NFS export config question

I am setting up NFSv3 server and I would like to have my servers /shared directory exported globally.

I want to have it available across several subnets and I wonder if I could streamline it better:
/shared -alldirs

How could I share to the entire third octet without adding all 255 addresses?

I was thinking but I think that only references the subnet.

I like to create separate projects on subnets and want to have NFS access on temporary subnets I might create.
That worked perfectly.

/shares -maproot=root -network

/etc/rc.conf on NFS Server
That last line took me a while to find.
Was getting this message on the client end.
root@DELL:~ # mount /shared
[tcp] RPCPROG_MNT: RPC: Authentication error; why = Client credential too weak

Client /etc/rc.conf
#nfs_client_flags="-n 4"
I had experimented with all the commented out lines.
Last edited:
I was worried about adding this line to /etc/rc.conf as I have not seen it used much.
So I looked on the server log and determined that it is an RPC_PORTMAP problem. So reading on that I found a suggested fix by adding to /etc/host.allow this line:
portmap : : allow
While I was there I added this too:
rpcbind : : allow
# Rpcbind is used for all RPC services; protect your NFS!
# Rpcbind should be running with -W option to support this.
# (IP addresses rather than hostnames *MUST* be used here)
#rpcbind : : allow
#rpcbind : : allow
portmap :  : allow
rpcbind :  : allow

My question is: Is this an OK fix? I was able to remove the "allow weak authentication line from /etc/rc.conf.
What does "protect your NFS" comment mean here?
If portmapper/rpcbind are limited to your NFS clients will be limited to that range too. NFS requires RPC access.
I see what you mean. You would think I need /16 but it works now. I did not get a chance to dig into RPC authentication.
I know I don't like the sound of weak mountd authentication.

So I should use this netmask than?