I created an NFS Ethernet with a 4 port router. One of the ports went to a NAS, another to a printer, a third to my desktop and fourth was left free. The point was a LAN which allowed me to use the NAS as a central synch point, something like a cloud server. First, I would synch with my desktop, secondly, when I arrived home with a work laptop, I could plug it into the open router port and synch that also.
NFS was because it's an older service built upon Sun's RPC services -- it's tried and true. Additionally, my systems currently are Linux systems, so why add security and memory problems with SMB or Samba? Ultimately however, I was defeated by a sh*tty NAS enclosure.
Vantec LX NAS (NST-375LX-BK)
I purchased a Vantec NAS enclosure and ran into problems immediately, probably because I didn't research the product in advance. Thinking it would work generically, I installed a dormant 350GB PATA drive into the Vantec. The enclosure has USB and Ethernet ports, but it appears Vantec's brilliant designers made the Ethernet firmware Microsoft protocol exclusive. This meant it was not native NFS and would instead require SMB (Samba). I was faced with installing Windows compatible Samba garbage or using the USB connection. In addition to no network compatibility (except samba), USB speeds are similar to molasses. What a load of crap. For those who want to jeopardize your box w/Samba, here is a forum link with the info of what to do.
Edit: the power conditioning in this box is just a voltage regulator chip; even normal line transients will change power to the enclosed HDD and possibly zorch the data. After I gave up on this box as a NAS, I used it as an external back-up and lost about 100G of data, some of it irreplaceable, eg family photos. I now use only USB powered externals.
politics
A short digression for a rant. Following my above situation, I looked for other options. There is a hideous lack of home-user NAS enclosures running NFS in the US consumer marketplace. In the US, to purchase a NAS that works with NFS one must spend at business levels, about $1000. Interestingly, if one only needs a Windows enclosure, the cost is perhaps $400. Meanwhile, there are many options for inexpensive NFS-serving NAS enclosures in foreign markets, such as the UK. These foreign markets don't require Windows or Samba, so why is NFS so shut-out in the US? Especially when it's understood that Windows and Samba have security vulnerabilities. One has to ask themselves what marketplace and/or government influences would lead to such a situation. Interesting.
NFS, RPC, portmap
Without an NFS box, let's still take a look at what I would have done, if I'd had one. As noted above, NFS lies on top of RPC services. RPC ports are not dedicated, they move around, so we need port mapper as a connection tracker. The portion of NFS which sends commands and acknowledgments between server and client is a normal dedicated port "file" (ports are files in UNIX), port 2049. But NFS uses undedicated RPC ports to move the data payloads, eg. the powerpoint files, the text files, whatever we are moving. The portmap application is necessary for this portion of the transfer. If portmap crashes, data may be lost or unsaved. To see what ports portmap is currently tracking, use, eg...
$ rpcinfo -p
RPC functionality
This tutorial is a good start to setting up the RPC functionality necessary for NFS.
1. The presence of /etc/hosts.allow and /etc/hosts.deny.
portmapper functionality
NFS functionality
1. In function, I've seen that domains have to be the same across the machines. For example, let's say one machine's /etc/HOSTNAME indicates "green.example.net", and another machine on the same LAN has "blue.example.net". This makes the situation very difficult.
NFS from command line
NFS is essentially a mount, but remote - we mount a drive, or folders from a drive, from another system on the LAN, and it appears as a drive on our current system, though labeled so we know it's an NFS share. We can mount temporarily from command line or make it permanent as part of the boot process.
NFS as an fstab line
NFS directory mounting
security
NFS requires various ports. The system should be operating smoothly before attempting to add firewall functionality because ports may be affected from the firewall rules. If anything goes wrong, we will know that it was on the firewall side, and not our NFS configuration.
No comments:
Post a Comment