Comment 23 for bug 28706

Hi,
while clearing (admittedly way too old) bugs I've found that for this bug
the reason here IMHO can be summarized as "because that is how upstream want's it" [1] but they are aware and so are the Ubuntu [2] (this still is what Shane & Dave started) and Debian [3] help pages about it.
Nowadays also the default config in /etc/default/nfs-kernel-server hints at the problem if you want/need to run with firewalls and hints at [3]:
```
# If you have a port-based firewall, you might want to set up
# a fixed port here using the --port option. For more information,
# see rpc.mountd(8) or http://wiki.debian.org/SecuringNFS
```

I'm not a security person, so I can't assess if there really is a security (or other) benefit of having them random by default.
But OTOH I also doubt that no one has ever tried to discuss it with upstream since I find similar pages for almost any other major Distro [4][5] and manufacturers [6].

If anyone is really annoyed by this even today I guess the way to go is to discuss that default with upstream (or find old discussions and why they failed). If someone spends the work please add a link back here so no one needs to re-find them again.

[1]: https://tldp.org/HOWTO/NFS-HOWTO/security.html#FIREWALLS
[2]: https://wiki.ubuntu.com/How%20to%20get%20NFS%20working%20with%20Ubuntu-CE-Firewall
[3]: https://wiki.debian.org/SecuringNFS
[4]: https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/storage_administration_guide/s2-nfs-nfs-firewall-config
[5]: https://www.suse.com/support/kb/doc/?id=000016649
[6]: https://www.ibm.com/docs/en/spectrum-scale/5.1.0?topic=firewall-recommendations-protocol-access