NFS re-export between VPN-connected servers

Question

I have two Linux NFS servers on two locations (two different networks), each providing at least one NFS share.

Those servers are connected through VPN and each other NFS is mounted to folder on each other (per example below SrvA's /foo folder is mounted on SrvB:/mnt/foo and vice versa).

SrvA:/foo (Ubuntu 20.04, a.a.a.1, v.v.v.1) <-> SrvB:/bar (CentOS 8.5.2111, b.b.b.1, v.v.v.2)

LAN1: a.a.a.0/24
LAN2: b.b.b.0/24
VPN: v.v.v.0/24

What I need is Clients on LAN1 network to mount both NFS (using fstab) and also access the remote server with SMB (for windows clients that don't have NFS).
For example ClientAA has IP a.a.a.2 and has no access to specified VPN bridge, but wants to mount both /foo and /bar folders.

What I've found so far:

• Answer that is 10 years old and is only similar to my problem:
  • How to create an NFS proxy by using kernel server & client?
• NFS re-export, which seems new and also seems to have some caveats (not sure if it is safe to use yet) - which leads me to believe that old answers responding to this question might not be accurate as there were change in NFS since answering):
  • https://linux-nfs.org/wiki/index.php/NFS_re-export
• Answer from 2016 answering that SMB should be OK, but NFS re-export is a no-go:
  • NFS export a NFS share
• This answer from 2019 also mostly agrees with only SMB re-export:
  • NFS export CIFS share

Is this NFS re-export possible? Are there any risks? Is it possible (and safe) to combine it with SMB? Or should I scrap the NFS re-export idea an use only SMB for the "behind the VPN" folder?

Answer 1

Based on what I've seen on the mailing list recently, NFS re-export of NFS mounts is supported by the Linux NFS developers (including re-exporting a v4 share to v3 clients), but you'll want to use a fairly recent kernel on the "proxy" machine – looks like v5.11 at minimum, with v5.15 being recommended.

The various caveats are documented at https://linux-nfs.org/wiki/index.php/NFS_re-export.