FreeNAS 8.0.

3 Guide

Page 1 of 164

FreeNAS 8.0.3 Guide

Page 2 of 164

FreeNAS is 2011, 2012 iXsystems FreeNAS is a trademark of iXsystems FreeBSD is a registered trademark of the FreeBSD Foundation Co er art !y "enny #osen!erg

FreeNAS 8.0.3 Guide

Page 3 of 164

Table of Contents

Section 1: Introduction and Insta ation

1 Introduction........................................................................................................................................8 1.1 Hardware Requirements.............................................................................................................9 1.1.1 Architecture.........................................................................................................................9 1.1.2 RAM...................................................................................................................................9 1.1.3 Compact or US !"ash.....................................................................................................1# 1.1.$ Stora%e &is's and Contro""ers..........................................................................................1# 1.1.( )etwor' Inter*aces............................................................................................................11 1.1.+ RAI& ,-er-iew................................................................................................................11 1.1.. /!S ,-er-iew...................................................................................................................13 1.2 0hat1s )ew ..............................................................................................................................1$ 1.3 !eatures.....................................................................................................................................1( 1.$ 2nown Issues............................................................................................................................1+ 1.( Roadmap *or 8.2.......................................................................................................................1+ 2 Insta""in% !ree)AS3.......................................................................................................................1. 2.1 4ettin% !ree)AS3..................................................................................................................18 2.2 Insta""in% *rom C&R,M...........................................................................................................19 2.3 Insta""in% *rom the Ima%e..........................................................................................................21 2.3.1 Usin% 56cat and dd on a !ree S& or 7inu5 S8stem........................................................21 2.3.2 Usin% 2e'a and dd on an ,S 9 S8stem...........................................................................22 2.3.3 Usin% ph8sdis'write on 0indows....................................................................................22 2.$ Initia" Setup...............................................................................................................................23 2.( Up%radin% !ree)AS3.............................................................................................................2( 2.(.1 Usin% the IS,....................................................................................................................2+ 2.(.2 !rom the 4UI ...................................................................................................................28 2.(.2.1I* Somethin% 4oes 0ron%..........................................................................................3#

Section 2: !sing t"e Gra#"ica Interface

3 Account Con*i%uration.....................................................................................................................3# 3.1 M8 Account..............................................................................................................................31 3.2 4roups......................................................................................................................................32 3.3 Users.........................................................................................................................................3$ $ S8stem Con*i%uration.......................................................................................................................3+ $.1 Reportin%..................................................................................................................................3. $.2 Settin%s.....................................................................................................................................3. $.2.1 4enera" :a;.......................................................................................................................38 $.2.2 Ad-anced :a;...................................................................................................................39 $.2.3 <mai" :a;..........................................................................................................................$1 $.2.$ SS7 :a;.............................................................................................................................$2 $.3 S8stem In*ormation..................................................................................................................$3 $.$ Cron =o;s..................................................................................................................................$$ FreeNAS 8.0.3 Guide Page 4 of 164

$.( 7oaders.....................................................................................................................................$( $.(.1 Reco-erin% !rom Incorrect 7oaders.................................................................................$. $.+ Rs8nc :as's..............................................................................................................................$8 $.+.1 Creatin% an Rs8nc :as'.....................................................................................................$8 $.+.2 Con*i%urin% Rs8nc etween :wo !ree)AS3 S8stems...................................................(# $.. S.M.A.R.:. :ests.......................................................................................................................(1 $.8 S8sct"s.......................................................................................................................................(3 ( )etwor' Con*i%uration.....................................................................................................................($ (.1 4"o;a" Con*i%uration................................................................................................................($ (.2 )etwor' Summar8....................................................................................................................(( (.3 Inter*aces...................................................................................................................................(+ (.$ 7in' A%%re%ations....................................................................................................................(. (.( Static Routes.............................................................................................................................+1 (.+ >7A)s......................................................................................................................................+1 + Stora%e Con*i%uration......................................................................................................................+2 +.1 ?eriodic Snapshot :as's...........................................................................................................+2 +.2 Rep"ication :as's......................................................................................................................+( +.2.1 Con*i%urin% SSH 2e8 ased Authentication....................................................................++ +.2.2 Creatin% the Rep"ication :as'...........................................................................................+8 +.2.3 :estin% Rep"ication...........................................................................................................+9 +.2.$ :rou;"eshootin%.................................................................................................................# +.3 >o"umes.....................................................................................................................................1 +.3.1 Auto Importin% >o"umes....................................................................................................1 +.3.2 Importin% >o"umes.............................................................................................................2 +.3.3 Creatin% >o"umes...............................................................................................................3 +.3.$ Addin% to an <5istin% >o"ume...........................................................................................( +.3.( Creatin% /!S &atasets.......................................................................................................( +.3.+ Creatin% a 6-o".................................................................................................................... +.3.. Settin% ?ermissions............................................................................................................8 +.3.8 >iewin% >o"umes...............................................................................................................9 +.3.9 Rep"acin% a !ai"ed &ri-e..................................................................................................82 +.3.1# Hot Swappin% a /!S !ai"ed &ri-e..................................................................................8$ . Sharin% Con*i%uration......................................................................................................................8$ ..1 A!? Shares................................................................................................................................8( ..1.1 Creatin% A!? Shares.........................................................................................................8( ..1.2 Connectin% to A!? Shares As 4uest.................................................................................8. ..1.3 Usin% :ime Machine.........................................................................................................9# ..2 CI!S Shares..............................................................................................................................91 ..2.1 Creatin% CI!S Shares........................................................................................................92 ..2.2 Con*i%urin% Anon8mous Access.......................................................................................93 ..2.3 Con*i%urin% 7oca" User Access........................................................................................98 ..3 )!S Shares.............................................................................................................................1#2 ..3.1 Creatin% )!S Shares.......................................................................................................1#2 ..3.2 Samp"e )!S Share Con*i%uration...................................................................................1#3 ..3.3 Connectin% to the )!S Share..........................................................................................1#$ ..3.3.1!rom S& or 7inu5 C"ients..................................................................................... 1#$ ..3.3.2!rom Microso*t C"ients............................................................................................1#$ FreeNAS 8.0.3 Guide Page $ of 164

..3.3.3!rom Mac ,S 9 C"ients...........................................................................................1#( ..3.$ :rou;"eshootin%..............................................................................................................1#+ 8 Ser-ices Con*i%uration...................................................................................................................1#. 8.1 Contro" Ser-ices......................................................................................................................1#. 8.2 A!?.........................................................................................................................................1#8 8.3 Acti-e &irector8......................................................................................................................1#9 8.3.1 :rou;"eshootin% :ips.......................................................................................................112 8.$ CI!S........................................................................................................................................112 8.$.1 :rou;"eshootin% :ips.......................................................................................................11( 8.( &8namic &)S.........................................................................................................................11( 8.+ !:?.........................................................................................................................................11. 8.+.1 Anon8mous !:?.............................................................................................................119 8.+.2 Speci*ied User Access in chroot.....................................................................................12# 8.+.3 <ncr8ptin% !:?...............................................................................................................123 8.+.$ :rou;"eshootin%..............................................................................................................123 8.. 7&A?......................................................................................................................................12$ 8.8 )!S.........................................................................................................................................12( 8.9 S.M.A.R.:..............................................................................................................................12+ 8.1# S)M?...................................................................................................................................12. 8.11 SSH.......................................................................................................................................128 8.11.1 Chrootin% S!:? users ..................................................................................................13# 8.11.2 :rou;"eshootin% SSH Connections...............................................................................13$ 8.12 :!:?.....................................................................................................................................13$ 8.13 U?S.......................................................................................................................................13( 8.1$ iSCSI.....................................................................................................................................13+ 8.1$.1 :ar%et 4"o;a" Con*i%uration.........................................................................................13. 8.1$.2 Authori6ed Accesses.....................................................................................................1$# 8.1$.3 &e-ice <5tents..............................................................................................................1$1 8.1$.$ <5tents...........................................................................................................................1$3 8.1$.( Initiators........................................................................................................................1$3 8.1$.+ ?orta"s...........................................................................................................................1$( 8.1$.. :ar%ets...........................................................................................................................1$( 8.1$.8 :ar%et@<5tents..............................................................................................................1$. 8.1$.9 Connectin% to iSCSI Share...........................................................................................1$. 8.1( Rs8nc....................................................................................................................................1$8 8.1(.1 Rs8nc Modu"es..............................................................................................................1$8 9 Additiona" ,ptions.........................................................................................................................1(# 9.1 &isp"a8 S8stem ?rocesses.......................................................................................................1(# 9.2 Re;oot.....................................................................................................................................1(# 9.3 Shutdown................................................................................................................................1(1 9.$ 7o% ,ut...................................................................................................................................1(1 9.( He"p........................................................................................................................................1(2 9.+ A"ert........................................................................................................................................1(2

FreeNAS 8.0.3 Guide

Page 6 of 164

Section 3: Getting %e #
1# !ree)AS3 Support Resources....................................................................................................1(2 1#.1 0e;site and Socia" Media.....................................................................................................1(3 1#.2 :rac &ata;ase........................................................................................................................1(3 1#.3 IRC........................................................................................................................................1(3 1#.$ Mai"in% 7ists.........................................................................................................................1($ 1#.( !orums..................................................................................................................................1($ 1#.+ Instructiona" >ideos..............................................................................................................1(+ 1#.. ?ro*essiona" Support.............................................................................................................1(+ 1#.8 !AAs.....................................................................................................................................1(+ 1#.8.1 Can a RAI&B/ arra8 ;e e5pandedC !or e5amp"eD i* I start o** with a 852: RAI&B/2 arra8 can I add more dri-es to it in the *utureC .......................................................................1(+ 1#.8.2 Is there a command to *orce !ree S& to scan *or new dis'sC I1m tr8in% to add some dis's to m8 arra8 usin% the hotBswappa;"e ;a8s and a 3ware SA:A card. :he dri-es %o in *ine and "i%ht upD ;ut the operatin% s8stem can1t see them. ............................................................1(. 1#.8.3 I* m8 hardware@mother;oard diesD can I re;ui"d with new@di**erent hardware and sti"" import@read the data *rom m8 dis'sC 0hat a;out m8 datasetsC..............................................1(. 1#.8.$ How do I rep"ace a ;ad dri-eC......................................................................................1(. 1#.8.( Can I share *i"es *rom m8 e5terna" US dri-eC............................................................1(8 1#.8.+ Can I mount m8 MAC *ormatted dri-eC.......................................................................1(8 1#.8.. How do I %et to the command "ine @C7I@she""C.............................................................1(8 1#.8.8 &oes !ree)AS support $' sector dri-esC How do I chec' i* it is con*i%uredC............1(8 1#.8.9 M8 networ' trans*er speeds are -er8 s"owD what is wron%C.........................................1(8 1#.8.1# 0h8 do chan%es I ma'e at the command "ine to con*i% *i"es or settin%s disappear a*ter a re;ootC...................................................................................................................................1(9

Section 4: &ontri'uting to FreeNAS

11 How to 4et In-o"-ed....................................................................................................................1(9 11.1 Assist with 7oca"i6ation .......................................................................................................1(9 11.2 Su;mit u% Reports..............................................................................................................1+1 11.3 :est Upcomin% >ersions.......................................................................................................1+3 11.3.1 Upcomin% >ersion 8.2...................................................................................................1+3 11.3.2 :estin% a )i%ht"8 Snapshot...........................................................................................1+3 11.3.3 Ro""in% Eour ,wn :estin% Snapshot.............................................................................1+3

FreeNAS 8.0.3 Guide

Page ( of 164

Section 1: Introduction and Installation

Preface
0ritten ;8 users o* the !ree)AS3 networ'Battached stora%e operatin% s8stem. >ersion 8.#.3 ?u;"ished =anuar8 1.D 2#12 Cop8ri%ht F 2#11D 2#12 i9s8stems. :his 4uide co-ers the insta""ation and use o* !ree)AS3 8.#.3. $f you are running a ersion of FreeNAS %&' that is ear(ier than FreeNAS %&0&), it is strong(y re*ommended that you u+grade to or insta(( FreeNAS %&0&)& :his -ersion *i5es man8 ;u%s *rom pre-ious 8.5 -ersions and se-era" *eatures mentioned in this 4uide were not a-ai"a;"e or did not wor' as documented in ear"ier -ersions o* !ree)AS3 8.5. :he !ree)AS3 Users 4uide is a wor' in pro%ress and re"ies on the contri;utions o* man8 indi-idua"s. I* 8ou are interested in he"pin% us to impro-e the 4uideD -isit doc.*reenas.or% and create a wi'i "o%in account. I* 8ou use IRC !reenodeD 8ou are we"come to Goin the H*reenas channe" where 8ou wi"" *ind other !ree)AS3 users. :he !ree)AS3 Users 4uide is *ree"8 a-ai"a;"e *or sharin% and redistri;ution under the terms o* the Creati-e Commons Attri;ution 7icense. :his means that 8ou ha-e permission to cop8D distri;uteD trans"ateD and adapt the wor' as "on% as 8ou attri;ute i9s8stems as the ori%ina" source o* the 4uide. !ree)AS3 is a trademar' o* i9s8stems. !ree S& and the !ree S& "o%o are re%istered trademar's o* the !ree S& !oundation. )*#ogra#"ic &on+entions :he !ree)AS3 8.#.3 4uide uses the *o""owin% t8po%raphic con-entionsI 'o d te,t: represents a command written at the command "ine. In usa%e e5amp"esD the *ont is chan%ed to Courier 10 with an8 command output disp"a8ed in un;o"ded te5t. ita(i* te't, used to represent de-ice names or *i"e name paths. bold italic text: used to emphasi6e an important point.

Introduction

!ree)AS3 is an em;edded open source networ'Battached stora%e J)ASK s8stem ;ased on !ree S& and re"eased under a S& "icense. A )AS pro-ides an operatin% s8stem that has ;een optimi6ed *or *i"e stora%e and sharin%. :he !ree)AS3 ?roGect was ori%ina""8 *ounded ;8 ,"i-ier CochardB7a;;L in 2##( and was ;ased on m#n#wa""D an em;edded *irewa"" ;ased on !ree S&. It was ?H? ;asedD eas8BtoBuseD and had "ots o* *eatures. In &ecem;er o* 2##9D ,"i-ier announced that the .. ;ranch wou"d ;e p"aced in maintenanceB on"8 mode as he no "on%er had time to de-ote to *urther !ree)AS3 de-e"opment. >o"'er :hei"eD a !ree)AS3 de-e"oper who a"so de-e"ops on &e;ian in his da8 Go;D decided to start the ,penMedia>au"t proGectD which wou"d ;e a rewrite o* !ree)AS3 ;ased on &e;ian 7inu5 and re"eased FreeNAS 8.0.3 Guide Page 8 of 164

under the terms o* the 4p7-3 "icense. Man8 !ree)AS3 users were not p"eased a;out the chan%e o* "icense and the "oss o* 'erne"B;ased /!S support due to 4?7 incompati;i"ities with the C&&7 "icense. i9s8stemsD a pro-ider o* !ree S&B;ased hardware so"utions and pro*essiona" supportD too' the initiati-e to continue the de-e"opment o* a S& "icensed !ree)AS3 so"ution ;ased on !ree S&. :he8 too' the opportunit8 to ana"86e the positi-es J"ots o* coo" *eaturesK and ne%ati-es Jmono"ithicD e-er8thin%B;utBtheB'itchenBsin' desi%n that was di**icu"t to maintain and supportK. It was decided that the ne5t -ersion wou"d ;e rewritten *rom scratch usin% a modu"ar desi%n that wou"d support p"u%ins. :his wou"d a""ow !ree)AS3 to ha-e a sma"" *ootprint that was eas8 to support whi"e a""owin% users to Gust insta"" the p"u%ins *or the *eatures the8 desired. It wou"d ha-e the added ;ene*it o* a""owin% users to create and contri;ute p"u%ins *or niche *eaturesD a""owin% its usa%e cases to %row with users1 needs. 0or' on the new desi%n ;e%an in 2#1# and the initia" redesi%ned -ersionD !ree)AS3 8.#D was re"eased on Ma8 2D 2#11. 0or'in% with the communit8 to *i5 the ;u%s and add the *eatures needed within the core portion o* the )AS resu"ted in !ree)AS3 8.#.1 which was re"eased on Septem;er 3#D 2#11. !ree)AS3 8.#.2 was re"eased on ,cto;er 13D 2#11 and pro-ided additiona" ;u% *i5es. !ree)AS3 8.#.3 was re"eased on =anuar8 3D 2#12. :his "atest re"ease pro-ides *u"" )AS *unctiona"it8 suited *or ;oth home use and production en-ironments. It does not contain a"" o* the *eatures pro-ided ;8 !ree)AS ..BBthe upcomin% 8.2 re"ease and its p"u%in architecture wi"" a""ow the creation o* p"u%ins so that missin% *eatures can ;e insta""ed ;8 the users that require them.

1.1

%ard-are .e/uire0ents

Since !ree)AS3 8.#.3 is ;ased on !ree S& 8.2D it supports the same hardware *ound in the amd+$ and i38+ sections o* the !ree S& 8.2 Hardware Compati;i"it8 7ist. Actua" hardware requirements wi"" -ar8 dependin% upon what 8ou are usin% 8our !ree)AS3 s8stem *or. :his section pro-ides some %uide"ines to %et 8ou started. Eou shou"d a"so s'im throu%h the !ree)AS3 Hardware !orum *or per*ormance tips *rom other !ree)AS3 users. :he Hardware !orum is a"so an e5ce""ent p"ace to post questions re%ardin% 8our hardware setup or the hardware ;est suited to meet 8our requirements. 1.1.1 Arc"itecture

0hi"e !ree)AS3 is a-ai"a;"e *or ;oth 32B;it and +$B;it architecturesD 8ou shou"d use +$B;it hardware i* 8ou care a;out speed or per*ormance. A 32B;it s8stem can on"8 address up to $4 o* RAMD ma'in% it poor"8 suited to the RAM requirements o* /!S. I* 8ou on"8 ha-e access to a 32B;it s8stemD consider usin% U!S instead o* /!S. 1.1.2 .A1

:he ;est wa8 to %et the most out o* 8our !ree)AS3 s8stem is to insta"" as much RAM as possi;"e. I* 8our RAM is "imitedD consider usin% U!S unti" 8ou can a**ord ;etter hardware. /!S t8pica""8 requires a minimum o* + 4 o* RAM in order to pro-ide %ood per*ormanceM in practica" terms Jwhat 8ou can actua""8 insta""KD this means that the minimum is rea""8 8 4 . :he more RAMD the ;etter the per*ormanceD and the !orums pro-ide anecdota" e-idence *rom users on how much per*ormance is %ained ;8 addin% more RAM. !or s8stems with "ar%e dis' capacit8 J%reater than + : KD a %enera" ru"e o* thum; is 14 o* RAM *or e-er8 1: o* stora%e. N2)3: ;8 de*au"tD /!S disa;"es preB*etchin% Jcachin%K *or s8stems containin% "ess than $ 4 FreeNAS 8.0.3 Guide o*

Page 4 of 164

usa!(e RAM. )ot usin% preB*etchin% can rea""8 s"ow down per*ormance. $ 4 o* usa;"e RAM is not the same thin% as $ 4 o* insta""ed RAM as the operatin% s8stem resides in RAM. :his means that the practica" preB*etchin% thresho"d is + 4 D or 8 4 o* insta""ed RAM. Eou can sti"" use /!S with "ess RAMD ;ut per*ormance wi"" ;e e**ected. I* 8ou are insta""in% !ree)AS3 on a head"ess s8stemD disa;"e the shared memor8 settin%s *or the -ideo card in the I,S. 1.1.3 &o0#act or !S5 F as"

:he !ree)AS3 operatin% s8stem is a runnin% ima%e that needs to ;e insta""ed onto a US or compact *"ash de-ice that is at "east 2 4 in si6e. A "ist o* compact *"ash dri-es 'nown to wor' with !ree)AS3 can ;e *ound on the .. wi'i. I* 8ou don1t ha-e compact *"ashD 8ou can instead use a US thum; dri-e that is dedicated to the runnin% ima%e and which sta8s inserted in the US s"ot. 0hi"e technica""8 8ou can insta"" !ree)AS3 onto a hard dri-eD this is discoura%ed as 8ou wi"" "ose the stora%e capacit8 o* the dri-e. In other wordsD the operatin% s8stem wi"" ta'e o-er the dri-e and wi"" not a""ow 8ou to store data on itD re%ard"ess o* the si6e o* the dri-e. :he !ree)AS3 insta""ation wi"" partition the operatin% s8stem dri-e into two N14 partitions. ,ne partition ho"ds the current operatin% s8stem and the other partition is used when 8ou up%rade. :his a""ows 8ou to sa*e"8 up%rade to a new ima%e or to re-ert to an o"der ima%e shou"d 8ou encounter pro;"ems. 1.1.4 Storage 6is7s and &ontro ers

:he &is' section o* the !ree S& Hardware 7ist "ists the supported dis' contro""ers. In additionD support *or 3ware +%;ps RAI& contro""ers has ;een added a"on% with the C7I uti"it8 t-8c i *or mana%in% 3ware RAI& contro""ers. !ree)AS3 supports hot p"u%%a;"e dri-es. Ma'e sure that AHCI is ena;"ed in the I,S and that 8ou ha-e read Hot Swappin% a /!S !ai"ed &ri-e ;e*ore imp"ementin% this *eature. I* 8ou ha-e some mone8 to spend and wish to optimi6e 8our dis' su;s8stemD consider 8our read@write needsD 8our ;ud%etD and 8our RAI& requirements. !or e5amp"eD mo-in% the the /I7 J/!S Intent 7o%K to a dedicated SS& on"8 he"ps per*ormance i* 8ou ha-e s8nchronous writesD "i'e a data;ase ser-er. SS& cache de-ices on"8 he"p i* 8our wor'in% set is "ar%er than s8stem RAMD ;ut sma"" enou%h that a si%ni*icant percenta%e o* it wi"" *it on the SS&. I* 8ou ha-e stead8D nonBconti%uous writesD use dis's with "ow see' times. <5amp"es are 1#2 or 1(2 SAS dri-es which cost a;out O1@4 . An e5amp"e con*i%uration wou"d ;e si5 1(2 SAS dri-es in a RAI& 1# which wou"d 8ie"d 1.8 : o* usa;"e space or ei%ht 1(2 SAS dri-es in a RAI& 1# which wou"d 8ie"d 2.$ : o* usa;"e space. .2## R?M SA:A dis's are desi%ned *or sin%"eBuser sequentia" I@, and are not a %ood choice *or mu"tiB user writes. I* 8ou ha-e the ;ud%et and hi%h per*ormance is a 'e8 requirementD consider a !usionBI@, card which is optimi6ed *or massi-e random access. :hese cards are e5pensi-e and are suited *or hi%h end s8stems that demand per*ormance. A !usionBI@, can ;e *ormatted with a *i"es8stem and used as direct stora%eM when used this wa8D it does not ha-e the write issues t8pica""8 associated with a *"ash de-ice. A !usionB I@, can a"so ;e used as a cache de-ice when 8our /!S dataset si6e is ;i%%er than 8our RAM. &ue to the FreeNAS 8.0.3 Guide Page 10 of 164

increased throu%hputD s8stems runnin% these cards t8pica""8 use mu"tip"e 1# 4i%< networ' inter*aces. I* 8ou wi"" ;e usin% /!SD &is' Space Requirements *or /!S Stora%e ?oo"s recommends a minimum o* 1+ 4 o* dis' space. &ue to the wa8 that /!S creates swapD 8ou can not *ormat "ess than 34 o* space with /!S. Howe-erD on a dri-e that is ;e"ow the minimum recommended si6e 8ou "ose a *air amount o* stora%e space to swapI *or e5amp"eD on a $ 4 dri-eD 24 wi"" ;e reser-ed *or swap. I* 8ou are new to /!S and are purchasin% hardwareD read throu%h /!S Stora%e ?oo"s Recommendations *irst. 1.1.$ Net-or7 Interfaces

:he !ree S& <thernet section o* the Hardware )otes indicates which inter*aces are supported ;8 each dri-er. 0hi"e man8 inter*aces are supportedD !ree)AS3 users ha-e seen the ;est per*ormance *rom Inte" and Che"sio inter*acesD so consider these ;rands i* 8ou are purchasin% a new inter*ace. At a minimum 8ou wi"" want to use a 4i%< inter*ace. 0hi"e 4i%< inter*aces and switches are a**orda;"e *or home useD it shou"d ;e noted that modern dis's can easi"8 saturate 11# M @s. I* 8ou require a hi%her networ' throu%hputD 8ou can P;ondP mu"tip"e 4i%< cards to%ether usin% the 7AC? t8pe o* 7in' A%%re%ation. Howe-erD an8 switches wi"" need to support 7AC? which means 8ou wi"" need a more e5pensi-e mana%ed switch rather than a home user %rade switch. I* networ' per*ormance is a requirement and 8ou ha-e some mone8 to spendD use 1# 4i%< inter*aces and a mana%ed switch. I* 8ou are purchasin% a mana%ed switchD consider one that supports 7AC? and Gum;o *rames as ;oth can ;e used to increase networ' throu%hput. N2)3: at this time the *o""owin% are not supportedI In*ini andD !i;reChanne" o-er <thernetD or wire"ess inter*aces. I* networ' speed is a requirementD consider ;oth 8our hardware and the t8pe o* shares that 8ou create. ,n the same hardwareD CI!S wi"" ;e s"ower than !:? or )!S as Sam;a is sin%"eBthreaded. I* 8ou wi"" ;e usin% CI!SD use a *ast C?U. 1.1.6 .AI6 2+er+ie-

&ata redundanc8 and speed are important considerations *or an8 networ' attached stora%e s8stem. Most )AS s8stems use mu"tip"e dis's to store dataD meanin% 8ou shou"d decide what t8pe o* RAI& to use !efore insta""in% !ree)AS3. :his section pro-ides an o-er-iew o* RAI& t8pes to assist 8ou in decidin% which t8pe ;est suits 8our requirements. .AI6 0: uses data stripin% to store data across mu"tip"e dis's. It pro-ides 6ero *au"t to"eranceD meanin% i* one dis' *ai"sD a"" o* the data on a"" o* the dis's is "ost. :he more dis's in the RAI& #D the more "i'e"8 the chance o* a *ai"ure. .AI6 1: a"" data is mirrored onto two dis'sD creatin% a redundant cop8 shou"d one dis' *ai". I* the dis's are on separate contro""ersD this *orm o* RAI& is a"so ca""ed dup"e5in%. .AI6 $: requires a minimum o* 3 dis's and can to"erate the "oss o* one dis' without "osin% data. &is' reads are *ast ;ut write speed can ;e reduced ;8 as much as (#Q. I* a dis' *ai"sD it is mar'ed as de%raded ;ut the s8stem wi"" continue to operate unti" the dri-e is rep"aced and the RAI& is re;ui"t. Howe-erD shou"d another dis' *ai" ;e*ore the RAI& is re;ui"tD a"" data wi"" ;e "ost. I* 8our !ree)AS3 s8stem wi"" ;e used *or stead8 writesD RAI& ( is a poor choice due to the s"ow write speed. FreeNAS 8.0.3 Guide Page 11 of 164

.AI6 6: requires a minimum o* $ dis's and can to"erate the "oss o* 2 dis's without "osin% data. ene*its *rom ha-in% man8 dis's as per*ormanceD *au"t to"eranceD and cost e**icienc8 are a"" impro-ed re"ati-e"8 with more dis's. :he "ar%er the *ai"ed dri-eD the "on%er it ta'es to re;ui"d the arra8. Reads are -er8 *ast ;ut writes are s"ower than a RAI& (. .AI6 10: requires a minimum o* $ dis's and num;er o* dis's is a"wa8s e-en as this t8pe o* RAI& mirrors striped sets. ,**ers *aster writes than RAI& (. Can to"erate mu"tip"e dis' "oss without "osin% dataD as "on% as ;oth dis's in a mirror are not "ost. .AI6 60: requires a minimum o* 8 dis's. Com;ines RAI& # stripin% with the distri;uted dou;"e parit8 o* RAI& + ;8 stripin% 2 $Bdis' RAI& + arra8s. RAI& +# re;ui"d times are ha"* that o* RAI& +. .AI691: /!S so*tware so"ution that is equi-a"ent to RAI&(. Its ad-anta%e o-er RAI& ( is that it a-oids the writeBho"e and doesn1t require an8 specia" hardwareD meanin% it can ;e used on commodit8 dis's. I* 8our !ree)AS3 s8stem wi"" ;e used *or stead8 writesD RAI&/ is a poor choice due to the s"ow write speed. Requires a minimum o* 3 dis's thou%h ( dis's is recommended Jo-er 3D $D or + dis'sK. It shou"d ;e noted that 8ou cannot add additiona" dri-es to e5pand the si6e o* a RAI&/1 a*ter 8ou ha-e created it. :he on"8 wa8 to increase the si6e o* a RAI&/1 is to rep"ace each dri-e with a "ar%er dri-e one ;8 one whi"e a""owin% time *or restripin% ;etween each dri-e swap out. Howe-erD 8ou can com;ine two e5istin% RAI&/11s to increase the si6e o* a /!S -o"ume Jpoo"K. .AI692: dou;"eBparit8 /!S so*tware so"ution that is simi"ar to RAI&B+. Its ad-anta%e o-er RAI& ( is that it a-oids the writeBho"e and doesn1t require an8 specia" hardwareD meanin% it can ;e used on commodit8 dis's. Requires a minimum o* 3 dis's. RAI&/2 a""ows 8ou to "ose 1 dri-e without an8 de%radation as it ;asica""8 ;ecomes a RAI&/1 unti" 8ou rep"ace the *ai"ed dri-e and restripe. At this timeD RAI&/2 on !ree S& is s"ower than RAI&/1. N2)3: It isn1t recommended to mi5 /!S RAI& with hardware RAI&. It is recommended that 8ou p"ace 8our hardware RAI& contro""er in = ,& mode and "et /!S hand"e the RAI&. Accordin% to 0i'ipediaI ZFS can not fully protect the user's data when using a hardware RAID controller, as it is not able to perfor the auto atic self!healing unless it controls the redundancy of the dis"s and data# ZFS prefers direct, exclusi$e access to the dis"s, with nothing in between that interferes# If the user insists on using hardware!le$el RAID, the controller should be configured as %&'D ode (i#e# turn off RAID!functionality) for ZFS to be able to guarantee data integrity# *ote that hardware RAID configured as %&'D ay still detach dis"s that do not respond in ti e+ and as such ay re,uire -./R011-.0/R1!enabled dis"s to pre$ent dri$e dropouts# -hese li itations do not apply when using a non!RAID controller, which is the preferred ethod of supplying dis"s to ZFS# 0hen comparin% hardware RAI& t8pes con-entiona" wisdom recommends the *o""owin% in order o* pre*erenceI Raid+D Raid1#D Raid(D then Raid#. I* usin% /!SD the recommended pre*erence chan%es to RAI&/2. :hese *orum posts are a"so worth readin%I 0hat is the est RAI&/ Con*i%uration 4ettin% the Most out o* /!S ?oo"s RAI&/ Con*i%uration Requirements and Recommendations N2)3: *' RAID S'.2-I'* 3R'4ID/S A R/3.A1/5/*- F'R A R/.IA&./ &A1623 S-RA-/78# &AD S-2FF 1A* S-I.. 9A33/* A*D 8'2 :I.. &/ 7.AD -9A- 8'2 &A16/D 23 8'2R DA-A :9/* I- D'/S# See section +.1 ?eriodic Snapshot :as's and section +.2 Rep"ication :as's i* 8ou wou"d "i'e to use /!S snapshots and rs8nc as part o* 8our ;ac'up strate%8. FreeNAS 8.0.3 Guide Page 12 of 164

1.1.(

9FS 2+er+ie-

0hi"e /!S isn1t hardware Jit is a *i"es8stemKD an o-er-iew is inc"uded in this section as the decision to use /!S ma8 impact on 8our hardware choices and whether or not to use hardware RAI&. I* 8ou1re new to /!SD the 0i'ipedia entr8 on /!S pro-ides an e5ce""ent startin% point to "earn a;out its *eatures. :hese resources are a"so use*u" to ;oo'mar' and re*er to as neededI /!S <-i" :unin% 4uide !ree S& /!S :unin% 4uide /!S est ?ractices 4uide /!S Administration 4uide ecomin% a /!S )inGa J-ideoK /!S -ersion num;ers chan%e as *eatures are introduced and are incrementa"D meanin% that a -ersion inc"udes a"" o* the *eatures introduced ;8 pre-ious -ersions. :a;"e 1.1a summari6es -arious /!S -ersionsD the *eatures which were added ;8 that /!S -ersionD and in which -ersion o* !ree)AS3 that /!S -ersion was introduced. Recent -ersions o* !ree)AS3 ...5 use /!S -ersion 13 which is wh8 8ou can1t down%rade a /!S -o"ume *rom !ree)AS3 8.5 to !ree)AS3 ...5. !ree)AS3 8.#.3 uses /!S -ersion 1(D meanin% that it inc"udes a"" o* the *eatures that were introduced ;etween -ersions 13 to 1(. )a' e 1.1a: Su00ar* of 9FS :ersions 9FS :ersion 1# 11 12 13 1$ 1( 1+ 1. 18 19 2# 21 22 23 2$ 2( 2+ 2. Features Added cache de-ices impro-ed scru; per*ormance snapshot properties snapused propert8 passthrou%hB5 ac"inherit propert8 user and %roup space accountin% S:M! propert8 support RAI&/3 snapshot user ho"ds "o% de-ice remo-a" compression usin% 6"e J6eroB"en%th encodin%K dedup"ication recei-ed properties de*erred update Js"im /I7K s8stem attri;utes impro-ed scru; stats impro-ed snapshot de"etion per*ormance impro-ed snapshot creation per*ormance FreeNAS :ersion ...5 ...5 ...5 ...5 8.# 8.# on roadmap on roadmap on roadmap on roadmap on roadmap on roadmap on roadmap on roadmap on roadmap on roadmap on roadmap on roadmap

FreeNAS 8.0.3 Guide

Page 13 of 164

9FS :ersion Features Added 28 mu"tip"e -de- rep"acements 3# encr8ption

FreeNAS :ersion on roadmap ,rac"e has not re"eased as open source

/!S uses the /I7 J/!S Intent 7o%K to mana%e writes. I* 8ou are usin% >M0areD the speed o* the /I7 de-ice is essentia""8 the write per*ormance ;ott"enec' when usin% )!S. In this scenarioD iSCSI wi"" per*orm ;etter than )!S. I* 8ou decide to create a dedicated cache de-ice to speed up )!S writesD it can ;e ha"* the si6e o* s8stem RAM as an8thin% "ar%er than that is unused capacit8. Mirrorin% the /I7 de-ice won1t increase the speedD ;ut it wi"" he"p per*ormance and re"ia;i"it8 i* one o* the dri-es *ai"s.

1.2

;"at<s Ne-

:he !ree)AS3 8 series represents an entire rewrite *rom the .. series o* !ree)AS3. In other wordsD !ree)AS3 was rewritten *rom scratch and *eatures were added as the new ;ase sta;i"i6ed. :his means that not e-er8 *eature in the .. series was reBimp"emented and some *eatures that are not a-ai"a;"e in !ree)AS3 .. are a-ai"a;"e in !ree)AS3 8.5. )ota;"e di**erences ;etween the two imp"ementations are as *o""owsI -ersionin% num;ers ha-e chan%ed with the intent to ha-e the -ersion num;er re*"ect the ;ase -ersion o* !ree S&. !ree)AS3 8.#.3 is ;ased on !ree S& 8.2M as the 8 ;ranch o* !ree)AS3 ;ecomes *eature comp"eteD its -ersion num;er wi"" increment to 8.2. ;ased on )ano S& rather than m#n#wa"" desi%n was chan%ed *rom mono"ithic to modu"ari6ed to a""ow *or the creation o* p"u%ins so that users can insta"" and con*i%ure on"8 the modu"es the8 need 4UI rewritten in &Gan%o to a""ow *or *uture e5pansion new 4UI is the de*au"t with the ori%ina" 4UI sti"" a-ai"a;"e ;8 enterin% the appname a*ter the !ree)AS3 s8stem1s UR7 Je.%. httpI@@192.1+8.1.1@ser-icesK impro-ed mana%ement o* ownership@%roup@permissions o* -o"umes and datasets /!S parameters per datasetD such as quotasD were added 7SI + %;ps H As are now supported mi%rated to rc.d init s8stem ports updated to !ree S& 8.2 iSCSI support added support *or 3ware +;ps RAI& contro""ers has ;een added a"on% with the C7I uti"it8 t-8c i *or mana%in% 3ware RAI& contro""ers added the a;i"it8 to create periodic snapshot Go;sD create oneBtime snapshotsD c"one snapshots which can then ;e e5ported as shares "i'e an8 other datasetD and ro"";ac' to a pre-ious snapshot

FreeNAS 8.0.3 Guide

Page 14 of 164

1.3

Features
supports A!?D CI!SD !:?D )!SD SSH Jinc"udin% S!:?KD and :!:? as *i"e sharin% mechanisms supports e5portin% *i"e or de-ice e5tents -ia iSCSI supports Acti-e &irector8 or 7&A? *or user authentication supports U!S2 ;ased -o"umesD inc"udin% %mirrorD %stripeD and %raid3 supports /!S as the primar8 *i"es8stemD ena;"in% man8 *eatures not a-ai"a;"e in U!S2 such as quotasD snapshotsD compressionD rep"icationD and datasets *or sharin% su;sets o* -o"umes up%rade procedure ta'es ad-anta%e o* )ano S& ;8 writin% the operatin% s8stem to an inacti-e partitionD a""owin% *or an eas8 re-ersa" o* an undesira;"e up%rade automatic s8stem noti*ications a;out 7SI RAI& contro""er e-ents Jrequires emai" ser-ice to ;e con*i%uredK &Gan%oBdri-en %raphica" user inter*ace rs8nc con*i%uration throu%h the %raphica" inter*ace cron mana%ement throu%h the %raphica" inter*ace menu "oca"i6ation the SCSI seria" num;er can ;e set on a per tar%et ;asisD *i5in% an issue where MMI, was seein% di**erent !ree)AS3 ser-ers as the same de-ice mu"tip"e I?s can now ;e speci*ied per iSCSI porta" ssh daemon now "o%s to @-ar@"o%@auth."o% CI!S now de*au"ts to AI, ena;"ed /!S hot spare cuto-er he"per app"ication within 4UI SMAR: monitorin% in 4UI U?S mana%ement in 4UI US 3.# support AC7s and U)I9 *i"e s8stem permissions wor' proper"8 on ;oth U!S and /!S -o"umes periodic /!S snapshots are now e5ported to CI!S shares and are -isi;"e in 0indows as shadow copies readBon"8 is ena;"ed on creation o* remote *i"es8stem to pre-ent accidenta" writes to the rep"ica which wou"d ;rea' rep"ication added tmu5D a S&B"icensed uti"it8 simi"ar to 4)U screen added dmidecode which can pro-ide -er8 use*u" hardware dia%nostic in*ormation updated the -ersion o* Inte" )IC dri-ers to hand"e Inte"1s "atest round o* hardware Page 1$ of 164

)ota;"e *eatures in !ree)AS3 8.#.3 inc"udeI

FreeNAS 8.0.3 Guide

added support *or Mar-e"" M92 SA:A contro""ersD so"d with some 0& 3: dri-es netata"' JA!?K is now compati;"e with ,S 9 1#..

1.4

=no-n Issues
!PG.A63S F.21 FreeNAS 0.(, A.3 !NS!PP2.)36. :he s8stem has no wa8 to import con*i%uration settin%s *rom #..5 -ersions o* !ree)AS3D ;ut the -o"ume importer shou"d ;e a;"e to hand"e -o"umes created with !ree)AS3 #..5. ?"ease note that 6poo" up%rade is a one wa8 street and up%raded -o"umes wi"" not ;e usa;"e with !ree)AS3 #..5. :he /!S up%rade procedure is nonBre-ersi;"e and must ;e run manua""8. ?"ease do not up%rade 8our poo"s un"ess 8ou are a;so"ute"8 sure that 8ou1"" ne-er want to %o ;ac' to other s8stems. !or c"arit8D 6poo" up%rade is a ,)<B0AE street. :here is no re-ersin% itD and there is no wa8 *or a s8stem with an o"der -ersion o* /!S to access poo"s that ha-e ;een up%raded. :he iSCSI tar%et does not support a con*i%uration re"oad meanin% that chan%es to the con*i%uration restart the daemon. &is's with certain con*i%urations can %et pro;ed ;8 4<,M and ;ecome essentia""8 unwrita;"e without manua" inter-ention. !or instanceD i* 8ou use dis's that pre-ious"8 had a %mirror on themD the s8stem ma8 pic' that up and the dis's wi"" ;e una-ai"a;"e unti" the e5istin% %mirror is stopped and destro8ed. In a departure *rom !ree)AS3 #..5D the operatin% s8stem dri-e can not ;e used as a component *or a -o"umeD nor can it ;e partitioned *or sharin%. Some AtomB;ased s8stems with Rea"te' 4i%< inter*aces ha-e networ' per*ormance issues with !ree S& 8.2.

e*ore insta""in% !ree)AS3 8ou shou"d ;e aware o* the *o""owin% 'nown issuesI

1.$

.oad0a# for 8.2

8.2 is e5pected to ;e re"eased ;8 the end o* the *irst quarter o* 2#12. ,ri%ina""8D this re"ease was to ;e named 8.1D ;ut it was decided to chan%e the upcomin% re"ease name to 8.2 to ;etter re*"ect the !ree S& -ersion it is ;ased upon. :a;"e 1.. "ists the *eatures which are current"8 ;ein% wor'ed on and shou"d ;e imp"emented *or the 8.2 re"easeI )a' e 1.(: 8.2 Features .oad0a# Feature mi%ration uti"it8 *rom .. to 8.5 rs8nc o-er SSH p"u%in s8stem which wi"" a""ow the insta""ation o* additiona" app"ications throu%h the ? I s8stem FreeNAS 8.0.3 Guide Status committed inBpro%ress Notes

Page 16 of 164

Feature Status Notes U?S c"ient 0a'e on 7A) support sp"it ):? ser-er and options into se-era" committed *ie"ds in the 4UI committed Jand a-ai"a;"e to S)M? connection to U?S some de%ree -ia nut in 8.#.3K transmission support committed 4UI and p"u%in support sti"" not ena;"ed *ire*"8 support committedM 4UI @ p"u%in support sti"" not ena;"ed u?n?@&AA?@&7)A support minid"na support committedM 4UI @ p"u%in support sti"" not ena;"ed :he *o""owin% *eatures wi"" not ma'e it into 8.2 and are ;ein% considered *or a "ater -ersion o* !ree)AS3I encr8ption Jwith 4<7ICK automated mechanism *or error reportin% and user *eed;ac' more detai"ed s8stem in*ormation networ' ;andwidth reportin% Unison

Insta ing FreeNAS

e*ore insta""in%D it is important to remem;er that the !ree)AS3 operatin% s8stem must ;e insta""ed on a separate de-ice *rom the dri-eJsK that wi"" ho"d the stora%e data. In other wordsD i* 8ou on"8 ha-e one dis' dri-e 8ou wi"" ;e a;"e to use the !ree)AS3 %raphica" inter*ace ;ut won1t ;e a;"e to store an8 dataD which a*ter a""D is the who"e point o* a )AS s8stem. I* 8ou are a home user who is e5perimentin% with !ree)AS3D 8ou can insta"" !ree)AS3 on an ine5pensi-e US thum; dri-e and use the computer1s dis'JsK *or stora%e. :his section descri;es how toI 4ettin% !ree)AS3 Insta""in% *rom C&R,M Insta""in% *rom the Ima%e Initia" Setup Up%radin% !ree)AS3

FreeNAS 8.0.3 Guide

Page 1( of 164

I* 8ou are insta""in% !ree)AS3 into a >irtua" o5 as a testin% en-ironmentD 8ou wi"" need to con*i%ure the -;o5 inter*ace *or ;rid%in% in order to access the !ree)AS3 4UI throu%h a we; ;rowser. :o do this in >irtua" o5D %o to Settin%s BR )etwor'. In the Attached to dropBdown menu se"ect rid%ed Adapter and se"ect the name o* the ph8sica" inter*ace *rom the )ame dropBdown menu. In the e5amp"e shown in !i%ure 2aD the Inte" ?ro@1### <thernet card is attached to the networ' and has a de-ice name o* re#. Figure 2a: &onfiguring a 5ridged Ada#ter in :irtua 5o,

Eou wi"" a"so need to create at "east 2 -irtua" dis'sI the primar8 master shou"d ;e at east 4 G5 in si>e to ho"d the operatin% s8stem and swap and the other -irtua" dis'JsK can ;e used as data stora%e.

2.1

Getting FreeNAS

!ree)AS3 8.#.3 can ;e down"oaded *rom the !ree)ASB8 Source*or%e pa%e. !ree)AS3 is a-ai"a;"e *or 32B;it J538+K and +$B;it J5+$K architectures. Eou shou"d down"oad the architecture t8pe that matches 8our C?U1s capa;i"ities.. :he down"oad pa%e contains the *o""owin% t8pes o* *i"esI FreeNAS 8.0.3 Guide Page 18 of 164

G!I8u#grade.,>: this is a compressed *irmware up%rade ima%e and requires a pre-ious insta""ation o* !ree)AS3 8.5. I* 8our intent is to up%rade !ree)AS3D down"oad the correct .56 *i"e *or 8our architecture and see section 2.( Up%radin% !ree)AS3. Fu 8Insta .,>: this is a compressed ima%e o* the *u"" ima%e dis' that needs to ;e written to a US or compact *"ash de-ice. Section 2.3 Insta""in% *rom the Ima%e descri;es how to use this ima%e. .iso: this is a ;oota;"e ima%e that can ;e written to C&R,M. Insta""in% *rom the C&R,M is descri;ed in more detai" in the ne5t section.

:he down"oad director8 a"so contains a Re"ease)otes *or that -ersion o* !ree)AS3. :his *i"e contains the chan%es introduced ;8 that re"easeD an8 'nown issuesD and the SHA2(+ chec'sums o* the *i"es in the down"oad director8. :he command 8ou use to -eri*8 the chec'sum -aries ;8 operatin% s8stemI on a S& s8stem use the command s"a2$6 na0e8of8fi e on a 7inu5 s8stem use the command s"a2$6su0 na0e8of8fi e on a Mac s8stem use the command s"asu0 ?a 2$6 na0e8of8fi e on a 0indows s8stem insta"" a uti"it8 such as HashCa"c or Hash:a; Jwhich is a"so a-ai"a;"e *or MacK

2.2

Insta ing fro0 &6.21

I* 8ou pre*er to insta"" !ree)AS3 usin% a menuBdri-en insta""erD down"oad the IS, ima%e that matches the architecture o* the s8stem 8ou wi"" insta"" onto J32 or +$ ;itK and ;urn it to a C&R,M. N2)3: the insta""er on the C&R,M wi"" reco%ni6e i* a pre-ious -ersion o* !ree)AS3 8.5 is a"read8 insta""edD meanin% the C&R,M can a"so ;e used to up%rade !ree)AS3. Howe-erD the insta""er can not per*orm an up%rade *rom a !ree)AS3 ..5 s8stem. Insert the C&R,M into the s8stem and ;oot *rom it. ,nce the media has *inished ;ootin%D 8ou wi"" ;e presented with the conso"e setup menu seen in !i%ure 2.2a. N2)3: i* the insta""er does not ;ootD chec' that the C& dri-e is "isted *irst in the ;oot order in the I,S. Some mother;oards ma8 require 8ou to connect the C&BR,M to SA:A# Jthe *irst connectorK in order to ;oot *rom C&BR,M. I* it sta""s durin% ;ootD chec' the SHA2(+ hash o* 8our IS, a%ainst that "isted in the R<A&M< *i"eM i* the hash does not matchD reBdown"oad the *i"e. I* the hash is correctD tr8 re;urnin% the C& at a "ower speed. ?ress enter to se"ect the de*au"t option o* S1 Insta""@Up%rade to hard dri-e@*"ash de-iceD etc.T. :he ne5t menuD seen in !i%ure 2.2;D wi"" "ist a"" a-ai"a;"e dri-esD inc"udin% an8 inserted US thum; dri-es which wi"" ;e%in with PdaP. In this e5amp"eD the user is insta""in% into >irtua" o5 and has created a $4 -irtua" dis' to ho"d the operatin% s8stem. Use 8our arrow 'e8s to hi%h"i%ht the US or compact *"ash de-ice then ta; to ,2 and press enter. !ree)AS3 wi"" issue the warnin% seen in !i%ure 2.2cD remindin% 8ou not to insta"" on a hard dri-e.

FreeNAS 8.0.3 Guide

Page 14 of 164

Figure 2.2a: FreeNAS &onso e Setu#

Figure 2.2': Se ecting ;"ic" 6ri+e to Insta Into

Figure 2.2c: FreeNAS ;arning on ;"* @ou S"ou d Insta onto !S5 F as" 6ri+e

?ress enter and !ree)AS3 wi"" e5tract the runnin% ima%e *rom the IS, and trans*er it to the de-ice. ,nce the insta""ation is comp"eteD 8ou shou"d see the messa%e in !i%ure 2.2d.

FreeNAS 8.0.3 Guide

Page 20 of 164

Figure 2.2d: FreeNAS Insta ation &o0# ete

?ress enter and 8ou1"" return to the *irst menuD seen in !i%ure 2.2a. Hi%h"i%ht S3 Re;oot S8stemT and press enter. Remo-e the C&R,M. I* 8ou insta""ed onto a US thum; dri-eD "ea-e the thum; dri-e inserted. Ma'e sure that the de-ice 8ou insta""ed to is "isted as the *irst ;oot entr8 in the I,S so that the s8stem wi"" ;oot *rom it. !ree)AS3 shou"d now ;e a;"e to ;oot into the Conso"e setup menu descri;ed in section 2.$ Initia" Setup.

2.3

Insta ing fro0 t"e I0age

I* 8our s8stem does not ha-e a C&R,M or 8ou pre*er to manua""8 write the runnin% ima%eD down"oad the !u""UInsta"".56 *i"e. :his *i"e wi"" need to ;e uncompressed and then written to a C! card or US thum;dri-e that is 24 or "ar%er. N2)3: an8 data current"8 sa-ed on the *"ash de-ice wi"" ;e erased. I* 8ou are writin% the ima%e to a C! cardD ma'e sure that it is MS&,S *ormatted. 6ANG3.A :he dd command is -er8 power*u" and can destro8 an8 e5istin% data on the speci*ied de-ice. e ery sure that 8ou 'now the de-ice name representin% the US thum; dri-e and ma'e sure 8ou do not t8po the de-ice name when usin% ddV 2.3.1 !sing ,>cat and dd on a Free5S6 or Binu, S*ste0

,n a !ree S& or 7inu5 s8stemD the ,>cat and dd commands can ;e used to uncompress and write the .56 ima%e to an inserted US thum; dri-e or compact *"ash de-ice. <5amp"e 2.3a demonstrates writin% the ima%e to the *irst US de-ice J -de -da0K on a !ree S& s8stem. Su;stitute the *i"ename o* 8our IS, and the de-ice name representin% the de-ice to write to on 8our s8stem. 3,a0# e 2.3a: ;riting t"e Fu 8Insta I0age to a !S5 )"u0' 6ri+e
xzcat FreeNAS-8.0.3-RELEASE-x64-Full_Install.xz | dd of=/dev/da0 bs=64k 0+244141 records in 0+244141 records out 2000000000 bytes transferred in 326.345666 secs (6128471 bytes/sec)

0hen usin% the dd commandI ofC re*ers to the output *i"eM in our caseD the de-ice name o* the *"ash card or remo-a;"e US dri-e. Eou ma8 ha-e to increment the num;er in the name i* it is not the *irst US de-ice. ,n 7inu5D use -de -sda to re*er to the *irst US de-ice. 'sC re*ers to the ;"oc' si6e

FreeNAS 8.0.3 Guide

Page 21 of 164

2.3.2

!sing =e7a and dd on an 2S D S*ste0

,n an ,S 9 s8stemD 8ou can down"oad and insta"" 2e'a to uncompress the ima%e. In !I)&<RD na-i%ate to the "ocation where 8ou sa-ed the down"oaded .56 *i"e. Shi*tWC"ic' Jor ri%htBc"ic'K on the .56 *i"e and se"ect 1,pen 0ith 2e'a1. A*ter a *ew minutes 8ou1"" ha-e a "ar%e *i"e with the same nameD ;ut no e5tension. Insert the US thum; dri-e and %o to 7aunchpad BR Uti"ities BR &is' Uti"it8. Unmount an8 mounted partitions on the US thum; dri-e. Chec' that the US thum; dri-e has on"8 one partition Ji* not 8ou wi"" %et 4?: partition ta;"e errors on ;ootK. Use &is' Uti"it8 to setup one partition on the US dri-eM P*ree spaceP wor's *ine. )e5tD determine the de-ice name o* the inserted US thum; dri-e. !rom :<RMI)A7D na-i%ate to 8our &es'top then t8pe this commandI
diskutil - list

:his wi"" show 8ou what de-ices are a-ai"a;"e to the s8stem. 7ocate 8our US stic' and record the path. I* 8ou are not sure which path is the correct one *or the US stic'D remo-e the de-iceD run the command a%ainD and compare the di**erence. ,nce 8ou are sure o* the de-ice nameD na-i%ate to the &es'top *rom :<RMI)A7 and use the dd command with the US stic' inserted. In <5amp"e 2.3;D the US thum; dri-e is -de -disk%. Su;stitute the name o* 8our uncompressed *i"e and the correct path to 8our US thum; dri-e. 3,a0# e 2.3': !sing dd on an 2S D S*ste0
dd if=FreeNAS-8.0.3-RELEASE-x64-Full_Install of=/dev/disk8 bs=64k

N2)3: I* 8ou %et the error PResource ;us8P when 8ou run the dd commandD %o to App"ications BR Uti"ities BR &is' Uti"it8D *ind 8our US thum; dri-eD and c"ic' on its partitions to ma'e sure a"" o* them are unmounted. :he dd command wi"" ta'e some minutes to comp"ete. 0ait unti" 8ou %et a prompt ;ac' and a messa%e that disp"a8s how "on% it too' to write the ima%e to the US dri-e. ,nce 8ou ha-e a runnin% ima%eD ma'e sure the ;oot order in the I,S is set to ;oot *rom the de-ice containin% the ima%e and ;oot the s8stem. It shou"d ;oot into the Conso"e setup menu descri;ed in section 2.$ Initia" Setup. N2)3: i* the ima%e does not ;ootD chec' the I,S and chan%e the US emu"ation *rom C&@&>&@*"opp8 to hard dri-e. I* it sti"" wi"" not ;ootD chec' to see i* the card@dri-e is U&MA comp"iant. Some users ha-e a"so *ound that some cheap 24 US stic's don1t wor' as the8 are not rea""8 24 in si6eD ;ut chan%in% to a $4 stic' *i5es the pro;"em. 2.3.3 !sing #"*sdis7-rite on ;indo-s

0indows users wi"" need to down"oad a uti"it8 that can uncompress 56 *i"es and a uti"it8 that can create a US ;oota;"e ima%e. A detai"ed howBto *or usin% .6ip and ph8sdis'write can ;e *ound in the *orum post How to write the em;edded !ree)AS 8 ima%e under 0indows.

FreeNAS 8.0.3 Guide

Page 22 of 164

2.4

Initia Setu#

:he *irst time 8ou re;oot into !ree)AS3D 8ou wi"" ;e presented with the Conso"e Setup screen shown in !i%ure 2.$a. N2)3: i* 8ou recei-e a ;oot errorD chec' 8our I,S settin%s to ma'e sure that the de-ice 8ou insta""ed !ree)AS3 to is "isted *irst in the ;oot order. A"so chec' the settin%s *or that de-ice. !or e5amp"eD a I,S ma8 require 8ou to chan%e *rom *"opp8 emu"ation mode to hard dis' mode. I* 8our I,S is too o"d to support a US ;oot de-iceD see i* a I,S update is a-ai"a;"e. I* 8ou recei-e a Pprimar8 4?: is corruptP errorD 8ou wi"" need to use the dd command to remo-e ;oth partition ta;"es as descri;ed in this *orum post. Eou shou"d then ;e a;"e to reinsta"" !ree)AS3 and success*u""8 ;oot into the new insta""ation. !ree)AS3 wi"" automatica""8 tr8 to connect to a &HC? ser-er on an8 "i-e inter*aces. I* it success*u""8 recei-es an I? addressD it wi"" disp"a8 what I? address can ;e used to access the %raphica" conso"e. In the e5amp"e seen in !i%ure 2.$aD the !ree)AS3 s8stem is accessi;"e *rom httpI@@1#.#.2.1(. Figure 2.4a: FreeNAS &onso e Setu# 1enu

I* 8our !ree)AS3 ser-er is not connected to a networ' with a &HC? ser-erD 8ou wi"" need to manua""8 con*i%ure the inter*ace as seen in <5amp"e 2.$a. In this e5amp"eD the !ree)AS3 s8stem has one networ' inter*ace Jem0K.

FreeNAS 8.0.3 Guide

Page 23 of 164

3,a0# e 2.4a: 1anua * Setting an IP Address fro0 t"e &onso e 1enu

Enter an option from 1-11: 1 1) em0 Select an interface (q to quit): 1 Delete existing config? (y/n) n Configure interface for DHCP? (y/n) n Configure IPv4? (y/n) y Interface name: (press enter as can be blank) Several input formats are supported Example 1 CIDR Notation: 192.168.1.1/24 Example 2 IP and Netmask separate: IP: 192.168.1.1 Netmask: 255.255.255.0, or /24 or 24 IPv4 Address: 192.168.1.108/24 Saving interface configuration: Ok Configure IPv6? (y/n) n Restarting network: ok You may try the following URLs to access the web user interface: http://192.168.1.108

!rom another s8stem with a %raphica" we; ;rowserD input the I? address *or 8our !ree)AS3 insta""ation. :he administrati-e 4UID shown in !i%ure 2.$; shou"d ;e disp"a8ed. I* it does not appearD chec' that 8our ;rowser con*i%uration does not ha-e an8 pro58 settin%s ena;"ed. I* it doesD disa;"e them and tr8 a%ain. A"soD I<9 has 'nown issues. I* 8ou can1t "o%in usin% Internet <5p"orerD use !ire*o5 instead. N2)3: ear"ier -ersions o* !ree)AS3 8 required 8ou to "o%in usin% the de*au"t credentia"s o* admin *or the username and freenas *or the password. I* 8ou c"ic' the *"ashin% A"ert icon in the upper ri%ht cornerD it wi"" a"ert 8ou that 8ou shou"d immediate"8 chan%e the password *or the admin user as current"8 no password is required to "o%in. Eou can do so in Account BR M8 Account BR Chan%e ?assword. ,nce 8ou do soD the A"ert icon wi"" chan%e to a so"id %reen.

FreeNAS 8.0.3 Guide

Page 24 of 164

Figure 2.4': FreeNAS Gra#"ica &onfiguration 1enu

2.$

!#grading FreeNAS

N2)3: e*ore per*ormin% an up%rade 8ou must a"wa8s ;ac'up 8our con*i%uration *i"eD s8stem dis'D and a"" o* 8our data. 237RAD/S FR'5 Free*AS; <#=x AR/ *'- S233'R-/D: the s8stem has no wa8 to import con*i%uration settin%s *rom #.. -ersions o* !ree)AS3D nor is there an8 sort o* -o"ume importer 8et that wi"" preser-e data on e5istin% -o"umes. Attemptin% to up%rade *rom #.. wi"" resu"t in the "oss o* 8our con*i%uration and data. :he ima%e si6e was increased *rom 14 to 24 ;etween 8.#1B <:A2 and 8.#.1B <:A3. -9IS 5/A*S -9A- A 72I 237RAD/ FR'5 A* /AR.I/R >#? 4/RSI'* -' A* >#<#@!&/-AA 'R 9I79/R 4/RSI'* :I.. FAI.# Howe-erD a C& up%rade wi"" succeed and wi"" sa-e a"" o* 8our con*i%uration settin%s. I* 8ou are una;"e to per*orm a C& up%radeD 8ou wi"" need toI 1K ;ac'up 8our FreeNAS 8.0.3 Guide Page 2$ of 164

con*i%uration usin% S8stem BR Settin%s BR 4enera" BR Sa-e Con*i%M 2K per*orm a *u"" insta""M and 3K restore 8our con*i%uration usin% S8stem BR Settin%s BR 4enera" BR Up"oad Con*i%. :he 4UI up%rade can ;e used to up%rade a s8stem *rom <:A3 to <:A$. e%innin% with !ree)AS3 8.#D !ree)AS3 supports two operatin% s8stems on the operatin% s8stem de-iceI the current Srunnin%T operatin% s8stem andD i* 8ou ha-e per*ormed an up%radeD 8our pre-ious -ersion o* the operatin% s8stem. 0hen 8ou up%radeD !ree)AS3 automatica""8 ;ac's up 8our con*i%uration and preser-es the initia" operatin% s8stem. :his means that it is eas8 to ro"";ac' to the pre-ious -ersion and its con*i%uration shou"d 8ou e5perience a pro;"em with the up%raded -ersion. :he up%rade automatica""8 con*i%ures the s8stem to ;oot *rom the new operatin% s8stemM a ro"";ac' con*i%ures the s8stem to ;oot *rom the pre-ious operatin% s8stem. Shou"d 8ou e-er ;e una;"e to ;oot into a new"8 up%raded operatin% s8stemD simp"8 se"ect F2 at the !R<<)AS3 conso"e when 8ou see this screen at the -er8 ;e%innin% o* the ;oot processI
F1 FreeBSD F2 FreeBSD Boot: F1

:here are 2 wa8s to up%rade a !ree)AS3 8.5 s8stemI *rom the IS, or *rom the 56 *i"e. oth methods are descri;ed ;e"ow. 2.$.1 !sing t"e IS2

:o up%rade *rom the C&R,MD down"oad the "atest -ersion o* the IS, ima%e that matches the architecture o* the s8stem J32 or +$ ;itK and ;urn it to a C&R,M. N2)3: the insta""er on the C&R,M wi"" reco%ni6e i* a pre-ious -ersion o* !ree)AS3 8.5 is a"read8 insta""edD meanin% the C&R,M can a"so ;e used to up%rade !ree)AS3. Howe-erD the insta""er can not per*orm an up%rade *rom a !ree)AS3 ..5 s8stem. Insert the C&R,M into the s8stem and ;oot *rom it. ,nce the media has *inished ;ootin% into the insta""ation menuD press enter to se"ect the de*au"t option o* P1 Insta""@Up%rade to hard dri-e@*"ash de-iceD etc.P As with a *resh insta""D the insta""er wi"" present a screen showin% a"" a-ai"a;"e dri-es Jsee !i%ure 2.2;KM se"ect the dri-e !ree)AS3 is insta""ed into and press enter. :he insta""er wi"" reco%ni6e that an ear"ier -ersion o* !ree)AS3 is insta""ed on the dri-e and wi"" present the messa%e shown in !i%ure 2.(a. I* 8ou se"ect ), at this screenD the insta""er wi"" do a *resh insta"" o* the -ersion on the C& rather than up%radin% the pre-ious -ersion. :o up%radeD press enter to accept the de*au"t o* Ees. A%ainD the insta""er wi"" remind 8ou that the operatin% s8stem shou"d ;e insta""ed on a thum; dri-e Jseen in !i%ure 2.2cK. ?ress enter to start the up%rade. ,nce the insta""er has *inished unpac'in% the new ima%eD 8ou wi"" see the menu shown in !i%ure 2.(;. :he data;ase *i"e that is preser-ed and mi%rated contains 8our !ree)AS3 con*i%uration settin%s. ?ress enter and !ree)AS3 wi"" indicate that the up%rade is comp"ete and that 8ou shou"d re;ootD as seen in !i%ure 2.(c.

FreeNAS 8.0.3 Guide

Page 26 of 164

Figure 2.$a: !#grading a FreeNAS Insta ation

Figure 2.$': FreeNAS -i Preser+e and 1igrate Settings

FreeNAS 8.0.3 Guide

Page 2( of 164

Figure 2.$c: !#grade is &o0# ete

2.$.2

Fro0 t"e G!I

e*ore up%radin% !ree)AS3I 1. &own"oad the .&/0$1u+grade&'2 ima%e *i"e that matches 8our architectureM down"oad this *i"e to the computer that 8ou use to access the !ree)AS3 s8stem. 2. &own"oad the Re"ease)otes *or that -ersionM towards the ;ottom 8ou wi"" *ind the SHA2(+ hash *or the .&/0$1u+grade&'2 ima%e *i"e. 3. ac'up the !ree)AS3 con*i%uration in S8stem BR Settin%s BR 4enera" BR Up"oad Con*i%. $. 0arn a"" networ' users that the !ree)AS3 shares wi"" ;e una-ai"a;"e durin% the up%radeM 8ou shou"d schedu"e the up%rade *or a time that wi"" "east impact users. (. Stop a"" ser-ices in Ser-ices BR Contro" Ser-ices. +. 4o to S8stem BR Settin%s BR Ad-ancedD chec' the ;o5 SShow conso"e messa%es in the *ooter JRequires UI re"oadKTD and re*resh 8our ;rowser. :his wa8 8ou can watch the pro%ress o* the up%rade unti" the *irst re;oot. :o per*orm the up%radeD %o to S8stem BR Settin%s BR Ad-anced BR !irmware Update as shown in !i%ure 2.(d.

FreeNAS 8.0.3 Guide

Page 28 of 164

Figure 2.$d: !#grading FreeNAS Fro0 t"e G!I

Use the dropBdown menu to se"ect a -o"ume to temporari"8 p"ace the *irmware *i"e durin% the up%radeD then c"ic' the Update ;utton. Eou wi"" ;e prompted to ;rowse to the "ocation o* the down"oaded .56 *i"e and to paste the SHA2(+ sum. :he SHA2(+ sum in the Re"ease)otes wi"" "oo' simi"ar to thisI
Filename: FreeNAS-8.0.3-RELEASE-x64-GUI_Upgrade.xz SHA256 Hash: cdcd02b2bc4cbd0b2bc92153ddc2f0f73780572f877789b21d6ef32135c7e3722b224

0hen *inishedD c"ic' the App"8 Update ;utton which wi"" chan%e to Pp"ease 0ait...P. ehind the scenesD the *o""owin% steps are occurrin%I the SHA2(+ hash is con*irmed and an error wi"" disp"a8 i* it does not matchM i* 8ou %et this errorD dou;"eBchec' that 8ou pasted the correct chec'sum and tr8 pastin% a%ain the new ima%e is uncompressed and written to the US compact or *"ash dri-eM this can ta'e 1# to 1( minutes so ;e patient once the new ima%e is writtenD 8ou wi"" momentari"8 "ose 8our connection as the !ree)AS3 s8stem wi"" automatica""8 re;oot into the new -ersion o* the operatin% s8stem !ree)AS3 wi"" actua""8 re;oot twiceI once the new operatin% s8stem "oads the up%rade process app"ies the new data;ase schema and re;oots a%ain assumin% a"" went we""D the !ree)AS3 s8stem wi"" recei-e the same I? *rom the &HC? ser-erM re*resh 8our ;rowser a*ter a moment to see i* 8ou access the s8stem FreeNAS 8.0.3 Guide Page 24 of 164

2.5.2.1

If Something Goes Wrong

I* the !ree)AS3 s8stem does not ;ecome a-ai"a;"e a*ter the up%radeD 8ou wi"" need ph8sica" access to the s8stem to *ind out what went wron%. !rom the conso"e menu 8ou can determine i* it recei-ed an I? address and use option P1K Con*i%ure )etwor' Inter*acesP i* it did not. I* this does not *i5 the pro;"emD %o into option P9K She""P and read the s8stem "o% with this commandI
more /var/log/messages

I* the pro;"em is not o;-ious or 8ou are unsure how to *i5 itD see section 1# !ree)AS Support Resources. I* the s8stem remains inaccessi;"e and 8ou wish to re-ert ;ac' to the pre-ious insta""ationD t8pe re'oot *rom the she"" or se"ect P1#K Re;ootP *rom the conso"e menu. 0atch the ;oot screens and press !2 when 8ou see this menuI
F1 FreeBSD F2 FreeBSD Boot: F1

Section 2: Using the Graphical Interface

:his section o* the 4uide descri;es a"" o* the con*i%uration screens a-ai"a;"e within the !ree)AS3 %raphica" administrati-e inter*ace. :he screens are "isted in the order that the8 appear within the treeD or the "e*t *rame o* the 4UI. N2)3: It is important to use the 4UI Jor the conso"eK *or a"" con*i%uration chan%es. !ree)AS3 uses a con*i%uration data;ase to store its settin%s. 0hi"e 8ou can use the command "ine to modi*8 8our con*i%urationD chan%es made at the command "ine are not written to the con*i%uration data;ase. :his means that an8 chan%es made at the command "ine wi"" not persist a*ter a re;oot and wi"" ;e o-erwritten ;8 the -a"ues in the con*i%uration data;ase durin% an up%rade.

Account &onfiguration

:he account section o* the 4UI a""ows 8ou to chan%e the administrati-e password and mana%e users and %roups. !ree)AS3 supports usersD %roupsD and permissionsD a""owin% %reat *"e5i;i"it8 in con*i%urin% which users ha-e access to the data stored on !ree)AS.3 e*ore 8ou can assi%n permissions which wi"" ;e used ;8 sharesD 8ou wi"" need to do one o* the *o""owin%I 1. Create one %uest account that a"" users wi"" use. ,R 2. Create a user account *or e-er8 user in the networ' where the name o* each account is the same as a "o%on name used on a computer. !or e5amp"eD i* a 0indows s8stem has a "o%in name o* ;o;smithD 8ou shou"d create a user account with the name ;o;smith on !ree)AS3. I* 8our intent is to assi%n %roups o* users di**erent permissions to sharesD 8ou wi"" need to a"so create %roups and assi%n users to the %roups. ,R 3. I* 8our networ' uses Acti-e &irector8 to mana%e user accounts and permissionsD ena;"e the Acti-e &irector8 ser-ice. FreeNAS 8.0.3 Guide Page 30 of 164

:his section descri;es how to mana%e the administrati-e accountD usersD and %roups usin% the !ree)AS3 4UI.

3.1

1* Account

8 de*au"t no password is required to access the !ree)AS3 administrati-e inter*ace usin% the ;ui"tBin admin account. !or securit8 reasonsD 8ou shou"d immediate"8 chan%e the de*au"t administrati-e account name and set a password *or that account. :o chan%e the administrati-e account nameD %o to Account BR M8 Account BR Chan%e Admin User. :his wi"" open the screen shown in !i%ure 3.1a. Figure 3.1a: &"anging t"e FreeNAS Ad0inistrati+e Account

Rep"ace admin with the name o* the account that wi"" ;e used to "o%in to the !ree)AS3 s8stem. :he !irst and 7ast name *ie"ds are optiona". C"ic' the Chan%e Admin User to sa-e 8our chan%es. N2)3: in !ree)AS3 the administrati-e account is not the same as the root user account. :he administrati-e account is used to access the %raphica" administrati-e inter*ace. :his separation ma'es it possi;"e to disa;"e root "o%ins whi"e maintainin% the a;i"it8 o* "o%%in% into the %raphica" administrati-e inter*ace. :o chan%e the password o* the administrati-e accountD c"ic' on Account BR M8 Account BR Chan%e ?assword. :his wi"" open the screen shown in !i%ure 3.1;.

FreeNAS 8.0.3 Guide

Page 31 of 164

Figure 3.1': Setting t"e FreeNAS Ad0inistrati+e Pass-ord

Since there is no de*au"t passwordD "ea-e the o"d password *ie"d ;"an'. :8pe in and con*irm the password which wi"" ;e used when accessin% the %raphica" administrati-e inter*ace. I* 8ou wish to a""ow root "o%ins usin% the same passwordD "ea-e the PChan%e root password as we""P ;o5 chec'ed. I* 8ou wish to use a di**erent root passwordD unchec' this ;o5 and set the root password in Account BR Users BR >iew A"" Users BR root BR Chan%e ?assword.

3.2

Grou#s

:he 4roups inter*ace a""ows 8ou to mana%e U)I9Bst8"e %roups on the !ree)AS3 s8stem. Creatin% a share that wi"" ;e accessed ;8 some users ;ut not others is a three step processI 1. Create a user account *or each user in Account BR Users BR Add User. 2. Add the user accounts to a %roup that 8ou create in Account BR 4roups BR Add 4roup. 3. In Stora%e BR create a -o"ume or /!S dataset and assi%n permission to the %roup *or that -o"ume or dataset. :his section descri;es step 2 or how to create the %roup and assi%n it user accounts. :he ne5t section wi"" descri;e step 1 or how to create user accounts. Section +.3 >o"umes descri;es step 3 or how to create -o"umes@datasets and set their permissions. I* 8ou c"ic' 4roups BR >iew A"" 4roupsD 8ou wi"" see a screen simi"ar to !i%ure 3.2a.

FreeNAS 8.0.3 Guide

Page 32 of 164

Figure 3.2a: FreeNAS Grou#s 1anage0ent

A"" %roups that came with the operatin% s8stem wi"" ;e "isted and the screen wi"" indicate i* an8 additiona" %roups ha-e ;een de*ined ;8 the administrator. <ach %roup has an entr8 indicatin% the %roup I& and %roup nameM c"ic' the %roup1s Mem;ers ;utton to -iew and modi*8 that %roup1s mem;ership. I* 8ou c"ic' the Add )ew 4roup ;uttonD 8ou wi"" ;e prompted to enter the %roup1s name. :he ne5t a-ai"a;"e %roup I& wi"" ;e su%%ested *or 8ouD thou%h 8ou can chan%e it to another -a"ue. 8 con-entionD U)I9 %roups containin% user accounts ha-e an I& %reater than 1### and %roups required ;8 a ser-ice ha-e an I& equa" to the de*au"t port num;er used ;8 the ser-ice Je.%. the sshd %roup has an I& o* 22K. ,nce the %roup and users are createdD assi%n the users as mem;ers to the %roup. In the e5amp"e shown in !i%ure 3.2;D a %roup ca""ed data1 has ;een created and a user account named user1 has a"so ;een created. C"ic' on >iew A"" 4roups then the Mem;ers ;utton *or the %roup 8ou wish to assi%n users to. Hi%h"i%ht the user in the Mem;er users "ist Jwhich shows a"" user accounts on the s8stemK and c"ic' the RR to mo-e that user to the ri%ht *rame. 0hate-er user accounts appear in the ri%ht *rame wi"" ;e mem;ers o* that %roup.

FreeNAS 8.0.3 Guide

Page 33 of 164

Figure 3.2': Assigning a !ser as a 1e0'er of a Grou#

3.3

!sers

I* 8ou wish to set permissions on 8our -o"umes or datasetsD 8ou wi"" need to create at "east one user account and assi%n that user account the required permissions. I* 8ou a"so wish to create %roups to mana%e permissionsD 8ou shou"d create the user accounts *irstD then assi%n the accounts as mem;ers o* the %roups. :his section demonstrates how to create a user account. I* 8ou c"ic' Account BR Users BR >iew A"" UsersD 8ou wi"" see a "istin% o* a"" o* the user accounts that were created with the !ree)AS3 s8stemD as shown in !i%ure 3.3aI Figure 3.3a: 1anaging !ser Accounts

FreeNAS 8.0.3 Guide

Page 34 of 164

<ach account entr8 indicates the user I&D account nameD de*au"t %roupD home director8D de*au"t she""D and o**ers ;uttons to chan%e the user1s passwordD the user1s account settin%sD and emai" address. <-er8 user accountD e5cept *or the root userD that came with the !ree)AS3 s8stem is a s8stem account. :his means that it is used ;8 a ser-ice and shou"d not ;e a-ai"a;"e *or use as a "o%in account. !or this reasonD the de*au"t she"" is no"o%inJ8K. !or securit8 reasons Jand to pre-ent ;rea'a%e o* s8stem ser-icesK 8ou shou"d not modi*8 the s8stem accounts. )IP: *or securit8 reasonsD 8ou shou"d chan%e the root password *rom the de*au"t -a"ue. :o create a user accountD c"ic' the Add )ew User ;utton to open the screen shown in !i%ure 3.3;. :a;"e 3.3a summari6es the options a-ai"a;"e in this screen. Figure 3.3': Adding a !ser Account

)a' e 3.3a: !ser Account &onfiguration Setting User I& :a ue inte%er 6escri#tion can accept de*au"tM ;8 con-entionD user accounts ha-e an I& %reater than 1### and s8stem accounts ha-e an I& equa" to the de*au"t port num;er used ;8 the ser-ice ma5imum 3# charactersD can inc"ude numera"sD can not inc"ude a spaceM due to a "imitation in !ree S&D usernames that e5ceed 1. characters are una;"e to create cron Go;s or ;e used in rs8nc tas's Page 3$ of 164

Username

strin%

FreeNAS 8.0.3 Guide

Setting

6escri#tion i* "e*t empt8 this wi"" create a %roup with the same nameM don1t add to dropBdown whee" %roup un"ess 8ou mean to %i-e superuser accessM don1t add to a ?rimar8 4roup menu s8stem %roup un"ess 8ou are creatin% a s8stem account required ;8 that %roup needs to ;e chan%ed to the name o* an e5istin% -o"ume or dataset that the Home &irector8 strin% user wi"" ;e assi%ned permission to access dropBdown i* creatin% a s8stem accountD choose no"o%inM i* creatin% a user accountD She"" menu se"ect she"" o* choice !u"" )ame strin% mandator8D ma8 contain spaces ?assword strin% mandator8 un"ess chec' ;o5 to disa;"e "o%ins ?assword strin% must match ?assword con*irmation chec' this ;o5 *or s8stem accounts and *or user accounts who aren1t &isa;"e "o%ins chec';o5 a""owed to "o%in to the !ree)AS3 s8stem paste the user1s #u' ic 'e8 which can ;e used *or SSH authentication Jdo SSH ?u;"ic 2e8 strin% not paste the pri-ate 'e8VK a chec'ed ;o5 pre-ents user *rom "o%%in% in unti" the account is un"oc'ed 7oc' user chec';o5 J;o5 is unchec'edK

:a ue

S*ste0 &onfiguration
.e#orting: pro-ides reports and %raphs monitorin% the s8stem1s C?UD dis' capacit8 and other metrics. Settings: used to con*i%ure s8stem wide settin%s such as time6oneD emai" setupD H::?S access and *irmware up%rades. S*ste0 infor0ation: pro-ides %enera" !ree)AS3 s8stem in*ormation such as hostnameD operatin% s8stem -ersionD p"at*orm and uptime. &ronEo's: pro-ides a %raphica" *rontBend to cronta;J(K. .s*nc )as7s: a""ows 8ou to schedu"e rs8nc tas's. S.1.A...). )ests: a""ows 8ou to schedu"e which S.M.A.R.:. tests to run on a perBdis' ;asis.

:he S8stem icon contains the *o""owin% ta;sI

<ach o* these is descri;ed in more detai" in this section.

FreeNAS 8.0.3 Guide

Page 36 of 164

4.1

.e#orting

I* 8ou c"ic' the Reportin% ta;D se-era" %raphs wi"" "oad as seen in the e5amp"e in !i%ure $.1a. Figure 4.1a: .e#orting Gra#"s S"o-ing t"e Boad on t"e S*ste0

:he %raphs wi"" disp"a8 the current inter*ace tra**ic J*or each con*i%ured inter*aceKD C?U usa%eD ph8sica" memor8 uti"i6ationD s8stem "oadD processesD swap uti"i6ationD and dis' space J*or each con*i%ured -o"umeK. Reportin% data is sa-edD a""owin% 8ou to -iew and monitor usa%e trends hour"8D dai"8D wee'"8D month"8D and 8ear"8.

4.2

Settings

:he Settin%s ta;D shown in !i%ure $.2aD contains $ ta;sI 4enera"D Ad-ancedD <mai"D and SS7.

FreeNAS 8.0.3 Guide

Page 3( of 164

Figure 4.2a: Genera )a' of Settings

4.2.1

Genera )a'

:a;"e $.2a summari6es the settin%s that can ;e con*i%ured usin% the 4enera" ta;I )a' e 4.2a: Genera )a'<s &onfiguration Settings Setting ?rotoco" 0e;4UI Address 0e;4UI ?ort :a ue 6escri#tion dropBdown protoco" to use when connectin% to the administrati-e 4UI *rom a ;rowser menu choose *rom a "ist o* recent I? addresses *or the one to use when accessin% the dropBdown administrati-e 4UIM the ;ui"tBin H::? ser-er wi"" automatica""8 ;ind to the menu wi"dcard address o* #.#.#.# Jan8 addressK i* the con*i%ured address ;ecomes una-ai"a;"e and issue an a"ert a""ows 8ou to con*i%ure a nonBstandard port *or accessin% the administrati-e inte%er 4UI Page 38 of 164

FreeNAS 8.0.3 Guide

Setting

:a ue dropBdown 7an%ua%e menu dropBdown :ime6one menu ):? ser-er strin% S8s"o% ser-er I? address

6escri#tion se"ect the "oca"i6ation *rom the dropBdown menuM requires a ;rowser re"oadM 8ou can -iew the status o* "oca"i6ation at poot"e.*reenas.or% se"ect the time6one *rom the dropBdown menu input the I? address or name o* up to 3 ):? ser-ersM options *rom ntp.con*J(K such as Si;urst ma5po"" 9T can ;e inc"uded a""ows 8ou to send !ree)AS3 "o%s to speci*ied remote s8s"o% ser-er

I* 8ou ma'e an8 chan%esD c"ic' the Sa-e ;utton. :his ta; a"so contains the *o""owin% three ;uttonsI Factor* .estore: rep"aces current con*i%uration with the *actor8 de*au"t. :his means that a"" o* 8our customi6ations wi"" ;e erasedD ;ut can ;e hand8 i* 8ou mess up 8our s8stem or wish to return a test s8stem to the ori%ina" con*i%uration. Sa+e &onfig: a""ows 8ou to ;rowse to "ocation to ma'e a ;ac'up cop8 o* the current con*i%uration in the *ormat hostname3444455DDhhmmss&d!. Eou shou"d a"wa8s do this ;e*ore up%radin% 8our s8stem. !# oad &onfig: a""ows 8ou to ;rowse to "ocation o* sa-ed con*i%uration *i"e in order to restore that con*i%uration. N2)3: I* 8ou intend to recreate -o"umes and restore the de*au"t con*i%urationD de"ete the -o"umes *irst in Stora%e BR >o"umes.

4.2.2

Ad+anced )a'

:he Ad-anced ta;D shown in !i%ure $.2;D a""ows 8ou to set some misce""aneous settin%s on the !ree)AS3 s8stem. :he con*i%ura;"e settin%s are summari6ed in :a;"e $.2;.

FreeNAS 8.0.3 Guide

Page 34 of 164

Figure 4.2': Ad+anced )a'

)a' e 4.2': Ad+anced )a'<s &onfiguration Settings Setting <na;"e Conso"e Menu Use Seria" Conso"e <na;"e screen sa-er <na;"e powerd J?ower Sa-in% &aemonK Swap si6e :a ue chec';o5 chec';o5 chec';o5 chec';o5 nonB6ero inte%er representin% 4 6escri#tion unchec'in% this ;o5 remo-es the conso"e menu shown in !i%ure 2.$a do not chec' this ;o5 i* 8our seria" port is disa;"ed ena;"es@disa;"es the conso"e screen sa-er Jsee tic'et (++K used to spin down dis'sD see powerdJ8KM this *orum post demonstrates how to determine i* a dri-e has spun down e**ects new dis's on"8 requires 8ou to re*resh ;rowserM wi"" disp"a8 conso"e messa%es in rea" time at ;ottom o* ;rowser ena;"e this when trou;"eshootin% to %et more dia%nostic in*ormation to disp"a8 in a 4UI error messa%e input the messa%e 8ou wish to ;e seen when user "o%s in -ia SSH

Show conso"e messa%es in chec';o5 the *ooter Show trace;ac's in case o* chec';o5 *ata" errors M,:& ;anner strin%

I* 8ou ma'e an8 chan%esD c"ic' the Sa-e ;utton. :his ta; a"so contains the *o""owin% ;uttonsI .e'ui d B6APFA6 &ac"e: c"ic' i* 8ou add a user to A& who needs immediate access to !ree)AS3M otherwise this occurs automatica""8 once a da8 as a cron Go;. FreeNAS 8.0.3 Guide Page 40 of 164

Sa+e 6e'ug: creates a te5t *i"e o* dia%nostic in*ormation which inc"udes the !ree)AS3 -ersionD the status o* a"" ser-ices and their settin%sD the contents o* a"" X.con* *i"esD the de;u% "o%D and hardware in*ormation. Fir0-are !#date: used to Up%rade !ree)AS3. See section 2.(.2 Up%radin% !ree)AS3 !rom the 4UI *or detai"s. A## * Ser+ice Pac7: *uture -ersions o* !ree)AS3 wi"" pro-ide ser-ice pac's to address ;u%s and securit8 *i5es. 4.2.3 30ai )a'

:he <mai" ta;D shown in !i%ure $.2cD is used to con*i%ure the emai" settin%s on the !ree)AS3 s8stem. :a;"e $.2c summari6es the settin%s that can ;e con*i%ured usin% the <mai" ta;. Figure 4.2c: 30ai )a'

)a' e 4.2c: 30ai )a'<s &onfiguration Settings Setting :a ue 6escri#tion the Fro0 emai" address to ;e used when sendin% emai" noti*icationsM the )o emai" address is sent to the root user account and 8ou can set that emai" address ;8 c"ic'in% the Chan%e <Bmai" ;utton *or the root account in Accounts BR Users BR >iew A"" Users

!rom emai"

strin%

,ut%oin% mai" ser-er

strin% or I? address hostname or I? address o* SM:? ser-er Page 41 of 164

FreeNAS 8.0.3 Guide

Setting ?ort to connect to :7S@SS7 Use SM:? Authentication Username ?assword Send :est Mai"

:a ue inte%er dropBdown menu chec';o5 strin% strin% ;utton

6escri#tion SM:? port num;erD t8pica""8 2(D $+( Jsecure SM:?KD or (8. Jsu;missionK encr8ption t8peM choices are p"ainD SS7D or :7S ena;"es@disa;"es SM:? AU:H usin% ?7AI) SAS7 used to authenticate with SM:? ser-er used to authenticate with SM:? ser-er c"ic' to chec' that con*i%ured emai" settin%s are wor'in%M this wi"" *ai" i* 8ou do not set the )o emai" address *irst

4.2.4

SSB )a'

&urin% insta""ationD an unsi%ned RSA certi*icate and 'e8 are autoB%enerated *or 8ou. Eou can -iew these in S8stem BR Settin%s BR SS7D as seen in !i%ure $.2d. I* 8ou a"read8 ha-e 8our own si%ned certi*icate that 8ou wish to use *or SS7@:7S connectionsD rep"ace the -a"ues in the SS7 certi*icate *ie"d with a cop8@paste o* 8our own 'e8 and certi*icate. :he certi*icate can ;e used to secure the H::? connection Jena;"ed in the Settin%s BR 4enera" :a;K to the !ree)AS3 s8stemD as we"" as to secure !:? connections Jdescri;ed in section 8.+.$ <ncr8ptin% !:?K. :a;"e $.2d summari6es the settin%s that can ;e con*i%ured usin% the SS7 ta;. :his howto shows how to %enerate a certi*icate usin% ,penSS7 and pro-ides some e5amp"es *or the -a"ues shown in :a;"e $.2d. Figure 4.2d: SSB )a'

FreeNAS 8.0.3 Guide

Page 42 of 164

)a' e 4.2d: SSB )a'<s &onfiguration Settings Setting ,r%ani6ation ,r%ani6ationa" Unit <mai" Address 7oca"it8 State Countr8 Common )ame SS7 Certi*icate :a ue strin% strin% strin% strin% strin% strin% strin% 6escri#tion optiona" optiona" optiona" optiona" optiona" optiona" optiona" paste the RSA pri-ate 'e8 and strin% certi*icate into the ;o5

4.3

S*ste0 Infor0ation

:he s8stem in*ormation ta; wi"" disp"a8 %enera" in*ormation a;out the !ree)AS3 s8stem. :he in*ormation inc"udes the hostnameD under"8in% !ree S& -ersionD t8pe o* C?U Jp"at*ormKD the amount o* memor8D the current s8stem timeD the s8stem1s uptimeD the current "oad a-era%eD and the !ree)AS3 ;ui"d -ersion. An e5amp"e is seen in !i%ure $.3aI Figure 4.3a: S*ste0 Infor0ation )a'

FreeNAS 8.0.3 Guide

Page 43 of 164

4.4

&ron Eo's

cronJ8K is a daemon that runs a command or script on a re%u"ar schedu"e as a speci*ied user. :8pica""8D the user who wishes to schedu"e a tas' manua""8 creates a cronta;J(K usin% s8nta5 that can ;e perp"e5in% to new Uni5 users. :he !ree)AS3 4UI ma'es it eas8 to schedu"e when 8ou wou"d "i'e the tas' to occur. N2)3: due to a "imitation in !ree S&D users with account names that e5ceed 1. characters are una;"e to create cron Go;s. !i%ure $.$a shows the screen that opens when 8ou c"ic' S8stem BR Cron =o;s BR Add Cron =o;. Figure 4.4a: &reating a &ron Eo'

:a;"e $.$a summari6es the con*i%ura;"e options when creatin% a cron Go;. )a' e 4.4a: &ron Eo' 2#tions Setting User :a ue 6escri#tion ma'e sure the se"ected user has permission to run the speci*ied dropBdown menu command or script Page 44 of 164

FreeNAS 8.0.3 Guide

Setting Command

:a ue strin%

&escription strin% s"ider or Minute chec';o5es s"ider or Hour chec';o5es &a8 o* s"ider or month chec';o5es s"ider or Month chec';o5es s"ider or &a8 o* wee' chec';o5es <na;"ed chec';o5

6escri#tion the *u"" path to the command or script to ;e runM i* it is a scriptD test it at the command "ine *irst to ma'e sure that it wor's as e5pected optiona" i* use the s"iderD cron Go; occurs e-er8 ) minutesM i* use chec' ;o5esD cron Go; occurs at the se"ected moments i* use the s"iderD cron Go; occurs e-er8 ) hoursM i* use chec' ;o5esD cron Go; occurs at the se"ected hours i* use the s"iderD cron Go; occurs e-er8 ) da8sM i* use chec' ;o5esD cron Go; occurs on the se"ected da8s o* the se"ected months i* use the s"iderD cron Go; occurs e-er8 ) monthsM i* use chec' ;o5esD cron Go; occurs on the se"ected months i* use the s"iderD cron Go; occurs e-er8 ) da8sM i* use chec' ;o5esD cron Go; occurs on the se"ected da8s unchec' i* 8ou wou"d "i'e to disa;"e the cron Go; without de"etin% it

4.$

Boaders

0hen a !ree S&B;ased s8stem ;ootsD "oader.con*J(K is read to determine i* an8 parameters shou"d ;e passed to the 'erne" or i* an8 additiona" 'erne" modu"es Jsuch as dri-ersK shou"d ;e "oaded. Since "oader -a"ues are speci*ic to the 'erne" parameter or dri-er to ;e "oadedD descriptions can ;e *ound in the man pa%e *or the speci*ied dri-er and in man8 sections o* the !ree S& Hand;oo'. e%innin% with -ersion 8.#.3D !ree)AS3 pro-ides a %raphica" inter*ace *or mana%in% "oader -a"ues. :his ad-anced *unctiona"it8 is intended to ma'e it easier to "oad additiona" 'erne" modu"es at ;oot time. A t8pica" usa%e wou"d ;e to "oad a !ree S& hardware dri-er that does not automatica""8 "oad a*ter a !ree)AS3 insta""ation. :he de*au"t !ree)AS3 ima%e does not "oad e-er8 possi;"e hardware dri-er. :his is a necessar8 e-i" as some dri-ers con*"ict with one another or cause sta;i"it8 issuesD some are rare"8 usedD and some dri-ers Gust don1t ;e"on% on a standard )AS s8stem. I* 8ou need a dri-er that is not automatica""8 "oadedD 8ou need to add a "oader. 6ANG3.: chan%in% the -a"ue o* a "oader is an ad-anced *eature that cou"d ad-erse"8 e**ect the a;i"it8 o* the !ree)AS3 s8stem to success*u""8 ;oot. It is $ery i portant that 8ou do not ha-e a t8po when addin% a "oader -a"ue as this cou"d ha"t the ;oot process. !i5in% this pro;"em requires ph8sica" access to the !ree)AS3 s8stem and 'now"ed%e o* how to use the ;oot "oader prompt as descri;ed in section $.(.1 Reco-erin% !rom Incorrect 7oaders. :his means that 8ou shou"d a"wa8s test the impact o* an8 chan%es on a test s8stem *irst. Additiona""8D certain chan%es cou"d ma'e 8our s8stem unsupporta;"e ;8 the !ree)AS3 team and can ;rea' assumptions made ;8 the so*tware. Some e5amp"es inc"udeI settin% 'erne" tuna;"es to ar;itrari"8 "ow or hi%h "imitsD e.%. 'ern.h6Y1 or 'ern.h6Y1##### disa;"in% or ena;"in% certain *eatures such as -*s.6*s.6i"Udisa;"eY1 o-erridin% de*au"t "oader -a"uesD un"ess directed to do so ;8 an de-e"oper a**i"iated with the FreeNAS 8.0.3 Guide Page 4$ of 164

!ree)AS3 proGect :o add a "oader -a"ueD %o to S8stem BR 7oaders BR Add 7oaderD as seen in !i%ure $.(a. Figure 4.$a: Adding a Boader :a ue

:a;"e $.(a summari6es the options when addin% a "oader. )a' e 4.$a: Adding a Boader Setting >aria;"e :a ue strin% inte%er or >a"ue strin% Comment strin% 6escri#tion t8pica""8 the name o* the dri-er to "oadD as indicated ;8 its man pa%e -a"ue to associate with -aria;"eM t8pica""8 this is set to 46S to ena;"e the dri-er speci*ed ;8 the -aria;"e optiona"D ;ut a use*u" reminder *or the reason ;ehind addin% this "oader

:he chan%es 8ou ma'e wi"" not ta'e e**ect unti" the s8stem is re;ooted as "oader settin%s are on"8 read when the 'erne" is "oaded at ;oot time. As "on% as the "oader e5istsD 8our chan%es wi"" persist at each ;oot and across up%rades. An8 "oaders that 8ou add wi"" ;e "isted in S8stem BR 7oaders BR >iew 7oaders. :o chan%e the -a"ue o* a "oaderD c"ic' its <dit ;utton. :o remo-e a "oaderD c"ic' its &e"ete ;utton. At this timeD the 4UI does not disp"a8 the "oaderss that are preBset in the insta""ation ima%e. !ree)AS3 8.#.3 ships with the *o""owin% "oaders setI
autoboot_delay="2" loader_logo="freenas" kern.cam.boot_delay=10000 fuse_load="YES" geom_mirror_load="YES" geom_stripe_load="YES" geom_raid3_load="YES" geom_gate_load="YES" debug.debugger_on_panic=1 hw.hptrr.attach_generic=0

FreeNAS 8.0.3 Guide

Page 46 of 164

Eou shou"d not add or edit the de*au"t "oaders in the 4UI as doin% so wi"" o-erwrite the de*au"t -a"ues which ma8 render the s8stem unusa;"e. 4.$.1 .eco+ering Fro0 Incorrect Boaders

I* a "oader is pre-entin% the s8stem *rom ;ootin%D 8ou wi"" need ph8sica" access to the !ree)AS3 s8stem. 0atch the ;oot messa%es and press the num;er + 'e8 to se"ect P+. <scape to "oader promptP when 8ou see the !ree)AS3 ;oot menu shown in !i%ure $.(;. Figure 4.$': FreeNAS 5oot 1enu

:he ;oot "oader prompt pro-ides a minima" set o* commands descri;ed in "oaderJ8K. ,nce at the promptD use the unset command to disa;"e a pro;"ematic -a"ueD the set command to modi*8 the pro;"ematic -a"ueD or the un oad command to pre-ent the pro;"ematic dri-er *rom "oadin%. <5amp"e $.(a demonstrates se-era" e5amp"es usin% these commands at the ;oot "oader prompt. :he *irst command disa;"es the current -a"ue associated with the 'ern.ipc.nm;c"usters MI and wi"" *ai" with a Pno such *i"e or director8P error messa%e i* a current "oader does not e5ist to set this -a"ue. :he second command disa;"es AC?I. :he third command instructs the s8stem not to "oad the *use dri-er. 0hen *inishedD t8pe 'oot to continue the ;oot process. 3,a0# e 4.$a: Sa0# e &o00ands at t"e 5oot Boader Pro0#t
Type '?' for a list of commands, 'help' for more detailed help. OK unset kern.ipc.nmbclusters OK set hint.acpi.0.disabled=1 OK unload fuse OK boot

An8 chan%es made at the ;oot "oader prompt on"8 e**ect the current ;oot. :his means that 8ou need to FreeNAS 8.0.3 Guide Page 4( of 164

edit or remo-e the pro;"ematic "oader in S8stem BR 7oaders BR >iew 7oaders to ma'e 8our chan%e permanent and to pre-ent *uture ;oot errors.

4.6

.s*nc )as7s

Rs8nc is a uti"it8 that automatica""8 copies speci*ied data *rom one s8stem to another o-er a networ'. ,nce the initia" data is copiedD rs8nc reduces the amount o* data sent o-er the networ' ;8 sendin% on"8 the di**erences ;etween the source and destination *i"es. Rs8nc can ;e used *or ;ac'upsD mirrorin% data on mu"tip"e s8stemsD or *or cop8in% *i"es ;etween s8stems. :o con*i%ure rs8ncD 8ou need to con*i%ure ;oth ends o* the connectionI t"e rs*nc ser+er: this s8stem pu""s Jrecei-esK the data. In the !ree)AS3 4UID the ser-er is con*i%ured in Ser-ices BR Rs8nc. t"e rs*nc c ient: this s8stem pushes JsendsK the data. In the !ree)AS3 4UID the c"ient is con*i%ured in S8stem BR Rs8nc :as's. :his section summari6es the options when creatin% an Rs8nc :as'. It then pro-ides a con*i%uration e5amp"e *or settin% up rs8nc ;etween two !ree)AS3 s8stems. 4.6.1 &reating an .s*nc )as7

!i%ure $.+a shows the screen that appears when 8ou c"ic' S8stem BR Rs8nc :as's BR Add Rs8nc :as'. :a;"e $.+a summari6es the options that can ;e con*i%ured when creatin% an rs8nc tas'. Figure 4.6a: Adding an .s*nc )as7

FreeNAS 8.0.3 Guide

Page 48 of 164

)a' e 4.6a: .s*nc &onfiguration 2#tions Setting ?ath Remote Host Remote Modu"e )ame Short &escription Minute Hour &a8 o* month Month &a8 o* wee' User Recursi-e :imes Compress :a ue 6escri#tion rowse ;utton se"ect the -o"ume@dataset@director8 that 8ou wish to cop8 strin% I? address or hostname o* the remote s8stem that wi"" store the cop8 name must ;e de*ined in rs8ncd.con*J(K o* rs8nc ser-er or in Rs8nc strin% Modu"e o* another !ree)AS3 s8stem strin% s"ider or chec';o5es s"ider or chec';o5es s"ider or chec';o5es chec';o5es chec';o5es dropBdown menu chec';o5 chec';o5 chec';o5 optiona" i* use the s"iderD s8nc occurs e-er8 ) minutesM i* use chec' ;o5esD s8nc occurs at the se"ected moments i* use the s"iderD s8nc occurs e-er8 ) hoursM i* use chec' ;o5esD s8nc occurs at the se"ected hours i* use the s"iderD s8nc occurs e-er8 ) da8sM i* use chec' ;o5esD s8nc occurs on the se"ected da8s tas' occurs on the se"ected months tas' occurs on the se"ected da8s o* the wee' speci*ied user must ha-e permission to write to the speci*ied director8 on the remote s8stemM due to a "imitation in !ree S&D the user name can not e5ceed 1. characters i* chec'edD cop8 wi"" inc"ude a"" su;directories o* the speci*ied -o"ume preser-e modi*ication times o* *i"es recommended on s"ow connections as reduces si6e o* data to ;e transmitted equi-a"ent to Br"pt%o& Jrecursi-eD cop8 s8m"in's as s8m"in'sD preser-e permissionsD preser-e modi*ication timesD preser-e %roupD preser-e owner JsuperBuser on"8KD and preser-e de-ice *i"es JsuperB user on"8K and specia" *i"esK de"ete e5traneous *i"es *rom destination director8 suppresses in*ormation messa%es *rom the remote ser-er preser-es *i"e permissions ;oth s8stems must support e5tended attri;utes rs8ncJ1K options not co-ered ;8 the 4UI

Archi-e &e"ete Auiet ?reser-e permissions ?reser-e e5tended attri;utes <5tra options

chec';o5 chec';o5 chec';o5 chec';o5 chec';o5 strin%

FreeNAS 8.0.3 Guide

Page 44 of 164

4.6.2

&onfiguring .s*nc 5et-een )-o FreeNAS S*ste0s

:his con*i%uration e5amp"e wi"" con*i%ure rs8nc ;etween the two *o""owin% !ree)AS3 s8stemsI 172&18%&2&2 has e5istin% data in -mnt-(o*a(-images. It wi"" ;e the rs8nc c"ientD meanin% that an rs8nc tas' needs to ;e de*ined. 172&18%&2&8 has an e5istin% -o"ume named -mnt-remote. It wi"" ;e the rs8nc ser-erD meanin% that it wi"" recei-e the contents o* -mnt-(o*a(-images. An rs8nc modu"e needs to ;e de*ined on this s8stem and the rs8ncd ser-ice needs to ;e started. ,n the c"ient s8stem J192.1+8.2.2KD an rs8nc tas' is de*ined in S8stem BR Rs8nc :as's BR Add Rs8nc :as' as shown in !i%ure $.+;. In this e5amp"eI the ?ath points to -usr-(o*a(-imagesD the director8 to ;e copied the Remote Host points to 172&18%&2&8D the I? address o* the rs8nc ser-er the Remote Modu"e )ame is !a*ku+sM this wi"" need to ;e de*ined on the rs8nc ser-er the rs8nc is schedu"ed to occur e-er8 1( minutes the User is set to root so it has permission to write an8where the ?reser-e ?ermissions chec';o5 is chec'ed so that the ori%ina" permissions are not o-erwritten ;8 the root user Figure 4.6': &onfiguring t"e .s*nc & ient

FreeNAS 8.0.3 Guide

Page $0 of 164

,n the ser-er s8stem J192.1+8.2.+KD an rs8nc modu"e is de*ined in Ser-ices BR Rs8nc Modu"es BR Add Rs8nc Modu"e as shown in !i%ure $.+c. In this e5amp"eI the Modu"e )ame is !a*ku+sM this needs to match the settin% on the rs8nc c"ient the ?ath is -mnt-remoteM a director8 ca""ed ima%es wi"" ;e created to ho"d the contents o* -usr-(o*a(-images the User is set to root so it has permission to write an8where Hosts a""ow is set to 172&18%&2&2D the I? address o* the rs8nc c"ient &escriptions o* the con*i%ura;"e options can ;e *ound in section 8.1(.2 Rs8nc Modu"es. :o *inish the con*i%urationD start the rs8nc ser-ice on the ser-er in Ser-ices BR Contro" Ser-ices. Figure 4.6c: &onfiguring t"e .s*nc Ser+er

4.(

S.1.A...). )ests

S.M.A.R.:. JSe"*BMonitorin%D Ana"8sis and Reportin% :echno"o%8K is a monitorin% s8stem *or computer hard dis' dri-es to detect and report on -arious indicators o* re"ia;i"it8. 0hen a *ai"ure is anticipated ;8 S.M.A.R.:.D the dri-e shou"d ;e rep"aced. Most modern A:AD I&< and SCSIB3 hard dri-es support S.M.A.R.:.BBre*er to 8our dri-e1s documentation i* 8ou are unsure. !i%ure $..a shows the con*i%uration screen that appears when 8ou c"ic' S8stem BR S.M.A.R.:. :ests BR FreeNAS 8.0.3 Guide Page $1 of 164

Add S.M.A.R.:. :est. Eou shou"d create a test *or each dri-e that 8ou wish to monitor. A*ter creatin% 8our testsD chec' the con*i%uration in Ser-ices BR S.M.A.R.:D then c"ic' the s"ider to ,) *or the S.M.A.R.: ser-ice in Ser-ices BR Contro" Ser-ices. N2)3: the S.M.A.R.: ser-ice wi"" not start i* 8ou ha-e not created an8 -o"umes. Figure 4.(a: Adding a S.1.A...) )est

:a;"e $..a summari6es the con*i%ura;"e options when creatin% a S.M.A.R.: test. )a' e 4.(a: S.1.A...) )est 2#tions Setting &is' :8pe Short description Hour &a8 o* month Month :a ue 6escri#tion dropBdown menu se"ect dis' to monitor se"ect t8pe o* "ist to runM see smartct"J8K *or a description o* each dropBdown menu t8pe o* test strin% s"ider or chec';o5es s"ider or chec';o5es chec';o5es optiona" i* use the s"iderD test occurs e-er8 ) hoursM i* use chec' ;o5esD test occurs at the se"ected hours i* use the s"iderD test occurs e-er8 ) da8sM i* use chec' ;o5esD test occurs on the se"ected da8s se"ect the months when 8ou wish the test to occur Page $2 of 164

FreeNAS 8.0.3 Guide

Setting &a8 o* wee'

:a ue chec';o5es

6escri#tion se"ect the da8s o* the wee' when 8ou wish the test to occur

4.8

S*sct s

s8sct"J8K is an inter*ace that is used to ma'e chan%es to the under"8in% !ree S& 'erne" runnin% on a !ree)AS3 s8stem. It can ;e used to tune the s8stem in order to meet the speci*ic needs o* a networ'. ,-er *i-e hundred s8stem -aria;"es can ;e set usin% s8sct"J8K. <ach -aria;"e is 'nown as a MI as it is comprised o* a dotted set o* components. Since these MI s are speci*ic to the 'erne" *eature that is ;ein% tunedD descriptions can ;e *ound in man8 !ree S& man pa%es Je.%. s8sct"J3KD tcpJ$K and tunin%J.KK and in man8 sections o* the !ree S& Hand;oo'. 6ANG3.: chan%in% the -a"ue o* a s8sct" MI is an ad-anced *eature that immediate"8 e**ects the 'erne" o* the !ree)AS3 s8stem. &o not chan%e a MI on a production s8stem un"ess 8ou understand the ca-eats associated with that chan%e. A ;ad"8 con*i%ured MI cou"d cause the s8stem to ;ecome un;oota;"eD unreacha;"e -ia the networ'D or can cause the s8stem to panic under "oad. Certain chan%es ma8 ma'e 8our s8stem unsupporta;"e ;8 the !ree)AS3 team and can ;rea' assumptions made ;8 the so*tware. :his means that 8ou shou"d a"wa8s test the impact o* an8 chan%es on a test s8stem *irst. e%innin% with -ersion 8.#.3D !ree)AS3 pro-ides a %raphica" inter*ace *or mana%in% s8sct" MI s. :o add a s8sct"D %o to S8stem BR S8sct"s BR Add S8sct"D shown in !i%ure $.8a. Figure 4.8a: Adding a S*sct

:a;"e $.8a summari6es the options when addin% a s8sct". )a' e 4.8a: Adding a S*sct Setting >aria;"e :a ue strin% inte%er or >a"ue strin% Comment strin% 6escri#tion must ;e in dotted *ormat e.%. 'ern.ipc.shmma5 -a"ue to associate with MI M do not ma'e this upD re*er to the su%%ested -a"ues in a man pa%eD !ree S& Hand;oo' pa%eD or tutoria" optiona"D ;ut a use*u" reminder *or the reason ;ehind usin% this MI @-a"ue

FreeNAS 8.0.3 Guide

Page $3 of 164

As soon as 8ou add or edit a s8sct"D the runnin% 'erne" wi"" chan%e that -aria;"e to the -a"ue 8ou speci*8. As "on% as the s8sct" e5istsD that -a"ue wi"" persist across re;oots and up%rades. An8 MI s that 8ou add wi"" ;e "isted in S8stem BR S8sct"s BR >iew S8sct"s. :o chan%e the -a"ue o* a MI D c"ic' its <dit ;utton. :o remo-e a MI D c"ic' its &e"ete ;utton. At this timeD the 4UI does not disp"a8 the s8sct" MI s that are preBset in the insta""ation ima%e. !ree)AS3 8.#.3 ships with the *o""owin% MI s setI
debug.debugger_on_panic=0 kern.metadelay=3 kern.dirdelay=4 kern.filedelay=5 kern.coredump=0

Eou shou"d not add the de*au"t MI s as s8sct"s as doin% so wi"" o-erwrite the de*au"t -a"ues which ma8 render the s8stem unusa;"e.

Net-or7 &onfiguration
4"o;a" Con*i%uration )etwor' Summar8 Inter*aces 7in' A%%re%ations Static Routes >7A)s

:he )etwor' section o* the administrati-e 4UI contains the *o""owin% components *or -iewin% and con*i%urin% the !ree)AS3 s8stem1s networ' settin%sI

<ach o* these is descri;ed in more detai" ;e"ow.

$.1

G o'a &onfiguration

:he %"o;a" con*i%uration ta;D shown in !i%ure (.1aD a""ows 8ou to set nonBinter*ace speci*ic networ' settin%s. :a;"e (.1a summari6es the settin%s that can ;e con*i%ured usin% the 4"o;a" Con*i%uration ta;. :he hostname and domain wi"" ;e preB*i""ed *or 8ouD as seen in !i%ure (.1aD ;ut can ;e chan%ed to meet the "oca" networ'1s requirements. :he other settin%s are optiona" and can reduce the securit8 o* the !ree)AS3 s8stem J;8 ma'in% it Internet accessi;"eK i* it is not proper"8 protected ;8 a *irewa"".

FreeNAS 8.0.3 Guide

Page $4 of 164

Figure $.1a: Sa0# e G o'a &onfiguration

)a' e $.1a: G o'a &onfiguration Settings Setting Hostname &omain :a ue strin% strin% 6escri#tion s8stem host name s8stem domain name t8pica""8 not set to pre-ent )AS *rom ;ein% accessi;"e *rom the Internet :8pica""8 not set primar8 &)S ser-er Jt8pica""8 in 0indows domainK secondar8 &)S ser-er tertiar8 &)S ser-er

I?-$ &e*au"t 4atewa8 I? address I?-+ &e*au"t 4atewa8 )ameser-er 1 )ameser-er 2 )ameser-er 3 I? address I? address I? address I? address

$.2

Net-or7 Su00ar*

:he )etwor' Summar8 ta; a""ows 8ou to quic'"8 -iew the addressin% in*ormation o* e-er8 con*i%ured inter*ace. It wi"" show the inter*ace nameD I? addressD &)S ser-erJsKD and de*au"t %atewa8.

FreeNAS 8.0.3 Guide

Page $$ of 164

$.3

Interfaces

:he inter*aces ta; a""ows 8ou to -iew which inter*aces ha-e ;een con*i%uredD to add an inter*ace to con*i%ureD and to edit an inter*ace1s current con*i%uration. !i%ure (.3a shows the screen that opens when 8ou c"ic' Inter*aces BR Add Inter*ace. :a;"e (.3a summari6es the con*i%uration options when 8ou Add an inter*ace or <dit an a"read8 con*i%ured inter*ace. Figure $.3a: 3diting an Interfaces &onfiguration

)a' e $.3a: Interface &onfiguration Settings Setting 6escri#tion se"ect the !ree S& de-ice nameM wi"" ;e readBon"8 *ie"d when edit )IC dropBdown menu an inter*ace Inter*ace )ame strin% description o* inter*ace &HC? chec';o5 requires manua" I?-$ or I?-+ con*i%uration i* unchec'ed I?-$ Address I? address set i* &HC? unchec'ed I?-$ )etmas' dropBdown menu set i* &HC? unchec'ed Auto con*i%ure i* chec'edD use rtso"J8K to con*i%ure the inter*aceM requires manua" chec';o5 I?-+ con*i%uration i* unchec'ed and wish to use I?-+ :a ue

FreeNAS 8.0.3 Guide

Page $6 of 164

Setting I?-+ Address I?-+ ?re*i5 7en%th ,ptions

:a ue I?-+ address

6escri#tion must ;e unique on networ'

dropBdown menu match the pre*i5 used on networ' strin% additiona" parameters *rom i*con*i%J8KD one per "ineM *or e5amp"eI 0tu 4000 wi"" increase the M:U *or inter*aces that support Gum;o *rames

:his screen a"so a""ows 8ou to con*i%ure an a"ias *or the inter*ace. I* 8ou wish to set mu"tip"e a"iasesD c"ic' the PAdd e5tra a"iasP "in' *or each a"ias 8ou wish to con*i%ure.

$.4

Bin7 Aggregations

!ree)AS3 uses !ree S&1s "a%%J$K inter*ace to pro-ide "in' a%%re%ation and "in' *ai"o-er. :he "a%% inter*ace a""ows a%%re%ation o* mu"tip"e networ' inter*aces into a sin%"e -irtua" "a%% inter*aceD pro-idin% *au"tBto"erance and hi%hBspeed mu"tiB"in' throu%hput. :he a%%re%ation protoco"s supported ;8 "a%% determine which ports are used *or out%oin% tra**ic and whether a speci*ic port accepts incomin% tra**ic. 7a%%1s inter*ace "in' state is used to -a"idate i* the port is acti-e or not. A%%re%ation wor's ;est on switches supportin% 7AC?D which distri;utes tra**ic ;iBdirectiona""8 whi"e respondin% to *ai"ure o* indi-idua" "in's. !ree)AS3 a"so supports acti-e@passi-e *ai"o-er ;etween pairs o* "in's. I0#ortant notice regarding aggregation #erfor0anceI the 7AC?D !<C and "oadB;a"ance modes se"ect the output inter*ace usin% a hash that inc"udes the <thernet source and destination addressD >7A) ta% Ji* a-ai"a;"eKD I? source and destination addressD and *"ow "a;e" JI?-+ on"8K. :he ;ene*it can on"8 ;e o;ser-ed when mu"tip"e c"ients are trans*erin% *i"es fro 8our )AS. :he *"ow enterin% into 8our )AS depends on the <thernet switch "oadB;a"ance a"%orithm. N2)3: 7AC? and other *orms o* "in' a%%re%ation %enera""8 do not wor' we"" with -irtua"i6ation so"utions. In a -irtua"i6ed en-ironmentD consider the use o* iSCSI M?I, throu%h the creation o* an iSCSI ?orta" as demonstrated in section 8.1$.+. :his a""ows an iSCSI initiator to reco%ni6e mu"tip"e "in's to a tar%etD uti"i6in% them *or increased ;andwidth or redundanc8. :his howBto contains instructions *or con*i%urin% M?I, on <S9i. :he "a%% dri-er current"8 supports the *o""owin% a%%re%ation protoco"sI Fai o+er: the de*au"t protoco". Sends tra**ic on"8 throu%h the acti-e port. I* the master port ;ecomes una-ai"a;"eD the ne5t acti-e port is used. :he *irst inter*ace added is the master portM an8 inter*aces added a*ter that are used as *ai"o-er de-ices. 8 de*au"tD recei-ed tra**ic is on"8 accepted when recei-ed throu%h the acti-e port. :his constraint can ;e re"a5ed ;8 settin% the net&(ink&(agg&fai(o er1r'1a(( s8sct"J8K -aria;"e to a non6ero -a"ueD which is use*u" *or certain ;rid%ed networ' setups. F3&: supports Cisco <therChanne". :his is a static setup and does not ne%otiate a%%re%ation with the peer or e5chan%e *rames to monitor the "in'.

FreeNAS 8.0.3 Guide

Page $( of 164

BA&P: supports the I<<< 8#2.3ad 7in' A%%re%ation Contro" ?rotoco" J7AC?K and the Mar'er ?rotoco". 7AC? wi"" ne%otiate a set o* a%%re%a;"e "in's with the peer into one or more "in' a%%re%ated %roups J7A4K. <ach 7A4 is composed o* ports o* the same speedD set to *u""Bdup"e5 operation. :he tra**ic wi"" ;e ;a"anced across the ports in the 7A4 with the %reatest tota" speedM in most cases there wi"" on"8 ;e one 7A4 which contains a"" ports. In the e-ent o* chan%es in ph8sica" connecti-it8D "in' a%%re%ation wi"" quic'"8 con-er%e to a new con*i%uration. 7AC? must ;e con*i%ured on the switch as we"". Boad 5a ance: ;a"ances out%oin% tra**ic across the acti-e ports ;ased on hashed protoco" header in*ormation and accepts incomin% tra**ic *rom an8 acti-e port. :his is a static setup and does not ne%otiate a%%re%ation with the peer or e5chan%e *rames to monitor the "in'. :he hash inc"udes the <thernet source and destination addressD >7A) ta% Ji* a-ai"a;"eKD and I? source and destination address. .ound .o'in: distri;utes out%oin% tra**ic usin% a roundBro;in schedu"er throu%h a"" acti-e ports and accepts incomin% tra**ic *rom an8 acti-e port. None: this protoco" is intended to do nothin%I it disa;"es an8 tra**ic without disa;"in% the "a%% inter*ace itse"*. N2)3: :he !ree)AS3 s8stem must ;e re;ooted a*ter con*i%urin% the "a%% de-iceD which requires conso"e access to the !ree)AS3 s8stem. :C? access wi"" ;e "ost durin% re;oot. :he inter*aces used in the "a%% de-ice shou"d not ;e con*i%ured ;e*ore creatin% the "a%% de-ice. !i%ure (.$a shows the con*i%uration options when addin% a "a%% inter*ace. Figure $.4a: &reating a agg Interface

N2)3: i* inter*aces are insta""ed ;ut do not appear in the ?h8sica" )ICs in the 7A44 "istD chec' that a !ree S& dri-er *or the inter*ace e5ists here. FreeNAS 8.0.3 Guide Page $8 of 164

Se"ect the desired a%%re%ation protoco"D hi%h"i%ht the inter*aceJsK to associate with the "a%% de-iceD and c"ic' the ,2 ;utton. ,nce the "a%% de-ice has ;een createdD it wi"" appear in >iew A"" 7in' A%%re%ations. C"ic' its <dit Inter*ace ;utton to open the screen shown in !i%ure (.$;. Figure $.4': 3dit agg Interface

:a;"e (.$a descri;es the options in this screenI )a' e $.4a: &onfigura' e 2#tions for a agg Interface Setting )IC :a ue strin% 6escri#tion readBon"8 as automatica""8 assi%ned ne5t a-ai"a;"e numeric I& ;8 de*au"t same as de-ice J)ICK nameD can ;e chan%ed to a more descripti-e -a"ue chec' i* the "a%% de-ice %ets its I? address in*o *rom &HC? ser-er mandator8 i* &HC? is "e*t unchec'ed mandator8 i* &HC? is "e*t unchec'ed chec' on"8 i* &HC? ser-er a-ai"a;"e to pro-ide I?-+ address in*o optiona" Page $4 of 164

Inter*ace )ame strin% &HC? I?-$ Address I?-$ )etmas' chec';o5 strin% dropBdown menu

Auto con*i%ure chec';o5 I?-+ I?-+ Address strin% FreeNAS 8.0.3 Guide

Setting I?-+ ?re*i5 7en%th ,ptions

:a ue dropBdown menu strin%

6escri#tion required i* input I?-+ address additiona" i*con*i%J8K options

:his screen a"so a""ows 8ou to con*i%ure an a"ias *or the "a%% inter*ace. I* 8ou wish to set mu"tip"e a"iasesD c"ic' the PAdd e5tra a"iasP "in' *or each a"ias 8ou wish to con*i%ure. I* 8ou c"ic' a "a%% de-ice1s <dit Mem;ers ;uttonD then the <dit ;utton under the Action co"umnD 8ou wi"" see the screen shown in !i%ure (.$c. :his screen a""ows 8ou to con*i%ure the indi-idua" ph8sica" JparentK inter*ace that 8ou speci*ied. :he con*i%ura;"e options are summari6ed in :a;"e $.$;. Figure $.4c: 3diting a 1e0'er Interface

)a' e $.4': &onfiguring a 1e0'er Interface Setting 7A44 Inter*ace %roup 7A44 ?riorit8 )um;er ?h8sica" )IC ,ptions :a ue dropBdown menu inte%er dropBdown menu strin% 6escri#tion se"ect the mem;er inter*ace to con*i%ure order o* se"ected inter*ace within the "a%% ph8sica" inter*ace o* the se"ected mem;er additiona" parameters *rom i*con*i%J8K

N2)3: 8ou can set options such as the M:U Jto ena;"e Gum;o *ramesK at either the "a%% "e-e" or the indi-idua" parent inter*ace "e-e". Eou do not ha-e to set the option at ;oth "e-e"s as each "e-e" wi"" automatica""8 inherit its options *rom the other. Howe-erD it ma'es sense to set it at the "a%% "e-e" J!i%ure (.$;K as each inter*ace mem;er wi"" inherit *rom the "a%%. I* 8ou set it at the inter*ace "e-e" J!i%ure (.$cKD 8ou wi"" ha-e to repeat *or each inter*ace within the "a%%. It is important to not set di**erin% options at the "a%% and the inter*ace "e-e" as this wi"" con*use the "a%% de-ice. A"soD do not set Gum;o *rames i* the attached switch does not support Gum;o *rames.

FreeNAS 8.0.3 Guide

Page 60 of 164

$.$

Static .outes

!or securit8 reasonsD no static routes are de*ined on the !ree)AS3 s8stem. Shou"d 8ou need a static route to reach portions o* 8our networ'D 8ou can add and -iew a"" static routes usin% )etwor' BR Static Routes. I* 8ou c"ic' PAdd Static RouteP 8ou wi"" see the screen shown in !i%ure (.(a. Figure $.$a: Adding a Static .oute

:he destination networ' and %atewa8 *ie"ds are mandator8M the description *ie"d is optiona". I* 8ou add an8 static routesD the8 wi"" show in S>iew A"" Static RoutesT. <ach route wi"" ha-e an action o* <dit or &e"ete.

$.6

:BANs

!ree)AS3 uses !ree S&1s -"anJ$K inter*ace to demu"tip"e5 *rames with I<<< 8#2.1q ta%s. :his a""ows nodes on di**erent >7A)s to communicate throu%h a "a8er 3 switch or router. A -"an inter*ace must ;e assi%ned a parent inter*ace and a numeric >7A) ta%. A sin%"e parent can ;e assi%ned to mu"tip"e -"an inter*aces pro-ided the8 ha-e di**erent ta%s. I* 8ou c"ic' )etwor' BR >7A)s BR Add >7A)D 8ou wi"" see the screen shown in !i%ure (.+a. N2)3: >7A) ta%%in% is the on"8 8#2.1A *eature that is imp"emented. Additiona""8D not a"" <thernet inter*aces support *u"" >7A) processin%Zsee the HAR&0AR< section o* -"anJ$K *or detai"s.

FreeNAS 8.0.3 Guide

Page 61 of 164

Figure $.6a: Adding a :BAN

:a;"e (.+a descri;es the -arious *ie"ds. )a' e $.6a: Adding a :BAN 6escri#tion Use the *ormat -"an9 where 9 is a num;er representin% the strin% -"an inter*ace se"ect *rom dropBdown usua""8 an <thernet card connected to a proper"8 con*i%ured ?arent Inter*ace menu switch port >7A) :a% inte%er shou"d match a numeric ta% set up in the switched networ' &escription strin% optiona" . Setting >irtua" Inter*ace :a ue

Storage &onfiguration
?eriodic Snapshot :as's Rep"ication :as's >o"umes

:he Stora%e section o* the %raphica" inter*ace a""ows 8ou to con*i%ure the *o""owin%I

:hese con*i%urations are descri;ed in more detai" in this section.

6.1

Periodic Sna#s"ot )as7s

!ree)AS3 /!S -o"umes support snapshotsD a readBon"8 -ersion o* a /!S -o"ume or dataset at a %i-en point in time. Snapshots can ;e created quic'"8 andD i* "itt"e data chan%esD new snapshots ta'e up -er8 "itt"e space. !or e5amp"eD a snapshot where no *i"es ha-e chan%ed ta'es #M o* stora%eD ;ut i* 8ou chan%e a 1#4 *i"e it wi"" 'eep a cop8 o* ;oth the o"d and the new 1#4 -ersion. Snapshots pro-ide a c"e-er wa8 o* 'eepin% a histor8 o* *i"esD shou"d 8ou need to reco-er an o"der cop8 or e-en a de"eted *i"e. FreeNAS 8.0.3 Guide Page 62 of 164

!or this reasonD man8 administrators ta'e snapshots o*ten Je.%. e-er8 1( minutesKD store them *or a period o* time Je.%. *or a monthKD and store them on another s8stem Je.%. usin% Rep"ication :as'sK. Such a strate%8 a""ows the administrator to ro"" the s8stem ;ac' to a speci*ic time orD i* there is a catastrophic "ossD an o**Bsite snapshot can restore the s8stem up to the "ast snapshot inter-a" Je.%. within 1( minutes o* the data "ossK. Snapshots can ;e c"oned or ro""ed ;ac'D ;ut the *i"es on the snapshot cannot ;e accessed independent"8. e*ore 8ou can create a snapshotD 8ou need to ha-e an e5istin% /!S -o"ume. How to do this is descri;ed in section +.3.3 Creatin% >o"umes. :o create a /!S snapshotD c"ic' Stora%e BR ?eriodic Snapshot :as's BR Add ?eriodic Snapshot which wi"" open the screen shown in !i%ure +.1a. Figure 6.1a: &reating a 9FS Periodic Sna#s"ot

:a;"e +.1a summari6es the *ie"ds in this screenI )a' e 6.1a: 2#tions ;"en &reating a Periodic Sna#s"ot Setting Mount ?oint Recursi-e :a ue dropBdown menu chec';o5 6escri#tion se"ect the mount point o* an e5istin% /!S -o"ume or dataset recursi-e snapshots are created as one atomic operation across descendent *i"e s8stemsD meanin% that the snapshot data is ta'en at one consistent time Page 63 of 164

FreeNAS 8.0.3 Guide

Setting 7i*etime e%in <nd Inter-a" 0ee'da8

:a ue inte%er and dropBdown menu dropBdown menu dropBdown menu dropBdown menu chec';o5es

6escri#tion how "on% to 'eep the snapshot time o* *irst snapshot time o* "ast snapshot how o*ten to ta'e snapshot ;etween e%in and <nd times which da8s o* the wee' to ta'e snapshots

,nce 8ou c"ic' the ,2 ;uttonD a snapshot wi"" ;e ta'en and this tas' wi"" ;e repeated accordin% to 8our settin%s. I* 8ou c"ic' /!S SnapshotsD 8ou wi"" see a "istin% o* a-ai"a;"e snapshots as seen in the e5amp"e in !i%ure +.1;I Figure 6.1': :ie-ing A+ai a' e Sna#s"ots

:he most recent snapshot wi"" ;e "isted "ast and wi"" ha-e 3 icons instead o* 2. :he icons associated with a snapshot a""ow 8ou toI & one Sna#s"ot: wi"" prompt 8ou *or the name o* the c"one. :he c"one wi"" ;e a writa;"e cop8 o* the snapshot and can on"8 ;e created on the same /!S -o"ume. C"ones do not inherit the properties o* the parent datasetD ;ut rather inherit the properties ;ased on where the c"one is created in the /!S poo". ecause a c"one initia""8 shares a"" its dis' space with the ori%ina" snapshotD its used propert8 is initia""8 6ero. As chan%es are made to the c"oneD it uses more space. 6estro* Sna#s"ot: a popBup messa%e wi"" as' 8ou to con*irm this action. )ote that c"ones must ;e destro8ed ;e*ore the parent snapshot can ;e destro8ed. .o 'ac7 Sna#s"ot: a popBup messa%e wi"" as' i* 8ou are sure that 8ou want to ro"";ac' to this snapshot state. I* 8ou c"ic' EesD an8 *i"es that ha-e chan%ed since the snapshot was ta'en wi"" ;e re-erted ;ac' to their state at the time o* the snapshot. N2)3: ro"";ac' is a potentia""8 dan%erous operation and wi"" cause an8 con*i%ured rep"ication tas's to *ai" as the rep"ication s8stem uses the e5istin% snapshot when doin% an incrementa" ;ac'up. I* 8ou do need to restore the data within a snapshotD the recommended steps areI FreeNAS 8.0.3 Guide Page 64 of 164

1. C"one the desired snapshot. 2. Share the c"one with the share t8pe or ser-ice runnin% on the !ree)AS3 s8stem. 3. ,nce users ha-e reco-ered the needed dataD destro8 the c"one. :his approach wi"" ne-er destro8 an8 onBdis' data and has no impact on rep"ication. A"ternati-e"8D periodic snapshots wi"" appear as shadow copies in newer -ersions o* 0indows <5p"orer. Users can access the *i"es in the shadow cop8 usin% <5p"orer without requirin% an8 interaction with the !ree)AS3 %raphica" administrati-e inter*ace.

6.2

.e# ication )as7s

!ree)AS3 supports the secure rep"ication o* /!S snapshots to another remote !ree)AS3 s8stem Jor an8 other s8stem runnin% the same -ersion o* /!S and a "istenin% SSH ser-erK. :his a""ows 8ou to create an o**Bsite ;ac'up o* the stora%e data. :his section demonstrates how to setup SSH rep"ication ;etween two !ree)AS3 s8stems. 0e wi"" use the terms 7,CA7 Jto represent the s8stem that wi"" send the snapshotsK and R<M,:< Jto represent the s8stem to recei-e the snapshotsK. In this e5amp"eD 7,CA7 has an I? address o* 192.1+8.2.$ and R<M,:< has an I? address o* 192.1+8.2.2. An o-er-iew is seen in !i%ure +.2a. Figure 6.2a: 2+er+ie- of &onfiguration 3,a0# e

FreeNAS 8.0.3 Guide

Page 6$ of 164

In order to rep"icate /!S snapshots 8ou wi"" need the *o""owin%I a /!S -o"ume created on ;oth 7,CA7 and R<M,:< Jsee section +.3.3 Creatin% >o"umes *or instructions on how to do thisK a periodic snapshot tas' must ;e created on 7,CA7 Jsee section +.1 ?eriodic Snapshot :as's *or instructions on how to do thisK ;oth s8stems con*i%ured *or SSH 'e8 ;ased authentication

6.2.1

&onfiguring SS% =e* 5ased Aut"entication

In order to setup SSH 'e8 ;ased authenticationD 8ou wi"" need to temporari"8 use SSH password ;ased authentication so that 8ou can cop8 the SSH 'e8 in*ormation to the required "ocations. :he con*i%uration steps are as *o""owsI 1. I* 8ou ha-en1t a"read8D create on 7,CA7 a user account which wi"" ;e used to ss" into 7,CA7. Ma'e the user a mem;er o* the 9hee( %roup and set their home director8 to the *u"" path o* the /!S -o"ume. In the e5amp"e shown in !i%ure +.2;D a user account named user1 has a home director8 pointin% to the /!S -o"ume named Fmnt-data2. Create a simi"ar user on R<M,:<. 2. I* 8ou ha-en1t done so a"read8D set the root password in Account BR Users BR >iew A"" Users on ;oth s8stems. 3. Use an SSH c"ient Je.%. the ss" command *rom a command prompt or ?u::E *rom a 0indows s8stemK to "o%in into 7,CA7. In the e5amp"e shown in !i%ure +.2;D user1 is usin% the ss" command to "o%in to the 7,CA7 !ree)AS3 s8stem with an I? address o* 172&18%&2&:. ,nce "o%%ed inD cop8 the contents o* -data-ssh-re+(i*ation&+u! to a temporar8 *i"e. :his is the pu;"ic 'e8 o* 7,CA7. :o %et the pu;"ic 'e8 o* R<M,:<D issue the ss"?7e*scan command with the I? address o* R<M,:< and add that pu;"ic 'e8 as a separate "ine in 8our temporar8 *i"e. In the e5amp"e shown in !i%ure +.2cD the R<M,:< I? address is 172&18%&2&2. N2)3I ma'e sure that each 'e8 is pasted as one "on% "ine.

FreeNAS 8.0.3 Guide

Page 66 of 164

Figure 6.2': &reate a !ser

Figure 6.2c: &o#*ing t"e .e# ication =e*s for B2&AB and .312)3

FreeNAS 8.0.3 Guide

Page 6( of 164

$. )ow 8ou wi"" create an authori6edU'e8s *i"e on each s8stem and paste the opposite s8stem1s 'e8 to that *i"e. In <5amp"e +.2aD user1 is sti"" "o%%ed into 7,CA7. ,nce the R<M,:< 'e8 is copied into 7,CA71s authori2ed1keysD user1 "o%s into R<M,:< as user2 and creates an authori2ed1keys *i"e containin% the 7,CA7 'e8. 0hen *inishedD the user t8pes e,it *our times to "ea-e ;oth ss" sessions. N2)3: when creatin% the authori2ed1keys *i"eD ma'e sure that the correct 'e8 is pasted as one "on% "ine. 3,a0# e 6.2a: &reating t"e aut"ori>ed87e*s Fi es
mount -uw / mkdir p /root/.ssh/ chmod 700 /root/.ssh nano /root/.ssh/authorized_keys 192.168.2.2 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrF1/MRk3I1wJm4708l yugDmGd6JFeJonoeON3wCRVxmtUh7nKp1PXnagnbVFmq7aXIBs7Jd/GdOWjousAIT9G3qcn/tUf6A+AqcMk 4cl9BURDX6xMSotmAn4m6YuKQffACv86eIo69Xn7xVKVD8s8c7OKO/XnstPrL0NPBmpfHa04P5NZoe2C06C JKQCzKJGNJ/pmlbE0CogVHf5AJT1NtEQkD78a7SqrQK30MlkIzjCVD3WvchWJp8hr3TCs5F1Tc1ay5EU2Zv LwR8txaswuLyG33DKcE2SVRG5t+LD0S7wuvATTWrzSOQTpeZoiZDw7Qf3kkjpmt14UFnLsCjs9 ssh user2@192.168.2.2 su mkdir p /root/.ssh/ chmod 700 /root/.ssh nano /root/.ssh/authorized_keys ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwt6Fb1JthH6xPtmN5SzlqEjggZCH/ wwWQsYKEHO/vdwXLri8J+Pn/oPMM3GlRRbYhB+vpnAxrTt1uiLREtenpQhSb56RIWyyZ6m1FrXs+QSaDKCp M6+XRrQtLPd+VSoGDWsz6tK8mV7vpfk3X77w1Y0PZDZyOj1aZnEE447WtEtCAgYcaH3+4G6mWzoK8Rf7yXa kNV+RO8Vu+40+H5qoqTAWk+rNIsZYcl8p7JiqxXLPGj6lPr5p9jqYsWqE23bwmpGrOZF1J9rd+hKv9jfxqW 86Am/izWASYfy6qEIp4haYCo5oo09pqoOk17bDRNbPvFZ58aYadjvaap8YB5z0t Key for replication exit exit exit exit

Je5its superuser and then R<M,:<K Je5its superuser and then 7,CA7K

6.2.2

&reating t"e .e# ication )as7

Eou are now read8 to create a rep"ication tas'. ,n ;<CA;D c"ic' Stora%e BR Rep"ication :as's BR Add Rep"ication :as'. In the e5amp"e shown in !i%ure +.2dD the 7,CA7 /!S -o"ume is -mnt-data2D the R<M,:< /!S *i"es8stem is dataD and the R<M,:< 'e8 has ;een pasted into the ;o5. )ote that *or the remote /!S *i"es8stemD -mnt- is assumed and shou"d not ;e inc"uded in the path.

FreeNAS 8.0.3 Guide

Page 68 of 164

Figure 6.2d: Adding a .e# ication )as7

:a;"e +.2a summari6es the options in the Add Rep"ication :as' screen. )a' e 6.2a: Adding a .e# ication )as7 Setting Mount ?oint Remote /!S *i"es8stem Recursi-e"8 rep"icate Initia"i6e remote side Remote hostname :a ue dropBdown menu strin% chec';o5 chec';o5 strin% 6escri#tion the /!S -o"ume on 7,CA7 containin% the snapshots to ;e rep"icated the /!S -o"ume on R<M,:< that wi"" store the snapshots i* chec'ed wi"" rep"icate chi"d datasets and rep"ace pre-ious dataset on remote s8stem does a reset once operation which destro8s the rep"ication data on the remote tar%et and then re-erts to norma" operation I? address or &)S name o* remote s8stem mandator8M paste the pu;"ic 'e8 o* the remote s8stem Jthis wi"" ;e the second "ine in the temporar8 *i"e 8ou created a;o-eK

Remote host'e8 strin%

6.2.3

)esting .e# ication

I* 8ou ha-e *o""owed a"" o* the steps a;o-e and ha-e 7,CA7 snapshots that are not rep"icatin% to R<M,:<D tr8 de"etin% a"" snapshots on 7,CA7 e5cept *or the most recent one. In Stora%e BR ?eriodic Snapshot :as's BR >iew A"" Snapshot :as's BR /!S Snapshots chec' the ;o5 ne5t to e-er8 snapshot e5cept *or the "ast one Jthe one with 3 icons instead o* 2KD then c"ic' the %"o;a" &estro8 ;utton at the FreeNAS 8.0.3 Guide Page 64 of 164

;ottom o* the screen. ,nce 8ou ha-e on"8 one snapshotD ss" into 7,CA7 and use the >fs send command. In the *o""owin% e5amp"eD the /!S snapshot on 7,CA7 is on /!S -o"ume data2 and is named auto320110722&1=>)32hD the I? address o* R<M,:< is 172&18%&2&2D and the /!S -o"ume on R<M,:< is data. )ote that the G is used to separate the -o"ume@dataset name *rom the snapshot name.
zfs send data2@auto-20110922.1753-2h | ssh -i /data/ssh/replication 192.168.2.2 \ zfs receive data@auto-20110922.1753-2h

N2)3: i* this command *ai"s with the error Pcannot recei-e new *i"es8stem streamI destination has snapshotsPD chec' the ;o5 Pinitia"i6e remote side *or onceP in the rep"ication tas' and tr8 a%ain. I* the >fs send command sti"" *ai"sD 8ou wi"" need to ss" into R<M,:< and use the >fs destro* ?. +o u0e8na0eGsna#s"ot8na0e command to de"ete the stuc' snapshot. Eou can con*irm that the rep"ication was success*u" ;8 %oin% to Stora%e BR ?eriodic Snapshot :as's BR >iew A"" ?eriodic Snapshot :as's BR /!S Snapshots on R<M,:<. !i%ure +.2e shows the success*u" rep"ication *or our e5amp"eI Figure 6.2e: :ie-ing t"e .e# icated Sna#s"ot Fro0 .312)3

6.2.4

)rou' es"ooting

I* rep"ication is not wor'in%D chec' to see i* SSH is wor'in% proper"8. ss" into 7,CA7 and tr8 to ss" into R<M,:<. Rep"ace hostname1or1i+ with the -a"ue *or R<M,:<I
ssh -i /data/ssh/replication hostname_or_ip

:his command shou"d not as' *or a password. I* it as's *or a passwordD 'e8 ;ased authentication is not wor'in%. Chec' that the correct 'e8s ha-e ;een copied into the authori2ed1key *i"es as descri;ed in section +.2.1 Con*i%urin% SSH 2e8 ased Authentication. I* SSH is wor'in% correct"8D chec' i* the snapshot has rep"icated. ss" into R<M,:< and run the commandI
zfs list -t snapshot

It shou"d "ist the snapshots rep"icated *rom 7,CA7. I* it does notD run the >fs send command as FreeNAS 8.0.3 Guide Page (0 of 164

demonstrated in section +.2.3 :estin% Rep"ication. A*ter success*u""8 transmittin% the snapshotD rechec' a%ain a*ter the time period ;etween snapshots "apses to see i* the ne5t snapshot success*u""8 transmitted. I* it is sti"" not wor'in%D 8ou can manua""8 send an incrementa" ;ac'up o* the "ast snapshot that is on ;oth s8stems to the current one with this commandI
zfs send data2@auto-20110922.1753-2h | ssh -i /data/ssh/replication 192.168.2.2 \ zfs receive data@auto-20110922.1753-2h

6.3

:o u0es

Since the stora%e dis's are separate *rom the !ree)AS3 operatin% s8stemD 8ou don1t actua""8 ha-e a )AS Jnetwor'Battached stora%eK s8stem unti" 8ou con*i%ure 8our dis's into at "east one -o"ume. !ree)AS3 supports the creation o* ;oth U!S and /!S -o"umesM howe-erD /!S -o"umes are recommended to %et the most out o* 8our !ree)AS3 s8stem. :his section demonstrates how to per*orm the *o""owin% actionsI I* 8our dis's are usin% an e5istin% U!S or /!S so*tware RAI&D see section +.3.1 Auto Importin% >o"umes. I* 8our dis's are a"read8 *ormatted with U!SD ):!SD MS&,SD or <9:2D see section +.3.2 Importin% >o"umes. I* 8ou wish to *ormat 8our dis's into a U!S -o"ume or /!S poo"D see section +.3.3 Creatin% >o"umes. I* 8ou wish to %row the si6e o* an e5istin% /!S poo"D see section +.3.$ Addin% to an <5istin% >o"ume. I* 8ou wish to di-ide an e5istin% /!S poo" into datasetsD see section +.3.( Creatin% /!S &atasets. I* 8ou wish to create a /!S ;"oc' de-ice to use as an iSCSI de-ice e5tentD see section +.3.+ Creatin% a 6-o". I* 8ou wish to contro" user@%roup access to an e5istin% U!S -o"umeD /!S poo"D or /!S datasetD see section +.3.. Settin% ?ermissions. 6.3.1 Auto I0#orting :o u0es

I* 8ou c"ic' Stora%e BR >o"umes BR Auto Import >o"umeD 8ou can con*i%ure !ree)AS3 to use an e5istin% so*tware U!S or /!S RAI& -o"ume. Supported -o"umes are U!S 4<,M stripes JRAI&#KD U!S 4<,M mirrors JRAI&1KD U!S 4<,M RAI&3D as we"" as e5istin% /!S poo"s. U!S RAI&( is not supported as it is an unmaintained summer o* code proGect which was ne-er inte%rated into !ree S&. N2)3: since .. -ersions o* !ree)AS3 use an ear"ier -ersion o* /!SD importin% /!S poo"s into !ree)AS3 8 is a oneBwa8 street. In other wordsD once 8ou import a /!S -o"umeD 8ou can not re-ert ;ac' to a pre-ious -ersion o* /!S. !ree)AS3 8.#.3 does not current"8 support dedup"icationD compati;i"it8 with )e5enta poo"sD or 7inu5 *useB6*s. * 8ou ha-e an e5istin% so*tware RAI& -o"umeD 8ou wi"" ;e a;"e to se"ect it *rom the dropBdown menu. FreeNAS 8.0.3 Guide Page (1 of 164

In the e5amp"e shown in !i%ure +.3aD the !ree)AS3 s8stem has an e5istin% /!S RAI&/1 named ;ac'ups. ,nce the -o"ume is se"ectedD c"ic' the PImport >o"umeP ;utton. Figure 6.3a: I0#orting an 3,isting .AI6 :o u0e

,nce the import is comp"ete 8ou ma8 ha-e to re*resh 8our ;rowser in order *or it to appear in the >iew A"" >o"umes "ist. N2)3: !ree)AS3 wi"" not import a dirt8 -o"ume. I* 8our e5istin% -o"ume does not show in the dropB down menuD 8ou wi"" need to access the conso"e in order to *sc' the -o"ume. 6.3.2 I0#orting :o u0es

:he import -o"ume screen is used to import dis's with e5istin% *i"es8stems so that the8 can ;e con*i%ured *or use ;8 !ree)AS3. I* 8ou c"ic' Import >o"umeD 8ou1"" see the screen shown in !i%ure +.3;I Figure 6.3': I0#orting a :o u0e

Input a name *or the -o"umeD use the dropBdown menu to se"ect the -o"ume that 8ou wish to importD and se"ect the t8pe o* *i"es8stem on the dis'. At this timeD !ree)AS3 supports the import o* dis's that ha-e ;een *ormatted with U!SD ):!SD MS&,SD or <9:2. e*ore importin% a dis'D ;e aware o* the *o""owin% ca-eatsI

FreeNAS 8.0.3 Guide

Page (2 of 164

 !ree)AS3 wi"" not import a dirt8 *i"es8stem. I* a supported *i"es8stem does not show in the dropBdown menuD 8ou wi"" need to access the conso"e in order to fsc7 the *i"es8stem. ear"ier -ersions o* !ree)AS3 8 had a ;u% that pre-ented the success*u" import o* ):!S dri-es. &on1t tr8 to import ):!S i* 8ou are runnin% a -ersion ear"ier than !ree)AS3 8.#.1BRC1. due to the current 4<,M imp"ementationD !ree)AS3 can not import d8namic ):!S -o"umes at this time. A *uture -ersion o* !ree S& ma8 address this issue. 6.3.3 &reating :o u0es

I* 8ou ha-e un*ormatted dis's or wish to o-erwrite the *i"es8stem Jand dataK on 8our dis'sD use the Create >o"ume screen to *ormat the desired dis's as a U!S -o"ume or a /!S poo". I* 8ou c"ic' on Stora%e BR >o"umes BR Create >o"umeD 8ou wi"" see a screen simi"ar to the e5amp"e shown in !i%ure +.3c. Figure 6.3c: &reating a 9FS :o u0e

:he options that are a-ai"a;"e in this screen di**er dependin% upon the *i"es8stem that is se"ected and the num;er o* dis's a-ai"a;"eI i* 8ou se"ect one dis'D 8ou can on"8 choose to *ormat with U!S or /!S i* 8ou se"ect two dis'sD 8ou can create a U!S or /!S mirror or stripe i* 8ou se"ect three dis'sD 8ou can create a U!S or /!S stripeD a U!S RAI&3D or a /!S RAI&/1 i* 8ou se"ect *our dis'sD 8ou can create a U!S or /!S mirror or stripeD or a /!S RAI&/1 or RAI&/2

:a;"e +.3a summari6es the con*i%uration options o* this screen. FreeNAS 8.0.3 Guide Page (3 of 164

)a' e 6.3a: 2#tions ;"en &reating a 9FS :o u0e Setting :a ue 6escri#tion up to 9 a"phanumeric characters. I* an e5istin% -o"ume name is speci*iedD the -o"ume ;ein% created wi"" ;e added to the e5istin% -o"ume as a stripe. :his a""ows *or comp"e5 -o"umes such as RAI& 1#D RAI&/W#D and RAI&/2W#. :he top "e-e" %roup is imp"icit"8 a stripe and there is no pro-ision to ;ui"d a mirror o* mirrorsD a RAI&/ o* mirrorsD or a mirror o* RAI&/s. se"ect desired num;er o* dis's *rom "ist o* a-ai"a;"e dis's se"ect either U!S or /!S the s8stem wi"" automatica""8 create the -o"ume with $2 sectors i* the under"8in% dis' is usin% Ad-anced !ormat. Chec'in% this option creates $2 sector si6e Jinstead o* (12 ;8tesK re%ard"ess o* the under"8in% hardware. on"8 a-ai"a;"e when se"ect /!S. Choose *romI )oneD 7o%D CacheD Spare. See note ;e"ow *or descriptions o* each option.

>o"ume name

strin%

Mem;er chec';o5es dis's !i"es8stem ;utton t8pe !orce $#9+ ;8tes sector chec';o5 si6e /!S e5tra se"ect *or each mem;er dis'

:he Add >o"ume ;utton warns that creatin% a -o"ume destro*s a e,isting data on se ected dis7HsI. :he /!S e5tra options can ;e used to increase per*ormance. :he8 are as *o""owsI None: se"ected dis'JsK wi"" ;e used *or storin% data. Bog: se"ected dis' wi"" ;e dedicated *or storin% the /I7 J/!S Intent 7o%K. See the Separate 7o% &e-ices section o* the /!S est ?ractices 4uide *or si6e recommendations. 0hen two or more "o% de-ices are speci*iedD !ree)AS3 wi"" mirror them as su%%ested ;8 the /!S est ?ractices 4uide. :his is a pre-ention measure ;ecause "osin% the /I7 cou"d "ead to disastrous resu"ts such as ma'in% the entire poo" inaccessi;"e. ?uttin% the /I7 on hi%h speed de-ices can a"so impro-e per*ormance *or certain wor'"oadsD especia""8 those requirin% s8nchronous writes such as )!S c"ients connectin% to !ree)AS3 runnin% on >M0are <S9i. In such casesD a dedicated /I7 wi"" ma'e a ;i% di**erence in per*ormance. App"ications that do not do a "ot o* s8nchronous writes are "ess "i'e"8 to ;ene*it *rom ha-in% dedicated /I7 de-ices. !or >M0areD i* a hi%h speed /I7 de-ice is not an optionD usin% iSCSI instead o* )!S is a wor'around to achie-e ;etter per*ormance. &ac"e: se"ected dis' wi"" ;e dedicated to 72ARC onBdis' cache. :8pica""8D one wou"d se"ect a *ast dis'D such as an SS&. See the Separate Cache &e-ices section o* the /!S est ?ractices 4uide *or si6e recommendations. 7osin% an 72ARC de-ice has no imp"ications at a""D other than read access can s"ow down. S#are: wi"" create a hot spare that is on"8 used when another dis' *ai"s. Hot spares speed up hea"in% in the *ace o* hardware *ai"ures and are critica" *or hi%h mean time to data "oss JM::&7K en-ironments. ,ne or two spares *or a $#Bdis' poo" is a common"8 used con*i%uration. Use this option with caution as there is a 'nown ;u% in the current !ree S& imp"ementation. FreeNAS 8.0.3 Guide Page (4 of 164

:he -o"ume creation screen a""ows *or ad-anced scenariosI to create a 0irror H.AI6 1I: chec' the 2 dis's to %o into the mirror *rom the "ist o* a-ai"a;"e dis's to create a stri#ed 0irror H.AI6 10I: create 2 mirrors with the same o(ume name to add an SS6 as "*'rid storage: chec' the ;o5 *or the de-iceD se"ect /!SD and choose Cache *or that de-ice in the /!S <5tra section to add a cac"e dri+e which wi"" he"p read per*ormance when the wor'in% set is sma""er than the cache dri-eD ;ut "ar%er than the si6e o* RAM a-ai"a;"e to the s8stemI chec' the ;o5 *or the de-iceD se"ect /!SD and choose Cache *or that de-ice in the /!S <5tra section An o-er-iew o* the -arious RAI& "e-e"s can ;e *ound in section 1.1.+ RAI& ,-er-iew. 6.3.4 Adding to an 3,isting :o u0e

/!S supports the addition o* -irtua" de-ices J-de-sK to an e5istin% -o"ume J/!S poo"K. A RAI&/1 is an e5amp"e o* a -de-. ,nce a -de- is createdD 8ou can not add more dri-es to that -de-. Howe-erD i* 8ou ha-e an e5istin% RAI&/1D 8ou can stripe it with a new RAI&/1 Jand its dis'sK. :his wi"" increase the o-era"" si6e o* the poo". :o com;ine two -de-s in the %raphica" administrati-e inter*aceD %o to Stora%e BR >o"umes BR Create >o"ume. In the >o"ume )ame sectionD input the same name as an e5istin% -de-D se"ect the dis'JsK that 8ou wish to addD the t8pe o* RAI& Jwhich has to ;e the same as the e5istin% oneKD choose /!S as the *i"es8stemD and c"ic' Add >o"ume.

6.3.$

&reating 9FS 6atasets

An e5istin% /!S -o"ume can ;e di-ided into datasets. :his a""ows 8ou to create a share per datasetD a""owin% *or more %ranu"arit8 on which users ha-e access to which data. A dataset is simi"ar to a *o"der in that 8ou can set permissionsM it is a"so simi"ar to a *i"es8stem in that 8ou can set quotas and compression. N2)3: i* 8our %oa" is to share an entire /!S -o"umeD 8ou don1t ha-e to create datasets. I* 8ou wish to di-ide up a /!S -o"ume1s data into di**erent sharesD create a dataset *or each share. I* 8ou c"ic' >o"umes BR Create /!S &atasetD 8ou wi"" see the screen shown in !i%ure +.3d. )ote that this menu option is not a-ai"a;"e unti" a*ter 8ou ha-e created a /!S -o"ume. :a;"e +.3; summari6es the options a-ai"a;"e when creatin% a /!S dataset.

FreeNAS 8.0.3 Guide

Page ($ of 164

Figure 6.3d: &reating a 9FS 6ataset

)a' e 6.3': 9FS 6ataset 2#tions Setting >o"ume &ataset )ame Compression 7e-e" :a ue dropBdown menu strin% dropBdown menu 6escri#tion se"ect an e5istin% /!S -o"ume mandator8 choose *romI inheritD o**D "6G; Joptimi6ed *or per*ormance whi"e pro-idin% decent data compressionKD %6ip "e-e" +D %6ip *astest J"e-e" 1KD %6ip ma5imum J"e-e" 9D ;est compression ;ut s"owKM see ),:< ;e"ow contro"s whether the access time *or *i"es is updated when the8 are read. :urnin% this propert8 o** a-oids producin% write tra**ic when readin% *i"es and can resu"t in si%ni*icant per*ormance %ainsD thou%h it mi%ht con*use mai"ers and other simi"ar uti"ities. de*au"t o* # is o**M can speci*8 M Jme%a;8teKD 4 J%i%a;8teKD or : Jtera;8teK as in 2#4 *or 2# 4 de*au"t o* # is o**M can speci*8 M Jme%a;8teKD 4 J%i%a;8teKD or : Jtera;8teK as in 2#4 *or 2# 4 Page (6 of 164

<na;"e atime

inheritD onD or o** inte%er inte%er

Auota *or dataset Auota *or dataset and chi"dren

FreeNAS 8.0.3 Guide

Setting :a ue Reser-ed space *or inte%er dataset Reser-ed space *or dataset and inte%er chi"dren

6escri#tion de*au"t o* # is un"imited J;esides hardwareKM can speci*8 M Jme%a;8teKD 4 J%i%a;8teKD or : Jtera;8teK as in 2#4 *or 2# 4 de*au"t o* # is un"imited J;esides hardwareKM can speci*8 M Jme%a;8teKD 4 J%i%a;8teKD or : Jtera;8teK as in 2#4 *or 2# 4

N2)3 on co0#ression: most media Je.%. .mp3D .mp$D .a-iK is a"read8 compressedD meanin% that 8ou1"" increase C?U uti"i6ation *or no %ain i* 8ou store these *i"es on a compressed dataset. Howe-erD i* 8ou ha-e raw .wa- rips o* C&s or .-o; rips o* &>&sD 8ou1"" see a per*ormance %ain usin% a compressed dataset. 6.3.6 &reating a >+o

A 6-o" J/!S -o"umeK is a *eature o* /!S that creates a de-ice ;"oc' o-er /!S. :his a""ows 8ou to use a 6-o" as an iSCSI de-ice e5tent. :o create a 6-o"D %o to Stora%e BR >o"umes BR Create /!S >o"ume which wi"" open the screen shown in !i%ure +.3e. )ote that this menu option is not a-ai"a;"e unti" a*ter 8ou ha-e created a /!S -o"ume. Figure 6.3e: &reating a >+o

:he con*i%uration options are descri;ed in :a;"e +.3cI )a' e 6.3c: >+o &onfiguration 2#tions Setting :a ue dropBdown <5istin% >o"ume menu /!S >o"ume strin% )ame Si6e inte%er 6escri#tion se"ect e5istin% /!S poo" to create the 6-o" *rom input a name *or the 6-o" speci*8 si6e and -a"ue such as 1#4

FreeNAS 8.0.3 Guide

Page (( of 164

Setting Compression 7e-e"

:a ue dropBdown menu

6escri#tion inherit means it wi"" use the same compression "e-e" as the e5istin% 6poo" used to create the 6-o"

6.3.(

Setting Per0issions

Settin% permissions is an important aspect o* con*i%urin% a share so that !ree)AS3 -o"umes are accessi;"e to the c"ients in 8our networ'. :he %raphica" administrati-e inter*ace is meant to set the initia" permissions *or a -o"ume or dataset in order to ma'e it a-ai"a;"e as a share. ,nce a share is a-ai"a;"eD the c"ient operatin% s8stem can ;e used to *ineBtune the permissions o* the *i"es and directories that are created ;8 the c"ient. Section . Sharin% contains con*i%uration e5amp"es *or se-era" t8pes o* permission scenarios. :his section pro-ides an o-er-iew o* the screen that is used to set those permissions. ,nce a -o"ume or dataset is createdD it wi"" ;e "isted ;8 its mount point name in Stora%e BR >iew A"" >o"umes. I* 8ou c"ic' the Chan%e ?ermissions icon *or a speci*ic -o"ume@datasetD 8ou wi"" see the screen shown in !i%ure +.3*. :a;"e +.3d summari6es the options in this screen. Figure 6.3f: &"anging Per0issions on a :o u0e or 6ataset

FreeNAS 8.0.3 Guide

Page (8 of 164

)a' e 6.3d: 2#tions ;"en &"anging Per0issions Setting :a ue 6escri#tion dropBdown user to ha-e permission to the -o"ume@datasetM user must ;e created *irst i* ,wnerJuserK menu it does not a"read8 e5ist %roup to ha-e permission to the -o"ume@datasetM %roup must ;e created *irst dropBdown ,wnerJ%roupK i* it does not a"read8 e5ist and desired users need to ;e added as mem;ers menu o* the %roup mode chec';o5es chec' the desired permissions *or userD %roupD and other Uni5 and 0indows AC7s are mutua""8 e5c"usi-eD this means that *ou ;u""et :8pe o* AC7 0ust se ect t"e correct t*#e of A&B to 0atc" t"e s"areM see the ),:< se"ection ;e"ow *or more detai"s i* chec'edD permissions wi"" a"so app"8 to su;directories o* the -o"ume or recursi-e chec';o5 datasetM i* 8ou edit the owner and@or %roup at a "ater timeD ;e sure to chec' this ;o5 so that the chan%e is popu"ated to a"" o* the directories N2)3 regarding )*#e of A&B: when in dou;tD or i* 8ou ha-e a mi5 o* operatin% s8stems in 8our networ'D a"wa8s se"ect Uni5 AC7s as a"" c"ients understand them. :he on"8 time there is a ;ene*it to pic'in% 0indows AC7s is when 8our networ' on"8 contains 0indows c"ients and 8ou are con*i%urin% CI!S shares. Eou wi"" a"so want to use 0indows AC7s i* 8ou are con*i%urin% the Acti-e &irector8 ser-ice *or a networ' that on"8 contains 0indows c"ients. 0indows AC7s add a superset o* permissions that au%ment those pro-ided ;8 Uni5 AC7s. :his means that on"8 0indows c"ients understand 0indows AC7s. 0hi"e 0indows c"ients can understand Uni5 AC7sD the8 won1t ;ene*it *rom the e5tra permissions pro-ided ;8 Acti-e &irector8 and 0indows AC7s when Uni5 AC7s are used. 6.3.8 :ie-ing :o u0es

I* 8ou c"ic' >iew A"" >o"umesD 8ou can -iew and *urther con*i%ure each -o"ume and datasetD as seen in the e5amp"e shown in !i%ure +.3%. :he *i-e icons towards the top o* the ri%ht *rame a""ow 8ou toI create another -o"umeD create a /!S datasetD create a /!S -o"umeD import a -o"umeD and auto import a -o"ume. :he se-en icons associated with a /!S -o"ume entr8 a""ow 8ou toI 3,#ort :o u0e: this ;utton wi"" per*orm an e5port or a de"eteD dependin% upon the choice 8ou ma'e in the screen that pops up when 8ou c"ic' this ;utton. :he popBup messa%eD seen in !i%ure +.3hD wi"" show the current used spaceD pro-ide the chec' ;o5 PMar' the dis's as new Jdestro8 dataKD prompt 8ou to ma'e sure that 8ou want to do thisD warn 8ou i* the -o"ume has an8 associated shares and as' i* 8ou wish to de"ete themD and the ;rowser wi"" turn red to a"ert 8ou that 8ou are a;out to do somethin% that wi"" ma'e the data inaccessi;"e. I* 8ou do not chec' that ;o5D the -o"ume wi"" ;e e5ported. :his means that the data is not destro8ed and the -o"ume can ;e reBimported at a "ater time. I* 8ou wi"" ;e mo-in% a /!S dri-e *rom one s8stem to anotherD 8ou shou"d *irst e5port it. :his operation *"ushes an8 unwritten data to dis'D writes data to the dis' indicatin% that the e5port was doneD and remo-es a"" 'now"ed%e o* the poo" *rom the s8stem. I* 8ou do chec' that ;o5D the -o"ume and a"" o* its data wi"" ;e destro8ed and the FreeNAS 8.0.3 Guide Page (4 of 164

under"8in% dis's wi"" ;e returned to their raw state. Figure 6.3g: :ie-ing :o u0es

Figure 6.3": 3,#orting or 6e eting a :o u0e

Scru' :o u0e: the /!S est ?ractices 4uide recommends that 8ou shou"d run a /!S scru; on a re%u"ar ;asis to identi*8 data inte%rit8 pro;"ems. I* 8ou ha-e consumerBqua"it8 dri-esD consider a wee'"8 scru;;in% schedu"e. I* 8ou ha-e datacenterBqua"it8 dri-esD consider a month"8 scru;;in% schedu"e. Eou shou"d a"so scru; a -o"ume prior to rep"acin% an8 o* its dri-es.

FreeNAS 8.0.3 Guide

Page 80 of 164

 3dit 9FS 2#tions: a""ows 8ou to edit the -o"ume1s compression "e-e"D atime settin%D dataset quotaD and reser-ed space *or quota. &"ange Per0issions: a""ows 8ou to edit the -o"ume1s userD %roupD Uni5 rw5 permissionsD and to ena;"e recursi-e permissions on the -o"ume1s su;directories. &reate Sna#s"ot: a""ows 8ou to con*i%ure the snapshot1s name and whether or not it is recursi-e ;e*ore manua""8 creatin% a snapshot o* the /!S -o"ume. :ie- 6is7s: wi"" disp"a8 each dis'1s numeric I&D !ree S& de-ice nameD seria" num;erD UUI&D descriptionD trans*er modeD H&& stand;8 settin%D ad-anced power mana%ement settin%D acoustic "e-e"D whether S.M.A.R.: is ena;"edD S.M.A.R.: e5tra optionsD and %roup mem;ership. An <dit ;utton is inc"uded shou"d 8ou wish to modi*8 an8 o* these settin%s. A Rep"ace ;utton is inc"uded shou"d the dis' *ai" and /!S needs to ;e made aware that the dis' has ;een rep"aced. >#oo status: wi"" show the de-ice name and status o* each dis' in the /!S poo". I* 8ou c"ic' the >iew &is's icon [ <ditD 8ou1"" see the screen shown in !i%ure +.3i. Figure 6.3i: 3diting a :o u0e<s 6is7 2#tions

FreeNAS 8.0.3 Guide

Page 81 of 164

:a;"e +.3d summari6es the con*i%ura;"e options. )a' e 6.3d: 3dita' e 2#tions for a :o u0e<s 6is7 Setting )ame Identi*ier &escription :rans*er Mode H&& Stand;8 Ad-anced ?ower Mana%ement Acoustic 7e-e" <na;"e S.M.A.R.: S.M.A.R.: e5tra options 4roup Mem;ership :a ue strin% strin% strin% dropBdown menu dropBdown menu dropBdown menu dropBdown menu chec';o5 strin% dropBdown menu 6escri#tion readBon"8 -a"ue showin% !ree S& de-ice name *or dis' readBon"8 -a"ue showin% the UUI& o* the dis' Jname ma8 chan%e with hotBswappa;"e de-ices ;ut the UUI& does notK ;8 de*au"t wi"" show name o* -o"ume de*au"t is autoD can a"so speci*8 trans*er mode used ;8 hardware indicates the time o* inacti-it8 Jin minutesK ;e*ore the dri-e enters stand;8 mode in order to conser-e ener%8M the de*au"t is a"wa8s on de*au"t is disa;"edD can se"ect a power mana%ement pro*i"e *rom the menu de*au"t is disa;"edD can ;e modi*ied *or dis's that understand AAM on ;8 de*au"t smartct"J8K options the -o"ume the dis' is a mem;er o*

6.3.4

.e# acing a Fai ed 6ri+e

I* 8ou are usin% an8 *orm o* RAI&D 8ou shou"d rep"ace a *ai"ed dri-e as soon as possi;"e to repair the de%raded state o* the RAI&. 4o to Stora%e BR >o"umes BR >iew A"" >o"umes. C"ic' the >iew &is's ;utton o* the associated -o"ume which wi"" "ist a"" o* the dis's within the -o"ume. 7ocate the *ai"ed dis' and c"ic' its Rep"ace ;utton. Se"ect an unused dri-e *rom the dropBdown menu in the popBup menu that appearsD then c"ic' the Rep"ace dis' ;utton. In the e5amp"e shown in !i%ure +.3GD *ai"ed dis' ada0 is ;ein% rep"aced ;8 dis' ada). As seen in the e5amp"e shown in !i%ure +.3'D once 8ou c"ic' the Rep"ace dis' ;uttonD the *ai"ed dis' wi"" ;e p"aced at the ;ottom o* the "ist and wi"" now ha-e a &etach ;utton. C"ic' Ees to con*irm and the dis' wi"" ;e remo-ed *rom the "ist o* mem;er dis's.

FreeNAS 8.0.3 Guide

Page 82 of 164

Figure 6.3J: .e# acing a Fai ed 6is7

Figure 6.37: 6etac"ing t"e Fai ed 6is7

FreeNAS 8.0.3 Guide

Page 83 of 164

6.3.10

%ot S-a##ing a 9FS Fai ed 6ri+e

Unti" the hot swappin% impro-ements that ;ecame a-ai"a;"e in !ree S& 9.# are ;ac'ported to !ree)AS3D /!S wi"" not automatica""8 detach *rom the under"8in% 4<,M pro-ider. :his means that care must ;e ta'en when hot swappin% a dri-e. :he *o""owin% procedure is recommendedI do *'- hot!pull the dis" &/F'R/ cou"d cause more pro;"ems a"ing the operating syste aware of your intent as this

*rom the !ree)AS3 conso"eD use the s-a#ct ? command to determine the de-ice name o* the dis'1s swap partitionD then run s-a#off Kde+icena0eL to disa;"e that swap de-ice *rom the !ree)AS3 conso"eD o**"ine the dis' to ;e remo-ed usin% the command >#oo off ine K#oo na0eL Kdis7na0eL At this pointD the dis' can ;e hotBpu""ed *rom the s8stem. Insert the new dis' and recreate the same dis' "a8out. 5a"e sure that the siBe of the swap partition is the sa e as the rest of the dis"s in the pool# :he *o""owin% e5amp"e creates a swap si6e o* 24 on dis' da11I
gpart create -s gpt da11 gpart add -b 128 -s 4194304 -t freebsd-swap da11 gpart add -t freebsd-zfs da11

)e5tD issue the *o""owin% commands to rep"ace the dis'D turn swap ;ac' onD and to detach *rom the poo"I
zpool replace tank da11p2 /etc/rc.d/swap1 start zpool detach tank da11p2/old

S"aring &onfiguration

,nce 8ou ha-e a -o"umeD create at "east one share so that the stora%e is accessi;"e ;8 the other computers in 8our networ'. :he t8pe o* share 8ou create depends upon the operatin% s8stemJsK runnin% in 8our networ'I AFP S"aresI the App"e !i"e ?rotoco" JA!?K t8pe o* share is the ;est choice i* a"" o* 8our computers run Mac ,S 9. &IFS S"aresI the Common Internet !i"e S8stem JCI!SK t8pe o* share is accessi;"e ;8 0indowsD Mac ,S 9D 7inu5D and S& computersD ;ut it is s"ower than an )!S share due to the sin%"eBthreaded desi%n o* Sam;a. I* 8our networ' contains on"8 0indows s8stemsD this is a %ood choice. Howe-erD it is a poor choice i* the C?U on the !ree)AS3 s8stem is "imitedM i* 8our C?U is ma5ed outD 8ou need to up%rade the C?U or consider another t8pe o* share. NFS S"aresI the )etwor' !i"e S8stem J)!SK t8pe o* share is accessi;"e ;8 Mac ,S 9D 7inu5D S&D and the pro*essiona"@enterprise -ersions Jnot the home editionsK o* 0indows. It is a %ood choice i* there are man8 di**erent operatin% s8stems in 8our networ'. &ependin% upon the operatin% s8stemD it ma8 require the insta""ation or con*i%uration o* c"ient so*tware on the des'top. I* 8ou are "oo'in% *or a so"ution that a""ows *ast access *rom an8 operatin% s8stemD consider con*i%urin% the !:? ser-ice instead o* a share and use a crossBp"at*orm !:? and *i"e mana%er c"ient app"ication such as !i"e6i""a. FreeNAS 8.0.3 Guide Page 84 of 164

I* data securit8 is a concern and 8our networ'1s users are *ami"iar with SSH command "ine uti"ities or 0inSC?D consider con*i%urin% the SSH ser-ice instead o* a share. It wi"" ;e s"ower than unencr8pted !:? due to the o-erhead o* encr8ptionD ;ut the data passin% throu%h the networ' wi"" ;e encr8pted. N2)3: whi"e the 4UI wi"" "et 8ou do itD it is a ;ad idea to share the same -o"ume usin% mu"tip"e t8pes o* access methods. &i**erent t8pes o* shares and ser-ices use di**erent *i"e "oc'in% methods. !or e5amp"eD i* the same -o"ume is con*i%ured to use ;oth )!S and !:?D )!S wi"" "oc' a *i"e *or editin% ;8 an )!S userD ;ut a !:? user can simu"taneous"8 edit or de"ete that *i"e. :his wi"" resu"t in "ost edits and con*used users. Another e5amp"eI i* a -o"ume is con*i%ured *or ;oth A!? and CI!SD 0indows users ma8 ;e con*used ;8 the e5tra *i"enames used ;8 Mac *i"es and de"ete the ones the8 don1t understandM this wi"" corrupt the *i"es on the A!? share. In other wordsD pic' the one t8pe o* share or ser-ice that ma'es the most sense *or the t8pes o* c"ients that wi"" access that -o"umeD and con*i%ure that -o"ume *or that one t8pe o* share or ser-ice.

(.1

AFP S"ares

!ree)AS3 uses A!? JApp"e !i"in% ?rotoco"K to share data with App"e s8stems. Con*i%urin% A!? shares is a mu"tiBstep process that requires 8ou to create users and %roupsD set -o"ume@dataset permissionsD create 8our A!? shareJsKD con*i%ure the A!? ser-ice in Ser-ices BR A!?D then ena;"e the A!? ser-ice in Ser-ices BR Contro" Ser-ices. :his section shows the con*i%uration screen *or creatin% the A!? share and demonstrates how to connect *rom a Mac ,S 9 c"ient once the A!? ser-ice has started.

(.1.1

&reating AFP S"ares

I* 8ou c"ic' Sharin% BR A!? Shares [ Add A!? ShareD 8ou wi"" see the screen shown in !i%ure ..1a. :a;"e ..1a summari6es the a-ai"a;"e options when creatin% an A!? share.

FreeNAS 8.0.3 Guide

Page 8$ of 164

Figure (.1a: &reating an AFP S"are

)a' e (.1a: AFP S"are &onfiguration 2#tions Setting 6escri#tion -o"ume name that wi"" appear in the Mac computer1s Sconnect to )ame strin% ser-erT dia"o%ueM "imited to 2. characters and can not contain a period Share Comment strin% optiona" ?ath ;rowse ;utton ;rowse to the -o"ume@dataset to share Share password strin% recommendedM ma5imum o* 8 characters Share Character strin% e5amp"es inc"ude U:!8 and IS,Z88(9B1( Set comma de"imited "ist o* a""owed users and@or %roups where A""ow 7ist strin% %roupname ;e%ins with a \ comma de"imited "ist o* denied users and@or %roups where &en8 7ist strin% %roupname ;e%ins with a \ comma de"imited "ist o* users and@or %roups who on"8 ha-e read ReadBon"8 Access strin% access where %roupname ;e%ins with a \ FreeNAS 8.0.3 Guide Page 86 of 164 :a ue

Setting ReadBwrite Access &is' &isco-er8 &is' disco-er8 mode &ata;ase ?ath Cache C)I&

:a ue strin% chec' ;o5 dropBdown menu strin% chec';o5

6escri#tion comma de"imited "ist o* users and@or %roups who ha-e read and write access where %roupname ;e%ins with a \ ena;"e i* there is no &)S record *or the !ree)AS3 s8stem de*au"t or :ime Machine JApp"e1s ;ac'up uti"it8K ;8 de*au"tD the C)I& data;ases used ;8 A!? are "ocated the root o* the -o"ume i* chec'edD A!? uses the I& in*ormation stored in App"e&ou;"e header *i"es to reduce data;ase "oadM do not set this option i* the -o"ume is modi*ied ;8 nonBA!? c"ients Je.%. )!S or CI!SK i* ena;"edD A!? wi"" automatica""8 con-ert Macintosh "ine ;rea's into Uni5 onesM some o"der pro%rams store ;inar8 data *i"es as t8pe P:<9:P when sa-in% and switch the *i"e t8pe in a second step and ena;"in% this chec';o5 wi"" ;rea' those *i"es *orces *i"ename restrictions imposed ;8 o"der -ersions o* 0indowsM it is ),: recommended *or -o"umes main"8 used ;8 Macs as it ;rea's some the a;i"it8 o* some app"ications to sa-e *i"es Je.%. ,**ice9K *orces A!? to not create .App"e&ou;"e directories when a nonBMac c"ient sa-es a *i"eM 8ou can1t a-oid the creation o* .App"e&ou;"e directories when a Mac c"ient writes so tr8 to a-oid this option whene-er possi;"e ena;"e when the de-ice num;er is not constant across a re;oot i* ena;"edD A!? wi"" not ad-ertise create*i"eidD reso"-eidD and de"eteid ca""s i* this ;o5 is chec'edD A!? disa;"es Ihe5 trans"ations *or an8thin% e5cept dot *i"esM this option ma'es the @ character i""e%a" i* chec'edD pro-ides compati;i"it8 with App"e II c"ients i* chec'edD A!? won1t stat the -o"ume path when enumeratin% the -o"umes "istM use*u" *or automountin% or -o"umes created ;8 a pree5ec script do not ena;"e i* networ' contains Mac ,S 9 1#.$ c"ients as the8 do not support this

:rans"ate CR@7! chec';o5

0indows !i"e )ames

chec';o5

)o .App"e&ou;"e chec';o5 /ero &e-ice )um;ers &isa;"e !i"e I& &isa;"e Ihe5 )ames ?ro&,S )o Stat A!?3 ?ri-s U)I9

chec';o5 chec';o5 chec';o5 chec';o5 chec';o5 chec';o5

(.1.2

&onnecting to AFP S"ares As Guest

A!? supports %uest "o%insD meanin% that a"" o* 8our Mac ,S 9 users can access the A!? share without ha-in% to *irst create user accounts on the !ree)AS3 s8stem or a /!S dataset *or each user. In this con*i%uration e5amp"eD the A!? share has ;een con*i%ured *or %uest access as *o""owsI FreeNAS 8.0.3 Guide Page 8( of 164

1. A /!S -o"ume named -mnt-data has its permissions set to the no!ody user account and the no!ody %roup. 2. An A!? share with a )ame o* freenas has ;een created with a ?ath o* -mnt-dataD a Share ?assword has ;een setD the A""ow 7ist is set to no!ody and ReadBwrite Access has ;een set to no!ody. :he &is' &isco-er8 chec';o5 has ;een chec'ed and the I? address o* the !ree)AS3 s8stem is 192.1+8.2.2. 3. :he Ser-ices BR A!? has ;een con*i%ured as *o""owsI Ser-er )ame is freenasD the 4uest Access chec';o5 is chec'edD no!ody is se"ected in the 4uest account dropBdown menuD and the 7oca" Access chec';o5 is unchec'ed. ,nce the A!? ser-ice has ;een started in Ser-ices BR Contro" Ser-icesD Mac ,S 9 users can connect to the A!? share ;8 c"ic'in% 4o BR Connect to Ser-er. In the e5amp"e shown in !i%ure ..1;D the user has input af+, *o""owed ;8 the I? address o* the !ree)AS3 s8stem. Figure (.1': &onnect to Ser+er 6ia ogue

C"ic' the Connect ;utton and a "o%in ;o5D seen in !i%ure ..1cD wi"" appear. Since a password has ;een con*i%ured *or this A!? shareD the user must input the share password Ji.e. not their own passwordK. ,nce connectedD !inder wi"" automatica""8 open. :he name o* the A!? share wi"" ;e disp"a8ed in the SHAR<& section in the "e*t *rame and the contents o* the share wi"" ;e disp"a8ed in the ri%ht *rame. In the e5amp"e shown in !i%ure ..1dD -mnt-data has one *o"der named ima%es. :he user can now cop8 *i"es to and *rom the share. :o disconnect *rom the -o"umeD c"ic' the eGect ;utton in the Shared side;ar.

FreeNAS 8.0.3 Guide

Page 88 of 164

Figure (.1c: Aut"enticating to t"e AFP S"are

Figure (.1d: :ie-ing t"e &ontents of t"e S"are Fro0 a 1ac S*ste0

FreeNAS 8.0.3 Guide

Page 84 of 164

(.1.3

!sing )i0e 1ac"ine

Mac ,S 9 inc"udes :ime Machine which can ;e used to schedu"e automatic ;ac'ups. In this con*i%uration e5amp"eD :ime Machine wi"" ;e con*i%ured to ;ac'up to an A!? share on a !ree)AS3 s8stem. :o con*i%ure the A!? share on the !ree)AS3 s8stemI 1. A /!S dataset named -mnt-data-!a*ku+1user1 with a quota o* +#4 was created in Stora%e BR Create /!S &ataset. 2. A user account was created as *o""owsI Username o* user1D ?rimar8 4roup I& was "e*t empt8D Home &irector8 o* -mnt-data-!a*ku+1user1D and the !u"" )ameD <Bmai"D and ?assword *ie"ds were set. :he Username and ?assword o* the created account match the -a"ues on the Mac ,S 9 s8stem. 3. An A!? share with a )ame o* !a*ku+1user1 has ;een created with a ?ath o* -mnt-data-!a*ku+1user1D the A""ow 7ist is set to user1 and ReadBwrite Access has ;een set to user1. :he &is' &isco-er8 chec';o5 has ;een chec'edD the &is' &isco-er8 mode is set to ?ime 5a*hine and the I? address o* the !ree)AS3 s8stem is 192.1+8.2.2. $. Ser-ices BR A!? has ;een con*i%ured as *o""owsI Ser-er )ame is freenasD the 4uest Access chec';o5 is unchec'edD and the 7oca" Access chec';o5 is chec'ed. (. :he A!? ser-ice has ;een started in Ser-ices BR Contro" Ser-ices. :o con*i%ure :ime Machine on the Mac ,S 9 c"ientD %o to S8stem ?re*erences BR :ime Machine which wi"" open the screen shown in !i%ure ..1e. C"ic' ,) and a popBup menu shou"d show the !ree)AS3 s8stem as a ;ac'up option. In our e5amp"eD it is "isted as !a*ku+1user1 on @freenas@. Hi%h"i%ht the entr8 representin% the !ree)AS3 s8stem and c"ic' the Use ac'up &is' ;utton. A connection ;ar wi"" open and wi"" prompt 8ou *or the user account1s passwordBBin this e5amp"eD the password *or the user1 account. :ime Machine wi"" create a *u"" ;ac'up a*ter waitin% two minutes. It wi"" then create a one hour incrementa" ;ac'up *or the ne5t 2$ hoursD and then one ;ac'up each da8D each wee' and each month. Since the o"dest ;ac'ups are de"eted when the /!S dataset ;ecomes *u""D ma'e sure that the quota si6e 8ou set is su**icient to ho"d the ;ac'ups. )ote that a de*au"t insta""ation o* Mac ,S 9 is N214 in si6e. I* 8ou recei-e a P:ime Machine cou"d not comp"ete the ;ac'up. :he ;ac'up dis' ima%e cou"d not ;e created Jerror $(KP error when ;ac'in% up to the !ree)AS3 s8stemD 8ou wi"" need to create a sparse;und"e ima%e usin% these instructions.

FreeNAS 8.0.3 Guide

Page 40 of 164

Figure (.1e: &onfiguring )i0e 1ac"ine on 1ac 2S D Bion

(.2

&IFS S"ares

!ree)AS3 uses Sam;a to share -o"umes usin% Microso*t1s CI!S protoco". CI!S is ;ui"t into the 0indows and Mac ,S 9 operatin% s8stems and most 7inu5 and S& s8stems preBinsta"" the Sam;a c"ient Jwhich pro-ides CI!SK. I* 8our distro did notD chec' 8our distro1s so*tware repositor8 to insta"" the Sam;a c"ient. Con*i%urin% CI!S shares is a mu"tiBstep process that requires 8ou to set permissionsD create CI!S shareJsKD con*i%ure the CI!S ser-ice in Ser-ices BR CI!SD then ena;"e the CI!S ser-ice in Ser-ices BR Contro" Ser-ices. I* 8our 0indows networ' has a 0indows ser-er runnin% Acti-e &irector8D 8ou wi"" a"so need to con*i%ure the Acti-e &irector8 ser-ice in Ser-ices BR Acti-e &irector8. &ependin% upon 8our authentication requirementsD 8ou ma8 a"so need to create users and %roups. :his section wi"" demonstrate some common con*i%uration scenariosI I* 8ou wou"d "i'e an o-er-iew o* the con*i%ura;"e parametersD see section ..2.1 Creatin% CI!S Shares. I* 8ou wou"d "i'e an e5amp"e o* how to con*i%ure access that does not require authenticationD see section ..2.2 Con*i%urin% Anon8mous Access. I* 8ou wou"d "i'e each user to authenticate ;e*ore accessin% the shareD see section ..2.3 Page 41 of 164

FreeNAS 8.0.3 Guide

Con*i%urin% 7oca" User Access. I* 8ou are ha-in% pro;"ems accessin% 8our CI!S shareD see :rou;"eshootin% :ips.

(.2.1

&reating &IFS S"ares

!i%ure ..2a shows the con*i%uration screen that appears when 8ou c"ic' Sharin% BR CI!S Shares BR Add CI!S Share. :a;"e ..2a summari6es the options when creatin% a CI!S share. :he -a"ues 8ou use wi"" -ar8 ;8 con*i%uration e5amp"e. I* 8ou wish some *i"es on a shared -o"ume to ;e hidden and inaccessi;"e to usersD put a +eto fi esC "ine in the Au5i"iar8 ?arameters *ie"d. :he s8nta5 *or this "ine and some e5amp"es can ;e *ound here. I* 8ou ha-e created mu"tip"e CI!S shares that contain s8m;o"ic "in's pointin% to each otherD add the *o""owin% "ines to Au5i"iar8 ?arameters so that CI!S c"ients can *o""ow the "in'sI
unix extensions = no follow symlinks = yes wide links = yes

Figure (.2a: Adding a &IFS S"are

FreeNAS 8.0.3 Guide

Page 42 of 164

)a' e (.2a: 2#tions for a &IFS S"are Setting )ame Comment ?ath <5port Read ,n"8 rowsa;"e to )etwor' C"ients ,wner 4roup :a ue strin% strin% ;rowse ;utton chec';o5 chec';o5 chec';o5 6escri#tion mandator8M name o* share e.%. Mo-ies optiona" se"ect -o"ume@dataset to share prohi;its write access to the share ena;"es 0indows c"ients to ;rowse the shared director8 usin% 0indows <5p"orer i* "e*t unchec'edD the owner1s %roup is ta'en *rom the "o%%ed in user o* the share i* chec'edD permissions on new *i"es and directories are inherited *rom parent director8 de"eted *i"es are mo-ed to a rec8c"e director8 instead o* ;ein% de"eted wi"" disp"a8 hidden *i"es account to use *or %uest access %uest user wi"" not ;e required to "o%in in order to access the share *orces %uest access commaD spaceD or ta; de"imited "ist o* a""owed hostnames or I? addresses commaD spaceD or ta; de"imited "ist o* denied hostnames or I? addressesM a""owed hosts ta'e precedence so can use A77 here and speci*8 a""owed hosts in Hosts A""ow add additiona" sm;.con* parameters not co-ered ;8 other option *ie"ds

Inherit chec';o5 ?ermissions <5port Rec8c"e chec';o5 in Show Hidden !i"es chec';o5 dropBdown 4uest Account menu A""ow 4uest chec';o5 Access ,n"8 A""ow 4uest chec';o5 Access Hosts A""ow Hosts &en8 Au5i"iar8 ?arameters strin% strin% strin%

(.2.2

&onfiguring Anon*0ous Access

I* 8ou wou"d "i'e to share a -o"ume with a"" o* the users in 8our networ' without requirin% them to input a passwordD 8ou can con*i%ure anon8mous CI!S sharin%. :he *o""owin% steps are needed *or this t8pe o* con*i%urationI 1. &reate a +o u0e in Stora%e BR >o"umes BR Create >o"ume. 2. &reate a guest user account in Account BR Users BR Add User. In the screen shown in !i%ure ..2;D input the username o* guestD input the name o* the -o"ume 8ou created as the home director8 Jin this e5amp"eD -mnt-sharedKD input a description in the *u"" name Jin this e5amp"eD *ifs anon a**essKD chec' the disa;"e "o%ins ;o5D and c"ic' ,2 to create the account.

FreeNAS 8.0.3 Guide

Page 43 of 164

Figure (.2': &reating a Guest Account for Anon*0ous Access

3. Associate t"e guest account -it" t"e +o u0e in Stora%e BR >o"umes. C"ic' the -o"ume1s name then Chan%e ?ermissions. In the screen shown in !i%ure ..2cD se"ect %uest as the ownerJuserK and ownerJ%roupKD chec' the permissions that are appropriate to 8our networ'D and chec' the set permissions recursi-e"8 ;o5. I* nonB0indows s8stems wi"" ;e accessin% the CI!S shareD "ea-e the t8pe o* permissions as Uni5. ,n"8 chan%e the t8pe o* permissions to 0indows i* the share is on"8 accessed ;8 0indows s8stems. 4. &reate a &IFS s"are in Sharin% BR CI!S Shares BR Add CI!S Share. In the screen shown in !i%ure ..2dD input a name *or the share Jin this e5amp"eD windowsKD input a comment Jin this e5amp"eD anon accessKD ;rowse to the path o* the -o"ume Jin this e5amp"eD @mnt@sharedKD se"ect %uest as the %uest accountD chec' the ;o5es A""ow 4uest Access and ,n"8 A""ow 4uest AccessD input the networ' address Jin this e5amp"e 192.1+8.2.#@2$ wi"" on"8 a""ow hosts in the address ran%e *rom 192.1+8.2.1 to 192.1+8.2.2($KD and c"ic' ,2 to create the share. I* 8ou ha-e speci*ic hosts on 8our networ' that 8ou wou"d "i'e to e5c"udeD 8ou can add them in the hosts den8 section. Eou can add a speci*ic I? address Je.%. 192.1+8.2..KD one address per "ineD or speci*ic su;nets J*or e5amp"eD 192.1+8.2.32@2.K. $. &onfigure t"e &IFS ser+ice in Ser-ices BR CI!S. In the screen shown in !i%ure ..2eD se"ect Anonymous as the authentication mode"D se"ect guest as the %uest accountD chec' the ;o5es A((o9 Anonymous A**ess, <n(y A((o9 Anonymous A**ess, A((o9 6m+ty Aass9ord, and 6na!(e Bome Dire*toriesD ;rowse to the -o"ume name under home directoriesD and c"ic' ,2.

FreeNAS 8.0.3 Guide

Page 44 of 164

Figure (.2c: Associating t"e Guest Account -it" t"e :o u0e

Figure (.2d: &reating t"e &IFS S"are

FreeNAS 8.0.3 Guide

Page 4$ of 164

6. Start t"e &IFS ser+ice in Ser-ices BR Contro" Ser-ices. C"ic' the c"ic' the red ,!! ;utton ne5t to CI!S. A*ter a second or soD it wi"" chan%e to a ;"ue ,) D indicatin% that the ser-ice has ;een ena;"ed. (. )est t"e connection. :o test *rom a 0indows s8stemD open <5p"orerD c"ic' on )etwor' and 8ou shou"d see an icon named !R<<)AS. Since anon8mous access has ;een con*i%uredD 8ou shou"d not ;e prompted *or a username or password in order to see the share. An e5amp"e is seen in !i%ure ..2*. I* 8ou c"ic' on the !R<<)AS iconD 8ou can -iew the CI!S share that 8ou created in step $. :o pre-ent 0indows <5p"orer *rom han%in% when accessin% the shareD map the share as a networ' dri-e. :o do thisD ri%htBc"ic' the share and se"ect PMap networ' dri-e...P as seen in !i%ure ..2%. Figure (.2e: &onfiguring &IFS Ser+ice for Anon*0ous Access

FreeNAS 8.0.3 Guide

Page 46 of 164

Figure (.2f: Accessing t"e &IFS S"are fro0 a ;indo-s &o0#uter

Figure (.2g: 1a##ing t"e S"are as a Net-or7 6ri+e

FreeNAS 8.0.3 Guide

Page 4( of 164

Choose a dri-e "etter *rom the dropBdown menu and c"ic' the !inish ;utton as shown in !i%ure ..2h. Figure (.2": Se ecting t"e Net-or7 6ri+e Better

(.2.3

&onfiguring Boca !ser Access

I* 8ou wou"d "i'e each user to authenticate ;e*ore accessin% the CI!S shareD 8ou need to con*i%ure "oca" user access as *o""owsI 1. &reate a user account for eac" user in Account BR Users BR Add User that matches their username and password on the c"ient s8stem. In the screen shown in !i%ure ..2iD the Username is user1 and the Home &irector8 points to the /!S -o"ume -mnt-test1. 0hen settin% the username and passwordD use -a"ues that match e5istin% user accounts that wi"" ;e accessin% the CI!S shareM *or e5amp"eD use the e5istin% 0indows "o%in names and passwords. Repeat this process to create a user account *or e-er8 user that wi"" need access to the CI!S share. FreeNAS 8.0.3 Guide Page 48 of 164

Figure (.2i: &reating a !ser Account

2. &reate a grou# in Account BR 4roups BR Add 4roup. ,nce the %roup is createdD c"ic' its Mem;ers ;utton and add the user accounts that 8ou created in step 1. In the e5amp"e shown in !i%ure ..2GD the user accounts user1 and user2 are ;ein% added to the %roup 9indo9s. 3. Gi+e t"e grou# #er0ission to t"e +o u0e in Stora%e BR >iew A"" >o"umes. In the e5amp"e shown in !i%ure ..2'D the -mnt-test1 -o"ume is set to the user no!odyD the %roup 9indo9sD and the write chec';o5 *or 4roup has ;een chec'ed as it is o** ;8 de*au"t. Ma'e sure that 8ou set the permissions on the -o"ume that is the home director8 *or the users that 8ou added to the %roup. 4. &reate a &IFS s"are in Sharin% BR CI!S Shares BR Add CI!S Share. In the e5amp"e shown in !i%ure ..2"D the )ame o* the share is ;ac'ups the ?ath points to the /!S -o"ume @mnt@test1 and the rowsa;"e to )etwor' C"ients ;o5 is chec'ed. N2)3: 'e care*u" a;out unchec'in% the rowsa;"e to )etwor' C"ients ;o5. 0hen this ;o5 is chec'ed Jthe de*au"tKD other users wi"" see the names o* e-er8 share that e5ists usin% 0indows <5p"orerD ;ut the8 wi"" recei-e a permissions denied error messa%e i* the8 tr8 to access someone e"se1s share. I* this ;o5 is unchec'edD e-en the owner o* the share won1t see it or ;e a;"e to create a dri-e mappin% *or the share in 0indows <5p"orer. :he8 can sti"" access the share *rom the command "ineD so this option ma8 ;e desira;"e in networ's where securit8 is a concern and where users are com*orta;"e usin% the command "ine.

FreeNAS 8.0.3 Guide

Page 44 of 164

Figure (.2J: &reate a Grou#

Figure (.27: Gi+e t"e Grou# Per0issions to t"e :o u0e

FreeNAS 8.0.3 Guide

Page 100 of 164

Figure (.2 : &reating t"e &IFS S"are

$. &onfigure t"e &IFS ser+ice in Ser+ices ?L &IFS as fo o-s: to ensure that the user is prompted to authenticateD se"ect 7oca" User as the Authentication Mode" chan%e the 0or'%roup name to that ;ein% used on the 0indows networ'M un"ess it has ;een chan%ed ;8 the administratorD the de*au"t wor'%roup name is 0,R24R,U? 6. Start t"e &IFS ser+ice in Ser-ices BR Contro" Ser-ices. C"ic' the c"ic' the red ,!! ;utton ne5t to CI!S. A*ter a second or soD it wi"" chan%e to a ;"ue ,) D indicatin% that the ser-ice has ;een ena;"ed. N2)3: i* 8ou ma'e chan%es in an8 o* these steps a*ter startin% the CI!S ser-iceD 8ou shou"d restart the CI!S ser-ice to ma'e sure that the chan%es are app"ied. (. )est t"e connection. :o test *rom a 0indows s8stemD open <5p"orerD and c"ic' on )etwor'. !or this con*i%uration e5amp"eD a s8stem named F#66NAS shou"d appear with a share named !a*ku+s. I* 8ou c"ic' on !a*ku+sD a 0indows Securit8 popBup screen wi"" prompt *or the user1s username and password. ,nce authenticated the user can cop8 data to and *rom the CI!S share. N2)3: since the share is %roup writa;"eD an8 authenticated user can chan%e the data in the share. I* 8ou wish to setup shares where a %roup o* users ha-e access to some *o"ders ;ut on"8 indi-idua"s ha-e access to other *o"ders Jwhere a"" these *o"ders reside on the same -o"umeKD 8ou wi"" need to create these directories and set their permissions at the conso"e. Instructions *or doin% so can ;e *ound at the *orum post Set ?ermission to a""ow users to share a common *o"der ] ha-e pri-ate persona" *o"der. FreeNAS 8.0.3 Guide Page 101 of 164

(.3

NFS S"ares

!ree)AS3 supports the )etwor' !i"e S8stem J)!SK *or sharin% -o"umes o-er a networ'. ,nce the )!S share is con*i%uredD c"ients use the 0ount command to mount the share. ,nce mountedD the share appears as Gust another director8 on the c"ient s8stem. Some 7inu5 distros require the insta""ation o* additiona" so*tware in order to mount an )!S share. 0indows s8stems ma8 need to *irst ena;"e Ser-ices *or )!S. N2)3: Ser-ices *or )!S is on"8 a-ai"a;"e in the U"timate or <nterprise editions o* 0indows. Con*i%urin% )!S is a mu"tiBstep process that requires 8ou to create )!S shareJsKD con*i%ure )!S in Ser-ices BR )!SD then start )!S in Ser-ices BR Contro" ?ane". It does not require 8ou to create users or %roups as )!S uses I? addresses to determine which s8stems are a""owed to access the )!S share.

(.3.1

&reating NFS S"ares

I* 8ou c"ic' Sharin% BR )!S Shares [ Add )!S Share 8ou1"" see the screen shown in !i%ure ..3a. :a;"e ..3a summari6es the options in this screen. Figure (.3a: &reating an NFS S"are

FreeNAS 8.0.3 Guide

Page 102 of 164

)a' e (.3a: NFS S"are 2#tions Setting Comment ?ath Authori6ed networ' :a ue strin% ;rowse ;utton 6escri#tion optiona" se"ect -o"ume@dataset to share comma de"imited "ist o* a""owed I? addresses and@or networ' addresses in the *orm 1.2.3.#@2$ where the num;er a*ter the s"ash is a CI&R mas'M i* 8ou need to input networ' addresses with di**erent CI&R mas'sD create mu"tip"e shares pointin% to the same -o"ume@datasetD one *or each mas' a""ows the c"ient to mount at an8 point within the -o"ume1s *i"e s8stem prohi;its writin% to the -o"ume inhi;its some s8s"o% dia%nostics which can ;e use*u" to a-oid anno8in% error messa%es *or 'nown possi;"e pro;"emsM see e5portsJ(K *or e5amp"es i* "e*t at )@AD the root user wi"" not ;e a;"e to modi*8 *i"es on the )!S shareM i* a user is se"ectedD the root user is "imited to that user1s permissions i* speci*iedD the root user wi"" a"so ;e "imited to that %roup1s permissions Jin addition to the maproot userK the speci*ied user Jand their permissionsK is used ;8 a"" c"ients the speci*ied %roup Jand its permissionsK is used ;8 a"" c"ients

strin%

A"" directories chec';o5 Read on"8 Auiet chec';o5 chec';o5

Maproot User dropBdown menu Maproot 4roup dropBdown menu Mapa"" User dropBdown menu Mapa"" 4roup dropBdown menu

N2)3: the Maproot and Mapa"" options are e5c"usi-eD meanin% 8ou can on"8 use one or the otherBBthe 4UI wi"" not "et 8ou use ;oth. I* 8ou on"8 wish to restrict the root user1s permissionsD set the Maproot option. I* 8ou wish to restrict the permissions o* a"" usersD set the Mapa"" option. (.3.2 Sa0# e NFS S"are &onfiguration

8 de*au"t the Mapa"" options shown in !i%ure ..3a show as )@A. :his means that when a user connects to the )!S shareD the8 connect with the permissions associated with their user account. :his is a securit8 ris' i* a user is a;"e to connect as root as the8 wi"" ha-e root access to the share. A ;etter scenario is to do the *o""owin%I 1. Create a user account that is speci*ica""8 used *or )!S access in Account BR Users BR Add User. A"ternate"8D use the ;ui"tBin no!ody account. 2. In the -o"ume that is ;ein% sharedD chan%e the owner and %roup to the )!S user account and set the permissions accordin% to 8our speci*ications. 3. Se"ect the )!S user and its associated %roup in the Mapa"" User and Mapa"" 4roup dropBdown menus *or the share in Sharin% BR )!S Shares. 0ith this con*i%urationD it does not matter what user account is used to connect to the )!S shareD as it wi"" ;e mapped to 8our )!S user account and wi"" on"8 ha-e the permissions associated with that FreeNAS 8.0.3 Guide Page 103 of 164

account. !or e5amp"eD e-en i* the root user is a;"e to connectD it wi"" not ha-e root access to the share. (.3.3 &onnecting to t"e NFS S"are

In the *o""owin% e5amp"esD the )!S share has ;een con*i%ured as *o""owsI 1. A /!S -o"ume named -mnt-data has its permissions set to the no!ody user account and the no!ody %roup. 2. A )!S share has ;een created with a ?ath o* -mnt-dataD an Authori6ed )etwor' o* 172&18%&2&0-2:D and the MapA"" User and MapA"" 4roup o* no!ody. :he A"" &irectories chec';o5 has ;een chec'ed and the I? address o* the !ree)AS3 s8stem is 192.1+8.2.2.

7.3.3.1

From BSD or Lin ! Clients

:o ma'e this share accessi;"e on a S& or a 7inu5 s8stemD run the *o""owin% command as the superuser Jor with sudoK *rom the c"ient s8stem Jrepeat *or each c"ient that needs access to the )!S shareKI mount 192.168.2.2:/mnt/data /mnt :his command shou"d return the superuser to the command prompt without an8 error messa%esD indicatin% that the share was success*u""8 mounted. Users on the c"ient s8stem can now cop8 *i"es to and *rom -mnt and a"" *i"es wi"" ;e owned ;8 no!ody,no!ody. An8 chan%es to -mnt wi"" ;e sa-ed to the !ree)AS3 s8stem1s -mnt-data /!S -o"ume. Shou"d 8ou wish to ma'e an8 chan%es to the )!S share1s settin%s or wish to ma'e the share inaccessi;"eD unmount the share *irst as the superuserI umount /mnt
7.3.3.2 From "i#rosoft Clients

<nterprise -ersions o* 0indows s8stems can connect to )!S shares usin% Ser-ices *or )!S. Connectin% to )!S shares is o*ten *aster than connectin% to CI!S shares due to the sin%"eBthreaded "imitation o* Sam;a. Instructions *or connectin% *rom an <nterprise -ersion o* 0indows . can ;e *ound at Mount 7inu5 )!S Share on 0indows .. I* 8our 0indows c"ient is runnin% a Home <dition o* 0indows .D )e'odri-e pro-ides an open source %raphica" )!S c"ient. :o use this c"ientD 8ou wi"" need to insta""I .6ip to e5tract the .6 *i"es )!SC"ient and )!S7i;rar8 *rom the )e'odri-e down"oad pa%eM once down"oadedD e5tract these *i"es usin% .6ip .)<: !ramewor' $.# Run the )!SC"ient e5ecuta;"e to start the 4UI c"ient. In the e5amp"e shown in !i%ure ..3;D the user has connected to the e5amp"e -mnt-data share o* the !ree)AS3 s8stem at 192.1+8.2.2.

FreeNAS 8.0.3 Guide

Page 104 of 164

Figure (.3': !sing t"e Ne7odri+e NFS& ient fro0 ;indo-s ( %o0e 3dition

7.3.3.3

From "a# $S % Clients

:o mount the )!S -o"ume *rom a Mac ,S 9 c"ientD c"ic' on 4o BR Connect to Ser-er. In the Ser-er Address *ie"dD input nfs,-- *o""owed ;8 the I? address o* the !ree)AS3 s8stem and the name o* the -o"ume@dataset ;ein% shared ;8 )!S. :he e5amp"e shown in !i%ure ..3c continues with our e5amp"e o* 172&18%&2&2,-mnt-data& ,nce connectedD !inder wi"" automatica""8 open. :he I? address o* the !ree)AS3 s8stem wi"" ;e disp"a8ed in the SHAR<& section in the "e*t *rame and the contents o* the share wi"" ;e disp"a8ed in the ri%ht *rame. In the e5amp"e shown in !i%ure ..3dD @mnt@data has one *o"der named ima%es. :he user can now cop8 *i"es to and *rom the share.

FreeNAS 8.0.3 Guide

Page 10$ of 164

Figure (.3c: 1ounting t"e NFS S"are fro0 1ac 2S D

Figure (.3d: :ie-ing t"e NFS S"are in Finder

(.3.4

)rou' es"ooting

Some )!S c"ients do not support the )7M J)etwor' 7oc' Mana%erK protoco" used ;8 )!S. Eou wi"" 'now that this is the case i* the c"ient recei-es an error that a"" or part o* the *i"e ma8 ;e "oc'ed when a *i"e trans*er is attempted. :o reso"-e this errorD use the option ?o no oc7 when runnin% the 0ount FreeNAS 8.0.3 Guide Page 106 of 164

command on the c"ient in order to a""ow write access to the )!S share. I* 8ou recei-e an error a;out a Ptime out %i-in% upP when tr8in% to mount the share *rom a 7inu5 s8stemD ma'e sure that the portmapper ser-ice is runnin% on the 7inu5 c"ient and start it i* it is not. I* portmapper is runnin% and 8ou sti"" recei-e timeoutsD *orce it to use :C? ;8 inc"udin% ?o tc# in 8our 0ount command. I* 8ou recei-e an error PR?CI ?ro%ram not re%isteredPD up%rade to the "atest -ersion o* !ree)AS3 and restart the )!S ser-ice a*ter the up%rade in order to c"ear the )!S cache.

Ser+ices &onfiguration
A!? Acti-e &irector8 CI!S &8namic &)S !:? 7&A? )!S S.M.A.R.:. S)M? SSH :!:? U?S iSCSI Rs8nc

:he Ser-ices section o* the 4UI a""ows 8ou to con*i%ureD startD and stop the -arious ser-ices that ship with the !ree)AS3 s8stem. !ree)AS3 supports the *o""owin% ser-icesI

:his section descri;es the con*i%uration options *or each o* these ser-icesD as we"" as how to start a !ree)AS3 ser-ice.

8.1

&ontro Ser+ices

:he Contro" Ser-ices screenD shown in !i%ure 8.1aD a""ows 8ou to quic'"8 determine which ser-ices are current"8 runnin%D ena;"e@disa;"e ser-icesD and con*i%ure ser-ices.

FreeNAS 8.0.3 Guide

Page 10( of 164

Figure 8.1a: &ontro Ser+ices

:o ena;"e@disa;"e a ser-iceD c"ic' its on@o** icon. :o con*i%ure a ser-iceD c"ic' the wrench icon associated with the ser-ice. :he con*i%uration options *or each ser-ice are descri;ed in the rest o* this section. N2)3: i* 8ou are trou;"eshootin% a ser-iceD %o to S8stem BR Settin%s BR Ad-anced and chec' the ;o5 SShow conso"e messa%es in the *ooter JRequires UI re"oadKT. ,nce 8ou re*resh 8our ;rowserD the conso"e messa%es wi"" show at the ;ottom o* the screen. I* 8ou c"ic' on the conso"eD it wi"" popBup as a scro""ed windowD a""owin% 8ou to scro"" throu%h the output and to cop8@paste messa%es. 0atch these messa%es *or errors when 8ou stop and start the pro;"ematic ser-ice.

8.2

AFP

:he App"e !i"in% ?rotoco" JA!?K is a networ' protoco" that o**ers *i"e ser-ices *or Mac computers. e*ore con*i%urin% this ser-iceD 8ou shou"d *irst create 8our A!? Shares in Sharin% BR A!? Shares BR Add A!? Share. A*ter con*i%urin% this ser-iceD %o to Ser-ices BR Contro" ?ane" to start the ser-ice. FreeNAS 8.0.3 Guide Page 108 of 164

<na;"in% this ser-ice wi"" open the *o""owin% ports on the !ree)AS3 s8stemI X :C? ($8 Ja*pdK X :C? $.99 JcnidUmetadataK X U&? (3(3 and a random U&? port Ja-ahiK !i%ure 8.2a shows the con*i%uration options which are descri;ed in :a;"e 8.2aI Figure 8.2a: AFP &onfiguration

)a' e 8.2a: AFP &onfiguration 2#tions Setting Ser-er )ame 4uest Access :a ue strin% chec';o5 6escri#tion ser-er name that wi"" appear to Mac c"ientsM ;8 de*au"t it is freenas i* chec'edD c"ients wi"" not ;e prompted to authenticate ;e*ore accessin% the A!? share se"ect account to use *or %uest access restricts access to "oca" networ' on"8 ma5imum num;er o* simu"taneous connections

4uest Account dropBdown menu 7oca" Access chec';o5 Ma5 Connections inte%er

8.3

Acti+e 6irector*

Acti-e &irector8 JA&K is a ser-ice *or sharin% resources in a 0indows networ'. It requires a con*i%ured s8stem that is runnin% at "east 0indows Ser-er 2###. I* 8ou wish to share 8our !ree)AS3 CI!S shares with 0indows s8stems in a networ' that does not ha-e a 0indows ser-er runnin% A&D ena;"e and con*i%ure CI!S instead. I* 8our networ' does ha-e a 0indows ser-er runnin% A&D con*i%ure ;oth the Acti-e &irector8 ser-ice and the CI!S ser-ice on the !ree)AS3 s8stem so that FreeNAS 8.0.3 Guide Page 104 of 164

users can authenticate to the 0indows ser-er and ;e authori6ed to access the CI!S shares on the !ree)AS3 s8stem. N2)3: man8 chan%es and impro-ements ha-e ;een made to Acti-e &irector8 support since the re"ease o* !ree)AS3 8.#.1. I* 8ou are not runnin% !ree)AS3 8.#.3BR<7<AS<D 8ou shou"d up%rade ;e*ore attemptin% Acti-e &irector8 inte%ration. e*ore con*i%urin% A&D ma'e sure that 8ou can reso"-e the Acti-e &irector8 domain contro""er *rom the !ree)AS3 s8stem ;8 #ingin% its domain name. In order to do soD 8ou ma8 ha-e to *irst set the networ'1s &)S ser-ers and de*au"t %atewa8 *rom )etwor' BR 4"o;a" Con*i%uration on the !ree)AS3 s8stem. Acti-e &irector8 re"ies on 2er;erosD which is a -er8 time sensiti-e protoco". :his means that the time on ;oth the !ree)AS3 s8stem and the Acti-e &irector8 &omain Contro""er can not ;e out o* s8nc ;8 more than a *ew minutes. :he ;est wa8 to ensure that the same time is runnin% on ;oth s8stems is to con*i%ure ;oth s8stems toI use the same ):? ser-er Jset in S8stem BR Settin%s BR 4enera" on the !ree)AS3 s8stemK ha-e the same time6one ;e set to either "oca"time or uni-ersa" time at the I,S "e-e" ,nce 8ou ha-e con*i%ured the CI!S and Acti-e &irector8 ser-icesD remem;er to start them in Ser-ices BR Contro" Ser-ices. It ma8 ta'e a *ew minutes *or the Acti-e &irector8 in*ormation to ;e popu"ated to the !ree)AS3 s8stem. ,nce popu"atedD the A& users and %roups wi"" ;e a-ai"a;"e in the dropBdown menus o* the permissions screen o* a -o"ume@dataset. N2)3: 8our !ree)AS3 s8stem ma8 not show up in Acti-e &irector8 unti" 8ou add a &)S record *or the !ree)AS3 s8stem on the 0indows ser-er. !i%ure 8.3a shows the Acti-e &irector8 Con*i%uration screen and :a;"e 8.3a descri;es the con*i%ura;"e options.

FreeNAS 8.0.3 Guide

Page 110 of 164

Figure 8.3a: &onfiguring Acti+e 6irector*

)a' e 8.3a: Acti+e 6irector* &onfiguration 2#tions Setting &omain Contro""er )ame &omain )ame Host )ame 0or'%roup )ame :a ue strin% strin% strin% strin% 6escri#tion I? address or hostname o* 0indows ?&C name o* 0indows ser-er1s &)S rea"m hostname o* !ree)AS3 s8stem name o* 0indows ser-er1s wor'%roup J*or o"der Microso*t c"ientsK name o* the Acti-e &irector8 Administrator account password *or the Acti-e &irector8 Administrator account

Administrator )ame strin% Administrator ?assword strin%

Eou can -eri*8 which Acti-e &irector8 users and %roups ha-e ;een imported to the !ree)AS3 s8stem at the !ree)AS3 command "ineI
wbinfo -u (to view users) wbinfo -g(to view groups)

I* no users or %roups are "isted in the output o* those commandsD these commands wi"" pro-ide more trou;"eshootin% in*ormationI
getent passwd

FreeNAS 8.0.3 Guide

Page 111 of 164

getent group

8.3.1

)rou' es"ooting )i#s

I* 8ou are runnin% A& in a 2##3@2##8 mi5ed domainD see this *orum post *or instructions on how to pre-ent the secure channe" 'e8 *rom ;ecomin% corrupted. In some "ar%e domainsD cachin% user data appears to sta"" the !ree)AS3 4UI or *ai"s to popu"ate the user cache on the ?&C. I* this occurs in a mu"tiBtiered *orestD speci*8 a((o9 trusted domains C no in the au5i"iar8 parameters *ie"d o* Sharin% BR CI!S Shares. :he 7&A? code uses &)S to determine the "ocation o* the domain contro""ers and %"o;a" cata"o% ser-ers in the networ'. Use the "ost ?t sr+ 8 da#.8tc#.do0ainna0e.co0 command to determine the networ'1s SR> records andD i* necessar8D chan%e the wei%ht and@or priorit8 o* the SR> record to re*"ect the *astest ser-er. More in*ormation a;out SR> records can ;e *ound in the :echnet artic"e How &)S Support *or Acti-e &irector8 0or's. I* the cache ;ecomes out o* s8nc due to an A& ser-er ;ein% ta'en o** and ;ac' on"ineD res8nc the cache usin% S8stem BR Settin%s BR Ad-anced BR Re;ui"d 7&A?@A& Cache.

8.4

&IFS

:he Common Internet !i"e S8stem JCI!SK is a networ' protoco" that o**ers *i"e ser-ices *or Jt8pica""8K 0indows computers. !ree)AS3 uses Sam;a to pro-ide CI!S capa;i"it8 without the need *or a 0indows ser-er in the networ'. U)I9B"i'e s8stems that pro-ide a CI!S c"ient can a"so connect to CI!S shares. e*ore con*i%urin% this ser-iceD 8ou shou"d *irst create 8our CI!S Shares in Sharin% BR CI!S Shares BR Add CI!S Share. A*ter con*i%urin% this ser-iceD %o to Ser-ices BR Contro" ?ane" to start the ser-ice. N2)3: a*ter startin% the CI!S ser-iceD it ma8 ta'e se-era" minutes *or the master ;rowser e"ection to occur and *or the !ree)AS3 s8stem to ;ecome a-ai"a;"e in 0indows <5p"orer. Startin% this ser-ice wi"" open the *o""owin% ports on the !ree)AS3 s8stemI :C? 139 Jsm;dK :C? $$( Jsm;dK U&? 13. Jnm;dK U&? 138 Jnm;dK

!i%ure 8.$a shows the con*i%uration options which are descri;ed in :a;"e 8.$a. :his con*i%uration screen is rea""8 a *rontBend to sm;.con*.

FreeNAS 8.0.3 Guide

Page 112 of 164

Figure 8.4a: &onfiguring &IFS

)a' e 8.4a: &IFS &onfiguration 2#tions Setting Authentication Mode" )et I,S )ame 0or'%roup &escription &,S Charset U)I9 Charset 7o% 7e-e" :a ue dropBdown menu strin% strin% strin% dropBdown menu dropBdown menu dropBdown menu 6escri#tion anon8mous or "oca" userM i* se"ect "oca" userD user accounts must e5ist on !ree)AS3 s8stem and shou"d match the username@password o* 0indows accounts needin% access to the share as the user wi"" ;e required to authenticate ;e*ore accessin% the share must ;e "owercase and shou"d ;e same as hostname must match 0indows wor'%roup nameM de*au"t is 0,R24R,U? optiona" the character set Sam;a uses when communicatin% with &,S and 0indows 95@Me c"ientsM de*au"t is C?$3. de*au"t is U:!B8D which is *ine *or most s8stems and co-ers a"" characters in a"" "an%ua%es choices are minimumD norma"D *u""D or de;u%

FreeNAS 8.0.3 Guide

Page 113 of 164

Setting 7oca" Master

:a ue chec';o5

:ime Ser-er 4uest Account

chec';o5 dropBdown menu

6escri#tion determines whether or not the !ree)AS3 s8stem participates in a ;rowser e"ectionM shou"d ;e disa;"ed when networ' contains an A& or 7&A? ser-er and is not necessar8 i* 0indows >ista@. machines are present determines whether or not the !ree)AS3 s8stem ad-ertises itse"* as a time ser-er to 0indows c"ients account to ;e used *or %uest access i* chec'edD the %uest account is not prompted to authenticate in order to access the CI!S share i* chec'edD a"" access is throu%h the %uest account and su;Gect to its permissions o-errides de*au"t *i"e creation mas' o* #+++ which creates *i"es with read and write access *or e-er8;od8 o-errides de*au"t director8 creation mas' o* #... which %rants director8 readD write and e5ecute access *or e-er8;od8 determines whether or not the !ree)AS3 s8stem supports +$' streamin% read@write requests introduced with 0indows 2### and which can impro-e per*ormance ;8 1#Q with 0indows 2### c"ients newer 0indows -ersions support the more e**icient send*i"e s8stem ca"" which ma'es Sam;a *aster ena;"es e5tended attri;utes a""ows a user who has write access to a *i"e to modi*8 the permissionsD e-en i* not the owner o* the *i"e i* chec'edD users can Gust press enter when prompted *or a passwordM requires that the username@password ;e the same *or the !ree)AS3 user account and the 0indows user account sm;.con* options not co-ered e"sewhere in this screenM see the Sam;a 4uide *or additiona" settin%s i* chec'edD a *o"der with the same name as the user account wi"" ;e created *or each user users can ;rowse J;ut not write toK other users1 home directories se"ect -o"ume@dataset where the home directories wi"" ;e created ena;"es as8nchronous I@, in !ree)AS3 -ersions 8.#.3BR<7<AS< and hi%herM i* CI!S seems s"owD tr8 disa;"in% this settin% and@or twea'in% the minimum AI, read and write si6es i* set to nonB6ero -a"ueD Sam;a wi"" read *rom *i"e as8nchronous"8 Page 114 of 164

A""ow %uest access chec';o5 ,n"8 a""ow %uest access !i"e mas' &irector8 mas' chec';o5 inte%er inte%er

7ar%e R0 support Send *i"es with send*i"eJ2K <A Support Support &,S !i"e Attri;utes A""ow <mpt8 ?assword

chec';o5

chec';o5 chec';o5 chec';o5 chec';o5

Au5i"iar8 strin% parameters <na;"e home chec';o5 directories <na;"e home chec';o5 directories ;rowsin% ;rowse Home directories ;utton <na;"e AI, chec';o5

Minimum AI, read inte%er FreeNAS 8.0.3 Guide

Setting :a ue si6e Minimum AI, write inte%er si6e /erocon* share chec';o5 disco-er8

6escri#tion when si6e o* request is ;i%%er than this -a"ue in ;8tes i* set to nonB6ero -a"ueD Sam;a wi"" write *rom *i"e as8nchronous"8 when si6e o* request is ;i%%er than this -a"ue in ;8tes ena;"e i* Mac c"ients wi"" ;e connectin% to the CI!S share

N2)3: ;e%innin% with !ree)AS3 -ersions 8.#.3BR<7<AS<D chan%es to CI!S settin%s and CI!S shares ta'e e**ect immediate"8. !or pre-ious -ersionsD chan%es wi"" not ta'e e**ect unti" 8ou manua""8 stop and start the CI!S ser-ice. 8.4.1 )rou' es"ooting )i#s

Compared to other networ'in% protoco"sD CI!S is not *ast. <na;"in% the *o""owin% chec';o5es ma8 he"p to increase networ' throu%hputI P7ar%e R0 supportPD PSend *i"es with send*i"eJ2KPD and P<na;"e AI,P. AdGustin% the AI, minimum and ma5imum si6e settin%s to ;etter *it 8our networ'in% in*rastructure ma8 impro-e or de%rade per*ormance. Sam;a1s Pwrite cacheP parameter has ;een reported to impro-e write per*ormance in some con*i%urations and can ;e added to the Au5i"iar8 ?arameters *ie"d. Use an inte%er -a"ue which is a mu"tip"e o* USCU?A4<SI/< Jt8pica""8 $#9+K to a-oid memor8 *ra%mentation. :his wi"" increase Sam;a1s memor8 requirements and shou"d not ;e used on s8stems with "imited RAM. I* 8ou wish to increase networ' per*ormanceD read the Sam;a section on soc'et options. It indicates which options are a-ai"a;"e and recommends that 8ou e5periment to see which are supported ;8 8our c"ients and impro-e 8our networ'1s per*ormance. 0indows automatica""8 caches *i"e sharin% in*ormation. I* 8ou ma'e chan%es to a CI!S share or to the permissions o* a -o"ume@dataset ;ein% shared ;8 CI!S and are no "on%er a;"e to access the shareD tr8 "o%%in% out and ;ac' into the 0indows s8stem. 0here possi;"eD a-oid usin% a mi5 o* case in *i"enames as this ma8 cause con*usion *or 0indows users. Representin% and reso"-in% *i"enames with Sam;a e5p"ains this in more detai".

8.$

6*na0ic 6NS

&8namic &)S J&&)SK is use*u" i* 8our !ree)AS3 s8stem is connected to an IS? that periodica""8 chan%es the I? address o* the s8stem. 0ith d8namic &)SD the s8stem can automatica""8 associate its current I? address with a domain nameD a""owin% 8ou to access the !ree)AS3 s8stem e-en i* the I? address chan%es. &&)S requires 8ou to re%ister with a &&)S ser-ice such as &8n&)S. !i%ure 8.(a shows the &&)S con*i%uration screen and :a;"e 8.(a summari6es the con*i%uration options. :he -a"ues 8ou need to input wi"" ;e %i-en to 8ou ;8 the &&)S pro-ider. A*ter con*i%urin% &&)SD don1t *or%et to start the &&)S ser-ice in Ser-ices BR Contro" Ser-ices.

FreeNAS 8.0.3 Guide

Page 11$ of 164

Figure 8.$a: &onfiguring 66NS

)a' e 8.$a: 66NS &onfiguration 2#tions Setting ?ro-ider &omain name Username ?assword Update period !orced update period Au5i"iar8 parameters :a ue 6escri#tion dropBdown se-era" pro-iders are supported menu strin% *u""8 qua"i*ied domain name Je.%. 8ourname.d8ndns.or%K strin% username to "o%on to the pro-ider and update the record strin% password used to "o%on to the pro-ider and update the record in mi""isecondsM ;e care*u" with this settin% as the pro-ider ma8 ;"oc' inte%er 8ou *or a;use i* this settin% occurs more o*ten than the I? chan%es in seconds so ;e care*u" with this settin% as the pro-ider ma8 ;"oc' 8ou *or a;useM issues a &&)S update request e-en when the address has not inte%er chan%edD so that the ser-ice pro-ider 'nows that the account is sti"" acti-e strin% additiona" parameters passed to the pro-ider durin% record update

FreeNAS 8.0.3 Guide

Page 116 of 164

8.6

F)P

!ree)AS3 a""ows 8ou to con*i%ure the pro*tpd !:? ser-er so that users can ;rowse and down"oad data usin% their we; ;rowser or !:? c"ient so*tware. :he ad-anta%e o* !:? is that eas8BtoBuse crossB p"at*orm uti"ities are a-ai"a;"e to mana%e up"oads to and down"oads *rom the !ree)AS3 s8stem. :he disad-anta%e o* !:? is that it is considered to ;e an insecure protoco"D meanin% that it shou"d not ;e used to trans*er sensiti-e *i"es. I* 8ou are concerned a;out sensiti-e dataD see section 8.+.$ <ncr8ptin% !:?. In order *or !:? to wor'D 8ou wi"" need to set appropriate permissions on the stora%e -o"umeD and dependin% upon 8our con*i%uration needsD 8ou ma8 a"so need to create users and %roups. :his section inc"udes con*i%uration e5amp"es demonstratin% some common scenarios. !i%ure 8.+a shows the con*i%uration screen *or the !:? ser-iceI Figure 8.6a: &onfiguring F)P

:a;"e 8.+a summari6es the a-ai"a;"e options when con*i%urin% the !:? ser-erI )a' e 8.6a: F)P &onfiguration 2#tions Setting ?ort C"ients FreeNAS 8.0.3 Guide :a ue inte%er inte%er 6escri#tion port to use *or connection requests ma5imum num;er o* simu"taneous c"ients Page 11( of 164

Setting

6escri#tion ma5imum num;er o* connections per I? address where # Connections inte%er means un"imited ma5imum num;er o* attempts ;e*ore c"ient is 7o%in Attempts inte%er disconnectedM M increase this i* users are prone to t8pos ma5imum c"ient id"e time in seconds ;e*ore c"ient is :imeout inte%er disconnected A""ow Root 7o%in chec';o5 discoura%ed as increases securit8 ris' A""ow Anon8mous 7o%in chec';o5 a""ows an8one to ;rowse the data root director8 o* !:? ser-erM must point to the ?ath ;rowse ;utton -o"ume@dataset or connections wi"" *ai" A""ow 7oca" User 7o%in chec';o5 required i* anon8mous is disa;"ed messa%e users see when access !:? ser-erD i* "e*t empt8 anner strin% it wi"" show the -ersion o* !:? !i"e ?ermission chec';o5es sets umas' *or new"8 created *i"es &irector8 ?ermission chec';o5es sets umas' *or new"8 created directories <na;"e !9? chec';o5 discoura%ed as -u"nera;"e to !:? ;ounce attac's i* trans*er is interruptedD ser-er wi"" resume trans*er at A""ow :rans*er Resumption chec';o5 "ast 'nown point *orces users to sta8 in their home director8 Ja"wa8s true A"wa8s Chroot chec';o5 *or anon8mousK Require I&<): wi"" resu"t in timeouts i* identd is not runnin% on the chec';o5 Authentication c"ient wi"" resu"t in timeouts i* there isn1t a &)S record *or the Require Re-erse &)S *or I? chec';o5 c"ient1s hostname I? address or hostnameM use i* !:? c"ients can not Masquerade address strin% connect throu%h a )A: de-ice to ;e used ;8 c"ients in ?AS> modeD de*au"t o* # means Minimum passi-e port inte%er an8 port a;o-e 1#23 to ;e used ;8 c"ients in ?AS> modeD de*au"t o* # means Ma5imum passi-e port inte%er an8 port a;o-e 1#23 7oca" user up"oad inte%er in 2 @sD de*au"t o* # means un"imited ;andwidth 7oca" user down"oad inte%er in 2 @sD de*au"t o* # means un"imited ;andwidth Anon8mous user up"oad inte%er in 2 @sD de*au"t o* # means un"imited ;andwidth Anon8mous user down"oad inte%er in 2 @sD de*au"t o* # means un"imited ;andwidth <na;"e SS7@:7S chec';o5 ena;"es encr8pted connectionsM 8ou wi"" need to FreeNAS 8.0.3 Guide Page 118 of 164

:a ue

Setting Au5i"iar8 parameters

:a ue strin%

6escri#tion con*i%ure the certi*icate in S8stem BR Settin%s [ SS7 inc"ude pro*tpdJ8K parameters not co-ered e"sewhere in this screen

:he *o""owin% e5amp"e demonstrates the au5i"iar8 parameters that wi"" pre-ent a"" users *rom per*ormin% the !:? &<7<:< commandI
<Limit DELE> DenyAll </Limit>

8.6.1

Anon*0ous F)P

Anon8mous !:? ma8 ;e appropriate *or a sma"" networ' where the !ree)AS3 s8stem is not accessi;"e *rom the Internet and e-er8one in 8our interna" networ' needs eas8 access to the stored data. Anon8mous !:? does not require 8ou to create a user account *or e-er8 user. In additionD passwords are not required so 8ou don1t ha-e to mana%e chan%ed passwords on the !ree)AS3 s8stem. :o con*i%ure anon8mous !:?I 1. Gi+e t"e 'ui t?in ft# user account #er0issions to the -o"ume@dataset in Stora%e BR >o"ume BR >iew A"" >o"umes. C"ic' the Chan%e ?ermissions ;utton *or the -o"ume@dataset that 8ou wish to share usin% !:?. In the screen shown in !i%ure 8.+;D se"ect the ft+ user in the dropBdown menu *or ,wnerJuserKD se"ect the ft+ %roup *or ,wnerJ%roupKD re-iew that the permissions are appropriate *or 8our networ'D 'eep the t8pe o* AC7 as Uni5D chec' the ;o5 Set permission recursi-e"8D and c"ic' the Chan%e ;utton. N2)3: *or !:?D the t8pe o* c"ient does not matter when it comes to the t8pe o* AC7. :his means that 8ou a"wa8s use Uni5 AC7sD e-en i* 0indows c"ients wi"" ;e accessin% !ree)AS3 -ia !:?. 2. &onfigure anon*0ous F)P in Ser-ices BR !:?. In the screen shown in !i%ure 8.+aI chec' the ;o5 A""ow Anon8mous 7o%in chan%e the path to the name o* the -o"ume@dataset

3. Start t"e F)P ser+ice in Contro" Ser-ices. C"ic' the red ,!! ;utton ne5t to !:?. A*ter a second or soD it wi"" chan%e to a ;"ue ,) D indicatin% that the ser-ice has ;een ena;"ed. 4. )est t"e connection *rom a c"ient usin% a uti"it8 such as !i"e6i""a. In the e5amp"e shown in !i%ure 8.+cD the I? address o* the !ree)AS3 ser-er is 172&18%&1&11)D the Username is anonymousD and the ?assword is the emai" address o* the user.

FreeNAS 8.0.3 Guide

Page 114 of 164

Figure 8.6': Assign ft# !ser Account Per0issions to t"e :o u0e

Figure 8.6c: &onnecting !sing Fi e>i a

8.6.2

S#ecified !ser Access in c"root

I* 8ou require 8our users to authenticate ;e*ore accessin% the data on the !ree)AS3 s8stemD 8ou wi"" need to create a user account *or each user. I* 8ou create a /!S dataset *or each userD 8ou can chroot each user so that the8 are "imited to the contents o* their own home director8 and 8ou can a"so restrict the si6e o* that home director8 usin% a /!S quota. :o con*i%ure this scenarioI 1. &reate a 9FS dataset for eac" user in Stora%e BR Create /!S &ataset. In the e5amp"e shown in !i%ure 8.+dD a /!S dataset named user1 has ;een created with a /!S quota o* 2#4 . In "ater stepsD we wi"" create a user named user1 to associate with the dataset. Repeat this process to create a dataset *or FreeNAS 8.0.3 Guide Page 120 of 164

e-er8 user that wi"" need access to the !:? ser-ice. Figure 8.6d: &reate a 9FS 6ataset -it" a Muota

2. &reate a user account for eac" user in Account BR Users BR Add User. In the screen shown in !i%ure 8.+eD input a Username *or the user Jin this e5amp"eD user1KD chan%e the Home &irector8 to the name o* an e5istin% dataset Jin our e5amp"eD the dataset named -mnt-test1-user1KD input a description under !u"" )ameD input the user1s emai" addressD input and con*irm the user1s passwordD and c"ic' the ,2 ;utton. Repeat this process to create a user account *or e-er8 user that wi"" need access to the !:? ser-iceD ma'in% sure to assi%n each user their own dataset. 3. Set t"e #er0issions for eac" dataset in Stora%e BR >o"ume BR >iew A"" >o"umes. :his is how 8ou associate a user account with a dataset and set the desired permissions *or that user. C"ic' the Chan%e ?ermissions ;utton *or a dataset that 8ou speci*ied as the Home &irector8 when 8ou created a user account. In the screen shown in !i%ure 8.+*D se"ect the user in the dropBdown menu *or ,wnerJuserK and ,wnerJ%roupK Jin this e5amp"eD user1KD 'eep the t8pe o* AC7 as Uni5D re-iew the read and write permissions to see i* the8 are appropriate to that userD chec' the ;o5 Set permission recursi-e"8D and c"ic' the Chan%e ;utton. N2)3: *or !:?D the t8pe o* c"ient does not matter when it comes to the t8pe o* AC7. :his means that 8ou a"wa8s use Uni5 AC7sD e-en i* 0indows c"ients wi"" ;e accessin% !ree)AS3 -ia !:?.

FreeNAS 8.0.3 Guide

Page 121 of 164

Figure 8.6e: &reating a !ser Account

Figure 8.6f: Setting t"e 6ataset<s Per0issions

FreeNAS 8.0.3 Guide

Page 122 of 164

4. &onfigure F)P in Ser-ices BR !:?. In the screen shown in !i%ure 8.+aI ma'e sure the ;o5es *or A""ow Anon8mous 7o%in and A""ow Root 7o%in are unchec'ed chec' the ;o5 A""ow 7oca" User 7o%in chec' the ;o5 A"wa8s Chroot

$. Start t"e F)P ser+ice in Contro" Ser-ices. C"ic' the red ,!! ;utton ne5t to !:?. A*ter a second or soD it wi"" chan%e to a ;"ue ,) D indicatin% that the ser-ice has ;een ena;"ed. 6. )est t"e connection fro0 a c ient usin% a uti"it8 such as !i"e6i""a. :his time in the e5amp"e shown in !i%ure 8.+dD use the I? address o* the !ree)AS3 s8stemD the Username o* a user that has ;een associated with a datasetD and the ?assword *or that user.

8.6.3

3ncr*#ting F)P

&urin% insta""ationD an RSA certi*icate and 'e8 are autoB%enerated *or 8ou. Eou can -iew these or cut@paste 8our own si%ned certi*icate and 'e8 in S8stem BR Settin%s BR SS7. :o con*i%ure an8 !:? scenario to use encr8pted connectionsI 1. 3na' e SSBF)BS in Ser-ices BR !:?. Chec' the ;o5 <na;"e SS7@:7S. ,nce 8ou press ,2D pro*tpd wi"" automatica""8 restart and ;e con*i%ured to use the certi*icate stored in the SS7 ta;. 2. S#ecif* secure F)P -"en accessing t"e FreeNAS s*ste0. !or e5amp"eD in !i"e6i""a input ft+s,--$A1address J*or an imp"icit connectionK or ft+es,--$A1address J*or an e5p"icit connectionK as the Host when connectin%. :he *irst time 8ou connectD 8ou shou"d ;e presented with the certi*icate o* the !ree)AS3 s8stem. C"ic' ,2 to accept the certi*icate and ne%otiate an encr8pted connection.

8.6.4

)rou' es"ooting

A -er8 common issue is that pro*tpd won1t start i* it can1t reso"-e the s8stem1s hostname to an I? -ia &)S. :o see i* the !:? ser-ice is runnin%D %o to the conso"e she"" Jor a command prompt in an SSH sessionK and issue the commandI
sockstat -4p 21

I* there is nothin% "istenin% on port 21D pro*tpd isn1t runnin%. :o see the error messa%e that occurs when !ree)AS3 tries to start the !:? ser-iceD %o to S8stem BR Settin%s BR Ad-anced and chec' the ;o5 PShow conso"e messa%es in the *ooter JRequires UI re"oadKP. Re*resh 8our ;rowser and the conso"e messa%es shou"d disp"a8 at the ;ottom o* 8our screen. )e5tD %o to Ser-ices BR Contro" Ser-ices and switch the !:? ser-ice o** then ;ac' on in the 4UI. 0atch the conso"e messa%es *or errors. I* the error re*ers to &)SD either create an entr8 in 8our "oca" &)S ser-er with the !ree)AS3 s8stem1s hostname and I? addressD or ma'e an entr8 containin% that in*ormation in -et*-hosts on the !ree)AS3 ser-er.

FreeNAS 8.0.3 Guide

Page 123 of 164

8.(

B6AP

!ree)AS3 inc"udes an ,pen7&A? c"ient *or accessin% in*ormation *rom an 7&A? ser-er. An 7&A? ser-er pro-ides director8 ser-ices *or *indin% networ' resources such as users and their associated permissions. <5amp"es o* 7&A? ser-ers inc"ude Microso*t Ser-er J2### and newerKD Mac ,S 9 Ser-erD )o-e"" e&irector8D and ,pen7&A? runnin% on a S& or 7inu5 s8stem. I* an 7&A? ser-er is runnin% on 8our networ'D 8ou shou"d con*i%ure the !ree)AS3 7&A? ser-ice so that the networ'1s users can authenticate to the 7&A? ser-er and thus ;e pro-ided authori6ed access to the data stored on the !ree)AS3 s8stem. !i%ure 8..a shows the 7&A? Con*i%uration screen that is seen when 8ou c"ic' Ser-ices BR 7&A?. Figure 8.(a: &onfiguring B6AP

:a;"e 8..a summari6es the a-ai"a;"e con*i%uration optionsI )a' e 8.(a: B6AP &onfiguration 2#tions Setting Hostname ase &) :a ue 6escri#tion hostname or I? o* 7&A? ser-er address top "e-e" o* the 7&A? director8 tree to ;e used when searchin% *or inte%er resources Page 124 of 164

FreeNAS 8.0.3 Guide

Setting A""ow Anon8mous indin% Root ;ind &) Root ;ind password ?assword <ncr8ption User Su**i5 4roup Su**i5 ?assword Su**i5 Machine Su**i5 <ncr8ption Mode Se"* si%ned certi*icate Au5i"iar8 ?arameters

:a ue chec';o5

6escri#tion instructs 7&A? ser-er to not pro-ide authentication and to a""ow read@write access to an8 c"ient used to ;ind with the 7&A? ser-er *or administrati-e write access to the 7&A? director8 to chan%e some attri;utes o* an 7&A? entr8D such as a user1s password used *or administrati-e write access on the 7&A? ser-er se"ect a t8pe supported ;8 the 7&A? ser-erD choices areI c"ear Junencr8ptedKD cr8ptD md(D ndsD rac*D adD e5op optiona"D can ;e added to name when user account added to 7&A? director8 Je.%. dept. or compan8 nameK optiona"D can ;e added to name when %roup added to 7&A? director8 Je.%. dept. or compan8 nameK optiona"D can ;e added to password when password added to 7&A? director8 can ;e added to name when s8stem added to 7&A? director8 Je.%. ser-erD accountin%K choices are ,**D SS7D or :7S used to -eri*8 the certi*icate o* the 7&A? ser-er i* SS7 connections are usedM paste the output o* the command o#enss s8c ient ?connect ser+er:#ort ?s"o-certs 7dap.con*J(K optionsD one per "ineD not co-ered ;8 other options in this screen

strin% strin% dropBdown menu strin% strin% strin% optiona" dropBdown menu strin% strin%

N2)3: !ree)AS3 automatica""8 appends the root &). :his means that 8ou shou"d not inc"ude the scope and root &) when inputtin% the userD %roupD passwordD and machine su**i5es.

8.8

NFS

)etwor' !i"e S8stem J)!SK is a protoco" *or sharin% *i"es on a networ'. e*ore con*i%urin% this ser-iceD 8ou shou"d *irst create 8our )!S Shares in Sharin% BR )!S Shares BR Add )!S Share. A*ter con*i%urin% this ser-iceD %o to Ser-ices BR Contro" ?ane" to start the ser-ice. Startin% this ser-ice wi"" open the *o""owin% ports on the !ree)AS3 s8stemI :C? and U&? 111 Jrpc;indK :C? 2#$9 Jn*sdK

Additiona""8D mountd and rpc;ind wi"" each ;ind to a random"8 a-ai"a;"e U&? port. !i%ure 8.8a shows the con*i%uration screen and :a;"e 8.8a summari6es the con*i%uration options *or the )!S ser-ice.

FreeNAS 8.0.3 Guide

Page 12$ of 164

Figure 8.8a: &onfiguring NFS

)a' e 8.8a: NFS &onfiguration 2#tions Setting 6escri#tion can not e5ceed num;er o* C?Us Jrun s*sct ?n 7ern.s0#.c#us at the )um;er o* ser-ers inte%er !ree)AS3 conso"e she"" to determine the ma5imum num;er *or that s8stemK speeds up data access ;ut ma8 resu"t in corruption i* a trans*er is As8nchronous mode chec';o5 interrupted :a ue

8.4

S.1.A...)

!ree)AS3 uses the smartdJ8K ser-ice to monitor dis' S.M.A.R.:. data *or si%ns o* pro;"ems. :o *u""8 con*i%ure S.M.A.R.:. 8ou need toI con*i%ure when to run the S.M.A.R.: tests in S8stem BR S.M.A.R.: :ests BR Add S.M.A.R.:. :est ena;"e S.M.A.R.:. *or each dis' mem;er o* a -o"ume in >o"umes BR >iew A"" >o"umes chec' the con*i%uration o* the S.M.A.R.: ser-ice in Ser-ices BR S.M.A.R.:. start the S.M.A.R.:. ser-ice in Ser-ices BR Contro" Ser-ices

!i%ure 8.9a shows the con*i%uration screen that appears when 8ou c"ic' Ser-ices BR S.M.A.R.:. N2)3: smartd wi"" wa'e up at e-er8 Che*k $nter a( 8ou con*i%ure in !i%ure 8.9a. It wi"" chec' the times 8ou con*i%ured in 8our tests Jdescri;ed in !i%ure $.+aK to see i* an8 tests shou"d ;e run. Since the sma""est time increment *or a test is an hour J+# minutesKD it usua""8 does not ma'e sense to set a chec' inter-a" -a"ue hi%her than +# minutes. !or e5amp"eD i* 8ou set the chec' inter-a" *or 12# minutes and the smart test to e-er8 hourD the test wi"" on"8 ;e run e-er8 2 hours since the daemon on"8 wa'es up e-er8 2 hours. :a;"e 8.9a summari6es the options in the S.M.A.R.: Con*i%uration screen. FreeNAS 8.0.3 Guide Page 126 of 164

Figure 8.4a: S.1.A...) &onfiguration 2#tions

)a' e 8.4a: S.1.A...) &onfiguration 2#tions Setting :a ue 6escri#tion in minutesD how o*ten to wa'e up smartd to chec' to see i* an8 tests ha-e ;een con*i%ured to run can o-erride that the con*i%ured test is not per*ormed dependin% upon the power modeM choices areI ne-erD s"eepD stand;8D or id"e de*au"t o* # disa;"es this chec'D otherwise reports i* the temperature o* a dri-er has chan%ed ;8 ) de%rees Ce"sius since "ast report de*au"t o* # disa;"es this chec'D otherwise wi"" messa%e with a "o% "e-e" o* 7,4UI)!, i* the temperature is hi%her than ) de%rees Ce"sius de*au"t o* # disa;"es this chec'D otherwise wi"" messa%e with a "o% "e-e" o* 7,4UCRI: and send an emai" i* the temperature is hi%her than ) de%rees Ce"sius emai" address o* person to recei-e S.M.A.R.: a"ertM separate mu"tip"e emai" recipients with a comma and no space

Chec' inter-a" inte%er ?ower mode &i**erence dropBdown menu inte%er in de%rees Ce"sius inte%er in de%rees Ce"sius inte%er in de%rees Ce"sius

In*orma"

Critica"

<mai" to report strin%

8.10 SN1P
S)M? JSimp"e )etwor' Mana%ement ?rotoco"K is a protoco" used to monitor networ'Battached de-ices *or conditions that warrant administrati-e attention. !ree)AS3 can ;e con*i%ured as a ;snmpdJ8K ser-er where ;snmp is !ree S&1s simp"e and e5tensi;"e S)M? daemon. I* 8ou ena;"e S)M?D the *o""owin% port wi"" ;e ena;"ed on the !ree)AS3 s8stemI FreeNAS 8.0.3 Guide Page 12( of 164

U&? 1+1 J;snmpd "istens here *or S)M? requestsK

!i%ure 8.1#a shows the S)M? con*i%uration screen and :a;"e 8.1#a summari6es the con*i%uration optionsI Figure 8.10a: &onfiguring SN1P

)a' e 8.10a: SN1P &onfiguration 2#tions Setting 7ocation Contact 6escri#tion optiona" description o* !ree)AS3 s8stem1s "ocation optiona" e.%. emai" address o* !ree)AS3 administrator password used on the S)M? networ'D de*au"t is pu;"ic and shou"d Communit8 strin% ;e chan%ed *or securit8 reasons Send S)M? :raps chec';o5 a trap is an e-ent noti*ication messa%e Au5i"iar8 ?arameters strin% additiona" ;snmpdJ8K options not co-ered in this screenD one per "ine :a ue strin% strin%

8.11 SS%
Secure She"" JSSHK a""ows *or *i"es to ;e trans*erred secure"8 o-er an encr8pted networ'. I* 8ou con*i%ure 8our !ree)AS3 s8stem as an SSH ser-erD the users in 8our networ' wi"" need to use SSH c"ient so*tware in order to trans*er *i"es usin% SSH. Eou wi"" a"so need to create a user account *or e-er8 user requirin% SSH access in Account BR Users BR Add User. 0hen creatin% 8our usersD set their home director8 to the -o"ume@dataset that 8ou wish them to ha-e access to. :his section shows the !ree)AS3 SSH con*i%uration optionsD demonstrates an e5amp"e con*i%uration that restricts users to their home director8D and pro-ides some trou;"eshootin% tips. FreeNAS 8.0.3 Guide Page 128 of 164

!i%ure 8.11a shows the Ser-ices BR SSH con*i%uration screen and :a;"e 8.11a summari6es the con*i%uration optionsI Figure 8.11a: SS% &onfiguration

)a' e 8.11a: SS% &onfiguration 2#tions Setting :C? ?ort 7o%in as Root with password A""ow ?assword Authentication A""ow :C? ?ort !orwardin% Compress Connections Host ?ri-ate 2e8 <5tra ,ptions :a ue inte%er 6escri#tion port to open *or SSH connection requestsD 22 ;8 de*au"t *or securit8 reasonsD root "o%ins are discoura%ed and disa;"ed ;8 chec';o5 de*au"t i* unchec'edD on"8 accepts 'e8 ;ased authentication which is more chec';o5 secure ;ut requires additiona" setup on ;oth the SSH c"ient and ser-er a""ows users to ;8pass *irewa"" restrictions usin% SSH1s port chec';o5 *orwardin% *eature chec';o5 ma8 reduce "atenc8 o-er s"ow networ's strin% strin% a""ows 8ou to paste a speci*ic host 'e8 as the de*au"t 'e8 is chan%ed with e-er8 insta""ation additiona" sshdUcon*i%J(K options not co-ered in this screenD one per "ine Page 124 of 164

FreeNAS 8.0.3 Guide

A *ew sshdUcon*i%J(K options that are use*u" to input in the <5tra ,ptions *ie"d inc"udeI 8.11.1 & ientA i+eInter+a I increase this num;er i* ssh connections tend to drop & ient1a,Startu#I de*au"ts to 1#M increase i* 8ou ha-e more users &"rooting SF)P users

8 de*au"t when 8ou con*i%ure SSHD users can use the ss" command to "o%in to the !ree)AS3 s8stem and the sc# and sft# commands to trans*er *i"es. 0hi"e these commands wi"" de*au"t to the user1s home director8D users are a;"e to na-i%ate outside o* their home director8 which can pose a securit8 ris'. SSH supports usin% a chroot to con*ine users to on"8 the sft# command and to ;e "imited to the contents o* their own home director8. :o con*i%ure this scenario on !ree)AS3D per*orm the *o""owin% steps. 1. &reate a 9FS dataset for eac" user re/uiring sft# access in Stora%e BR Create /!S &ataset. In the e5amp"e shown in !i%ure 8.11;D a /!S dataset named user1 has ;een created on -o"ume -mnt-test1 with a /!S quota o* 2#4 . In the ne5t stepD we wi"" create a user named user1 to associate with this dataset. Repeat this process to create a dataset *or e-er8 user that wi"" need access to the SSH ser-ice. Figure 8.11': &reate a 9FS 6ataset -it" a Muota

2. &reate a user account *or each user in Account BR Users BR Add User. In the screen shown in !i%ure 8.11cD input a Username *or the user Jin this e5amp"eD user1KD chan%e the Home &irector8 to the name o* an e5istin% dataset Jin our e5amp"eD the dataset named -mnt-test1-user1KD input a description under !u"" )ameD input the user1s emai" addressD input and con*irm the user1s passwordD and c"ic' the ,2 FreeNAS 8.0.3 Guide Page 130 of 164

;utton. Repeat this process to create a user account *or e-er8 user that wi"" need access to the SSH ser-ice. Figure 8.11c: &reating a !ser Account

3. Set #er0issions in Stora%e BR >o"ume BR >iew A"" >o"umes. SSH chroot is ery s+e*ifi* in what permissions it a""ows Jsee the ChrootDire*tory 'e8word in sshdUcon*i%J(K *or detai"sK. Eour con*i%uration wi"" not wor' i* the permissions on the datasets used ;8 SSH chroot users di**er *rom those shown in !i%ure 8.11d. Figure 8.11d: Per0issions .e/uired '* SS% &"root

FreeNAS 8.0.3 Guide

Page 131 of 164

4. &reate a "o0e director* -it"in eac" dataset. &ue to the permissions required ;8 SSH chrootD the user wi"" not ha-e permissions to write to the root o* their dataset. Since 8our intention is to "imit them to the contents o* their home director8D 8ou can manua""8 create a home director8 *or the user within their dataset. :o do soD 8ou wi"" need to access the !ree)AS3 s8stem1s she"" usin% the instructions in section 1#.8.. !AAI How do I %et to the Command 7ine @ C7I @ she"". ,nce 8ou ha-e access to the !ree)AS3 conso"eD create a home director8 *or each user 9ithin their o9n dataset and chan%e the ownership o* the director8 to the user. <5amp"e 8.11a demonstrates the commands used to create a home director8 ca""ed user1 *or the user account user1 on dataset -mnt-test1-user1I 3,a0# e 8.11a: &reating a !ser<s %o0e 6irector*
mkdir /mnt/test1/user1/user1 chown user1:user1 /mnt/test1/user1/user1

$. &onfigure SS% in Ser-ices BR SSH. Add these "ines to the <5tra ,ptions section as shown in !i%ure 8.11e. Figure 8.11e: &onfigure SS% for c"root

6. Start t"e SS% ser+ice in Contro" Ser-ices. C"ic' the red ,!! ;utton ne5t to SSH. A*ter a second or soD it wi"" chan%e to a ;"ue ,) D indicatin% that the ser-ice has ;een ena;"ed. (. )est t"e connection *rom a c"ient usin% a uti"it8 such as 0inSC?. In the e5amp"e shown in !i%ure 8.11*D user1 is connectin% to a !ree)AS3 ser-er with an I? address o* 172&18%&2&7. ,nce connectedD the user can see the *i"es on their 0indows s8stem in the "e*t *rame and the *i"es on the !ree)AS3 s8stem in the ri%ht *rameD as shown in !i%ure 8.11%.

FreeNAS 8.0.3 Guide

Page 132 of 164

Figure 8.11f: &onnecting to t"e SS% c"root fro0 ;inS&P

Figure 8.11g: !sing ;inS&P ;it"in a c"root

FreeNAS 8.0.3 Guide

Page 133 of 164

)otice that the director8 structure on the !ree)AS3 s8stem starts at ^rootR. I* the user c"ic's on ^rootRD the8 can not na-i%ate to a hi%her *o"der. I* the user tries to cop8 a *i"e *rom the 0indows s8stem to ^rootRD the operation wi"" *ai". Howe-erD i* the user c"ic's on their home *o"der Jin this e5amp"eD user1KD the8 wi"" enter that *o"der and can cop8 *i"es to@*rom the 0indows s8stem within that *o"der. 8.11.2 )rou' es"ooting SS% &onnections

I* 8ou add an8 <5tra ,ptions in the SSH con*i%uration screenD ;e aware that the 'e8words "isted in sshdUcon*i%J(K are case sensiti-e. :his means that 8our con*i%uration wi"" *ai" to do what 8ou intended i* 8ou don1t match the upper and "owercase "etters o* the 'e8word. 0hen con*i%urin% SSHD 8ou shou"d a"wa8s test 8our con*i%uration as an SSH user account to ensure that the user is "imited to what 8ou ha-e con*i%ured and does ha-e permission to do what 8ou want them to do. I* the user account is e5periencin% pro;"emsD the SSH error messa%es are usua""8 prett8 speci*ic to what the pro;"em is. Eou wi"" need to access the conso"e to read these messa%es with the *o""owin% commandI
tail -f /var/log/messages

8.12 )F)P
:ri-ia" !i"e :rans*er ?rotoco" J:!:?K is a "i%htBwei%ht -ersion o* !:? usua""8 used to trans*er con*i%uration or ;oot *i"es ;etween machinesD such as routersD in a "oca" en-ironment. :!:? is e5treme"8 "imitedD pro-idin% no authenticationD and is rare"8 used interacti-e"8 ;8 a user. I* 8ou ena;"e :!:? on 8our !ree)AS3 ser-erD it wi"" open U&? port +9. An e5amp"e where this is use*u" is when 8ou wish to store a"" o* the ima%es and con*i%uration *i"es *or 8our networ'1s de-ices on the !ree)AS3 s8stem. !i%ure 8.12a shows the :!:? con*i%uration screen and :a;"e 8.12a summari6es the a-ai"a;"e optionsI Figure 8.12a: )F)P &onfiguration

FreeNAS 8.0.3 Guide

Page 134 of 164

)a' e 8.12a: )F)P &onfiguration 2#tions Setting &irector8 A""ow )ew !i"es ?ort Username Umas' <5tra options :a ue strin% chec';o5 inte%er dropBdown menu inte%er strin% 6escri#tion most de-ices e5pect a path o* @t*tp;oot ena;"e i* networ' de-ices need to send *i"es to the !ree)AS3 s8stem Je.%. ;ac'up their con*i%K port to "isten *or :!:? requestsD +9 ;8 de*au"t account used *or t*tp requests umas' *or new"8 created *i"esD de*au"t is #22 additiona" t*tpdJ8K options not shown in this screenD one per "ine

8.13 !PS
!ree)AS3 uses )U: J)etwor' U?S :oo"sK to pro-ide U?S support. !i%ure 8.13a shows the U?S con*i%uration screenI Figure 8.13a: !PS &onfiguration Screen

FreeNAS 8.0.3 Guide

Page 13$ of 164

:a;"e 8.13a summari6es the options in the U?S Con*i%uration screen. )a' e 8.13a: !PS &onfiguration 2#tions Setting Identi*ier :a ue strin% dropBdown &ri-er menu dropBdown ?ort menu Au5i"iar8 ?arameters strin% &escription strin% dropBdown Shutdown mode menu Shutdown timer inte%er U?S Master User ?assword strin% <5tra users strin% Remote monitor Send <mai" Status Updates :o emai" <mai" su;Gect 6escri#tion input a descripti-e nameD de*au"t is ups supported U?S de-ices are "isted at httpI@@www.networ'upstoo"s.or%@sta;"eBhc".htm" "ist o* a-ai"a;"e seria" Je.%. @de-@cuauHK or US ports Je.%. @de-@u%en.9.9K U?S is p"u%%ed into Jsee ),:< ;e"owK additiona" options *rom ups.con*J(K optiona" choices are U?S %oes on ;atter8 and U?S reaches "ow ;atter8 in seconds de*au"t is *i5mepass see upsd.usersJ(K *or e5amp"es de*au"ts to "isten to e-er8thin% and uses the user chec';o5 PupsmonP and password P*i5mepassP chec';o5 i* chec'edD con*i%ure the :o emai" i* Send <mai" ;o5 chec'edD emai" address o* person to emai" address recei-e update strin% i* send <mai" o5 chec'edD su;Gect o* emai" updates

N2)3: *or US de-icesD the easiest wa8 to determine the correct de-ice name is to ena;"e conso"e "o%%in% in S8stem BR Settin%s BR Ad-anced BR chec' the ;o5 *or PShow conso"e messa%esP. Re*resh 8our ;rowser and p"u% in the US de-ice. :he messa%es wi"" %i-e the name o* the -de -ugenX&X de-iceM rep"ace the 91s in 8our con*i%uration with the actua" num;ers that show on the conso"e.

8.14 iS&SI
iSCSI is a protoco" standard that a""ows the conso"idation o* stora%e data. iSCSI a""ows !ree)AS3 to act "i'e a stora%e area networ' JSA)K o-er an e5istin% <thernet networ'. Speci*ica""8D it e5ports dis' de-ices o-er an <thernet networ' that iSCSI c"ients Jca""ed initiatorsK can attach to and mount. :raditiona" SA)s operate o-er *i;re channe" networ's which require a *i;re channe" in*rastructure such as *i;re channe" H AsD *i;re channe" switchesD and discreet ca;"in%. iSCSI can ;e used o-er an e5istin% <thernet networ'D a"thou%h dedicated networ's can ;e ;ui"t *or iSCSI tra**ic in an e**ort to ;oost per*ormance. iSCSI a"so pro-ides an ad-anta%e in an en-ironment that uses 0indows she"" pro%ramsM these pro%rams tend to *i"ter S)etwor' 7ocationT ;ut iSCSI mounts are not *i"tered. e*ore con*i%urin% iSCSI on 8our !ree)AS3 de-iceD 8ou shou"d ;e *ami"iar with the *o""owin% iSCSI termino"o%8I FreeNAS 8.0.3 Guide Page 136 of 164

&%AP: a protoco" used *or authenticatin% initiators Jc"ientsK ;8 a tar%et Jser-erK. CHA? uses a shared secret and threeBwa8 authentication to determine i* a s8stem is authori6ed to access the stora%e de-ice and to periodica""8 con*irm that the session has not ;een hiGac'ed ;8 another s8stem. 1utua &%AP: a superset o* CHA?. :he tar%et authenticates the initiator as in CHA?D and additiona""8 the initiator uses CHA? to authenticate the tar%et. Initiator: the remote s8stem Jc"ientK which has authori6ed access to the stora%e data on the !ree)AS3 s8stem. )arget: a stora%e resource on the !ree)AS3 s8stem Jser-erK. 3,tent: the stora%e unit to ;e shared. It can either ;e a *i"e or a de-ice. In order to con*i%ure iSCSID 8ou need toI re-iew the :ar%et 4"o;a" Con*i%uration parameters decide i* 8ou wi"" use CHA? or mutua" CHA? *or authenticationM i* soD create an authori6ed access create either a de-ice e5tent or a *i"e e5tent determine which hosts are a""owed to connect usin% iSCSI and create an initiator determine i* 8ou need to create a porta" Jon"8 required when the !ree)AS3 s8stem has mu"tip"e I? addresses or networ' inter*aces that wi"" ;e used *or iSCSI connections create a tar%et associate a tar%et with an e5tent start the iSCSI ser-ice in Ser-ices BR Contro" Ser-ices

N2)3: !ree)AS3 uses ist%t to pro-ide iSCSI. At this timeD ist%t does not support SI4HU?Bst8"e con*i%uration re"oadin%D meanin% that !ree)AS3 has to restart ist%t to ma'e con*i%uration chan%es ta'e e**ect. :his means that an8 chan%es to e5istin% iSCSI shares wi"" cause an8 c"ient that happens to ;e writin% at the time to ;e thrown into readBon"8 mode. !uture -ersions o* ist%t wi"" *i5 this 'nown issue. Man8 iSCSI initiators hand"e the iSCSI ser-ice droppin% o** *air"8 %race*u""8. >Mware <S9i pauses its >Ms whi"e it tries to reconnectD o**erin% a *air"8 "ar%e %race period where thin%s wi"" reco-er automatica""8. 8.14.1 )arget G o'a &onfiguration

:he :ar%et 4"o;a" Con*i%uration screenD shown in !i%ures 8.1$aD contains settin%s that app"8 to a"" iSCSI shares. :a;"e 8.1$a summari6es the settin%s that can ;e con*i%ured in the :ar%et 4"o;a" Con*i%uration screen. :he inte%er -a"ues in the ta;"e are used to tune networ' per*ormanceM most o* these -a"ues are descri;ed in R!C 3.2#. 7UC J7o%ica" Unit Contro""erK is an A?I pro-ided ;8 ist%t to contro" remo-a;"e media ;8 pro-idin% *unctions to "ist tar%etsD un@"oad a media to a unitD chan%e media *i"eD or reset a 7U).

FreeNAS 8.0.3 Guide

Page 13( of 164

Figure 8.14a: iS&SI )arget G o'a &onfiguration :aria' es

)a' e 8.14a: )arget G o'a &onfiguration Settings Setting ase )ame :a ue strin% 6escri#tion see the SConstructin% iSCSI names usin% the iqn. *ormatT section o* R!C 3.21 *or detai"s. Choices areI )oneD AutoD CHA?D or Mutua" CHA?. Con*i%ures the authentication "e-e" required ;8 the tar%et *or disco-er8 o* -a"id de-ices. )one wi"" a""ow anon8mous disco-er8. CHA? and Mutua" CHA? require authentication. Auto "ets the initiator decide the authentication scheme. Required i* &isco-er8 Auth Method is set to CHA? or Mutua" CHA?D optiona" i* &isco-er8 Auth Method is set to AutoD and not needed i* &isco-er8 Auth Method is set to )one. In the "atter two cases the con*i% %enerated in the _4"o;a"` section o* istgt&*onf wi"" ;e &isco-er8Auth4roup )oneD otherwise it wi"" ;e a num;er "i'e &isco-er8Auth4roup 1. Sets the "imit on how "on% an I@, can ;e outstandin% ;e*ore an error condition is returned. ?ossi;"e -a"ues ran%e *rom # B3## with a de*au"t -a"ue o* 3#. How o*ten tar%et sends a ),?BI) pac'et to 'eep a disco-ered session a"i-e. ?ossi;"e -a"ues ran%e *rom # B3## with a de*au"t -a"ue o* 2#.

&isco-er8 Auth Method

dropBdown menu

&isco-er8 Auth 4roup

dropBdown menu

I@, :imeout

),?I) Inter-a"

inte%er representin% seconds inte%er representin% seconds

FreeNAS 8.0.3 Guide

Page 138 of 164

Setting Ma5. Sessions

:a ue inte%er

Ma5. Connections Ma5. preBsend R2:

inte%er inte%er

Ma5,utstandin%R2: inte%er

!irst ;urst "en%th

inte%er

Ma5 ;urst "en%th Ma5 recei-e data se%ment "en%th &e*au"t:ime20ait

inte%er inte%er

inte%er

&e*au"t:ime2Retain inte%er

<na;"e 7UC

chec';o5

Contro""er I? address I? address Contro""er :C? port inte%er Contro""er su;net mas' Authori6ed netmas' Contro""er Auth dropBdown FreeNAS 8.0.3 Guide

6escri#tion A"" connections ;etween an iSCSI initiator porta" and a tar%et porta" are associated with a speci*ic session. :his option "imits the num;er o* sessions the tar%et wi"" create@accept. ?ossi;"e -a"ues ran%e *rom 1 B +$ with a de*au"t -a"ue o* 1+. Re*ers to the num;er o* connections a sin%"e initiator can ma'e with respect to a sin%"e tar%et. ?ossi;"e -a"ues ran%e *rom 1 B +$ with a de*au"t -a"ue o* 8. ?ossi;"e -a"ues ran%e *rom 1 B 2(( with a de*au"t -a"ue o* 32. &urin% writesD the tar%et pu""s data *rom the initiator ;8 sendin% R2: Jread8 to recei-eK pac'ets. :his option sets the ma5imum num;er o* R2:s the tar%et can ha-e outstandin% *or a sin%"e iSCSI command. 7ar%er -a"ues shou"d 8ie"d per*ormance increases unti" Ma5,utstandin%R2: e5ceeds the si6e o* the "ar%est 0rite I@, di-ided ;8 Ma5 urst7en%th. ?ossi;"e -a"ues ran%e *rom 1 B 2(( with a de*au"t -a"ue o* 1+. :he ma5imum amount in ;8tes o* unso"icited data an iSCSI initiator ma8 send to the tar%et durin% the e5ecution o* a sin%"e SCSI command. ?ossi;"e -a"ues ran%e *rom 1 B 2a32 with a de*au"t -a"ue o* +((3+. Ma5imum write si6e in ;8tes the tar%et is wi""in% to recei-e per ;urst o* pac'ets Ji.e. ;etween R2:sK. ?ossi;"e -a"ues ran%e *rom 1 B 2a32 with a de*au"t -a"ue o* 2+21$$. In ;8tes. ?ossi;"e -a"ues ran%e *rom 1 B 2a32 with a de*au"t -a"ue o* 2+21$$. :he minimum time in seconds to wait ;e*ore attemptin% a "o%out or an acti-e tas' reassi%nment a*ter an une5pected connection termination or reset. ?ossi;"e -a"ues ran%e *rom 1 B 3## with a de*au"t -a"ue o* 2. :he ma5imum time in seconds a*ter :ime20ait ;e*ore which an acti-e tas' reassi%nment is sti"" possi;"e a*ter an une5pected connection termination or reset. ?ossi;"e -a"ues ran%e *rom 1 B 3## with a de*au"t -a"ue o* +#. ,n"8 wor's with remo-a;"e media. I* chec'edD the rest o* the *ie"ds are required. Must ;e an I? address that is assi%ned to an inter*ace or the daemon won1t start. 4enera""8 set to 12..#.#.1. ?ossi;"e -a"ues ran%e *rom 1#2$B+((3( with a de*au"t -a"ue o* 32+1. :8pica""8 set to 2((.#.#.#. Choices are )oneD AutoD CHA?D or mutua" CHA?. Page 134 of 164

Setting Method

:a ue menu

6escri#tion Required i* Contro""er Auth Method is set to CHA? or Mutua" CHA?D optiona" i* Contro""er Auth Method is set to AutoD and not needed i* Contro""er Auth Method is set to )one. In the "atter two cases the con*i% %enerated in the _4"o;a"` section o* istgt&*onf wi"" ;e Contro""erAuth4roup )oneD otherwise it wi"" ;e a num;er "i'e Contro""erAuth4roup 1. I* 8ou wish to use authenticated disco-er the users must ;e con*i%ured prior to this step.

Contro""er Auth 4roup

dropBdown menu

8.14.2

Aut"ori>ed Accesses

I* 8ou wi"" ;e usin% CHA? or mutua" CHA? to pro-ide authenticationD 8ou must create an authori6ed access. 4o to Ser-ices [ ISCSI [ Authori6ed Accesses [ Add Authori6ed Access which wi"" open the screen seen in !i%ure 8.1$;. N2)3: CHA? does not wor' with 4"o;a"SA) initiators on Mac ,S 9. Figure 8.14': Adding Aut"ori>ed Access for iS&SI

:a;"e 8.1$; summari6es the settin%s that can ;e con*i%ured when addin% an authori6ed accessI

FreeNAS 8.0.3 Guide

Page 140 of 164

)a' e 8.14': Aut"ori>ed Access &onfiguration Settings Setting :a ue 6escri#tion :he 4roup I& is used to ;ui"d the authentication %roups used ;8 the iSCSI tar%et so*twareD a""owin% di**erent %roups to ;e con*i%ured with di**erent authentication 4roup I& inte%er pro*i"es. !or instanceD a"" users with a 4roup I& o* 1 wi"" ;e mem;ers o* S4roup 1T and wi"" inherit the authentication pro*i"e associated with that %roup. )ame o* user account that wi"" ;e created on the !ree)AS3 de-ice in order to User strin% CHA? authenticate with the user on the remote s8stem. Man8 initiators de*au"t to usin% the initiator name as the user. Secret strin% )eeds to ;e con*irmed. ?assword to ;e associated with the created user account. I* this is entered it wi"" cause the user to ;e a Mutua" CHA? user. In most cases it ?eer User strin% wi"" need to ;e the same as the User. Initiator )eeds to ;e con*irmed. :he mutua" secret password. Must ;e di**erent than the strin% Secret Secret. :his is required i* the ?eer User *ie"d is set. As users are addedD the8 wi"" ;e "isted under Authori6ed Accesses. In the e5amp"e shown in !i%ure 8.1$cD three users Jtest1D test2D and test)K ha-e ;een con*i%ured and there are two %roups createdD with %roup 1 consistin% o* a sin%"e CHA? user and %roup 2 consistin% o* a mutua" CHA? user and a CHA? user. Figure 8.14c: :ie-ing Aut"ori>ed iS&SI !sers

8.14.3

6e+ice 3,tents

:he ne5t step is to con*i%ure the share. In iSCSI termino"o%8D 8ou don1t share a -o"umeM instead 8ou share either a de-ice e5tent or a *i"e e5tentI FreeNAS 8.0.3 Guide Page 141 of 164

6e+ice e,tent: a""ows an un*ormatted dis'D a 6-o"D or an e5istin% HAS: de-ice to ;e e5ported -ia iSCSI. :he ad-anta%e o* a de-ice e5tent is that it is *aster than a *i"e e5tent. :he disad-anta%e is that the entire -o"ume is e5ported. I* 8ou on"8 want to share a portion o* a -o"ume usin% iSCSID either create a 6-o" Ji* it is a /!S -o"umeK or use a *i"e e5tent. Eou can create a 6-o" ;8 c"ic'in% Stora%e BR Create /!S >o"ume. Fi e e,tent: a""ows 8ou to e5port a portion o* a -o"ume. 0hen creatin% a *i"e e5tentD 8ou can speci*8 either a nonBe5istin% *i"e name or an e5istin% /!S dataset. :he ad-anta%e o* *i"e e5tents is that 8ou can create mu"tip"e e5ports per -o"ume. :he disad-anta%e is that the8 are s"ower than de-ice e5tents. :o add a de-ice e5tentD %o to Ser-ices [ ISCSI [ &e-ice <5tents [ Add &e-ice <5tent. In the e5amp"e shown in !i%ure 8.1$dD a de-ice e5tent is ;ein% created usin% a raw Jun*ormattedK dis'. Figure 8.14d: Adding an iS&SI 6e+ice 3,tent

:a;"e 8.1$c summari6es the settin%s that can ;e con*i%ured when creatin% a de-ice e5tentI )a' e 8.14c: 6e+ice 3,tent &onfiguration Settings Setting :a ue <5tent )ame strin% Comment strin% &is' de-ice 6escri#tion required optiona" se"ect the un*ormatted dis'D pre-ious"8 created 6-o"D or e5istin% dropBdown menu HAS: de-ice Page 142 of 164

FreeNAS 8.0.3 Guide

8.14.4

3,tents

:o add a *i"e e5tentD %o to Ser-ices [ ISCSI [ <5tents [ Add <5tent. In the e5amp"e shown in !i%ure 8.1$eD a *i"e e5tent named data with a ma5imum si6e o* 20 /B wi"" ;e created on the /!S dataset -mnt-tank-is*si. )ote that the *i"e e5tent creation wi"" *ai" i* 8ou do not append the name o* the *i"e to ;e created to the -o"ume@dataset name. Figure 8.14e: Adding an iS&SI Fi e 3,tent

:a;"e 8.1$d summari6es the settin%s that can ;e con*i%ured when creatin% an !i"e <5tentI )a' e 8.14d: Fi e 3,tent &onfiguration Settings Setting <5tent )ame ?ath to the e5tent <5tent si6e Comment :a ue strin% ;rowse ;utton inte%er strin% 6escri#tion name o* *i"e e5tentD can not ;e an e5istin% *i"e within the dataset ;rowse to the path where the *i"e wi"" ;e created or to an e5istin% dataset i* the si6e is speci*ied as # then the actua" *i"e si6e wi"" ;e used and the *i"e must ;e created manua""8 in the C7I optiona"

8.14.$

Initiators

:he ne5t step is to con*i%ure authori6ed initiatorsD or the s8stems which are a""owed to connect to the stored data. 4oin% to Ser-ices [ ISCSI [ Initiators [ Add Initiator wi"" ;rin% up the screen shown in !i%ure 8.1$*. :a;"e 8.1$e summari6es the settin%s that can ;e con*i%ured when addin% an initiator. N2)3: at this timeD the !ree)AS3 s8stem itse"* can not ;e con*i%ured as an initiator.

FreeNAS 8.0.3 Guide

Page 143 of 164

Figure 8.14f: Adding an iS&SI Initiator

)a' e 8.14e: Initiator &onfiguration Settings Setting Initiators Authori6ed networ' Comment :a ue 6escri#tion can use A77 'e8word or a "ist o* initiator hostnames separated ;8 commas strin% with no space can use A77 'e8word or a networ' address with CI&R mas' such as strin% 192.1+8.2.#@2$ strin% optiona" description

In the e5amp"e shown in !i%ure 8.1$%D two %roups ha-e ;een created. 4roup 1 a""ows connections *rom an8 initiator on an8 networ'M 4roup 2 on"8 a""ows connections *rom an8 initiator on the 1#.1#.1.#@2$ networ'. Figure 8.14g: Sa0# e iS&SI Initiator &onfiguration

FreeNAS 8.0.3 Guide

Page 144 of 164

8.14.6

Porta s

A porta" a""ows !ree)AS3 s8stems with mu"tip"e I? addresses or inter*aces to pro-ide ser-ices on di**erent inter*aces or su;nets. 4oin% to Ser-ices [ ISCSI [ ?orta"s [ Add ?orta" wi"" ;rin% up the screen shown in !i%ure 8.1$hI Figure 8.14": Adding an iS&SI Porta

In this e5amp"eD 0&0&0&0,)280 is a wi"dcard that wi"" cause the s8stem to ;ind to e-er8 I? address and inter*ace. :his a""ows 8ou to use mu"tiBpath I@, JM?I,K. :a;"e 8.12* summari6es the settin%s that can ;e con*i%ured when addin% a porta"I )a' e 8.14f: Porta &onfiguration Settings Setting ?orta" Comment :a ue 6escri#tion inter*ace or su;net I? address *o""owed ;8 a co"on and the :C? port used ;8 strin% iSCSI J32+# ;8 de*au"tK strin% optiona" description

8.14.(

)argets

)e5t 8ou shou"d add a :ar%et usin% Ser-ices [ ISCSI [ :ar%ets [ Add :ar%etD as shown in !i%ure 8.1$i. A tar%et com;ines a porta" I&D a""owed initiator I&D and an authentication method. :a;"e 8.1$% summari6es the settin%s that can ;e con*i%ured when creatin% a :ar%et. N2)3: mu"tip"e computers can not connect to the same iSCSI tar%et as iSCSI acts "i'e a ph8sica" dis' rather than a share. I* 8ou need to support mu"tip"e c"ients to the same dataD use CI!S or )!S instead o* iSCSI or create mu"tip"e iSCSI tar%ets Jone per c"ientK.

FreeNAS 8.0.3 Guide

Page 14$ of 164

Figure 8.14i: Adding an iS&SI )arget

)a' e 8.14g: )arget Settings Setting :ar%et )ame :ar%et A"ias Seria" :8pe :ar%et !"a%s ?orta" 4roup I& Initiator 4roup I& :a ue strin% strin% strin% dropBdown menu dropBdown menu dropBdown menu dropBdown menu 6escri#tion required -a"ueM ;ase name wi"" ;e appended automatica""8 i* it does not start with iqn optiona" userB*riend"8 name unique I& *or tar%et to a""ow *or mu"tip"e 7U)sM the de*au"t is %enerated *rom the s8stem1s MAC address t8pe o* de-iceI choices are dis'D &>&D tapeD or pass Jchoose pass in a -irtua" en-ironmentK choices are readBwrite or readBon"8 "ea-e empt8 or se"ect num;er o* e5istin% porta" to use se"ect which e5istin% initiator %roup has access to the tar%et choices are )oneD AutoD CHA?D or mutua" CHA? none or inte%er representin% num;er o* e5istin% authori6ed access see this post *or an e5p"anation o* the math in-o"-ed Page 146 of 164

Auth Method dropBdown menu Authentication 4roup dropBdown menu num;er Aueue &epth inte%er FreeNAS 8.0.3 Guide

Setting 7o%ica" "oc' Si6e

:a ue inte%er

6escri#tion shou"d on"8 ;e chan%ed i* 8ou need to emu"ate a ph8sica" dis'1s si6e or 8ou need to increase the ;"oc' si6e to a""ow *or "ar%er *i"es8stems on operatin% s8stems "imited ;8 ;"oc' count

8.14.8

)argetF3,tents

:he "ast step is associatin% e5tents to tar%ets within Ser-ices [ ISCSI [ :ar%et@<5tents [ Add :ar%et@<5tent. :his screen is shown in !i%ure 8.1$G. Use the dropBdown menus to se"ect the desired tar%et and e5tent. Figure 8.14J: Associating iS&SI )argetsF3,tents

:a;"e 8.1$h summari6es the settin%s that can ;e con*i%ured when associatin% tar%ets and e5tentsI )a' e 8.14": )argetF3,tents &onfiguration Settings Setting :a ue :ar%et dropBdown menu <5tent dropBdown menu 6escri#tion se"ect the preBcreated tar%et se"ect the preBcreated e5tent

It is ;est practice to associate e5tents to tar%ets in a 1I1 mannerD a"thou%h the so*tware wi"" a""ow mu"tip"e e5tents to ;e associated to a tar%et. ,nce iSCSI has ;een con*i%uredD c"ic' the Ser-ices BR Contro" Ser-ices icon. C"ic' the iSCSI ;utton to chan%e it *rom ,** to ,n and thus start the iSCSI ser-ice. 8.14.4 &onnecting to iS&SI S"are

In order to access the data on the iSCSI shareD c"ients wi"" need to use iSCSI initiator so*tware. An iSCSI Initiator c"ient is preBinsta""ed with 0indows .. A detai"ed howBto *or this c"ient can ;e *ound here. Mac ,S 9 does not inc"ude an initiator. :his howBto demonstrates how to use %"o;a"SA)D a *ree and eas8BtoBuse Mac initiator. S& s8stems pro-ide command "ine initiatorsI iscontro"J8K comes with !ree S&D iscsiBinitiatorJ8K FreeNAS 8.0.3 Guide Page 14( of 164

comes with )et S&D and iscsidJ8K comes with ,pen S&. Some 7inu5 distros pro-ide the command "ine uti"it8 iscsiad0 *rom ,penBiSCSI. 4oo%"e to see i* a pac'a%e e5ists *or 8our distri;ution shou"d the command not e5ist on 8our 7inu5 s8stem. Instructions *or connectin% *rom a >Mware <S9i Ser-er can ;e *ound at How to con*i%ure !ree)AS 8 *or iSCSI and connect to <S9JiK. )ote that the requirements *or ;ootin% -Sphere $.5 o** iSCSI di**er ;etween <S9 and <S9i. <S9 requires a hardware iSCSI adapter whi"e <S9i requires speci*ic iSCSI ;oot *irmware support. :he ma%ic is on the ;ootin% host sideD meanin% that there is no di**erence to the !ree)AS3 con*i%uration. See the iSCSI SA) Con*i%uration 4uide *or detai"s.

8.1$ .s*nc
:he Rs8nc section o* Ser-ices is used to con*i%ure an rs8nc ser-er. See section $.+ Rs8nc :as's *or instructions on how to con*i%ure an rs8nc c"ient and an e5amp"e o* con*i%urin% ;oth ends o* an rs8nc connection. :his section descri;es the con*i%ura;"e options *or the rs8ncd ser-ice and rs8nc modu"es. !i%ure 8.1(a shows the rs8ncd con*i%uration screen which is accessed *rom Ser-ices BR Rs8nc BR Con*i%ure Rs8ncd. Figure 8.1$a: .s*ncd &onfiguration

:a;"e 8.1(a summari6es the options that can ;e con*i%ured *or the rs8nc daemonI )a' e 8.1$a: .s*nc &onfiguration 2#tions Setting :a ue 6escri#tion :C? ?ort inte%er port *or rs8ncd to "isten onD de*au"t is 8.3 Au5i"iar8 parameters strin% additiona" parameters *rom rs8ncJ1K

8.1$.1

.s*nc 1odu es

!i%ure 8.1(; shows the con*i%uration screen that appears when 8ou c"ic' Ser-ices BR Rs8nc BR Rs8nc Modu"es BR Add Rs8nc Modu"e.

FreeNAS 8.0.3 Guide

Page 148 of 164

Figure 8.1$': Adding an .s*nc 1odu e

:a;"e 8.1(; summari6es the options that can ;e con*i%ured when creatin% a rs8nc modu"eI )a' e 8.1$': .s*nc 1odu e &onfiguration 2#tions Setting Modu"e name Comment ?ath Access Mode Ma5imum connections User :a ue strin% strin% ;rowse ;utton dropBdown menu inte%er 6escri#tion mandator8M a"so needs to ;e con*i%ured on rs8nc c"ient mandator8 o* -o"ume@dataset to ho"d recei-ed data choices are read and writeD readBon"8D or writeBon"8 # is un"imited se"ect user that *i"e trans*ers to and *rom that modu"e shou"d ta'e p"ace as se"ect %roup that *i"e trans*ers to and *rom that modu"e shou"d ta'e p"ace as see rs8ncd.con*J(K *or a""owed *ormats see rs8ncd.con*J(K *or a""owed *ormats additiona" parameters *rom rs8ncd.con*J(K Page 144 of 164

dropBdown menu dropBdown 4roup menu Hosts a""ow strin% Hosts den8 strin% Au5i"iar8 parameters strin% FreeNAS 8.0.3 Guide

N2)3I one o* the thin%s that isn1t apparent *rom the documentation *or some -ersions o* rs8ncd.con*J(K is that . is an a"ias *or a((.

4
4.1

Additiona 2#tions
6is# a* S*ste0 Processes

:his section co-ers the remainin% misce""aneous options a-ai"a;"e *rom the !ree)AS3 we; inter*ace.

I* 8ou c"ic' &isp"a8 S8stem ?rocessesD a screen wi"" open showin% the output o* topJ1K. An e5amp"e is shown in !i%ure 9.1a. Figure 4.1a: S*ste0 Processes .unning on FreeNAS

:he disp"a8 wi"" automatica""8 re*resh itse"*. Simp"8 c"ic' the 9 in the upper ri%ht corner to c"ose the disp"a8 when 8ou are *inished. )ote that the disp"a8 is readBon"8D meanin% that 8ou won1t ;e a;"e to issue a 7i command within it.

4.2

.e'oot

I* 8ou c"ic' Re;ootD 8ou wi"" recei-e the warnin% messa%e shown in !i%ure 9.2a.

FreeNAS 8.0.3 Guide

Page 1$0 of 164

Figure 4.2a: .e'oot ;arning 1essage

C"ic' the Cance" ;utton i* 8ou wish to cance" the re;oot request. ,therwiseD c"ic' the Re;oot ;utton to re;oot the s8stem. Re;ootin% the s8stem wi"" disconnect a"" c"ientsD inc"udin% the we; administration 4UI. :he UR7 in 8our we; ;rowser wi"" chan%e to add @s8stem@re;oot@ to the end o* the I? address. 0ait a *ew minutes *or the s8stem to ;ootD then use 8our ;rowser1s ;ac' ;utton to return to the !ree)AS3 s8stem1s I? address. I* a"" went we""D 8ou shou"d recei-e the 4UI "o%in menu. Howe-erD i* somethin% went wron%D 8ou wi"" need ph8sica" access to the !ree)AS3 s8stem1s monitor and 'e8;oard so that 8ou can determine what pro;"em is pre-entin% the s8stem *rom resumin% norma" operation.

4.3

S"utdo-n

I* 8ou c"ic' ShutdownD 8ou wi"" recei-e the warnin% messa%e shown in !i%ure 9.3a and 8our ;rowser co"our wi"" chan%e to red to indicate that 8ou ha-e se"ected an option that wi"" ne%ati-e"8 impact users o* the !ree)AS3 s8stem. Figure 4.3a: S"utdo-n ;arning 1essage

C"ic' the Cance" ;utton i* 8ou wish to cance" the shutdown request. ,therwiseD c"ic' the Shutdown ;utton to re;oot the s8stem. Shuttin% down the s8stem wi"" disconnect a"" c"ientsD inc"udin% the we; administration 4UID and wi"" power o** the !ree)AS3 s8stem. Eou wi"" need ph8sica" access to the !ree)AS3 s8stem in order to turn it ;ac' on.

4.4

Bog 2ut

:o "o% out o* the !ree)AS3 4UID simp"8 c"ic' the 7o% ,ut ;utton in the upper ri%ht corner. Eou wi"" immediate"8 ;e "o%%ed out. An in*ormationa" messa%e wi"" indicate that 8ou are "o%%ed out and wi"" pro-ide a h8per"in' which 8ou can c"ic' on to "o% ;ac' in.

FreeNAS 8.0.3 Guide

Page 1$1 of 164

4.$

%e #

:he He"p ;utton in the upper ri%ht corner pro-ides h8per"in's to the -arious !ree)AS3 resourcesD inc"udin%I *orumsD mai"in% "istsD IRC channe"D ;u% trac'erD and this documentation. <ach o* these resources is discussed in more detai" in the ne5t section. It a"so disp"a8s the current"8 insta""ed !ree)AS3 -ersion.

4.6

A ert

!ree)AS3 pro-ides an a"ert s8stem to pro-ide a -isua" warnin% o* an8 conditions that require administrati-e attention. :he A"ert ;utton in the *ar ri%ht corner wi"" *"ash red when there is an outstandin% a"ert. !or e5amp"eD the *irst time 8ou access the administrati-e 4UID the a"ert ;utton wi"" ;e *"ashin%. I* 8ou c"ic' the iconD 8ou wi"" see the screen shown in !i%ure 9.+aI Figure 4.6a: 3,a0# e A ert 1essage

ehind the scenesD an a"ert script chec's *or -arious a"ert conditionsD such as -o"ume statusD and writes these to - ar-tm+-a(ert. A Ga-ascript retrie-es the current a"ert status e-er8 ( minutes and wi"" chan%e the so"id %reen a"ert icon Ji* there are no current a"ert conditionsK to *"ashin% red Ji* a new a"ert is detectedK.

Section 3: Getting Help

10 FreeNAS Su##ort .esources
!ree)AS3 has a "ar%e insta""ation ;ase and an acti-e user communit8. :his means that man8 usa%e questions ha-e a"read8 ;een answered and the detai"s are a-ai"a;"e on the Internet. I* 8ou %et stuc' usin% !ree)AS3D spend a *ew moments searchin% the Internet *or the word !ree)AS3 with some 'e8 words that descri;e 8our error messa%e or the *unction that 8ou are tr8in% to imp"ement. !ree)AS3 8.# was re"eased in Ma8 o* 2#11 whi"e the ori%ina" -ersion o* !ree)AS3 Jnow at -ersion ..K has ;een around since 2##(. Accordin%"8D much o* the o* in*ormation a-ai"a;"e on the Internet was written *or !ree)AS3 ...5 and ma8 or ma8 not app"8 to !ree)AS3 8.5. :he rest o* this section discusses the additiona" resources a-ai"a;"e to !ree)AS3 8.5 usersI 0e;site and Socia" Media :rac &ata;ase IRC Mai"in% 7ists Page 1$2 of 164

FreeNAS 8.0.3 Guide

!orums Instructiona" >ideos ?ro*essiona" Support !AAs

10.1 ;e'site and Socia 1edia

:he !ree)AS3 we;site contains "in's to a"" o* the a-ai"a;"e documentationD supportD and socia" media resources. MaGor announcements are a"so posted to the main pa%e. Users are we"come to networ' on the !ree)AS3 socia" media sitesI 7in'edIn 4oo%"eW !ace;oo' A twitter *eed is a"so a-ai"a;"e.

10.2 )rac 6ata'ase

!ree)AS3 8 uses a trac data;ase where 8ou can -iew e5istin% support tic'ets to see i* 8our issue has a"read8 ;een reported or create new tic'ets *or unreported issues. Eou do not need to create a "o%in account in order to -iew e5istin% tic'etsD ;ut 8ou wi"" need to use the Re%ister "in' i* 8ou wish to create a tic'et. See section 11.2 Su;mit u% Reports i* 8ou wish to create a support tic'et.

10.3 I.&
I* 8ou wish to as' a question in Srea" timeTD 8ou can tr8 the H*reenas channe" on IRC !reenode. &ependin% upon the time o* da8 Jand 8our time 6oneKD a !ree)AS3 de-e"oper or other !ree)AS3 users ma8 ;e a-ai"a;"e to assist 8ou. I* 8ou don1t %et an answer ri%ht awa8D remain on the channe" as other users tend to read the channe" histor8 in order to answer questions as the8 are a;"e to. I* 8ou don1t ha-e an IRC chat c"ientD 8ou can use the !ree)AS3 ;rowserB;ased c"ient. :o %et the most out o* the IRC channe"D 'eep the *o""owin% points in mindI don1t as' Pcan an8one he"p meCPM insteadD Gust as' 8our question. I* someone 'nows the answerD the8 wi"" tr8 to assist 8ou. don1t as' a question and then "ea-e. Users who 'now the answer can1t he"p 8ou i* 8ou disappear. don1t ta'e it persona""8 i* no one answers or demand that someone answers 8our question. Ma8;e no one who 'nows the answer is a-ai"a;"eD ma8;e 8our question is rea""8 hardD or ma8;e it is a question that has a"read8 ;een answered man8 times in the other support resources. :r8 as'in% a%ain in a *ew hours or research the other resources to see i* 8ou1-e missed an8thin%. &on1t post error messa%es in the channe" as the IRC so*tware wi"" pro;a;"8 'ic' 8ou out. InsteadD use a pastin% ser-ice such as paste;in and re*er to the UR7 on channe". I* 8ou pre*er to paste an ima%e o* 8our errorD 8ou can up"oad it to a temporar8 screenshot hostin% ser-ice such Page 1$3 of 164

FreeNAS 8.0.3 Guide

as Up"oad Screenshot and post the UR7 to 8our up"oaded ima%e.

10.4 1ai ing Bists

Se-era" !ree)AS3 mai"in% "ists are a-ai"a;"e which a""ow users and de-e"opers to as' and answer questions re"ated to the topic o* the mai"in% "ist. :o post an emai" to a "istD 8ou wi"" need to su;scri;e to it *irst. <ach mai"in% "ist is archi-edD a""owin% 8ou to ;rowse *or in*ormation ;8 dateD thread nameD or author. :he *o""owin% mai"in% "ists are a-ai"a;"eI *reenasBannounceI :his is a "owB-o"umeD readBon"8 "ist where maGor mi"estonesD such as new re"easesD are announced. *reenasBcommitI :his is a readBon"8 "ist. As code chan%es in the !ree)AS3 repositor8D the commit messa%e is automatica""8 sent to this "ist. *reenasBde-e"I !ree)AS3 de-e"opers are su;scri;ed to this "ist. :echnica" questions a;out the current !ree)AS3 re"ease can ;e posted here. *reenasBdocsI :his "ist is *or discussion re%ardin% !ree)AS3 documentation. *reenasBtestin%I !ree)AS3 de-e"opers are su;scri;ed to this "ist. :echnica" questions a;out the upcomin% !ree)AS3 re"ease and *eed;ac' on testin% snapshots can ;e posted here. *reenasBtrans"ationsI :his "ist is *or discussion re%ardin% !ree)AS3 "oca"i6ation and trans"atin% !ree)AS3 documentation. Archi-es o* the mai"in% "ists are a-ai"a;"e *rom 4mane which a""ows 8ou to read the archi-es in -arious *ormats J;"o% st8"eD news reader st8"eK and to su;scri;e to RSS *eeds *or the "ists.

10.$ Foru0s
Another in*ormation source *or !ree)AS3 is the !orums. !orums contain userBcontri;uted tips and %uides which ha-e ;een cate%ori6edD ma'in% it an idea" resource i* 8ou wish to "earn more a;out a certain aspect o* !ree)AS3. A search;ar is inc"uded shou"d 8ou wish to search ;8 'e8wordM a"ternate"8D 8ou can c"ic' a cate%or8 to ;rowse throu%h the threads that e5ist *or that topic. :he *o""owin% cate%ories are a-ai"a;"e under %e # and Su##ort: !ree)AS3 $ )##;sI post here i* 8ou are new to !ree)AS3 and are unsure which cate%or8 ;est matches 8our question. !eature RequestsI *or the discussion o* upcomin% *eatures and to request *eatures not "isted on the Roadmap. u% Reportin%I do 8ou thin' 8ou ha-e *ound a ;u% in !ree)AS3 and want to discuss it ;e*ore creatin% a support tic'etC

HardwareI *or the discussion o* hardware and tips *or %ettin% the most out o* 8our hardware. User AuthenticationI 7&A? and Acti-e &irector8. Sharin%I A!?D CI!SD )!SD and iSCSI. FreeNAS 8.0.3 Guide Page 1$4 of 164

 Stora%eI rep"icationD snapshotsD -o"umesD and /!S. )etwor'in%I networ'in% hardwareD per*ormanceD "in' a%%re%ationD >7A)sD &&)SD !:?D S)M?D SSHD and :!:?. Insta""ationI insta""in% he"p or ad-ice ;e*ore per*ormin% the insta""ation. :he *o""owin% cate%ories are a-ai"a;"e under 6e+e o#0ent: !ree)AS3I %enera" de-e"opment discussion. nano;sdI the em;edded operatin% s8stem !ree)AS3 is ;ased upon. &Gan%oI the we; *ramewor' used ;8 the !ree)AS3 %raphica" administrati-e inter*ace. &oGo :oo"'itI the Ga-ascript too"'it used to create wid%ets and hand"e c"ient side processin%. :he *o""owin% cate%ories are a-ai"a;"e under %o-?)o Guides: Hac'in%I undocumented tric's *or %ettin% the most out o* 8our !ree)AS3 s8stem. Insta""ationI speci*ic insta""ation scenarios Jhardware and@or so*twareK. Con*i%urationI speci*ic con*i%uration scenarios Je.%. so*tware or c"ient con*i%urationK. HardwareI instructions *or settin% up speci*ic hardware. :he *o""owin% cate%ories are a-ai"a;"e under &o00unit* Foru0: ,**BtopicI want to discuss somethin% o* interest to !ree)AS3 users ;ut which is not necessari"8 re"ated to !ree)AS3C :his is 8our p"ace. ResourcesI ;"o%sD re-iewsD and other sources o* !ree)AS3 in*ormation not "isted at *reenas.or%. IntroductionsI !ree)AS3 Communit8 meet 1n %reet B introduce 8ourse"* and "et us 'now who we are chattin% with. :he *o""owin% "an%ua%eBspeci*ic cate%ories are a-ai"a;"e under Internationa D a""owin% !ree)AS3 users to interact with each other in their nati-e "an%ua%eI 4erman B &eutsch !rench B !rancais Ita"ian B Ita"iano Spanish B <spano" I* 8ou wish to as' a question on the *orumD 8ou wi"" need to c"ic' the Re%ister "in' to create an account and "o%in usin% that account. 0hen as'in% a question on the *orumD it is important that 8ouI *irst chec' to see i* the question has a"read8 ;een as'ed. I* 8ou *ind a simi"ar questionD don1t create a new thread. Instead use the PRep"8 to :hreadP ;utton to add 8our comments to the e5istin% thread. re-iew the a-ai"a;"e cate%ories to see which one is most c"ose"8 re"ated to 8our question. C"ic' on that cate%or8 and use the P?ost )ew :hreadP ;utton to open the editor. A*ter t8pin% 8our post and ;e*ore 8ou c"ic' the PSu;mit )ew :hreadP ;uttonD ma'e sure the PSu;scri;e to this thread FreeNAS 8.0.3 Guide Page 1$$ of 164

and noti*8 me o* chan%esP ;o5 is chec'ed. :hat wa8 8ou wi"" ;e noti*ied whene-er an8one answers 8our question.

10.6 Instructiona :ideos

A series o* instructiona" -ideos is ;ein% created *or !ree)AS3 8.5. :he -ideos that are a-ai"a;"e so *ar areI How to Insta"" !ree)AS3 8 !ree)AS3 S8stem Con*i%uration ,-er-iew !ree)AS3 8I >o"umes ,-er-iew !ree)AS3 8I Shares ,-er-iew !ree)AS3I )etwor' Con*i%uration ,-er-iew !ree)AS3I Acti-e &irector8 !ree)AS3 8I iSCSI InBdepth !ree)AS3 8I A"" in ,ne !ree)AS3 8I 7A44 and >7A) :he :oo Smart 4u8s show a"so has a series o* -ideosI ui"din% a !ree)AS 8 o5 B ?art 1 Hardware !ree)AS 8 B ui"d and Insta"" !ree)AS 8 <?3 Con*i%uration

10.( Professiona Su##ort

In addition to the *ree"8 a-ai"a;"e communit8 resourcesD i9s8stems o**ers pro*essiona" support pac'a%es. i9s8stems1 de-e"opment team wor's hard to impro-e new and current -ersions o* !ree)AS3D pro-idin% them with the insi%ht to pro-ide e5pert !ree)AS3 support and consu"tation ser-ices. :heir ?ro*essiona" Ser-ices team can a"so con*i%ure 8our !ree)AS3 hardware and so*tware to de"i-er the hi%hest "e-e"s o* per*ormanceD sta;i"it8D and securit8. See the !ree)AS3 ?ro*essiona" Support pa%e to request a quote.

10.8 FAMs
:his section contains some o* the questions which are as'ed most o*ten on the !ree)AS3 IRC channe". Additiona" !AAs can ;e *ound in this *orum post. 10.8.1 &an a .AI6?9 arra* 'e e,#andedN For e,a0# eO if I start off -it" a 8,2)5 .AI6?92 arra* can I add 0ore dri+es to it in t"e futureN

A. Eou can add dri-es to a -o"umeD ;ut not to a RAI&/ %roup. !or e5amp"eD i* 8our -o"ume is a 3 dri-e RAI&/D 8ou can add another 3 dri-e RAI&/ in the *utureD %i-in% 8ou a RAI&/W#. ut 8ou can1t chan%e it to a $ dri-e RAI&/. :his a "imitation@*eature o* /!S. FreeNAS 8.0.3 Guide Page 1$6 of 164

10.8.2

Is t"ere a co00and to force Free5S6 to scan for ne- dis7sN I<0 tr*ing to add so0e dis7s to 0* arra* using t"e "ot?s-a##a' e 'a*s and a 3-are SA)A card. )"e dri+es go in fine and ig"t u#O 'ut t"e o#erating s*ste0 can<t see t"e0.

A. Use the commandI

tw_cli /c0 rescan

:hen 8ou use the dri-es to create units and e5port them to the operatin% s8stem. 0hen *inishedD run ca0contro rescan a and the8 wi"" show up in the 4UI. 10.8.3 If 0* "ard-areF0ot"er'oard diesO can I re'ui d -it" ne-Fdifferent "ard-are and sti i0#ortFread t"e data fro0 0* dis7sN ;"at a'out 0* datasetsN

A. EesD as "on% as 8ou aren1t usin% hardware RAI& and "et /!S hand"e the RAI&D A dataset is ;asica""8 a *o"der@director8 that "i-es on 8our -o"ume with 8our other *i"esD ;ut which has a separate mount pointD such as -mnt-your3+oo(-dataset11. 10.8.4 %o- do I re# ace a 'ad dri+eN

A. It is recommended that 8ou *irst up%rade to "atest -ersion o* 8.#.3 to ma'e sure that 8our s8stem is not e**ected ;8 pre-ious"8 'nown ;u%s. Eou wi"" a"so need access to the !ree)AS3 s8stem to rep"ace the hard dri-e and to run some commands *rom the !ree)AS3 conso"e. I* 8ou are rep"acin% a dis' that is a mem;er o* a RAI&/1 or RAI&/2I 1. &etermine the de-ice name and UUI& o* the dis' that needs to ;e rep"aced in Stora%e BR >o"umes BR >iew a"" >o"umes BR >iew &is's icon *or e**ected -o"ume. 2. Shut down the s8stemD pu"" out the *ai"ed dri-eD and rep"ace it with a new dis' o* the same si6e or "ar%er into the same port. 3. ?owerBon the s8stem. At this point the RAI&/ wi"" ;e in a &<4RA&<& state and the dis' wi"" ;e "isted as Una-ai"a;"e. $. !rom the command "ine t8pe >#oo re# ace tan7 ada( where tan7 represents the poo" name and ada( represents the de-ice name. (. :he poo" wi"" ;e%in reBsi"-erin%. :his can ta'e a (ong time Jman8 hoursKM ;e patient and "et it *inish. Eou can chec' the status o* the resi"-erin% with >#oo status ?+. ,nce the resi"-erin% *inishesD >#oo status ?+ wi"" sti"" sa8 &<4RA&<&. +. :8pe the command >#oo detac" tan7 Fde+Fada(Fo dD rep"acin% tan7 and ada( with 8our poo" name and de-ice name. Chec' the status a%ain and the &<4RA&<& and -de -ada=-o(d shou"d ;e %one and the poo" state shou"d ;e ,)7I)<. .. :8pe the command >#oo e,#ort tan7. :his wi"" prepare the speci*ied poo" *or an autoBimport o* the dis'. 8. !rom the 4UI %o toI Stora%e BR >o"umes BR Auto Import. Eour dis' shou"d now show in the dropBdown menu. 9. Shou"d the dis' not appear in the dropBdown menuD ma'e sure that 8ou are runnin% the "atest -ersion o* !ree)AS3 up%rade i* 8ou are not. I* 8ou are runnin% the "atest !ree)AS3D tr8 FreeNAS 8.0.3 Guide Page 1$( of 164

;ac'in% up 8our con*i%uration *rom S8stem BR Settin%s BR Con*i% BR Sa-e Con*i%. :henD reset the con*i%uration to the *actor8 de*au"ts usin% the !actor8 Restore ;uttonD and tr8 the autoB import a%ain. ,nce 8our dis' is importedD 8ou can return to 8our sa-ed con*i%uration usin% the Up"oad Con*i% ;utton. 10.8.$ &an I s"are fi es fro0 0* e,terna !S5 dri+eN

A. )oD at this time the 4UI does not support this. :his shou"d ;e *i5ed in a "ater -ersion. 10.8.6 &an I 0ount 0* 1A& for0atted dri+eN

A. )oD at this time !ree)AS3 and !ree S& do not support mountin% H!S@H!SW *i"es8stems. 10.8.( %o- do I get to t"e co00and ine F&BIFs"e N

A. :here are 2 wa8sI *rom the conso"e Jthe screen 8ou see when 8ou ;ootKD and usin% SSH. :o use the conso"eD 8ou wi"" need access to the 'e8;oard connected to !ree)AS3. Se"ect option P9K She""P *rom the menu shown in !i%ure 2.$a in section 2.$ Initia" Setup. :o return to the conso"e menu *rom the she""D t8pe e,it. :o access the !ree)AS3 s8stem usin% SSHD 8ou wi"" need to ena;"e the SSH ser-ice in Contro" Ser-ices. Eou wi"" a"so need a c"ient pro%ram to ma'e the connection. 0hen connectin%D use the I? address o* the !ree)AS3 s8stem and the username admin. I* 8ou need to %ain root pri-i"e%es durin% the session t8pe su. 10.8.8 6oes FreeNAS su##ort 47 sector dri+esN %o- do I c"ec7 if it is configuredN

A. Ees. !ree)AS detects and uses $2 sectors automatica""8. !rom the command "ineD t8pe these command to chec' i* 8ou ha-e (12 or $' sectors con*i%uredI
zpool set cachefile=/data/zfs/zpool.cache tank
name) (change tank to your pool

zdb -U /data/zfs/zpool.cache

| grep ashift

I* the answer Y 9D 8ou ha-e (12 ;8te sectors. I* the answer Y 12D 8ou ha-e $' ;8te sectors. An8 hard dri-e produced a*ter =anuar8 1D 2#11 shou"d ;e a $2 Ad-anced !ormat dri-eD thou%h some dri-es retain ;ac'wards compati;i"it8 ;8 per*ormin% (12 ;8te emu"ation. !ree)AS3 a"wa8s uses $2 sector *or /!S i* the under"8in% hard dri-e is ad-anced *ormat in order to %et ma5imum per*ormance. !or U!SD the *ormat a"wa8s uses $2 sectors. 0hen 8ou create 8our -o"umesD 8ou can optiona""8 chec' the ;o5 to P!orce $#9+ ;8tes sector si6eP. :his wi"" not impro-e per*ormance on (12B;8te sector hard dri-es ;ut cou"d ;e he"p*u" in a RAI&/ that a"so contains ad-anced *ormat dri-es. 10.8.4 1* net-or7 transfer s#eeds are +er* s o-O -"at is -rongN

A. Eou need to determine whether the ;ott"enec' is 8our 7A)D 8our dis's@arra8@contro""erD not enou%h RAMD 8our C?U "oadD a miscon*i%urationD the t8pe o* share in useD or that some tunin% is required.

FreeNAS 8.0.3 Guide

Page 1$8 of 164

 i* 8ou1re usin% a 1#B1##M;@s wired router@switch 8ou shou"d %et somewhere around 11B12M @s i* 8ou1re trans*errin% across the InternetD 8our speed wi"" on"8 ;e as *ast as 8our s"owest "in' i* 8ou1re usin% a 4i% inter*aceD chec' that it is proper"8 ena;"ed on ;oth the switch and the !ree)AS3 s8stem. :o chec' the !ree)AS3 s8stemD run this command at the conso"eI
ifconfig -a grep media

I* it is not showin% at 1###M;@sD add the *o""owin% "ine to the ,ptions *ie"d o* the inter*ace1s settin%sI
media 1000baseTX mediaopt full-duplex

10.8.10 ;"* do c"anges I 0a7e at t"e co00and ine to config fi es or settings disa##ear after a re'ootN A. !ree)AS3is ;ooted *rom a compressed *i"es8stem and the con*i%uration that is stored in a data;ase is "oaded into RAM. An8 chan%es made at the command "ine do not %et added to the con*i%uration data;ase. 0hi"e 8ou can ma'e chan%es persist usin% the tips in this *orum postD those chan%es won1t sur-i-e an up%rade and it is not recommended to manua""8 add command "ine edits to the data;ase. InsteadD i* the *unctiona"it8 8ou desire is not possi;"e throu%h the 4UID %o to support.*reenas.or% and search to see i* a *eature request to add that *unctiona"it8 a"read8 e5ists. I* there is no e5istin% tic'etD create a tic'et descri;in% the needed *unctiona"it8.

Section 4: Contributing to Free !S"

11 %o- to Get In+o +ed
As an open source communit8D !ree)AS3 re"ies on the input and e5pertise o* its users to he"p impro-e !ree)AS3. 0hen 8ou ta'e some time to assist the communit8D 8our contri;utions ;ene*it e-er8one who uses !ree)AS3. :his section descri;es some areas o* participation to %et 8ou started. It is ;8 no means an e5hausti-e "ist. I* 8ou ha-e an idea that 8ou thin' wou"d ;ene*it the !ree)AS3 communit8D ;rin% it up on one o* the resources mentioned in section 1# !ree)AS3 Support Resources. :his section demonstrates how 8ou canI Assist with 7oca"i6ation Su;mit u% Reports :est Upcomin% >ersions

11.1 Assist -it" Boca i>ation

!ree)AS3 uses ?oot"eD an open source app"icationD *or mana%in% the "oca"i6ation o* the menu screens used ;8 the !ree)AS3 %raphica" administrati-e inter*ace. ?oot"e ma'es it eas8 to *ind out the "oca"i6ation status o* 8our nati-e "an%ua%e and to trans"ate the te5t *or an8 menus that ha-e not ;een "oca"i6ed 8et. 8 pro-idin% a we; editor and commentin% s8stemD ?oot"e a""ows trans"ators to spend their time ma'in% and re-iewin% trans"ations rather than "earnin% how to use a trans"ation su;mission FreeNAS 8.0.3 Guide Page 1$4 of 164

too". :o see the status o* a "oca"i6ationD open up the !ree)AS3 :rans"ation S8stem in 8our ;rowserD as seen in !i%ure 11.1aI Figure 11.1a: FreeNAS Boca i>ation S*ste0

:he "oca"i6ations !ree)AS3 users ha-e requested are "isted a"pha;etica""8 on the "e*t. I* 8our "an%ua%e is missin% and 8ou wou"d "i'e to he"p in its trans"ationD send an emai" to the trans"ations mai"in% "ist so it can ;e added. :he %reen ;ar in the ,-era"" Comp"etion co"umn indicates the percenta%e o* !ree)AS3 menus that ha-e ;een "oca"i6ed. I* a "an%ua%e is not at 1##QD it means that the menus that current"8 aren1t trans"ated wi"" appear in <n%"ish instead o* in that "an%ua%e. I* 8ou wish to he"p "oca"i6e 8our "an%ua%eD 8ou shou"d *irst Goin the trans"ations mai"in% "ist and introduce 8ourse"* and which "an%ua%eJsK 8ou can assist with. :his wi"" a""ow 8ou to meet other -o"unteers as we"" as 'eep a;reast o* an8 notices or updates that ma8 e**ect the trans"ations. Eou wi"" a"so need to c"ic' on the Re%ister "in' in order to create a ?oot"e "o%in account. :he *irst time 8ou "o% into the !ree)AS3 ?oot"e inter*aceD 8ou1"" ;e prompted to se"ect 8our "an%ua%e so that 8ou can access that "an%ua%e1s trans"ation whene-er 8ou "o%in. A"ternate"8D 8ou can c"ic' the Home "in' to see the status o* a"" o* the "an%ua%es. :o wor' on a trans"ationD c"ic' the "in' *or the "an%ua%e BR c"ic' the !ree)AS3 "in' *or the proGect BR c"ic' the "in' *or 7CUM<SSA4<S BR and c"ic' the "in' *or dGan%o.po. <-er8 te5t "ine a-ai"a;"e in the 4UI menu screens has ;een assi%ned a strin% num;er. I* 8ou c"ic' the num;erD an editor wi"" open where 8ou can trans"ate the te5t. In the e5amp"e shown in !i%ure 11.1;D a user has se"ected strin% num;er $+ in the 4erman trans"ationM the other strin%s in the screenshot ha-e a"read8 ;een trans"atedI

FreeNAS 8.0.3 Guide

Page 160 of 164

Figure 11.1': !sing t"e Poot e Interface to 3dit a )rans ation String

Simp"8 t8pe in the trans"ated te5t and c"ic' the Su;mit ;utton to sa-e 8our chan%e.

11.2 Su'0it 5ug .e#orts

!ree)AS3 uses :racD an open source ;u% reportin% s8stemD to mana%e ;u% reports and *eature requests su;mitted ;8 users. Eou can search *or e5istin% ;u%s and su;mit a ;u% report at support.*reenas.or%. I* 8ou *ind a ;u% whi"e usin% !ree)AS3 or i* 8ou wou"d "i'e to request a *eature in an upcomin% -ersionD ta'e the time to research 8our ;u%@*eature *irstD ;e*ore su;mittin% 8our ;u% report. :his is so that 8ou don1t end up dup"icatin% an e5istin% report and to ensure that 8our report contains the in*ormation that the de-e"opers need in order to imp"ement the *i5 or the *eature. e*ore su;mittin% a ;u% reportD per*orm the *o""owin% stepsI determine i* 8ou are runnin% the "atest -ersion o* !ree)AS3 8.5. !ree)AS3 de-e"opers tend to *i5 ;u%s rapid"8 and new *eatures are ;ein% imp"emented as 8.5 matures. I* 8ou are not runnin% the "atest -ersionD it is quite "i'e"8 that the ;u% has a"read8 ;een *i5ed or the missin% *eature has ;een imp"emented. I* this is the caseD 8our ;est course o* action is to ;ac'up 8our data and con*i%uration and per*orm an up%rade to the "atest -ersion. )ote that !ree)AS3 wi"" sta;i"i6e at -ersion 8.2 and that the most recent -ersion ma8 ;e "a;e""ed as a ;eta or an RCM it wi"" sti"" ;e considered more sta;"e than the re"ease ;e*ore it. i* 8ou are runnin% the "atest -ersionD use the search *eature at support.*reenas.or% to see i* a simi"ar report@request a"read8 e5ists. I* one doesD do not create another tic'et. InsteadD add a comment to the e5istin% tic'et i* 8ou ha-e additiona" in*ormation to add. I* a simi"ar report does not a"read8 e5istD 'eep the *o""owin% points in mind when 8ou create 8our ;u% report or *eature requestI FreeNAS 8.0.3 Guide Page 161 of 164

 8ou wi"" need to re%ister *or an accountD con*irm 8ou re%istration emai" addressD and ;e "o%%ed in ;e*ore 8ou can create a new tic'et. in the Summar8 section shown in !i%ure 11.2aD inc"ude descripti-e 'e8words that descri;e 8our pro;"em or *eature request. :his is use*u" *or other users who search *or a simi"ar pro;"em. Eou can a"so inc"ude a comma separated "ist o* 'e8words in the 2e8words section. in the &escription sectionD descri;e the pro;"emD how to recreate itD and inc"ude the te5t o* an8 error messa%es. I* 8ou are requestin% a *eatureD descri;e the ;ene*it pro-ided ;8 the *eature andD i* app"ica;"eD pro-ide e5amp"es o* other products that use that *eature or the UR7 o* the homepa%e *or the so*tware. I* 8ou wou"d "i'e to inc"ude a screenshot o* 8our con*i%uration or errorD chec' the PI ha-e *i"es to attach to this tic'etP ;o5. under :8peD se"ect de*ect i* it is a ;u% report or enhancement i* it is a *eature request. *or ;u% reportsD ;e sure to se"ect the -ersion o* !ree)AS3 that 8ou are usin%. press the ?re-iew ;utton to read throu%h 8our tic'et ;e*ore su;mittin% it. Ma'e sure it inc"udes a"" o* the in*ormation that someone e"se wou"d need to understand 8our pro;"em or request. ,nce 8ou are satis*ied with 8our tic'etD c"ic' the Create :ic'et ;utton to su;mit it. i* 8ou %et stuc' in how to *i"" out a *ie"d in the tic'etD the :rac:ic'ets "in' at the ;ottom o* the tic'et creation pa%e has se-era" e5amp"es. Figure 11.2a: &reating a Ne- )ic7et

FreeNAS 8.0.3 Guide

Page 162 of 164

11.3 )est !#co0ing :ersions

11.3.1 !#co0ing :ersion 8.2

A re"ease date has not ;een set 8et *or 8.2D thou%h it is e5pected to ;e re"eased ;8 the end o* A1D 2#12. ?rior to 8.2 re"easeD there wi"" ;e a ;eta period where testin% snapshots wi"" ;e announced on the !ree)AS3 we;siteD ;"o%D and socia" media sites e-er8 wee' or so. :his ;eta period is meant to pro-ide users an opportunit8 to test the upcomin% re"ease and to pro-ide *eed;ac' on ;u%s and errors so that the8 can ;e *i5ed prior to re"ease. !eed;ac' can ;e sent to the !reenasBtestin% mai"in% "ist. 11.3.2 )esting a Nig"t * Sna#s"ot

Chan%es to !ree)AS3 occur dai"8 as de-e"opers address the ;u%s and enhancement requests reported ;8 !ree)AS3 users. A testin% -ersion that incorporates these chan%es is automatica""8 ;ui"t dai"8 and is a-ai"a;"e *or down"oad as a ni%ht"8 re"ease. I* 8ou wish to insta"" or up%rade to the testin% -ersion o* !ree)AS3 Ji.e. the -ersion that addresses a"" *i5ed ;u%s up to toda81s dateK or 8ou need to up%rade to a -ersion that incorporates a *i5 8ou are waitin% *orD 8ou can down"oad the "atest ni%ht"8 -ersion. N2)3: it is possi;"e that a recent"8 imp"emented chan%e wi"" not wor' as e5pected or wi"" ;rea' somethin% e"se. I* 8ou e5perience thisD ta'e the time to add a comment to the app"ica;"e support tic'et so that the de-e"opers can address the pro;"em. 6ANG3.A up%radin% *rom a ni%ht"8 snapshot to an RC or a R<7<AS< is not supportedC . e war8 o* insta""in% a ni%ht"8 in a production en-ironment and ;e sure to ;ac'up 8our con*i%uration ;e*ore attemptin% a *u"" insta"" o* a "ater RC or R<7<AS<. )i%ht"8 ;ui"ds are a-ai"a;"e as IS,D 4UI up%radeD or !u"" insta"" ima%es. I* 8ou are up%radin% to a ni%ht"8 *rom an ear"ier -ersion o* !ree)AS3 8.5D see the section on Up%radin% !ree)AS3 *or instructions on how to up%rade. 11.3.3 .o ing @our 2-n )esting Sna#s"ot

Users who wish to test 8.2 prior to the testin% period can down"oad the "atest source *rom the s-n repositor8 and %enerate their own IS, *or testin% purposes. N2)3: 8.2 is current"8 in a"pha phase and some o* its new *eatures are sti"" ;ro'en or not *u""8 imp"emented. <5pect to *ind ;u%s. &o not use in a production en-ironmentV It is recommended that 8ou read the R<A&M< *irst so that 8ou are aware o* an8 %otchas and current"8 'nown "imitations. I* 8ou wish to ;ui"d 8our own testin% snapshotD 8ou wi"" need to insta"" !ree S& 8.2 in a -irtua" en-ironment or on a test s8stem. I* 8ou are usin% a -irtua" en-ironmentD a +$B;it s8stem with at "east $ 4 o* RAM is recommended. &own"oad the !ree S& -ersion Ji38+ or amd+$K that matches the architecture that 8ou wish to ;ui"d and when prompted to choose 8our distri;ution set durin% the insta""ationD se"ect the 5inima( insta"" option. A*ter ;ootin% into the new"8 insta""ed !ree S& s8stemD ;ecome the superuser and run the *o""owin% commands. !irstD insta"" the so*tware 8ou1"" need and re*resh 8our path so it is aware o* the new ;inariesI

FreeNAS 8.0.3 Guide

Page 163 of 164

pkg_add -r subversion pkg_add -r nano pkg_add -r cdrtools rehash

Eou1re now read8 to down"oad !ree)AS3 sourceI

cd /usr/local svn co https://freenas.svn.sourceforge.net/svnroot/freenas/trunk cd trunk setenv FREEBSD_CVSUP_HOST cvsup10.freebsd.org

I* 8ou wish to insta"" e5tra so*tware in 8our snapshotD 8ou wi"" need to increase the si6e o* the )ano S& ima%e ;8 editin% freenas3*ommon. :he si6e o* the ima%e shou"d ;e dou;"e the space that it needs as the ima%e wi"" ;e *ormatted with two sameBsi6e partitions. :his is to a""ow *or up%rades as one partition contains the new runnin% ima%e and the other partition contains a cop8 o* the ;ac'up ima%e. 0hen editin% freenas3*ommonD search *or this "ineI
FlashDevice generic 1g

and edit it to the si6e 8ou1"" need. Ma'e sure that 8ou ha-e a memor8 stic' that can ho"d the speci*ied si6e. Eou1re now read8 to ;ui"d the ima%eI
sh build/do_build.sh sh build/create_iso.sh

,nce these commands comp"eteD 8ou wi"" ha-e an ima%e in o!D&yyyy-FreeNASEFFFF3XXXX3 yyyy&fu((&'2 whereI FFFF is the re"ease ;ranch -ersion XXXX is the s-n re-ision *rom the !ree)AS3 repo yyyy is either i38+ or amd+$ dependin% on 8our p"at*orm and what was pro-ided -ia O!R<<)ASUARCH on the command "ine or in an en-ironment settin%

:his is a compressed raw dis' ima%e which needs to ;e decompressed and con-erted to 8our *a-orite -irtua" machine container *ormat ;e*ore use. :here wi"" a"so ;e a C& ima%e ca""ed o!D&yyy-FreeNAS3 FFFF3XXXX3yyyy&fu((&iso that 8ou can ;urn to dis' and use to insta"" or up%rade !ree)AS3. ?"ease see the R<A&M< *i"e *or common wor'*"ows and tips.

FreeNAS 8.0.3 Guide

Page 164 of 164