Hi,
While reading documentation on CephFS I came accross the "network
restriction" feature (supported since Nautilus) [1].
I have never seen a reference to / blog post on this feature and didn't
even know it was possible. This might be true for more people, hence
this mail to the list :-).
So, for improved security you can restrict on ip (ranges) in Ceph
(besides / instead) of regular network filtering.
I have tested this on Nautilus with IPv6 and it works as documented.
Kudos for CephFS team.
FYI,
Gr. Stefan
[1]
https://docs.ceph.com/en/latest/cephfs/client-auth/#network-restriction