Project

General

Profile

Actions

Feature #12483

open

Option to bind NFS and SMB to a link/nic

Added by Guenther Alka over 2 years ago. Updated 7 months ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
cifs - CIFS server and client
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:

Description

ZFS servers are working often in a multiprotokol environment (NFS and SMB) or in a LAN/WAN/cloud environment ex with an Apache www server or an S3 cloud service ex with minIO. While Apache and minIO/S3 allows a binding to a special nic/link/ip, NFS and SMB do not. They listen on all interfaces what is a huge security concern in a LAN environment where you want anonymous NFS to work on one link and SMB with authentication on all or another. You never want NFS and SMB to be accessable from the internet/wan link. The NFS share options are not good enough to secure NFS3.

I know you can use firewall settings to limit this but a bind command as a share or zfs property for NFS and SMB would be the best solution.

Actions #1

Updated by Gordon Ross 7 months ago

  • Category set to cifs - CIFS server and client
Actions

Also available in: Atom PDF