Is the Rancher-NFS traffic tunneled trough the Rancher internal network or does all hosts need access to the NFS ports on the NFS server? And how about individual containers? Can NFS be tunneled through a load balancer? If the server running Rancher Server isn’t running the agent as well, does it need access to the NFS server?
If your NFS server happens to be a rancher service and has a 10.42.x.y address then that communication would go over the overlay network like any other inter-container communication.
Otherwise it’s just regular direct communication to the IP/name given, there no way for us to make an arbitrary NFS server participate in an encrypted overlay network.