Updating README for 'noresvport' mount option

kubernetes-sigs · Sep 27, 2023 · c7de448 · c7de448
1 parent cb9d97d
commit c7de448
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/docs/README.md b/docs/README.md
@@ -52,6 +52,9 @@ If you want to pass any other mountOptions to Amazon EFS CSI driver while mounti
 * **lookupcache**: Specifies how the kernel manages its cache of directory entries for a given mount point. Mode can be one of all, none, pos, or positive. Each mode has different functions and for more information you can refer to this [link](https://linux.die.net/man/5/nfs).
 * **iam**: Use the CSI Node Pod's IAM identity to authenticate with Amazon EFS.
 
+### Default Mount Options
+When using the EFS CSI driver, be aware that the `noresvport` mount option is enabled by default. This means the client can use any available source port for communication, not just the reserved ports.
+
 ### Encryption In Transit
 One of the advantages of using Amazon EFS is that it provides [encryption in transit](https://aws.amazon.com/blogs/aws/new-encryption-of-data-in-transit-for-amazon-efs/) support using TLS. Using encryption in transit, data will be encrypted during its transition over the network to the Amazon EFS service. This provides an extra layer of defence-in-depth for applications that requires strict security compliance.