#NFS over TLS for ONTAP

Any plan to add TLS support to protect NFS/RPC transport ?

As reference please find a documentation explaining this feature from the FreeBSD community: https://freebsdfoundation.org/wp-content/uploads/2021/07/Using-TLS-to-Improve-NFS-Security.pdf

I would expect that this would have go through an RFC process before NetApp would even consider it.

My guess would be unless this is an official IETF RFC, it has no chance of actually being implemented (since FreeBSD is probably the only OS one that supports this), especially since there are already two industry-standard encryption methods for NFS implemented (IPSec and Kerberos)

It was done through an RFC process, here it is the official IETF RFC: https://datatracker.ietf.org/doc/rfc9289/
It was added to Linux kernel since few months ago with this change https://lore.kernel.org/lkml/E0771535-05EF-4EAE-9BFF-E070C4D32F3C@oracle.com/.

okay, then you could submit an RFE to NetApp, but given that there are alternatives, and unless you're Apple, Microsoft, Amazon or any other client with big bucks, don't expect this to be in ONTAP within the next 2-3 years 😉

I mean I would love to see an easier-to-configure encrypted NFS variant, but tbh, kerberized NFS is not rocket science anymore, now that there are guides and TRs out there

Spring of 2024 is the initial target release date for both RHEL client support, and ONTAP support