On 2016-07-01, Leon Vergottini leonv@cornerstone.ac.za wrote:
Unfortunately, I cannot disable NFS which lies at the root of this problem. In addition, I am struggling to find a proper tutorial of moving NFS from udp over to tcp.
I think the best thing to do is to set up VPN links between your NFS server and the clients. This way you never have to expose RPC to the public network at all, and your NFS traffic will be secure against packet sniffers. I've used OpenVPN for this exact purpose, but I suspect that it's been causing some problems, so I'm considering trying out tinc vpn.
You could also do IPsec but IIRC that's a bit more complex to configure.
--keith