So, I've recently changed my network setup a bit, and for reasons I'm still trying to suss out replacing the old router with a new PFSense box appears to have broken the authentication within the network somehow. The network setup uses a Kerberos KDC (as part of a FreeIPA domain) to authenticate access to an NFSv4 fileshare.
It's a small home network, with the pfsense box doing DHCP and Basic DNS.
- I've tested reverse lookups and IP addresses can correctly be resolved to hostnames, so it's not that.
- Clocks are in sync on all machines.
- Tickets seem to be retrieved just fine, and at least one other kerberos based service works (I have a webserver running Trac that also uses the KDC to log people on).
Logging with rpcdebug has turned up one error message that looks like a culprit, though the google search for this one doesn't turn up anything helpful.
Sep 8 19:00:34 weatherwax kernel: NFSD: warning: no callback path to client Linux NFSv4.2 stibbons.lan.deimos-legion.net: error -22