIP for the NIC that interfaces with the Windows NFS server).

    4. Click OK.