NFS Client access error while mounting an NFS export in a load balancer environment

Last updated
Save as PDF
Share
1. Share
2. Tweet
3. Share

Views:: 71

Visibility:: Public

Votes:: 0

Category:: ontap-9

Specialty:: nas

Last Updated:

Applies to

ONTAP 9
NFS
Kerberos
Load-Balancer

Issue

NFS client system gets an error when mounting NFS export

# for i in $(seq 1 50);do (mount -v svm01.domain.root.com:/svm01/volume0001 /mnt/test ; sleep 2 ;umount /mnt/test;sleep 8);done mount.nfs: timeout mount.nfs: trying text-based options 'vers=4.2,addr=X.X.X.X,clientaddr=X.X.X.X' mount.nfs: timeout

Mount issues does not happen when one of the LIFs is disabled
EMS and SECD logs show the authentication issue :

[node-01: secd: secd.nfsAuth.problem:error]: vserver (svm01) General NFS authorization problem. Error: RPC accept GSS token procedure failed [ 0 ms] Using the NFS service credential for logical interface 1054 (SPN='nfs/svm01-lif0.eur.nsr...ROOT.COM') from cache. **[ 0] FAILURE: Failed to accept the context: Unspecified GSS failure. Minor code may provide more information (minor: Decrypt integrity check failed).

Note: The NFS vserver is configured with Kerberos and two LIFs, each LIF is configured with its own SPN the LIF's IPs are members of the external round-robin Load Balancer