Port 20048 carries mountd, the NFS mount daemon. It's the gatekeeper between NFS clients trying to mount remote filesystems and the servers that host them.
What It Does
When you try to mount a remote filesystem over NFS, your computer doesn't just connect to the NFS server on port 2049 and start reading files. First, it has to ask permission. That's what port 20048 is for.1
The mount daemon (rpc.mountd) implements the server side of the NFS MOUNT protocol, used by NFS versions 2 and 3. It handles two critical jobs:
Authentication: When a mount request arrives, mountd checks whether the requesting client's IP address is permitted to access the requested filesystem. It maintains access control lists and consults them before granting access.2
Handing Out File Handles: If the client is authorized, mountd returns an NFS file handle for the root directory of the requested export. This file handle is what the client uses for all subsequent operations on that filesystem.3
Every successful mount gets logged to /var/lib/nfs/rmtab. Every unmount request removes the entry. The daemon keeps track of who has what mounted.
The Port Number Problem
Here's the strange thing: mountd wasn't originally designed to use a fixed port. On many systems, it chooses a random port every time the NFS server reboots.4
This was fine in the 1980s when NFS was young and firewalls were rare. But in modern networks with strict firewall rules, random ports are a nightmare. How do you write a firewall rule for a service that picks a different port every time it starts?
The solution: manually configure mountd to always use port 20048. Most Linux distributions now set this as the default, either in /etc/nfs.conf or through the --port flag when starting the daemon.5
Port 20048 is in the registered ports range (1024-49151), but it's become the de facto standard port for mountd through widespread use rather than formal IANA assignment.
NFS Context
NFS (Network File System) was developed by Sun Microsystems in 1984, led by Russel Sandberg, Bob Lyon, Steve Kleiman, and Tom Lyon. The goal was simple: let Unix workstations access files over the network as if they were local.6
The protocol was published as RFC 1094 in 1989 and became one of the most widely deployed network filesystems in Unix and Linux environments.7
NFS uses multiple ports:
- Port 111: portmapper/rpcbind (maps RPC services to ports)
- Port 2049: NFS server itself (where file operations happen)
- Port 20048: mountd (authentication and initial access)
The mountd service sits between the portmapper and the NFS server. Clients first contact portmapper to find mountd, then contact mountd to authenticate and get a file handle, then use that file handle to talk directly to the NFS server on port 2049.
Security Considerations
mountd's authentication is based on IP addresses and export rules defined in /etc/exports. This is host-based authentication, not user-based. If your IP is on the allowed list, you get access to the export with whatever permissions are defined.
Modern NFS deployments often use Kerberos (via sec=krb5 mount options) for stronger authentication, but mountd is still part of the chain—it just delegates the actual authentication to the GSS-API security layer.
The random port behavior was originally a mild security-through-obscurity measure, but it became a liability in firewall environments. Fixing mountd to port 20048 makes firewall rules predictable but also makes the service easier to target. The tradeoff is worth it—firewall rules matter more than port obscurity.
How to Check What's Listening
On Linux, you can verify mountd is running on port 20048:
If you're running an NFS server, you'll see port 20048 listening on both TCP and UDP.
Related Ports
- Port 111: portmapper/rpcbind (RPC service mapper)
- Port 2049: NFS server (file operations)
- Port 4045: lockd/nlockmgr (NFS file locking, often randomized like mountd)
Frequently Asked Questions
Nakatulong ba ang pahinang ito?