Freenas9.2.1 Guide
Freenas9.2.1 Guide
. FreeBS is a registered trademark of the FreeBS Fo!ndation "o#er art $y %enny &osen$erg
Page 2 of 280
Table of Contents
Section 1: Introduction and Installation
1 Introduction........................................................................................................................................9 1.1 What's New in 9.2.1..................................................................................................................10 1.2 Known Issues............................................................................................................................11 1.3 Hardware Recommendations....................................................................................................12 1.3.1 Architecture.......................................................................................................................12 1.3.2 RAM.................................................................................................................................12 1.3.3 Com act or !"# $%ash.....................................................................................................13 1.3.& "tora'e (is)s and Contro%%ers..........................................................................................13 1.3.* Networ) Inter+aces............................................................................................................1& 1.3., RAI( -.er.iew................................................................................................................1* 1.3./ 0$" -.er.iew...................................................................................................................1/ 2 Insta%%in' and ! 'radin' $reeNA"1...............................................................................................19 2.1 2ettin' $reeNA"1...................................................................................................................20 2.2 $reeNA"1 in a 3irtua% 4n.ironment.......................................................................................20 2.2.1 3irtua%#o5.........................................................................................................................21 2.2.1.1Creatin' the 3irtua% Machine...............................................................................................21 2.2.1.2Creatin' (e.ices +or "tora'e and Insta%%ation Media..........................................................2, 2.2.1.3Con+i'urin' the #rid'ed Ada ter........................................................................................26 2.2.1.&Runnin' $reeNA"1 +rom a !"# Ima'e.............................................................................29 2.2.2 3MWare 4"7i..................................................................................................................30 2.3 Insta%%in' +rom C(R-M...........................................................................................................3& 2.& #urnin' an IM2 $i%e................................................................................................................3/ 2.&.1 !sin' 58cat and dd on a $ree#"( or 9inu5 ":stem........................................................3/ 2.&.2 !sin' Ke)a and dd on an -" 7 ":stem...........................................................................3/ 2.&.3 !sin' /;0i and Win32(is)Ima'er on Windows.............................................................36 2.&.& <rou=%eshootin'................................................................................................................&0 2.* Initia% "etu ...............................................................................................................................&0 2., ! 'radin' $reeNA"1 ............................................................................................................&& 2.,.1 >re arin' +or the ! 'rade.................................................................................................&* 2.,.2 !sin' the I"- to ! 'rade.................................................................................................&* 2.,.3 !sin' the 2!I to ! 'rade ...............................................................................................&/ 2.,.& !n%oc)in' an 4ncr: ted 3o%ume......................................................................................&9 2.,.* I+ "omethin' 2oes Wron'................................................................................................&9 2.,., ! 'radin' a 0$" >oo%......................................................................................................*0
3.1.6 "tart A %ica=%e "er.iceAsB...............................................................................................** 3.1.9 <est Con+i'uration +rom C%ient.........................................................................................** 3.1.10 #ac)u the Con+i'uration...............................................................................................** 3.2 Account Con+i'uration ............................................................................................................** 3.2.1 2rou s...............................................................................................................................** 3.2.2 !sers.................................................................................................................................*6 & ":stem Con+i'uration.......................................................................................................................,1 &.1 Cron Co=s..................................................................................................................................,2 &.2 Init@"hutdown "cri ts...............................................................................................................,3 &.3 N<> "er.ers..............................................................................................................................,& &.& Rs:nc <as)s..............................................................................................................................,, &.&.1 Creatin' an Rs:nc <as).....................................................................................................,/ &.&.2 Con+i'urin' Rs:nc Modu%e Mode #etween <wo $reeNA"1 ":stems............................,9 &.&.3 Con+i'urin' Rs:nc o.er ""H Mode #etween <wo $reeNA"1 ":stems........................./1 &.* ".M.A.R.<. <ests......................................................................................................................./3 &., "ettin's...................................................................................................................................../* &.,.1 2enera% <a=......................................................................................................................./* &.,.2 Ad.anced <a=...................................................................................................................// &.,.2.1Autotune.............................................................................................................................. /6 &.,.3 4mai% <a=........................................................................................................................../9 &.,.& ""9 <a=.............................................................................................................................60 &./ ":sct%s.......................................................................................................................................62 &.6 ":stem In+ormation..................................................................................................................63 &.9 <una=%es....................................................................................................................................6& &.9.1 Reco.erin' $rom Incorrect <una=%es................................................................................6, * Networ) Con+i'uration.....................................................................................................................6/ *.1 2%o=a% Con+i'uration................................................................................................................6/ *.2 Inter+aces...................................................................................................................................69 *.3 I>MI..........................................................................................................................................91 *.& 9in) A''re'ations....................................................................................................................93 *.&.1 Considerations When !sin' 9AC>D M>I-D N$"D or 4"7i .............................................9& *.&.2 Creatin' a 9in) A''re'ation ...........................................................................................9& *.* Networ) "ummar:....................................................................................................................99 *., "tatic Routes.............................................................................................................................99 *./ 39ANs......................................................................................................................................99 , "tora'e Con+i'uration....................................................................................................................101 ,.1 >eriodic "na shot <as)s.........................................................................................................101 ,.1.1 Creatin' a >eriodic "na shot <as)..................................................................................101 ,.1.2 Mana'in' >eriodic "na shot <as)s................................................................................103 ,.2 Re %ication <as)s....................................................................................................................10* ,.2.1 Con+i'ure >!99.............................................................................................................10* ,.2.2 Con+i'ure >!"H.............................................................................................................10, ,.2.3 <rou=%eshootin' Re %ication...........................................................................................106 ,.3 3o%umes..................................................................................................................................109 ,.3.1 Auto Im ortin' 3o%umes.................................................................................................110 ,.3.1.1Auto Im ortin' a 249I;4ncr: ted 0$" >oo%....................................................................111 ,.3.2 Im ortin' 3o%umes..........................................................................................................112 FreeNAS 9.2.1 Users Guide Page $ of 280
,.3.3 !$" 3o%ume Mana'er.....................................................................................................113 ,.3.& 0$" 3o%ume Mana'er.....................................................................................................11* ,.3.&.14ncr: tion..........................................................................................................................11/ Creatin' an 4ncr: ted 3o%ume.....................................................................................................116 ,.3.&.2Manua% 3o%ume Creation................................................................................................... 116 ,.3.* 45tendin' a 0$" 3o%ume................................................................................................120 ,.3., Creatin' 0$" (atasets....................................................................................................121 ,.3.,.1(edu %ication.....................................................................................................................123 ,.3.,.2Com ression......................................................................................................................123 ,.3./ Creatin' a 8.o%................................................................................................................12& ,.3.6 3iewin' (is)s.................................................................................................................12* ,.3.9 3iewin' 3o%umes............................................................................................................12* ,.3.9.1Ke: Mana'ement +or 4ncr: ted 3o%umes.........................................................................130 ,.3.10 "ettin' >ermissions.......................................................................................................131 ,.3.11 3iewin' Mu%ti aths.......................................................................................................133 ,.3.12 Re %acin' a $ai%ed (ri.e..............................................................................................133 ,.3.12.1Re %acin' a $ai%ed (ri.e in an 4ncr: ted >oo%...............................................................13* ,.3.12.2Remo.in' a 9o' or Cache (e.ice...................................................................................13, ,.3.13 Re %acin' (ri.es to 2row a 0$" >oo%.........................................................................13, ,.3.13.14na=%in' 0$" >oo% 45 ansion A+ter (ri.e Re %acement............................................... 13/ ,.3.1& " %ittin' a Mirrored 0$" "tora'e >oo%.........................................................................136 ,.& 0$" "cru=s.............................................................................................................................1&0 / "harin' Con+i'uration....................................................................................................................1&1 /.1 A %e AA$>B "hares................................................................................................................1&2 /.1.1 Creatin' A$> "hares.......................................................................................................1&3 /.1.2 Connectin' to A$> "hares As 2uest..............................................................................1&& /.1.3 !sin' <ime Machine.......................................................................................................1&, /.2 !ni5 AN$"B "hares..................................................................................................................1&6 /.2.1 Creatin' N$" "hares.......................................................................................................1&9 /.2.2 "am %e N$" "hare Con+i'uration...................................................................................1*1 /.2.3 Connectin' to the N$" "hare..........................................................................................1*1 /.2.3.1$rom #"( or 9inu5 C%ients...............................................................................................1*1 /.2.3.2$rom Microso+t C%ients......................................................................................................1*2 /.2.3.3$rom Mac -" 7 C%ients....................................................................................................1*3 /.2.& <rou=%eshootin'..............................................................................................................1** /.3 Windows ACI$"B "hares.........................................................................................................1** /.3.1 Creatin' CI$" "hares......................................................................................................1** /.3.2 Con+i'urin' Anon:mous Access....................................................................................1*/ /.3.3 Con+i'urin' 9oca% !ser Access......................................................................................1,0 /.3.& Con+i'urin' "hadow Co ies...........................................................................................1,2 /.3.&.1>rereEuisites.......................................................................................................................1,2 /.3.&.2Con+i'uration 45am %e......................................................................................................1,2 6 "er.ices Con+i'uration...................................................................................................................1,& 6.1 Contro% "er.ices......................................................................................................................1,* 6.2 A$>.........................................................................................................................................1,, 6.2.1 <rou=%eshootin'..............................................................................................................1,/ 6.3 CI$"........................................................................................................................................1,/ FreeNAS 9.2.1 Users Guide Page " of 280
6.3.1 <rou=%eshootin' <i s......................................................................................................1/0 6.& (irector: "er.ices..................................................................................................................1/0 6.&.1 Acti.e (irector:..............................................................................................................1/1 6.&.1.1!sin' a Ke:ta=.................................................................................................................. 1/& 6.&.1.2<rou=%eshootin' <i s......................................................................................................... 1/* 6.&.2 (omain Contro%%er .........................................................................................................1/* 6.&.3 9(A>..............................................................................................................................1// 6.&.& NI"..................................................................................................................................1/6 6.&.* N<&.................................................................................................................................1/9 6.* (:namic (N".........................................................................................................................160 6., $<>.........................................................................................................................................162 6.,.1 $<> Con+i'uration - tions.............................................................................................162 6.,.2 Anon:mous $<>.............................................................................................................16* 6.,.3 " eci+ied !ser Access in chroot.....................................................................................16, 6.,.& 4ncr: tin' $<>...............................................................................................................16/ 6.,.* <rou=%eshootin'..............................................................................................................16/ 6./ i"C"I.......................................................................................................................................166 6./.1 Authori8ed Accesses.......................................................................................................169 6./.2 45tents.............................................................................................................................191 6./.2.1Addin' an 45tent...............................................................................................................192 6./.3 Initiators..........................................................................................................................193 6./.& >orta%s.............................................................................................................................19* 6./.* <ar'et 2%o=a% Con+i'uration..........................................................................................19, 6./., <ar'ets.............................................................................................................................199 6././ <ar'et@45tents.................................................................................................................201 6./.6 Connectin' to i"C"I "hare.............................................................................................201 6./.9 2rowin' 9!Ns................................................................................................................202 6./.9.10.o% #ased 9!N................................................................................................................202 6./.9.2$i%e 45tent #ased 9!N......................................................................................................203 6.6 N$".........................................................................................................................................203 6.9 Rs:nc......................................................................................................................................20* 6.9.1 Rs:nc Modu%es................................................................................................................20* 6.10 ".M.A.R.<.............................................................................................................................20/ 6.11 "NM>....................................................................................................................................206 6.12 ""H.......................................................................................................................................209 6.12.1 ""H Con+i'uration "creen............................................................................................209 6.12.2 Chrootin' Command 9ine "$<> !sers .......................................................................211 6.12.3 <rou=%eshootin' ""H Connections...............................................................................212 6.13 <$<>.....................................................................................................................................213 6.1& !>".......................................................................................................................................21& 9 >%u'ins............................................................................................................................................21* 9.1 Insta%%in' a $reeNA"1 >#I !sin' >%u'ins............................................................................21, 9.1.1 Mana'in' an Insta%%ed $reeNA"1 >#I..........................................................................216 9.1.2 ! datin' an Insta%%ed $reeNA"1 >#I............................................................................219 9.1.3 Insta%%in' Additiona% >#Is...............................................................................................219 9.1.& (e%etin' a >#I.................................................................................................................220 9.2 A.ai%a=%e $reeNA"1 >#Is.....................................................................................................221 FreeNAS 9.2.1 Users Guide Page % of 280
9.2.1 >#I ReEuests...................................................................................................................222 10 Cai%s...............................................................................................................................................222 10.1 Cai%s Con+i'uration................................................................................................................22& 10.2 Addin' Cai%s..........................................................................................................................22* 10.2.1 Mana'in' Cai%s..............................................................................................................226 10.2.2 Accessin' a Cai% !sin' ""H Instead o+ its "he%% Icon...................................................229 10.2.2.14dit a Cai%'s "ettin's......................................................................................................... 230 10.2.2.2Addin' "tora'e................................................................................................................231 10.3 Cai% <em %ates.......................................................................................................................23& 10.3.1 Creatin' Four -wn <em %ates......................................................................................23* 10.& Insta%%in' $reeNA"1 >#Is ..................................................................................................23, 10.* Insta%%in' non;>#I "o+tware ................................................................................................236 10.*.1 Insta%%in' $ree#"( >ac)a'es with )'n'.....................................................................236 10.*.2 Com i%in' $ree#"( >orts with ma)e...........................................................................239 10.*.3 Con+i'urin' and "tartin' Insta%%ed $ree#"( "o+tware................................................2&2 11 Re ortin'......................................................................................................................................2&3 12 Additiona% - tions.......................................................................................................................2&& 12.1 (is %a: ":stem >rocesses.....................................................................................................2&& 12.2 "he%%......................................................................................................................................2&* 12.3 Re=oot...................................................................................................................................2&/ 12.& "hutdown..............................................................................................................................2&6 12.* He% ......................................................................................................................................2&6 12., 9o' -ut.................................................................................................................................2&9 12./ A%ert......................................................................................................................................2&9
1*.1 Assist with 9oca%i8ation ......................................................................................................2/3 1*.2 <est an ! comin' 3ersion....................................................................................................2/* 1*.2.1 Ro%%in' Four -wn <estin' "na shot.............................................................................2/* 1, !sin' the $reeNA"1 A>I............................................................................................................2/* 1,.1 #ui%din' a 9oca% Co : o+ the A>Is.......................................................................................2/, 1,.2 A "im %e A>I 45am %e.........................................................................................................2// 1,.3 A More Com %e5 45am %e...................................................................................................2/9
Inte%D the Inte% %o'oD >entium InsideD and >entium are trademar)s o+ Inte% Cor oration in the !.". and@or other countries. 9in)edIn1 is a re'istered trademar) o+ 9in)edIn Cor oration. 9inu51 is a re'istered trademar) o+ 9inus <or.a%ds. Mar.e%%1 is a re'istered trademar) o+ Mar.e%% or its a++i%iates. <witter is a trademar) o+ <witterD Inc. in the !nited "tates and other countries. !NI71 is a re'istered trademar) o+ <he - en 2rou . 3irtua%#o51 is a re'istered trademar) o+ -rac%e. 3MWare1 is a re'istered trademar) o+ 3MWareD Inc. Wi)i edia1 is a re'istered trademar) o+ the Wi)imedia $oundationD Inc.D a non; ro+it or'ani8ation. Windows1 is a re'istered trademar) o+ Microso+t Cor oration in the !nited "tates and other countries.
*+!ogra! ic 'on,entions
<he $reeNA"1 9.2.1 !sers 2uide uses the +o%%owin' t: o'ra hic con.entionsK (old te-t: re resents a command written at the command %ine. In usa'e e5am %esD the +ont is chan'ed to Courier 10 with an: command out ut dis %a:ed in un=o%ded te5t. itali' te(t) used to re resent de.ice namesD +i%e name athsD or te5t that is in ut into a 2!I +ie%d. bold italic text: used to em hasi8e an im ortant oint.
Introduction
$reeNA"1 is an em=edded o en source networ);attached stora'e ANA"B s:stem =ased on $ree#"( and re%eased under a #"( %icense. A NA" ro.ides an o eratin' s:stem that has =een o timi8ed +or +i%e stora'e and sharin'. Nota=%e +eatures in $reeNA"1 inc%udeK su su orts A$>D CI$"D $<>D N$"D ""H Ainc%udin' "$<>BD and <$<> as +i%e sharin' mechanisms orts e5 ortin' +i%e or de.ice e5tents .ia i"C"I
su orts Acti.e (irector: or 9(A> +or user authentication as we%% as manua% user and 'rou creation su orts the creation and im ort o+ !$"2 =ased .o%umesD inc%udin' 'mirrorD 'stri eD and 'raid3 su orts the creation and im ort o+ 0$" oo%sD ena=%in' man: +eatures not a.ai%a=%e in !$"2 such as EuotasD sna shotsD com ressionD re %icationD and datasets +or sharin' su=sets o+ .o%umes u 'rade rocedure sa.es the current o eratin' s:stem to an inacti.e artitionD a%%owin' +or an eas: re.ersa% o+ an undesira=%e u 'rade s:stem noti+ications are automatica%%: mai%ed to the root user account (Ian'o dri.en 'ra hica% user inter+ace a.ai%a=%e throu'h a we= =rowser FreeNAS 9.2.1 Users Guide Page 9 of 280
secure re %icationD automatic 0$" sna shotsD schedu%in' o+ 0$" scru=sD and cron mana'ement are a%% con+i'ura=%e throu'h the 'ra hica% inter+ace su su ort +or menu %oca%i8ation and )e:=oard %a:outs ort +or Windows AC9s and !NI7 +i%es:stem ermissions "MAR< monitorin' and !>" mana'ement in 2!I eriodic 0$" sna shots are .isi=%e in Windows as shadow co ies
1.1
$reeNA"1 9.2.1 +i5es this %ist o+ =u's and introduces the +o%%owin' +eaturesK
Page 10 of 280
<he 6.5 .o%ume mana'er can now =e accessed +rom the MManua% setu M =utton o+ 0$" 3o%ume Mana'er. "ince a manua% setu a%%ows +or the creation o+ non;o tima% .o%umes and contains no anti;+ootshootin' %o'icD it is meant +or ad.anced users who )now e5act%: what the: are doin' and understand the rami+ications o+ creatin' non;o tima% .o%umes. It is instead recommended to use dis)s o+ the same si8e and to %et 0$" 3o%ume Mana'er create a .o%ume that has =een o timi8ed +or redundanc: and ca acit:. OInitia%i8e "a+e%:P has =een remo.ed +or now +rom 0$" 3o%ume Mana'er as the time needed +or this action to com %ete can =e si'ni+icant. MCom ressionM and MCom ression RatioM co%umns ha.e =een added to the 3iew 3o%umes screen. <he non;+unctiona% share assword +ie%d has =een remo.ed +rom A %e AA$>B "hares. Added the a=i%it: to use a )e:ta= +or A( Ioins in Acti.e (irector:. <his e%iminates the need to use the A( Administrator account to Ioin $reeNA"1 to A( and c%oses a %on' standin' issue o+ needin' the A( Admin assword in the $reeNA"1 con+i'uration data=ase. (omain Contro%%er has =een added as a (irector: "er.ice and can =e used to con+i'ure $reeNA"1 as a (omain Contro%%er. In order to con+i'ure this ser.iceD it must +irst =e se%ected in the ":stem N "ettin's N 2enera% N (irector: "er.ice dro ;down menu. #: de+au%tD N$" !(> su ort is disa=%ed as it con+uses some c%ients. A M"er.e !(> N$" c%ientsM chec)=o5 has =een added to N$" to o.erride this de+au%t. Re ortin' has =een di.ided into ta=s to ma)e it easier to .iew re orts =: t: e o+ acti.it:. Added 'ra hs to Re ortin' that show indi.idua% dis) acti.it:. >er;Iai% s:sct% .a%ues can now =e s eci+ied when creatin' or editin' a Cai%. <he trafs o0 command %ine uti%it: has =een added which can =e used to .iew connections to the $reeNA"1 s:stem. <he !traidconf command %ine uti%it: has =een added +or Hi'h>oint stora'e contro%%ers mana'ement.
1.2
1no0n Issues
UPGRADES FROM FreeNAS 0.7x ARE UNSUPPORTED. <he s:stem has no wa: to im ort con+i'uration settin's +rom 0./5 .ersions o+ $reeNA"1D meanin' that :ou wi%% ha.e to manua%%: recreate :our con+i'uration. Howe.erD :ou shou%d =e a=%e to im ort su orted $reeNA"1 0./5 .o%umes. The FS !"#rade "roced!re i$ %o%&re'er$ible. (o not u 'rade :our 0$" .ersion un%ess :ou are a=so%ute%: sure that :ou wi%% ne.er want to 'o =ac) to the re.ious .ersion. <here is no re.ersin' a 0$" oo% u 'radeD and there is no wa: +or a s:stem with an o%der .ersion o+ 0$" to access oo%s that ha.e =een u 'raded. Page 11 of 280
#e+ore insta%%in' $reeNA"1 :ou shou%d =e aware o+ the +o%%owin' )nown issuesK
<he a.ai%a=%e s ace re orted in the arent 8 oo% ma: not re+%ect rea%it: and can =e con+usin' =ecause the a.ai%a=%e s ace re resented =: datasets or 8.o%s can e5ceed that o+ the arent 8 oo%. (is)s with certain con+i'urations can 'et ro=ed =: 24-M and =ecome essentia%%: unwrita=%e without manua% inter.ention. $or instanceD i+ :ou use dis)s that re.ious%: had a 'mirror on themD the s:stem ma: ic) that u and the dis)s wi%% =e una.ai%a=%e unti% the e5istin' 'mirror is sto ed and destro:ed. <he m s dri.er +or ,2 9"I "A" H#As is .ersion 1,D which reEuires hase 1, +irmware on the contro%%er. Runnin' o%der +irmware can cause man: woesD inc%udin' the +ai%ure to ro=e a%% o+ the attached dis)sD which can %ead to de'raded or una.ai%a=%e arra:s.
1.#
&ard0are 2eco33endations
"ince $reeNA"1 9.2.1 is =ased on $ree#"( 9.2D it su orts the same hardware +ound in the amd,& and i36, sections o+ the $ree#"( 9.2 Hardware Com ati=i%it: 9ist. Actua% hardware reEuirements wi%% .ar: de endin' u on what :ou are usin' :our $reeNA"1 s:stem +or. <his section ro.ides some 'uide%ines to 'et :ou started. Fou can a%so s)im throu'h the $reeNA"1 Hardware $orum +or er+ormance ti s +rom other $reeNA"1 users or to ost Euestions re'ardin' the hardware =est suited to meet :our reEuirements. <his +orum ost ro.ides some s eci+ic recommendations i+ :ou are %annin' on urchasin' hardware. 1.#.1 Arc itecture
Whi%e $reeNA"1 is a.ai%a=%e +or =oth 32;=it and ,&;=it architecturesD ,&;=it hardware is recommended +or s eed and er+ormance. A 32;=it s:stem can on%: address u to & 2# o+ RAMD ma)in' it oor%: suited to the RAM reEuirements o+ 0$". I+ :ou on%: ha.e access to a 32;=it s:stemD consider usin' !$" instead o+ 0$". 1.#.2 2A4
<he =est wa: to 'et the most out o+ :our $reeNA"1 s:stem is to insta%% as much RAM as ossi=%e. I+ :our RAM is %imitedD consider usin' !$" unti% :ou can a++ord =etter hardware. $reeNA"1 with 0$" t: ica%%: reEuires a minimum o+ 6 2# o+ RAM in order to ro.ide 'ood er+ormance and sta=i%it:. <he more RAMD the =etter the er+ormanceD and the $reeNA"1 $orums ro.ide anecdota% e.idence +rom users on how much er+ormance is 'ained =: addin' more RAM. $or s:stems with %ar'e dis) ca acit: A'reater than 6 <#BD a 'enera% ru%e o+ thum= is 1 2# o+ RAM +or e.er: 1 <# o+ stora'e. <his ost descri=es how RAM is used =: 0$". I+ :ou %an to use :our ser.er +or home useD :ou can o+ten so+ten the ru%e o+ thum= o+ 1 2# o+ RAM +or e.er: 1 <# o+ stora'eD thou'h 6 2# o+ RAM is sti%% the recommended minimum. I+ er+ormance is inadeEuate :ou shou%d consider addin' more RAM as a +irst remed:. <he sweet s ot +or most users in home@sma%% =usiness is 1,2# o+ RAM. It is ossi=%e to use 0$" on s:stems with %ess than 6 2# o+ RAM. Howe.erD $reeNA"1 as distri=uted is con+i'ured to =e suita=%e +or s:stems meetin' the si8in' recommendations a=o.e. I+ :ou wish to use 0$" on a sma%%er memor: s:stemD some tunin' wi%% =e necessar:D and er+ormance wi%% =e A%i)e%: su=stantia%%:B reduced. 0$" wi%% automatica%%: disa=%e re;+etchin' Acachin'B on s:stems where it is not a=%e to use at %east & 2# o+ memor: Iust +or 0$" cache and data structures. <his ost descri=es man: o+ FreeNAS 9.2.1 Users Guide Page 12 of 280
the re%e.ant tuna=%es. I+ :our s:stem su orts it and :our =ud'et a%%ows +or itD insta%% 4CC RAM. I+ :ou %an to use 0$" dedu %icationD a 'enera% ru%e o+ thum= is * 2# RAM er <# o+ stora'e to =e dedu %icated. I+ :ou use Acti.e (irector: with $reeNA"1D add an additiona% 2 2# o+ RAM +or win=ind's interna% cache. I+ :ou are insta%%in' $reeNA"1 on a head%ess s:stemD disa=%e the shared memor: settin's +or the .ideo card in the #I-". I+ :ou on%: %an to use !$"D :ou ma: =e a=%e to 'et =: with as %itt%e as 22# o+ RAM. I+ :ou don't ha.e at %east 62# o+ RAM with 0$" or 22# o+ RAM with !$"D :ou shou%d consider 'ettin' more ower+u% hardware =e+ore usin' $reeNA"1 to store :our data. -therwiseD data %oss ma: resu%t. .A2NING: to ensure consistenc: +or the chec)summin' and arit: ca%cu%ations er+ormed =: 0$"D 4CC RAM is hi'h%: recommended. !sin' non;4CC RAM can cause unreco.era=%e dama'e to a 8 oo% resu%tin' in a %oss o+ a%% data in the oo%. 1.#.# 'o3!act or US5 Flas
<he $reeNA"1 o eratin' s:stem is a runnin' ima'e. <his means that it shou%d not =e insta%%ed onto a hard dri.eD =ut rather to a !"# or com act +%ash de.ice that is at %east 2 2# in si8e. I+ :ou don't ha.e com act +%ashD :ou can instead use a !"# thum= dri.e that is dedicated to the runnin' ima'e and which sta:s inserted in the !"# s%ot. Whi%e technica%%: :ou can insta%% $reeNA"1 onto a hard dri.eD this is discoura'ed as :ou wi%% %ose the stora'e ca acit: o+ the dri.e. In other wordsD the o eratin' s:stem wi%% ta)e o.er the dri.e and wi%% not a%%ow :ou to store data on itD re'ard%ess o+ the si8e o+ the dri.e. <he $reeNA"1 insta%%ation wi%% artition the o eratin' s:stem dri.e into two artitions. -ne artition ho%ds the current o eratin' s:stem and the other artition is used when :ou u 'rade. <his a%%ows :ou to sa+e%: u 'rade to a new ima'e or to re.ert to an o%der ima'e shou%d :ou encounter ro=%ems. !"# 3.0 su ort is disa=%ed =: de+au%t as it current%: is not com ati=%e with some hardwareD inc%udin' Haswe%% A9:n5 ointB chi sets. I+ :ou recei.e a M+ai%ed with error 19M messa'e when tr:in' to =oot $reeNA"1D ma)e sure that 5HCI@!"#3 is disa=%ed in the s:stem #I-". Whi%e this wi%% downc%oc) the !"# orts to 2.0D the =ootu and shutdown times wi%% not =e si'ni+icant%: di++erent. <o see i+ !"# 3.0 su ort wor)s with :our hardwareD create a <una=%e named (h'i,loadD set its .a%ue to -.SD and re=oot the s:stem. It is hi'h%: recommended that when usin' a !"# stic)D that on%: name =rand !"# stic)s are used as o++;=rand stic)s ma: not =e +u%%: com ati=%e with $reeNA"1. N6*7: "( cards to !"# con.erters are not recommended as these ha.e caused ro=%ems +or man: users. When usin' a C$ ada terD a.oid the no;name =rands to ensure com ati=i%it:D re%ia=i%it:D and er+ormance.
Page 1# of 280
1.#.$
<he (is) section o+ the $ree#"( Hardware 9ist %ists the su orted dis) contro%%ers. In additionD su ort +or 3ware ,'= s RAI( contro%%ers has =een added a%on' with the C9I uti%it: t0:cli +or mana'in' 3ware RAI( contro%%ers. $reeNA"1 su orts hot %u''a=%e dri.es. Ma)e sure that AHCI is ena=%ed in the #I-". Note that hot %u''in' is %ot the $a(e as a hot s areD which is not su orted at this time. I+ :ou need re%ia=%e dis) a%ertin'D immediate re ortin' o+ a +ai%ed dri.eD and or swa in'D use a +u%%: mana'ea=%e hardware RAI( contro%%er such as a 9"I Me'aRAI( contro%%er or a 3Ware twa;com ati=%e contro%%er. <he current $ree#"( 0$" im %ementation wi%% not notice that a dri.e is 'one unti% :ou re=oot or ut the .o%ume on hi'h %oad. More in+ormation a=out 9"I cards and $reeNA"1 can =e +ound in this +orum ost. "u''estions +or testin' dis)s =e+ore addin' them to a RAI( arra: can =e +ound in this +orum ost. <his artic%e ro.ides a 'ood o.er.iew o+ hard dri.es which are we%% suited +or a NA". I+ :ou ha.e some mone: to s end and wish to o timi8e :our dis) su=s:stemD consider :our read@write needsD :our =ud'etD and :our RAI( reEuirements. I+ :ou ha.e stead:D non;conti'uous writesD use dis)s with %ow see) times. 45am %es are 10K or 1*K "A" dri.es which cost a=out Q1@2#. An e5am %e con+i'uration wou%d =e si5 ,00 2# 1*K "A" dri.es in a RAI( 10 which wou%d :ie%d 1.6 <# o+ usa=%e s ace or ei'ht ,00 2# 1*K "A" dri.es in a RAI( 10 which wou%d :ie%d 2.& <# o+ usa=%e s ace. /200 R>M "A<A dis)s are desi'ned +or sin'%e;user seEuentia% I@- and are not a 'ood choice +or mu%ti; user writes. I+ :ou ha.e the =ud'et and hi'h er+ormance is a )e: reEuirementD consider a $usion;I@- card which is o timi8ed +or massi.e random access. <hese cards are e5 ensi.e and are suited +or hi'h end s:stems that demand er+ormance. A $usion;I@- can =e +ormatted with a +i%es:stem and used as direct stora'eR when used this wa:D it does not ha.e the write issues t: ica%%: associated with a +%ash de.ice. A $usion; I@- can a%so =e used as a cache de.ice when :our 0$" dataset si8e is =i''er than :our RAM. (ue to the increased throu'h utD s:stems runnin' these cards t: ica%%: use mu%ti %e 10 2i'4 networ) inter+aces. I+ :ou wi%% =e usin' 0$"D (is) " ace ReEuirements +or 0$" "tora'e >oo%s recommends a minimum o+ 1, 2# o+ dis) s ace. (ue to the wa: that 0$" creates swa D )o! ca% %ot *or(at le$$ tha% + G, o* $"ace -ith FS. Howe.erD on a dri.e that is =e%ow the minimum recommended si8e :ou %ose a +air amount o+ stora'e s ace to swa K +or e5am %eD on a & 2# dri.eD 2 2# wi%% =e reser.ed +or swa . I+ :ou are new to 0$" and are Recommendations +irst. urchasin' hardwareD read throu'h 0$" "tora'e >oo%s
0$" uses d:namic =%oc) si8in'D meanin' that it is ca a=%e o+ stri in' di++erent si8ed dis)s. Howe.erD i+ :ou care a=out er+ormanceD use dis)s o+ the same si8e. $urtherD when creatin' a RAI(0D on%: the si8e o+ the sma%%est dis) wi%% =e used on each dis). 1.#." Net0or9 Interfaces
<he 4thernet section o+ the $ree#"( Hardware Notes indicates which inter+aces are su orted =: each dri.er. Whi%e man: inter+aces are su ortedD $reeNA"1 users ha.e seen the =est er+ormance +rom Inte% and Che%sio inter+acesD so consider these =rands i+ :ou are urchasin' a new inter+ace. Rea%te)s FreeNAS 9.2.1 Users Guide Page 1$ of 280
oor%: under C>! %oad as inter+aces with these chi sets do not
At a minimum :ou wi%% want to use a 2i'4 inter+ace. Whi%e 2i'4 inter+aces and switches are a++orda=%e +or home useD it shou%d =e noted that modern dis)s can easi%: saturate 110 M#@s. I+ :ou reEuire a hi'her networ) throu'h utD :ou can =ond mu%ti %e 2i'4 cards to'ether usin' the 9AC> t: e o+ 9in) A''re'ation. Howe.erD an: switches wi%% need to su ort 9AC> which means :ou wi%% need a more e5 ensi.e mana'ed switch rather than a home user 'rade switch. I+ networ) er+ormance is a reEuirement and :ou ha.e some mone: to s endD use 10 2i'4 inter+aces and a mana'ed switch. I+ :ou are urchasin' a mana'ed switchD consider one that su orts 9AC> and Ium=o +rames as =oth can =e used to increase networ) throu'h ut. N6*7: at this time the +o%%owin' are %ot su wire%ess inter+aces. ortedK In+ini#andD $i=reChanne% o.er 4thernetD or
I+ networ) s eed is a reEuirementD consider =oth :our hardware and the t: e o+ shares that :ou create. -n the same hardwareD CI$" wi%% =e s%ower than $<> or N$" as "am=a is sin'%e;threaded. I+ :ou wi%% =e usin' CI$"D use a +ast C>!. Wa)e on 9AN AW-9B su ort is de endent u on the $ree#"( dri.er +or the inter+ace. I+ the dri.er su orts W-9D it can =e ena=%ed usin' i+con+i'A6B. <o determine i+ W-9 is su orted on a articu%ar inter+aceD s eci+: the inter+ace name to the +o%%owin' command. In this e5am %eD the ca a=i%ities %ine indicates that W-9 is su orted +or the re0 inter+aceK
ifconfig -m em0 re0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> metric 0 mtu 1500 options=42098<VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,VLAN_HWTSO> capabilities=5399b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,TSO4,WOL_UCAST ,WOL_MCAST, WOL_MAGIC,VLAN_HWFILTER,VLAN_H WTSO>
ort is indicated =ut not wor)in' +or a articu%ar inter+aceD su=mit a =u'
(ata redundanc: and s eed are im ortant considerations +or an: networ) attached stora'e s:stem. Most NA" s:stems use mu%ti %e dis)s to store dataD meanin' :ou shou%d decide which t: e o+ RAI( to use $efore insta%%in' $reeNA"1. <his section ro.ides an o.er.iew o+ RAI( t: es to assist :ou in decidin' which t: e =est suits :our reEuirements. 2AI8 0: ro.ides o tima% er+ormance and a%%ows :ou to add dis)s as needed. Pro'ide$ .ero red!%da%c)/ (ea%i%# i* o%e di$0 *ail$/ all o* the data o% all o* the di$0$ i$ lo$t. <he more dis)s in the RAI( 0D the more %i)e%: the chance o+ a +ai%ure. 2AI8 1: ro.ides redundanc: as data is co ied AmirroredB to two or more dri.es. >ro.ides 'ood read er+ormance =ut ma: ha.e s%ower write er+ormanceD de endin' u on how the mirrors are setu and the num=er o+ 0I9s and 92ARCs. 2AI8 ": reEuires a minimum o+ three dis)s and can to%erate the %oss o+ one dis) without %osin' data. (is) reads are +ast =ut write s eed can =e reduced =: as much as *0L. I+ a dis) +ai%sD it is mar)ed as de'raded =ut the s:stem wi%% continue to o erate unti% the dri.e is re %aced and the RAI( is re=ui%t. FreeNAS 9.2.1 Users Guide Page 1" of 280
Howe.erD shou%d another dis) +ai% =e+ore the RAI( is re=ui%tD a%% data wi%% =e %ost. 2AI8 %: reEuires a minimum o+ +our dis)s and can to%erate the %oss o+ two dis)s without %osin' data. #ene+its +rom ha.in' man: dis)s as er+ormanceD +au%t to%eranceD and cost e++icienc: are a%% im ro.ed re%ati.e%: with more dis)s. <he %ar'er the +ai%ed dri.eD the %on'er it ta)es to re=ui%d the arra:. Reads are .er: +ast =ut writes are s%ower than a RAI( *. 2AI8 10: reEuires a minimum o+ +our dis)s and num=er o+ dis)s is a%wa:s e.en as this t: e o+ RAI( mirrors stri ed sets. <his t: e o+ RAI( can sur.i.e the +ai%ure o+ an: one dri.e. I+ :ou %ose a second dri.e +rom the $a(e mirrored setD :ou wi%% %ose the arra:. Howe.erD i+ :ou %ose a second dri.e +rom a di++erent mirrored setD the arra: wi%% continue to o erate in a de'raded state. RAI( 10 si'ni+icant%: out er+orms RAI(02D es ecia%%: on writes. 2AI8 %0: reEuires a minimum o+ ei'ht dis)s. Com=ines RAI( 0 stri in' with the distri=uted dou=%e arit: o+ RAI( , =: stri in' 2 &;dis) RAI( , arra:s. RAI( ,0 re=ui%d times are ha%+ that o+ RAI( ,. 2AI8;1: 0$" so+tware so%ution that is eEui.a%ent to RAI(*. Its ad.anta'e o.er RAI( * is that it a.oids the write;ho%e and does not reEuire an: s ecia% hardwareD meanin' it can =e used on commodit: dis)s. I+ :our $reeNA"1 s:stem wi%% =e used +or stead: writesD RAI(0 is a oor choice due to the s%ow write s eed. 2AI8;2: dou=%e; arit: 0$" so+tware so%ution that is simi%ar to RAI(;,. Its ad.anta'e o.er RAI( * is that it a%so a.oids the write;ho%e and does not reEuire an: s ecia% hardwareD meanin' it can =e used on commodit: dis)s. RAI(02 a%%ows :ou to %ose one dri.e without an: de'radation as it =asica%%: =ecomes a RAI(01 unti% :ou re %ace the +ai%ed dri.e and resi%.er. At this timeD RAI(02 on $ree#"( is s%ower than RAI(01. 2AI8;#: tri %e; arit: 0$" so+tware so%ution. RAI(03 o++ers three arit: dri.es and can o erate in de'raded mode i+ u to three dri.es +ai% with no restrictions on which dri.es can +ai%. N6*7: instead o+ mi5in' 0$" RAI( with hardware RAI(D it is recommended that :ou %ace :our hardware RAI( contro%%er in C#-( mode and %et 0$" hand%e the RAI(. Accordin' to Wi)i ediaK O0$" can not +u%%: rotect the user's data when usin' a hardware RAI( contro%%erD as it is not a=%e to er+orm the automatic se%+;hea%in' un%ess it contro%s the redundanc: o+ the dis)s and data. 0$" re+ers directD e5c%usi.e access to the dis)sD with nothin' in =etween that inter+eres. I+ the user insists on usin' hardware;%e.e% RAI(D the contro%%er shou%d =e con+i'ured as C#-( mode Ai.e. turn o++ RAI(; +unctiona%it:B +or 0$" to =e a=%e to 'uarantee data inte'rit:. Note that hardware RAI( con+i'ured as C#-( ma: sti%% detach dis)s that do not res ond in timeR and as such ma: reEuire <94R@CC<9@4RC; ena=%ed dis)s to re.ent dri.e dro outs. <hese %imitations do not a %: when usin' a non;RAI( contro%%erD which is the re+erred method o+ su %:in' dis)s to 0$".P When determinin' the t: e o+ RAI(0 to useD consider whether :our 'oa% is to ma5imum dis) s ace or ma5imum er+ormanceK RAI(01 ma5imi8es dis) s ace and 'enera%%: er+orms we%% when data is written and read in %ar'e chun)s A126K or moreB. RAI(02 o++ers =etter data a.ai%a=i%it: and si'ni+icant%: =etter mean time to data %oss AM<<(9B than RAI(01. A mirror consumes more dis) s ace =ut 'enera%%: er+orms =etter with sma%% random reads.
Page 1% of 280
$or =etter er+ormanceD a mirror is stron'%: +a.ored o.er an: RAI(0D uncachea=%eD random read %oads.
When determinin' how man: dis)s to use in a RAI(0D the +o%%owin' con+i'urations ro.ide o tima% er+ormance. Arra: si8es =e:ond 12 dis)s are not recommended. "tart a RAI(01 at at 3D *D or 9 dis)s. "tart a RAI(02 at &D ,D or 10 dis)s. "tart a RAI(03 at *D /D or 11 dis)s. <he recommended num=er o+ dis)s er 'rou is =etween 3 and 9. I+ :ou ha.e more dis)sD use mu%ti %e 'rou s. <he +o%%owin' resources can a%so he% :ou determine the RAI( con+i'uration =est suited to :our stora'e needsK What is the #est RAI(0 Con+i'uration 2ettin' the Most out o+ 0$" >oo%s A C%oser 9oo) at 0$"D 3de.s and >er+ormance N6*7: NO RA1D SO2UT1ON PRO31DES A REP2A4EMENT FOR A RE21A,2E ,A45UP STRATEG6. ,AD STUFF 4AN ST122 7APPEN AND 6OU 8122 ,E G2AD T7AT 6OU ,A45ED UP 6OUR DATA 87EN 1T DOES. "ee >eriodic "na shot <as)s and Re %ication <as)s i+ :ou wou%d %i)e to use 0$" sna shots and rs:nc as art o+ :our =ac)u strate':. 1.#.) ;FS 6,er,ie0
Whi%e 0$" isn't hardwareD an o.er.iew is inc%uded in this section as the decision to use 0$" ma: im act on :our hardware choices and whether or not to use hardware RAI(. I+ :ou are new to 0$"D the Wi)i edia entr: on 0$" ro.ides an e5ce%%ent startin' oint to %earn a=out its +eatures. <hese resources are a%so use+u% to =oo)mar) and re+er to as neededK $ree#"( 0$" <unin' 2uide 0$" Administration 2uide #ecomin' a 0$" NinIa A.ideoB "%ideshow e5 %ainin' 3(e.D 8 oo%D 0I9 and 92ARC and other new=ie mista)esS A Crash Course on 0$" <he +o%%owin' is a '%ossar: o+ terms used =: 0$"K Pool: a co%%ection o+ de.ices that ro.ides h:sica% stora'e and data re %ication mana'ed =: 0$". <his oo%ed stora'e mode% e%iminates the conce t o+ .o%umes and the associated ro=%ems o+ artitionsD ro.isionin'D wasted =andwidth and stranded stora'e. In $reeNA"1D 0$" 3o%ume Mana'er is used to create 0$" oo%s. 8ataset: once a oo% is createdD it can =e di.ided into datasets. A dataset is simi%ar to a +o%der in that it su orts ermissions. A dataset is a%so simi%ar to a +i%es:stem in that :ou can set ro erties such as Euotas and com ression. FreeNAS 9.2.1 Users Guide Page 1) of 280
;,ol: 0$" stora'e oo%s can ro.ide .o%umes +or a %ications that need raw;de.ice semantics such as swa de.ices or i"C"I de.ice e5tents. In other wordsD a 8.o% is a .irtua% =%oc) de.ice in a 0$" stora'e oo%. Sna!s ot: a read;on%: oint;in;time co : o+ a +i%es:stem. "na shots can =e created Euic)%: andD i+ %itt%e data chan'esD new sna shots ta)e u .er: %itt%e s ace. $or e5am %eD a sna shot where no +i%es ha.e chan'ed ta)es 0 M# o+ stora'eD =ut i+ :ou chan'e a 10 2# +i%e it wi%% )ee a co : o+ =oth the o%d and the new 10 2# .ersion. "na shots ro.ide a c%e.er wa: o+ )ee in' a histor: o+ +i%esD shou%d :ou need to reco.er an o%der co : or e.en a de%eted +i%e. $or this reasonD man: administrators ta)e sna shots o+ten Ae.'. e.er: 1* minutesBD store them +or a eriod o+ time Ae.'. +or a monthBD and store them on another s:stem. "uch a strate': a%%ows the administrator to ro%% the s:stem =ac) to a s eci+ic time orD i+ there is a catastro hic %ossD an o++;site sna shot can restore the s:stem u to the %ast sna shot inter.a% Ae.'. within 1* minutes o+ the data %ossB. "na shots can =e c%oned or ro%%ed =ac)D =ut the +i%es on the sna shot cannot =e accessed inde endent%:. 'lone: a writa=%e co : o+ a sna shot which can on%: =e created on the same 0$" .o%ume. C%ones ro.ide an e5treme%: s ace;e++icient wa: to store man: co ies o+ most%:;shared data such as wor)s acesD so+tware insta%%ationsD and dis)%ess c%ients. C%ones do not inherit the ro erties o+ the arent datasetD =ut rather inherit the ro erties =ased on where the c%one is created in the 0$" oo%. #ecause a c%one initia%%: shares a%% its dis) s ace with the ori'ina% sna shotD its used ro ert: is initia%%: 8ero. As chan'es are made to the c%oneD it uses more s ace. 8edu!lication: the rocess o+ e%iminatin' du %icate co ies o+ data in order to sa.e s ace. -nce dedu %icaton occursD it can im ro.e 0$" er+ormance as %ess data is written and stored. Howe.erD the rocess o+ dedu %icatin' the data is RAM intensi.e and a 'enera% ru%e o+ thum= is * 2# RAM er <# o+ stora'e to =e dedu %icated. 1% (o$t ca$e$/ e%abli%# co("re$$io% -ill "ro'ide co("arable "er*or(a%ce. In $reeNA"1D dedu %ication can =e ena=%ed at the dataset %e.e% and there is no wa: to undedu data once it is dedu %icatedK switchin' dedu %ication o++ has NO AFFE4T on e5istin' data. <he more data :ou write to a dedu %icated datasetD the more RAM it reEuiresD and there is no u er =ound on this. When the s:stem starts storin' the ((<s Adedu ta=%esB on dis) =ecause the: no %on'er +it into RAMD er+ormance craters. $urthermoreD im ortin' an unc%ean oo% can reEuire =etween 3;* 2# o+ RAM er <# o+ dedu ed dataD and i+ the s:stem doesn't ha.e the needed RAM it wi%% anicD with the on%: so%ution =ein' to add more RAM or to recreate the oo%. Thi%0 care*!ll) be*ore e%abli%# ded!"9 ;I<: A0$" Intent 9o'B is e++ecti.e%: a +i%es:stem Iourna% that mana'es writes. <he 0I9 is a tem orar: stora'e area +or s:nc writes unti% the: are written as:nchronous%: to the 0$" oo%. I+ the s:stem has man: s:nc writesD such as +rom a data=ase ser.erD er+ormance can =e increased =: addin' a dedicated %o' de.ice As%o'B usin' 0$" 3o%ume Mana'er. I+ the s:stem has +ew s:nc writesD a s%o' wi%% not s eed u writes to the oo%. A more detai%ed e5 %anation can =e +ound in this +orum ost. A dedicated %o' de.ice wi%% ha.e no a++ect on CI$"D A$>D or i"C"I as these rotoco%s rare%: use s:nc writes. A dedicated %o' de.ice can increase write er+ormance o.er N$"D es ecia%%: +or 4"7i. When creatin' a dedicated %o' de.iceD it is recommended to use a +ast ""( with a su erca acitor or a =an) o+ ca acitors that can hand%e writin' the contents o+ the ""('s RAM to the ""(. I+ :ou don't ha.e access to such an ""(D tr: disa=%in' s:nc writes on the N$" dataset usin' 8+sA6B instead. <he =ilstat uti%it: can =e run +rom "he%% to he% determine i+ the s:stem wou%d =ene+it +rom a dedicated 0I9 de.ice. "ee this we=site +or usa'e in+ormation.
Page 18 of 280
I+ :ou decide to create a dedicated %o' de.ice to s eed u N$" writesD the ""( can =e ha%+ the si8e o+ s:stem RAM as an:thin' %ar'er than that is unused ca acit:. <he %o' de.ice $ho!ld be (irrored o% a FS':; "ool beca!$e i* o%e o* the lo# de'ice$ *ail$/ the "ool i$ !%reco'erable and the oo% must =e recreated and the data restored +rom a =ac)u . <he %o' de.ice does not need to =e mirrored on a 0$".26 oo% as the s:stem wi%% re.ert to usin' the 0I9 i+ the %o' de.ice +ai%s and on%: the data in the de.ice which had not =een written to the oo% wi%% =e %ost At: ica%%: the %ast +ew seconds o+ writesB. Fou can re %ace the %ost %o' de.ice in the 3iew 3o%umes N 3o%ume "tatus screen. Note that a dedicated %o' de.ice can not =e shared =etween 0$" oo%s and that the same de.ice cannot ho%d =oth a %o' and a cache de.ice. <2A2': 0$" uses a RAM cache to reduce read %atenc:. I+ an ""( is dedicated as a cache de.iceD it is )nown as an 92ARC and 0$" uses it to store more reads which can increase random read er+ormance. Howe.erD addin' a cache de.ice wi%% not im ro.e a s:stem with too %itt%e RAM and wi%% actua%%: decrease er+ormance as 0$" uses RAM to trac) the contents o+ 92ARC. RAM is a%wa:s +aster than dis)sD so a%wa:s add as much RAM as ossi=%e =e+ore determinin' i+ the s:stem wou%d =ene+it +rom a 92ARC de.ice. I+ :ou ha.e a %ot o+ a %ications that do %ar'e amounts o+ random readsD on a dataset sma%% enou'h to +it into the 92ARCD read er+ormance ma: =e increased =: addin' a dedicated cache de.ice usin' 0$" 3o%ume Mana'er. ""( cache de.ices on%: he% i+ :our wor)in' set is %ar'er than s:stem RAMD =ut sma%% enou'h that a si'ni+icant ercenta'e o+ it wi%% +it on the ""(. A+ter addin' an 92ARCD monitor its e++ecti.eness usin' too%s such as arcstat. I+ :ou need to increase the si8e o+ an e5istin' 92ARCD :ou can stri e another cache de.ice =: addin' another de.ice. <he 2!I wi%% a%wa:s stri e 92ARCD not mirror itD as the contents o+ 92ARC are recreated at =oot. 9osin' an 92ARC de.ice wi%% not a++ect the inte'rit: o+ the oo%D =ut ma: ha.e an im act on read er+ormanceD de endin' u on the wor)%oad and the ratio o+ dataset si8e to cache si8e. Note that a dedicated 92ARC de.ice can not =e shared =etween 0$" oo%s. Scru(: simi%ar to 4CC memor: scru==in'D a%% data is read to detect %atent errors whi%e the:'re sti%% correcta=%e. A scru= tra.erses the entire stora'e oo% to read e.er: data =%oc)D .a%idates it a'ainst its 2*,;=it chec)sumD and re airs it i+ necessar:.
#e+ore insta%%in'D it is im ortant to remem=er that the $reeNA"1 o eratin' s:stem must =e insta%%ed on a se arate de.ice +rom the dri.eAsB that wi%% ho%d the stora'e data. In other wordsD i+ :ou on%: ha.e one dis) dri.e :ou wi%% =e a=%e to use the $reeNA"1 'ra hica% inter+ace =ut won't =e a=%e to store an: dataD which a+ter a%%D is the who%e oint o+ a NA" s:stem. I+ :ou are a home user who is e5 erimentin' with $reeNA"1D :ou can insta%% $reeNA"1 on an ine5 ensi.e !"# thum= dri.e and use the com uter's dis)AsB +or stora'e. <his section descri=es the +o%%owin'K 2ettin' $reeNA"1 $reeNA"1 in a 3irtua% 4n.ironment Insta%%in' +rom C(R-M #urnin' an IM2 $i%e FreeNAS 9.2.1 Users Guide Page 19 of 280
2.1
Getting FreeNAS
$reeNA"1 9.2.1 can =e down%oaded +rom the down%oad a'e o+ the $reeNA"1 we=site. $reeNA"1 is a.ai%a=%e +or 32;=it A536,B and ,&;=it A5,&B architectures. Fou shou%d down%oad the architecture t: e that matches :our C>!'s ca a=i%ities. N6*7: there are man: =ui%t;in %imitations in the 32;=it .ersion. Fou shou%d on%: insta%% this .ersion i+ :our C>! a=so%ute%: does not su ort ,&;=it. <he down%oad a'e contains the +o%%owin' t: es o+ +i%es. (own%oad one +i%e that meets :our needsK '8 Installer: this is a =oota=%e insta%%er that can =e written to C(R-M. <his is descri=ed in more detai% in Insta%%in' +rom C(R-M. 8is9 I3age: this is a com ressed ima'e o+ the o eratin' s:stem that needs to =e written to a !"# or com act +%ash de.ice. #urnin' an IM2 $i%e descri=es how to write the ima'e. GUI U!grade or <egac+ U!grade: this is a com ressed +irmware u 'rade ima'e. I+ :our intent is to u 'rade $reeNA"1D down%oad the correct +i%e +or :our architecture and .ersion and see the section on ! 'radin' $reeNA"1. (own%oad the 2!I ! 'rade i+ :ou are u 'radin' +rom .ersion 6.2.0;#4<A3 throu'h 9.1.0. (own%oad the %e'ac: u 'rade i+ :ou are u 'radin' +rom .ersion 6.0.1#4<A3 throu'h 6.2.0;#4<A2.
4ach +i%e has an associated "HA2*, hash which shou%d =e used to .eri+: the inte'rit: o+ the down%oaded +i%e =e+ore writin' it to the insta%%ation media. <he command :ou use to .eri+: the chec)sum .aries =: o eratin' s:stemK on a #"( s:stem use the command s a2"% na3e:of:file on a 9inu5 s:stem use the command s a2"%su3 na3e:of:file on a Mac s:stem use the command s asu3 >a 2"% na3e:of:file on a Windows s:stem or Mac s:stemD :ou can insta%% a uti%it: such as HashCa%c or Hash<a=
2.2
$reeNA" can =e run inside a .irtua% en.ironment +or de.e%o mentD e5 erimentationD and educationa% ur oses. >%ease note that runnin' $reeNA" in roduction as a .irtua% machine is not recommended. I+ :ou decide to use $reeNA"1 within a .irtua% en.ironmentD read this ost +irst as it contains use+u% 'uide%ines +or minimi8in' the ris) o+ %osin' :our data. In order to insta%% or run $reeNA"1 within a .irtua% en.ironmentD :ou wi%% need to create a .irtua% machine that meets the +o%%owin' minimum reEuirementsK at lea$t 20&6 M# =ase memor: si8e A!$"B or &09, M# A0$"B a .irtua% dis) at lea$t < G, i% $i.e to ho%d the o eratin' s:stem and swa at %east one more .irtua% dis) at lea$t = G, i% $i.e to =e used as data stora'e FreeNAS 9.2.1 Users Guide Page 20 of 280
a =rid'ed ada ter <his section demonstrates how to create and access a .irtua% machine within the 3irtua%#o5 and 3MWare 4"7i en.ironments.
2.2.1
?irtual5o-
3irtua%#o5 is an o en source .irtua%i8ation ro'ram ori'ina%%: created =: "un Micros:stems. 3irtua%#o5 runs on WindowsD #"(D 9inu5D MacintoshD and - en"o%aris. It can =e con+i'ured to use a down%oaded $reeNA"1 .iso or .img.(/ +i%eD and ma)es a 'ood testin' en.ironment +or racticin' con+i'urations or %earnin' how to use the +eatures ro.ided =: $reeNA"1.
2.2.1.1
<o create the .irtua% machineD start 3irtua%#o5 and c%ic) the ONewP =uttonD seen in $i'ure 2.2aD to start the new .irtua% machine wi8ard. Figure 2.2a: Initial ?irtual5o- Screen
C%ic) the ONe5tP =utton to see the screen in $i'ure 2.2=. 4nter a name +or the .irtua% machineD c%ic) the O- eratin' ":stemP dro ;down menu and se%ect #"(D and se%ect O$ree#"( A,&;=itBP +rom the O3ersionP dro down.
Page 21 of 280
Figure 2.2(: *+!e in a Na3e and Select t e 6!erating S+ste3 for t e Ne0 ?irtual 4ac ine
C%ic) ONe5tP to see the screen in $i'ure 2.2c. <he =ase memor: si8e must =e chan'ed to at lea$t <0=> M,. 1* )o!r $)$te( ha$ e%o!#h (e(or)/ $elect at lea$t =0?@ M, $o that )o! ca% !$e FS . When +inishedD c%ic) ONe5tP to see the screen in $i'ure 2.2d. Figure 2.2c: Select t e A3ount of 4e3or+ 2eser,ed for t e ?irtual 4ac ine
Page 22 of 280
Figure 2.2d: Select . et er to Use an 7-isting or 'reate a Ne0 ?irtual &ard 8ri,e
C%ic) OCreateP to %aunch the OCreate 3irtua% Hard (ri.e Wi8ardP shown in $i'ure 2.2e. Figure 2.2e: 'reate Ne0 ?irtual &ard 8ri,e .i=ard
Page 2# of 280
"e%ect one o+ the +o%%owin' t: esK ?8I: se%ect this o tion i+ :ou down%oaded the I"-. ?481: se%ect this o tion i+ :ou con.erted the .img +i%e to 3M(K +ormat usin' the instructions in Runnin' $reeNA"1 +rom a !"# Ima'e. -nce :ou ma)e a se%ectionD c%ic) the ONe5tP =utton to see the screen in $i'ure 2.2+. Figure 2.2f: Select t e Storage *+!e for t e ?irtual 8is9
Fou can now choose whether :ou want O(:namica%%: a%%ocatedP or O$i5ed;si8eP stora'e. <he +irst o tion uses dis) s ace as needed unti% it reaches the ma5imum si8e that :ou wi%% set in the ne5t screen. <he second o tion creates a dis) the same si8e as that s eci+ied amount o+ dis) s aceD whether it is used or not. Choose the +irst o tion i+ :ou are worried a=out dis) s aceR otherwiseD choose the second o tion as it a%%ows 3irtua%#o5 to run s%i'ht%: +aster. -nce :ou se%ect ONe5tPD :ou wi%% see the screen in $i'ure 2.2'.
Page 2$ of 280
<his screen is used to set the si8e Aor u er %imitB o+ the .irtua% machine. 1%crea$e the de*a!lt $i.e to < or = G,. !se the +o%der icon to =rowse to a director: on dis) with su++icient s ace to ho%d the .irtua% machine. -nce :ou ma)e :our se%ection and ress ONe5tPD :ou wi%% see a summar: o+ :our choices. !se the O#ac)P =utton to return to a re.ious screen i+ :ou need to chan'e an: .a%ues. -therwiseD c%ic) O$inishP to +inish usin' the wi8ard. <he .irtua% machine wi%% =e %isted in the %e+t +rameD as seen in the e5am %e in $i'ure 2.2h.
2.2.1.2
Ne5tD create the .irtua% dis)AsB to =e used +or stora'e. C%ic) the O"tora'eP h: er%in) in the ri'ht +rame to access the stora'e screen seen in $i'ure 2.2i.
Page 2% of 280
C%ic) the OAdd AttachmentP =uttonD se%ect OAdd Hard (is)P +rom the o ;u menuD then c%ic) the OCreate New (is)P =utton. <his wi%% %aunch the Create New 3irtua% Hard (ri.e Wi8ard Aseen in $i'ures 2.2e and 2.2+B. "ince this dis) wi%% =e used +or stora'eD create a si8e a ro riate to :our needsD ma)in' sure that it is at lea$t = G, in si8e. I+ :ou wish to ractice RAI( con+i'urationsD create as man: .irtua% dis)s as :ou need. Fou wi%% =e a=%e to create 2 dis)s on the I(4 contro%%er. I+ :ou need additiona% dis)sD c%ic) the OAdd Contro%%erP =utton to create another contro%%er to attach dis)s to. Ne5tD create the de.ice +or the insta%%ation media. I+ :ou wi%% =e insta%%in' +rom an I"-D hi'h%i'ht the word O4m t:PD then c%ic) the C( icon as seen in $i'ure 2.2I.
Page 2) of 280
C%ic) OChoose a .irtua% C(@(3( dis) +i%e...P to =rowse to the %ocation o+ the .iso +i%e. A%ternate%:D i+ :ou ha.e =urned the .iso to dis)D se%ect the detected OHost (ri.eP. (e endin' u on the e5tensions a.ai%a=%e in :our C>!D :ou ma: or ma: not =e a=%e to use the I"-. I+ :ou recei.e the error O:our C>! does not su ort %on' modeP when :ou tr: to =oot the I"-D :our C>! either does not ha.e the reEuired e5tension or AM(;3@3<;5 is disa=%ed in the s:stem #I-". N-<4K i+ :ou recei.e a )erne% anic when =ootin' into the I"-D sto the .irtua% machine. <henD 'o to ":stem and chec) the =o5 O4na=%e I- A>ICP.
2.2.1.3
<o con+i'ure the networ) ada terD 'o to "ettin's N Networ). In the OAttached toP dro ;down menu se%ect O#rid'ed Ada terPD then se%ect the name o+ the h:sica% inter+ace +rom the ONameP dro ;down menu. In the e5am %e shown in $i'ure 2.2)D the Inte% >ro@1000 4thernet card is attached to the networ) and has a de.ice name o+ re0. -nce :our con+i'uration is com %eteD c%ic) the O"tartP arrow. I+ :ou con+i'ured the I"-D insta%% $reeNA"1 as descri=ed in Insta%%in' +rom C(R-M. -nce $reeNA"1 is insta%%edD ress $12 to access the =oot menu in order to se%ect the rimar: hard dis) as the =oot o tion. Fou can ermanent%: =oot +rom dis) =: remo.in' the C(@(3( de.ice in O"tora'eP or =: unchec)in' C(@(3(;R-M in the O#oot -rderP section o+ O":stemP. I+ :ou con+i'ured the 3M(KD the .irtua% machine wi%% =oot direct%: into $reeNA"1. FreeNAS 9.2.1 Users Guide Page 28 of 280
2.2.1.!
I+ :ou wi%% =e runnin' $reeNA"1 +rom an .img.(/ +i%e instead o+ insta%%in' it +rom the I"-D :ou must +irst down%oad and insta%% the -rac%e 3M 3irtua%#o5 45tension >ac) that matches :our .ersion o+ 3irtua%#o5. <he e5tension ac) ena=%es !"# su ort. Ne5tD uncom ress and =urn the $reeNA"1 .img.(/ +i%e usin' the instructions at #urnin' an Ima'e $i%e. -nce the ima'e is =urned to the !"# de.iceD %ea.e the de.ice inserted. <he 3irtua%#o5 2!I does not automatica%%: ro.ide a wa: to se%ect a !"# de.ice to =oot +rom. Howe.erD :ou can use a command %ine uti%it: to %in) the !"# de.ice to a .#mdk +i%e so that it can =e se%ected as a =oot de.ice. <o do this on a Windows s:stemD o en a command rom t in administrati.e mode Ari'ht;c%ic) c3d +rom the Run menu and se%ect Run as administratorBD and run the commands shown in $i'ure 2.2%. #e+ore runnin' these commandsD .eri+: the h:sica% dri.e num=er +rom "tart menu N ri'ht;c%ic) Com uter N Mana'e N "tora'e N (is) Mana'ement. I+ the !"# dri.e is di++erent than (is) 1D chan'e the num=er in 00.01hysi'al ri#e1 to match the dis) num=er. Fou can a%so s eci+: where to sa.e the .#mdk +i%e. Ma)e sure that the securit: ta= o+ the sa.ed +i%e 'i.es O$u%% contro%P ermissions to !sers so that the +i%e can =e accessed =: 3irtua%#o5. FreeNAS 9.2.1 Users Guide Page 29 of 280
-nce :ou ha.e a .#mdk +i%eD create a new .irtua% machine whi%e the !"# stic) is inserted. When :ou 'et to $i'ure 2.2eD se%ect O!se e5istin' hard dis)P and =rowse to :our .#mdk +i%e. C%ic) ONe5tPD then OCreateP. <his wi%% create the .irtua% machine and =rin' :ou to $i'ure 2.2h. Fou can then create :our stora'e dis)s and =rid'ed ada ter as usua%. When +inishedD start the .irtua% machine and it wi%% =oot direct%: into $reeNA"1.
2.2.2
?4.are 7SAi
I+ :ou are considerin' usin' 4"7iD read this ost +or an e5 %anation o+ wh: i"C"I wi%% =e +aster than N$". 4"7i is is a =are;meta% h: er.isor architecture created =: 3Mware Inc. Commercia% and +ree .ersions o+ the 3MWare ." here H: er.isor o eratin' s:stem A4"7iB are a.ai%a=%e +rom the 3MWare we=site. -nce the o eratin' s:stem is insta%%ed on su orted hardwareD use a we= =rowser to connect to its I> address. <he we%come screen wi%% ro.ide a %in) to down%oad the 3Mware ." here c%ient which is used to create and mana'e .irtua% machines. -nce the 3Mware ." here c%ient is insta%%edD use it to connect to the 4"7i ser.er. <o create a new .irtua% machineD c%ic) $i%e N New N 3irtua% Machine. <he New 3irtua% Machine Wi8ard wi%% %aunch as seen in $i'ure 2.2m. C%ic) ONe5tP and in ut a name +or the .irtua% machine. C%ic) ONe5tP and hi'h%i'ht a datastore. An e5am %e is shown in $i'ure 2.2n. C%ic) ONe5tP. In the screen shown in $i'ure 2.2oD c%ic) O-therP then se%ect a $ree#"( architecture that matches the $reeNA"1 architecture.
Page #0 of 280
Page #1 of 280
C%ic) ONe5tP and create a .irtua% dis) +i%e o+ 2 G, to ho%d the $reeNA"1 o eratin' s:stemD as shown in $i'ure 2.2 . C%ic) ONe5tP then O$inishP. Four .irtua% machine wi%% =e %isted in the %e+t +rame. Ri'ht;c%ic) the .irtua% machine and se%ect O4dit "ettin'sP to access the screen shown in $i'ure 2.2E. Increase the OMemor: Con+i'urationP to at lea$t <0=> M, . !nder OC>!sPD ma)e sure that on%: 1 .irtua% rocessor is %istedD otherwise :ou wi%% =e una=%e to start an: $reeNA"1 ser.ices. <o create a stora'e dis)D c%ic) Hard dis) 1 N Add. In the O(e.ice <: eP menuD hi'h%i'ht OHard (is)P and c%ic)P Ne5tP. "e%ect OCreate a new .irtua% dis)P and c%ic) ONe5tP. In the screen shown in $i'ure 2.2rD se%ect the si8e o+ the dis). I+ :ou wou%d %i)e the si8e to =e d:namica%%: a%%ocated as neededD chec) the =o5 OA%%ocate and commit s ace on demand A<hin >ro.isionin'BP. C%ic) ONe5tPD then ONe5tPD then O$inishP to create the dis). Re eat to create the amount o+ stora'e dis)s needed to meet :our reEuirements.
Page #2 of 280
Page ## of 280
2.#
I+ :ou re+er to insta%% $reeNA"1 usin' a menu;dri.en insta%%erD down%oad the I"- ima'e that matches the architecture o+ the s:stem :ou wi%% insta%% onto A32; or ,&;=itB and =urn it to a C(R-M. N6*7: the insta%%er on the C(R-M wi%% reco'ni8e i+ a re.ious .ersion o+ $reeNA"1 is a%read: insta%%edD meanin' the C(R-M can a%so =e used to u 'rade $reeNA"1. Howe.erD the insta%%er can not er+orm an u 'rade +rom a $reeNA"1 ./ s:stem. Insert the C(R-M into the s:stem and =oot +rom it. -nce the media has +inished =ootin'D :ou wi%% =e resented with the conso%e setu menu seen in $i'ure 2.3a. N6*7: i+ the insta%%er does not =ootD chec) that the C( dri.e is %isted +irst in the =oot order in the #I-". "ome mother=oards ma: reEuire :ou to connect the C(R-M to "A<A0 Athe +irst connectorB in order to =oot +rom C(R-M. I+ it sta%%s durin' =ootD chec) the "HA2*, hash o+ :our I"- a'ainst that %isted in the Re%ease NotesR i+ the hash does not matchD re;down%oad the +i%e. I+ the hash is correctD tr: =urnin' the C( a'ain at a %ower s eed. FreeNAS 9.2.1 Users Guide Page #$ of 280
>ress enter to se%ect the de+au%t o tion o+ O1 Insta%%@! 'rade to hard dri.e@+%ash de.iceD etc.P. <he ne5t menuD seen in $i'ure 2.3=D wi%% %ist a%% a.ai%a=%e dri.esD inc%udin' an: inserted !"# thum= dri.es which wi%% =e'in with da. In this e5am %eD the user is insta%%in' into 3irtua%#o5 and has created a & 2# .irtua% dis) to ho%d the o eratin' s:stem. N6*7: at this timeD the insta%%er does not chec) the si8e o+ the insta%% media =e+ore attem tin' an insta%%ation. A 2 2# de.ice is reEuiredD =ut the insta%% wi%% a ear to com %ete success+u%%: on sma%%er de.icesD on%: to +ai% at =oot. I+ usin' a !"# thum= dri.eD an & 2# dri.e is recommended as man: 2 2# thum= dri.es ha.e a sma%%er ca acit: which wi%% resu%t in a seemin'%: success+u% insta%%ation that +ai%s to =oot. !se :our arrow )e:s to hi'h%i'ht the !"#D com act +%ash de.iceD or .irtua% dis) to insta%% intoD then ta= to -K and ress enter. $reeNA"1 wi%% issue the warnin' seen in $i'ure 2.3cD remindin' :ou not to insta%% onto a stora'e dri.e. >ress enter and $reeNA"1 wi%% e5tract the ima'e +rom the I"- and trans+er it to the de.ice. -nce the insta%%ation is com %eteD :ou shou%d see a messa'e simi%ar to $i'ure 2.3d. >ress enter to return to the +irst menuD seen in $i'ure 2.3a. Hi'h%i'ht O3 Re=oot ":stemP and ress enter. Remo.e the C(R-M. I+ :ou insta%%ed onto a !"# thum= dri.eD %ea.e the thum= dri.e inserted. Ma)e sure that the de.ice :ou insta%%ed to is %isted as the +irst =oot entr: in the #I-" so that the s:stem wi%% =oot +rom it. $reeNA"1 shou%d now =e a=%e to =oot into the Conso%e setu menu descri=ed in Initia% "etu .
Page #% of 280
2.$
I+ :our s:stem does not ha.e a C(R-M dri.e to insta%% +romD :ou can instead write the o eratin' s:stem direct%: to a com act +%ash card or !"# thum=dri.e. (own%oad the img.(/ +i%eD uncom ress the +i%eD and write it to a com act +%ash card or !"# thum=dri.e that is 2 2# or %ar'er. Fou then =oot into that de.ice to %oad the $reeNA"1 o eratin' s:stem. <his section demonstrates how to write the ima'e usin' se.era% di++erent o eratin' s:stems. <he !net=ootin too% is not su orted at this time. 8ANG72C <he dd command demonstrated in this section is .er: ower+u% and can destro: an: e5istin' data on the s eci+ied de.ice. #e 'er) $!re that :ou )now the de.ice name to write to and that :ou do not t: o the de.ice name when usin' ddS I+ :ou are uncom+orta=%e writin' the ima'e :ourse%+D down%oad the .iso +i%e instead and use the instructions in Insta%%in' +rom C(R-M. -nce :ou ha.e written the ima'e to the de.iceD ma)e sure the =oot order in the #I-" is set to =oot +rom that de.ice and =oot the s:stem. It shou%d =oot into the Conso%e setu menu descri=ed in Initia% "etu . I+ it does notD tr: the su''estions in the <rou=%eshootin' section. 2.$.1 Using -=cat and dd on a Free5S8 or <inu- S+ste3
-n a $ree#"( or 9inu5 s:stemD the -=cat and dd commands can =e used to uncom ress and write the .(/ ima'e to an inserted !"# thum= dri.e or com act +%ash de.ice. 45am %e 2.&a demonstrates writin' the ima'e to the +irst !"# de.ice A 2de#2da0B on a $ree#"( s:stem. "u=stitute the +i%ename o+ :our .(/ +i%e and the de.ice name re resentin' the de.ice to write to on :our s:stem. 7-a3!le 2.$a: .riting t e I3age to a US5 * u3( 8ri,e
xzcat FreeNAS-9.2.1-RELEASE-x64.img.xz | dd of=/dev/da0 bs=64k 0+244141 records in 0+244141 records out 2000000000 bytes transferred in 596.039857 secs (3355480 bytes/sec)
When usin' the dd commandK ofD re+ers to the out ut +i%eR in our caseD the de.ice name o+ the +%ash card or remo.a=%e !"# dri.e. Fou ma: ha.e to increment the num=er in the name i+ it is not the +irst !"# de.ice. -n 9inu5D use 2de#2sdX3 where X re+ers to the %etter o+ the !"# de.ice. (sD re+ers to the =%oc) si8e 2.$.2 Using 1e9a and dd on an 6S A S+ste3
-n an -" 7 s:stemD :ou can down%oad and insta%% Ke)a to uncom ress the ima'e. In $IN(4RD na.i'ate to the %ocation where :ou sa.ed the down%oaded .(/ +i%e. Ri'ht;c%ic) the .(/ +i%e and se%ect O- en With Ke)aP. A+ter a +ew minutes :ou wi%% ha.e a %ar'e +i%e with the same nameD =ut no .(/ e5tension. Insert the !"# thum= dri.e and 'o to 9aunch ad N !ti%ities N (is) !ti%it:. !nmount an: mounted artitions on the !"# thum= dri.e. Chec) that the !"# thum= dri.e has on%: one artitionD otherwise :ou wi%% 'et artition ta=%e errors on =oot. I+ neededD use (is) !ti%it: to setu one artition on the !"# dri.eR se%ectin' M+ree s aceM when creatin' the artition wor)s +ine.
Page #) of 280
Ne5tD determine the de.ice name o+ the inserted !"# thum= dri.e. $rom <4RMINA9D na.i'ate to :our (es)to then t: e this commandK
diskutil list /dev/disk0 #: TYPE NAME 0: GUID_partition_scheme 1: EFI 2: Apple_HFS Macintosh HD 3: Apple_Boot Recovery HD /dev/disk1 #: TYPE NAME 0: FDisk_partition_scheme 1: DOS_FAT_32 UNTITLED
GB MB GB MB
<his wi%% show :ou which de.ices are a.ai%a=%e to the s:stem. 9ocate :our !"# stic) and record the ath. I+ :ou are not sure which ath is the correct one +or the !"# stic)D remo.e the de.iceD run the command a'ainD and com are the di++erence. -nce :ou are sure o+ the de.ice nameD na.i'ate to the (es)to +rom <4RMINA9D unmount the !"# stic)D and use the dd command to write the ima'e to the !"# stic). In 45am %e 2.&=D the !"# thum= dri.e is 2de#2disk1. "u=stitute the name o+ :our uncom ressed +i%e and the correct ath to :our !"# thum= dri.e. 7-a3!le 2.$(: Using dd on an 6S A S+ste3
diskutil unmountDisk /dev/disk1 Unmount of all volumes on disk1 was successful dd if=FreeNAS-9.2.1-RELEASE-x64.img of=/dev/disk1 bs=64k
N6*7: i+ :ou 'et the error OResource =us:P when :ou run the dd commandD 'o to A %ications N !ti%ities N (is) !ti%it:D +ind :our !"# thum= dri.eD and c%ic) on its artitions to ma)e sure a%% o+ them are unmounted. I+ :ou 'et the error OddK @de.@dis)1K >ermission deniedPD run the dd command =: t: in' sudo dd ifDFreeNAS>9.2.1>27<7AS7>-%$.i3g ofDEde,Edis91 (sD%$9D which wi%% rom t +or :our assword. <he dd command wi%% ta)e some minutes to com %ete. Wait unti% :ou 'et a rom t =ac) and a messa'e that dis %a:s how %on' it too) to write the ima'e to the !"# dri.e.
2.$.#
Windows users wi%% need to down%oad a uti%it: that can uncom ress .(/ +i%es and a uti%it: that can create a !"# =oota=%e ima'e +rom the uncom ressed .img +i%e. <his section wi%% demonstrate how to use /;0i and Win32(is)Ima'er to =urn the ima'e +i%e. When down%oadin' Win32(is)Ima'erD down%oad the %atest .ersion that ends in -$inary./i* and use /;0i to un8i its e5ecuta=%e. -nce =oth uti%ities are insta%%edD %aunch the /;0i $i%e Mana'er and =rowse to the %ocation containin' :our down%oaded .img.(/ +i%eD as seen in $i'ure 2.&a.
Page #8 of 280
C%ic) the 45tract =uttonD =rowse to the ath to e5tract toD and c%ic) -K. <he e5tracted ima'e wi%% end in .img and is now read: to =e written to a !"# de.ice usin' Win32(is)Ima'er. Ne5tD %aunch Win32(is)Ima'erD shown in $i'ure 2.&=. !se the =rowse =utton to =rowse to the %ocation o+ the .img +i%e. Insert a !"# thum= dri.e and se%ect its dri.e %etter +rom the (e.ice dro ;down menu. C%ic) the Write =utton and the ima'e wi%% =e written to the !"# thum= dri.e. Figure 2.$(: Using .in#28is9I3ager to .rite t e I3age
Page #9 of 280
2.$.$
*rou(les ooting
I+ the s:stem does not =oot into $reeNA"1D there are se.era% thin's that :ou can chec) to reso%.e the situation. $irstD chec) the s:stem #I-" and see i+ there is an o tion to chan'e the !"# emu%ation +rom C(@(3(@+%o : to hard dri.e. I+ it sti%% wi%% not =ootD chec) to see i+ the card@dri.e is !(MA com %iant. "ome users ha.e +ound that some =rands o+ 2 2# !"# stic)s do not wor) as the: are not rea%%: 2 2# in si8eD =ut chan'in' to a & 2# stic) +i5es the ro=%em. I+ :ou are writin' the ima'e to a com act +%ash cardD ma)e sure that it is M"(-" +ormatted. I+ the s:stem starts to =oot =ut han's with this re eated error messa'eK
run_interrupt_driven_hooks: still waiting after 60 seconds for xpt_config
'o into the s:stem #I-" and see i+ there is an on=oard de.ice con+i'uration +or a 139& Contro%%er. I+ soD disa=%e the de.ice and tr: =ootin' a'ain. I+ the =urned ima'e +ai%s to =oot and the ima'e was =urned usin' a Windows s:stemD wi e the !"# stic) =e+ore tr:in' a second =urn usin' a uti%it: such as Acti.eT Ki%%(is). -therwiseD the second =urn attem t wi%% +ai% as Windows does not understand the artition which was written +rom the ima'e +i%e. #e .er: care+u% that :ou s eci+: the !"# stic) when usin' a wi e uti%it:S
2."
Initial Setu!
When :ou =oot into $reeNA"1D the Conso%e "etu D shown in $i'ure 2.*aD wi%% a ear at the end o+ the =oot rocess. I+ :ou ha.e access to the the $reeNA"1 s:stem's )e:=oard and monitorD this Conso%e "etu menu can =e used to administer the s:stem shou%d the administrati.e 2!I =ecome inaccessi=%e. N6*7: :ou can access the Conso%e "etu menu +rom within the $reeNA"1 2!I =: t: in' EetcEnetcli +rom "he%%. Fou can disa=%e the Conso%e "etu menu =: unchec)in' the M4na=%e Conso%e MenuM in ":stem N "ettin's N Ad.anced.
Page $0 of 280
<his menu ro.ides the +o%%owin' o tionsK 1F 'onfigure Net0or9 Interfaces: ro.ides a con+i'uration wi8ard to con+i'ure the s:stem's networ) inter+aces. 2F 'onfigure <in9 Aggregation: a%%ows :ou to either create a new %in) a''re'ation or to de%ete an e5istin' %in) a''re'ation. #F 'onfigure ?<AN Interface: used to create or de%ete a 39AN inter+ace. $F 'onfigure 8efault 2oute: used to set the I>.& or I>., de+au%t 'atewa:. When rom tedD in ut the I> address o+ the de+au%t 'atewa:. "F 'onfigure Static 2outes: wi%% rom t +or the destination networ) and the 'atewa: I> address. Re; enter this o tion +or each route :ou need to add. %F 'onfigure 8NS: wi%% rom t +or the name o+ the (N" domain then the I> address o+ the +irst (N" ser.er. <o in ut mu%ti %e (N" ser.ersD ress enter to in ut the ne5t one. When +inishedD ress enter twice to %ea.e this o tion. )F 2eset .e(GUI login credentials: i+ :ou are una=%e to %o'in to the 'ra hica% administrati.e inter+aceD se%ect this o tion. <he ne5t time the 'ra hica% inter+ace is accessedD it wi%% rom t to set the root assword. 8F 2eset to factor+ defaults: i+ :ou wish to de%ete all o+ the con+i'uration chan'es made in the administrati.e 2!ID se%ect this o tion. -nce the con+i'uration is resetD the s:stem wi%% re=oot. Fou wi%% need to 'o to "tora'e N 3o%umes N Auto Im ort 3o%ume to re;im ort :our .o%ume. 9F S ell: enters a she%% in order to run $ree#"( commands. <o %ea.e the she%%D t: e e-it. 10F 2e(oot: re=oots the s:stem. 11F S utdo0n: ha%ts the s:stem.
Page $1 of 280
(urin' =ootD $reeNA"1 wi%% automatica%%: tr: to connect to a (HC> ser.er +rom a%% %i.e inter+aces. I+ it success+u%%: recei.es an I> addressD it wi%% dis %a: the I> address which can =e used to access the 'ra hica% conso%e. In the e5am %e seen in $i'ure 2.*aD the $reeNA"1 s:stem is accessi=%e +rom htt*)22142.156.1.70. I+ :our $reeNA"1 ser.er is not connected to a networ) with a (HC> ser.erD :ou can use the networ) con+i'uration wi8ard to manua%%: con+i'ure the inter+ace as seen in 45am %e 2.*a. In this e5am %eD the $reeNA"1 s:stem has one networ) inter+ace Aem0B. 7-a3!le 2."a: 4anuall+ Setting an IP Address fro3 t e 'onsole 4enu
Enter an option from 1-11: 1 1) em0 Select an interface (q to quit): 1 Delete existing config? (y/n) n Configure interface for DHCP? (y/n) n Configure IPv4? (y/n) y Interface name: (press enter as can be blank) Several input formats are supported Example 1 CIDR Notation: 192.168.1.1/24 Example 2 IP and Netmask separate: IP: 192.168.1.1 Netmask: 255.255.255.0, or /24 or 24 IPv4 Address: 192.168.1.108/24 Saving interface configuration: Ok Configure IPv6? (y/n) n Restarting network: ok You may try the following URLs to access the web user interface: http://192.168.1.108
-nce the s:stem has an I> addressD in ut that address into a 'ra hica% we= =rowser +rom a com uter ca a=%e o+ accessin' the networ) containin' the $reeNA"1 s:stem. Fou shou%d =e rom ted to create a assword +or the root userD as seen in $i'ure 2.*=.
Page $2 of 280
"ettin' a assword is mandator: and the assword can not =e =%an). "ince this assword ro.ides access to the administrati.e 2!ID it shou%d =e a hard;to;'uess assword. -nce the assword has =een in ut and con+irmedD :ou shou%d see the administrati.e 2!I as shown in the e5am %e in $i'ure 2.*c.
Page $# of 280
I+ :ou are una=%e to access the I> address +rom a =rowserD chec) the +o%%owin'K Are ro5: settin's ena=%ed in the =rowser con+i'urationU I+ soD disa=%e the settin's and tr: connectin' a'ain. I+ the a'e does not %oadD ma)e sure that :ou can !ing the $reeNA"1 s:stem's I> address. I+ the address is in a ri.ate I> address ran'eD :ou wi%% on%: =e a=%e to access the s:stem +rom within the ri.ate networ). I+ the user inter+ace %oads =ut is unres onsi.e or seems to =e missin' menu itemsD tr: usin' a di++erent we= =rowser. I49 has )nown issues and wi%% not dis %a: the 'ra hica% administrati.e inter+ace correct%: i+ com ati=i%it: mode is turned on. I+ :ou can't access the 2!I usin' Internet 45 %orerD use $ire+o5 instead. I+ :ou recei.e OAn error occurredSP messa'es when attem tin' to con+i'ure an item in the 2!ID ma)e sure that the =rowser is set to a%%ow coo)ies +rom the $reeNA"1 s:stem. <his =%o' ost descri=es some a %ications which can =e used to access the $reeNA"1 s:stem +rom an i>ad or i>hone.
2.%
U!grading FreeNAS
$reeNA"1 ro.ides two methods +or er+ormin' an u 'radeK an I"- u 'rade or an u 'rade usin' the 'ra hica% administrati.e inter+ace. !n%ess the Re%ease Notes indicate that :our current .ersion reEuires an I"- u 'radeD :ou can use either u 'rade method. #oth methods are descri=ed in this section. ,e*ore "er*or(i%# a% !"#rade/ al-a)$ bac0!" )o!r co%*i#!ratio% *ile a%d )o!r data. When u 'radin'D be a-are o* the *ollo-i%# ca'eat$: Neither u 'rade method can =e used to mi'rate +rom $reeNA" 0./5. InsteadD insta%% $reeNA"1 and either auto;im ort su orted so+tware RAI( or im ort su orted +i%es:stems. Fou wi%% need to recreate :our con+i'uration as the insta%%ation rocess wi%% not im ort 0./ con+i'uration settin's.
Page $$ of 280
2.%.1
#e+ore u 'radin' the s:stem to 9.2.1D er+orm the +o%%owin' ste sK 1. (own%oad the .iso or .t(/ +i%e that matches the s:stem's architecture to the com uter that :ou use to access the $reeNA"1 s:stem. 2. 9ocate and con+irm the "HA2*, hash +or the +i%e that :ou down%oaded in the Re%ease Notes +or the .ersion that :ou are u 'radin' to. 3. ,ac0!" the FreeNAS co%*i#!ratio% in ":stem N "ettin's N 2enera% N "a.e Con+i'. &. I+ an: .o%umes are encr: tedD ma)e sure that :ou ha.e set the ass hrase and ha.e co ies o+ the encr: tion )e: and the %atest reco.er: )e:. *. Warn users that the $reeNA"1 shares wi%% =e una.ai%a=%e durin' the u 'radeR :ou shou%d schedu%e the u 'rade +or a time that wi%% %east im act users. ,. "to a%% ser.ices in "er.ices N Contro% "er.ices.
2.%.2
#urn the down%oaded .iso +i%e to a C(R-M. Insert the C(R-M into the s:stem and =oot +rom it. -nce the media has +inished =ootin' into the insta%%ation menuD ress enter to se%ect the de+au%t o tion o+ O1 Insta%%@! 'rade to hard dri.e@+%ash de.iceD etc.P As with a +resh insta%%D the insta%%er wi%% resent a screen showin' a%% a.ai%a=%e dri.esR se%ect the de.ice $reeNA"1 is insta%%ed into and ress enter. <he insta%%er wi%% reco'ni8e that an ear%ier .ersion o+ $reeNA"1 is insta%%ed on the de.ice and wi%% resent the messa'e shown in $i'ure 2.,a. N6*7: i+ :ou se%ect to con+i'uration. er+orm a Fresh 8nstallD :ou wi%% ha.e to restore the =ac)u o+ :our
<o er+orm an u 'radeD ress enter to acce t the de+au%t o+ 9*grade 8nstall. A'ainD the insta%%er wi%% remind :ou that the o eratin' s:stem shou%d =e insta%%ed on a thum= dri.e. >ress enter to start the u 'rade. -nce the insta%%er has +inished un ac)in' the new ima'eD :ou wi%% see the menu shown in $i'ure 2.,=. <he data=ase +i%e that is reser.ed and mi'rated contains :our $reeNA"1 con+i'uration settin's. >ress enter and $reeNA"1 wi%% indicate that the u 'rade is com %ete and that :ou shou%d re=ootD as seen in $i'ure 2.,c.
(urin' the re=oot there ma: =e a con.ersion o+ the re.ious con+i'uration data=ase to the new .ersion o+ the data=ase. <his ha ens durin' the OA %:in' data=ase schema chan'esP %ine in the re=oot c:c%e. <his con.ersion can ta)e a %on' time to +inish so =e atient and the =oot shou%d com %ete norma%%:. I+ +or some reason :ou end u with data=ase errors =ut the 'ra hica% administrati.e inter+ace is accessi=%eD FreeNAS 9.2.1 Users Guide Page $% of 280
'o to "ettin's N 2enera% and use the ! %oad Con+i' =utton to u %oad the con+i'uration that :ou sa.ed =e+ore :ou started the u 'rade. Figure 2.%c: U!grade is 'o3!lete
2.%.#
<o er+orm an u 'rade usin' this methodD down%oad the %atest .ersion o+ the .t(/ +i%e that matches the architecture o+ the s:stem A32; or ,&;=itB. <henD 'o to ":stem N "ettin's N Ad.anced N $irmware ! date as shown in $i'ure 2.,d. !se the dro ;down menu to se%ect an e5istin' .o%ume to tem orari%: %ace the +irmware +i%e durin' the u 'rade. A%ternate%:D se%ect OMemor: de.iceP to a%%ow the s:stem to create a tem orar: RAM dis) to =e used durin' the u 'rade. A+ter ma)in' :our se%ectionD c%ic) the A %: ! date =utton to see the screen shown in $i'ure 2.,e. <his screen a'ain reminds :ou to =ac)u :our con+i'uration =e+ore roceedin'. I+ :ou ha.e not :etD c%ic) the Oc%ic) hereP %in). #rowse to the %ocation o+ the down%oaded .t(/ +i%eD then aste its "HA2*, sum. When +inishedD c%ic) the A %: ! date =utton to =e'in the u 'rade ro'ress. #ehind the scenesD the +o%%owin' ste s are occurrin'K the "HA2*, hash is con+irmed and an error wi%% dis %a: i+ it does not matchR i+ :ou 'et this errorD dou=%e;chec) that :ou asted the correct chec)sum and tr: astin' a'ain the new ima'e is uncom ressed and written to the !"# com act or +%ash dri.eR this can ta)e a +ew minutes so =e atient once the new ima'e is writtenD :ou wi%% momentari%: %ose :our connection as the $reeNA"1 s:stem wi%% automatica%%: re=oot into the new .ersion o+ the o eratin' s:stem $reeNA"1 wi%% actua%%: re=oot twiceK once the new o eratin' s:stem %oadsD the u 'rade rocess a %ies the new data=ase schema and re=oots a'ain assumin' a%% went we%%D the $reeNA"1 s:stem wi%% recei.e the same I> +rom the (HC> ser.erR re+resh :our =rowser a+ter a moment to see i+ :ou can access the s:stem FreeNAS 9.2.1 Users Guide Page $) of 280
Page $8 of 280
2.%.$
I+ :our dis)s are encr: ted and :ou ha.e created a ass hrase and sa.ed the reco.er: )e:D the .o%ume wi%% automatica%%: =e %oc)ed durin' an u 'rade. <his is to re.ent an unauthori8ed user +rom usin' an u 'rade rocedure to 'ain access to the data on the encr: ted dis)s. A+ter the u 'radeD the %oc)ed .o%umes wi%% =e una.ai%a=%e unti% the: are un%oc)ed with the ass hrase and reco.er: )e:. <o un%oc) the .o%umeD 'o to "tora'e N 3o%umes N 3iew 3o%umes and hi'h%i'ht the %oc)ed .o%ume. As seen in $i'ure 2.,+D c%ic)in' the O!n%oc)P icon wi%% rom t +or the ass hrase or reco.er: )e:. Fou can a%so se%ect which ser.ices to start when the .o%ume is un%oc)ed. Figure 2.%f: Unloc9ing an 7ncr+!ted ?olu3e
2.%."
I+ the $reeNA"1 s:stem does not =ecome a.ai%a=%e a+ter the u 'radeD :ou wi%% need h:sica% access to the s:stem to +ind out what went wron'. $rom the conso%e menu :ou can determine i+ it recei.ed an I> address and use o tion O1B Con+i'ure Networ) Inter+acesP i+ it did not.
Page $9 of 280
I+ this does not +i5 the ro=%emD 'o into o tion O9B "he%%P and read the s:stem %o' with this commandK
more /var/log/messages
I+ the data=ase u 'rade +ai%edD a +i%e ca%%ed 2data2!*grade-failed shou%d =e created with the detai%s. I+ the ro=%em is not o=.ious or :ou are unsure how to +i5 itD see $reeNA"1 "u ort Resources. $reeNA"1 su orts two o eratin' s:stems on the o eratin' s:stem de.iceK the current o eratin' s:stem andD i+ :ou ha.e er+ormed an u 'radeD the re.ious%: insta%%ed .ersion o+ the o eratin' s:stem. <his a%%ows :ou to re=oot into the re.ious .ersion shou%d :ou e5 erience a ro=%em with the u 'raded .ersion. <he u 'rade rocess automatica%%: con+i'ures the s:stem to =oot +rom the new o eratin' s:stem. I+ the s:stem remains inaccessi=%e and :ou wish to re.ert =ac) to the re.ious insta%%ationD t: e re(oot +rom the she%% or se%ect O10B Re=ootP +rom the conso%e menu. Watch the =oot screens and ress the other =oot o tion At: ica%%: F2B +rom the $reeNA"1 conso%e when :ou see the +o%%owin' o tions at the .er: =e'innin' o+ the =oot rocess. In this e5am %eD Boot) F1 re+ers to the de+au%t o tion Athe new%: u 'raded .ersionBD so ressin' F2 wi%% =oot into the re.ious .ersion.
F1 FreeBSD F2 FreeBSD Boot: F1
N6*7: i+ a re.ious%: wor)in' $reeNA"1 s:stem han's a+ter a $reeNA"1 u 'radeD chec) to see i+ there is a #I-"@#MC +irmware u 'rade a.ai%a=%e as that ma: +i5 the issue. I+ the u 'rade com %ete%: +ai%sD don't anic. <he data is sti%% on :our dis)s and :ou sti%% ha.e a co : o+ :our sa.ed con+i'uration. Fou can a%wa:sK 1. >er+orm a +resh insta%%ation. 2. Im ort :our .o%umes in "tora'e N Auto Im ort 3o%ume. 3. Restore the con+i'uration in ":stem N "ettin's N ! %oad Con+i'. 2.%.% U!grading a ;FS Pool
0$" oo%s that are created usin' 0$" 3o%ume Mana'er on $reeNA"1 9.5 ha.e 0$" +eature +%a's ena=%ed. $eature +%a's are sometimes re+erred to as 0$" .ersion *000. 0$" oo%s that were created in $reeNA"1 6.3.5 use 0$".26. An: 0$" oo%s that were created in an: re.ious 6.5 .ersions o+ $reeNA"1 use 0$".1*. I+ :ou auto;im ort a 0$" oo% +rom an: 6.5 .ersionD it wi%% remain at its ori'ina% 0$" .ersion un%ess :ou u 'rade the oo%. <his means that the oo% wi%% not understand an: +eature +%a'sD such as 90& com ressionD unti% the oo% is u 'raded. I+ :ou wish to u 'rade an e5istin' 0$".1* or 0$".26 oo%D =e aware o+ the +o%%owin' ca.eats +irstK the 0$" .ersion u 'rade must =e er+ormed +rom the command %ineD it can not =e er+ormed usin' the 2!I. the oo% u 'rade is a one;wa: street meanin' that i* )o! cha%#e )o!r (i%d )o! ca% %ot #o bac0 to a% earlier FS 'er$io% or down'rade to an ear%ier .ersion o+ $reeNA"1 that does not su ort +eature +%a's.
=e+ore er+ormin' an: o eration that ma: a++ect the data on a stora'e dis)D al-a)$ bac0!" )o!r data *ir$t a%d 'eri*) the i%te#rit) o* the bac0!". Whi%e it is un%i)e%: that the oo% u 'rade wi%% a++ect the dataD it is a%wa:s =etter to =e sa+e than sorr:. <o er+orm the 0$" .ersion u 'radeD o en "he%%. <he +o%%owin' commands wi%% determine the oo% state and .ersion. In this e5am %eD the oo% name is #ol!me1 and the 0$" .ersion is 26.
zpool status pool: volume1 state: ONLINE status: The pool is formatted using a legacy on-disk format. The pool can still be used, but some features are unavailable. action: Upgrade the pool using 'zpool upgrade'. Once this is done, the pool will no longer be accessible on software that does not support feature flags. scan: none requested config: NAME volume1 gptid/ea16925b-e96e-11e2-9ed5-e06995777a82 gptid/ea8f3a7b-e96e-11e2-9ed5-e06995777a82 gptid/eb064d06-e96e-11e2-9ed5-e06995777a82 gptid/eb7ba402-e96e-11e2-9ed5-e06995777a82 errors: No known data errors zpool get version volume1 NAME PROPERTY VALUE SOURCE volume1 version 28 local STATE ONLINE ONLINE ONLINE ONLINE ONLINE READ WRITE CKSUM 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
N6*7: do not u 'rade the oo% i+ its status does not show as hea%th:. <o u 'rade a oo% named #ol!me1K
zpool upgrade volume1 This system supports ZFS pool feature flags. Successfully upgraded 'volume1' from version 28 to feature flags. Enabled the following features on 'volume1': async_destroy empty_bpobj lz4_compress
<he u 'rade itse%+ shou%d on%: ta)e a seconds and is non;disru ti.e. <his means that :ou do not need to sto an: sharin' ser.ices in order to u 'rade the oo%. Howe.erD :ou shou%d choose to u 'rade when the oo% is not =ein' hea.i%: used. <he u 'rade rocess wi%% sus end I@- +or a short eriodD =ut shou%d =e near%: instantaneous on a Euiet oo%.
<his section contains a ?uic) "tart 2uide to 'et :ou started with :our $reeNA"1 con+i'uration. It is +o%%owed =: the account section o+ the 2!I which a%%ows :ou to chan'e the administrati.e assword and mana'e users and 'rou s.
#.1
<his section demonstrates the initia% re aration that shou%d =e er+ormed =e+ore :ou start to con+i'ure the $reeNA"1 s:stem. It then ro.ides an o.er.iew o+ the con+i'uration wor)+%ow a%on' with ointers to the section in the 9.2.1 !sers 2uide that contains the detai%s and con+i'uration e5am %es +or each ste in the con+i'uration wor)+%ow. #.1.1 Set t e 2oot Pass0ord
<he +irst time :ou access the $reeNA"1 administrati.e inter+aceD a o ;u window wi%% rom t :ou to set the root assword. Fou shou%d set a hard to 'uess assword as an:one who )nows this assword can 'ain access to the $reeNA"1 administrati.e 2!I. N6*7: +or securit: reasonsD the ""H ser.ice and root ""H %o'ins are disa=%ed =: de+au%t. !n%ess these are setD the on%: wa: to access a she%% as root is to 'ain h:sica% access to the conso%e menu or to access the we= she%% within the administrati.e 2!I. <his means that the $reeNA"1 s:stem shou%d =e )e t h:sica%%: secure and that the administrati.e 2!I shou%d =e =ehind a ro er%: con+i'ured +irewa%% and rotected =: a secure assword. #.1.2 Set t e Ad3inistrati,e 73ail Address
$reeNA"1 ro.ides an A%ert icon in the u er ri'ht corner to ro.ide a .isua% indication o+ e.ents that warrant administrati.e attention. <he a%ert s:stem automatica%%: emai%s the root user account whene.er an a%ert is issued. $reeNA"1 a%so sends a dai%: emai% to the root user which shou%d =e read in order to determine the o.era%% hea%th o+ the s:stem. <o set the emai% address +or the root accountD 'o to Account N !sers N 3iew !sers. C%ic) the Chan'e 4;mai% =utton associated with the root user account and in ut the emai% address o+ the erson to recei.e FreeNAS 9.2.1 Users Guide Page "2 of 280
<o .iew s:stem messa'es within the 'ra hica% administrati.e inter+aceD 'o to ":stem N "ettin's N Ad.anced. Chec) the =o5 O"how conso%e messa'es in the +ooterP and c%ic) "a.e. <he out ut o+ tail >f E,arElogE3essages wi%% now =e dis %a:ed at the =ottom o+ the screen. I+ :ou c%ic) the conso%e messa'es areaD it wi%% o ;u as a windowD a%%owin' :ou to scro%% throu'h the out ut and to co : its contents. Fou are now read: to start con+i'urin' the $reeNA"1 s:stem. <: ica%%:D the con+i'uration wor)+%ow wi%% use the +o%%owin' ste s in their %isted order. #.1.$ 'onfigure Storage
$reeNA"1 su orts the creation o+ =oth !$" and 0$" .o%umesR howe.erD 0$" .o%umes are recommended to 'et the most out o+ :our $reeNA"1 s:stem. When creatin' a .o%umeD :ou ha.e se.era% choices de endin' u on :our stora'e reEuirements and whether or not data a%read: e5ists on the dis)AsB. <he +o%%owin' o tions are a.ai%a=%eK 1. Auto;im ort an e5istin' !$" dis)D 'stri e ARAI(0BD 'mirror ARAI(1BD or 'raid3 ARAI(3B in "tora'e N 3o%umes N Auto Im ort 3o%ume. 2. Auto;im ort an e5istin' 0$" dis)D stri eD mirrorD RAI(01D RAI(02D or RAI(03 in "tora'e N 3o%umes N Auto Im ort 3o%ume. Auto;im ortin' is descri=ed in more detai% in Auto Im ortin' 3o%umes. 3. Im ort a dis) that is +ormatted with !$"D N<$"D M"(-"D or 47<2 in "tora'e N 3o%umes N Im ort 3o%ume. <his is descri=ed in more detai% in Im ortin' 3o%umes. &. $ormat dis)AsB with !$" and o tiona%%: create a 'stri e ARAI(0BD 'mirror ARAI(1BD or 'raid3 ARAI(3B in "tora'e N 3o%umes N !$" 3o%ume Mana'er. *. $ormat dis)AsB with 0$" and o tiona%%: create a stri eD mirrorD RAI(01D RAI(02D or RAI(03 in "tora'e N 3o%umes N 0$" 3o%ume Mana'er. I+ :ou +ormat :our dis)AsB with 0$"D additiona% o tions are a.ai%a=%eK 1. (i.ide the 0$" oo% into datasets to ro.ide more +%e5i=i%it: when con+i'urin' user access to data. (ataset creation is descri=ed in Creatin' 0$" (atasets. 2. Create a 0.o% to =e used when con+i'urin' an i"C"I de.ice e5tent. 0.o% creation is descri=ed in Creatin' a 8.o%. #.1." 'reate UsersEGrou!s or Integrate 0it A8E<8AP orts a .ariet: o+ user access scenariosK
$reeNA"1 su
the use o+ an anon:mous or 'uest account that e.er:one in the networ) uses to access the stored data the creation o+ indi.idua% user accounts where each user has access to their own 0$" dataset the addition o+ indi.idua% user accounts to 'rou s where each 'rou has access to their own FreeNAS 9.2.1 Users Guide Page "# of 280
.o%ume or 0$" dataset the im ort o+ e5istin' accounts +rom an - en9(A> or Acti.e (irector: ser.er When con+i'urin' :our $reeNA"1 s:stemD $elect o%e o* the *ollo-i%#/ de endin' u on whether or not the networ) has an e5istin' - en9(A> or Acti.e (irector: domain. - en9(A> and Acti.e (irector: are mutua%%: e5c%usi.eD meanin' that :ou can not use =oth =ut must choose one or the other. 1. Manua%%: create users and 'rou s. !ser mana'ement is descri=ed in !sers and 'rou mana'ement is descri=ed in 2rou s. 2. Im ort e5istin' Acti.e (irector: account in+ormation usin' the instructions in Acti.e (irector:. 3. Im ort e5istin' - en9(A> account in+ormation usin' the instructions in 9(A>. #.1.% 'onfigure Per3issions
"ettin' ermissions is an im ortant as ect o+ con+i'urin' access to stora'e data. <he 'ra hica% administrati.e inter+ace is meant to set the i%itial ermissions in order to ma)e a .o%ume or dataset accessi=%e as a share. -nce a share is a.ai%a=%eD the c%ient o eratin' s:stem shou%d =e used to +ine;tune the ermissions o+ the +i%es and directories that are created =: the c%ient. Con+i'ured .o%umes and datasets wi%% a ear in "tora'e N 3o%umes. 4ach .o%ume and dataset wi%% ha.e its own Chan'e >ermissions o tionD a%%owin' +or 'reater +%e5i=i%it: when ro.idin' access to data. #e+ore creatin' :our sharesD determine which users shou%d ha.e access to which data. <his wi%% he% :ou to determine i+ mu%ti %e .o%umesD datasetsD and@or shares shou%d =e created to meet the ermissions needs o+ :our en.ironment. #.1.) 'onfigure S aring
-nce :our .o%umes ha.e =een con+i'ured with ermissionsD :ou are read: to con+i'ure the t: e o+ share or ser.ice that :ou determine is suita=%e +or :our networ). $reeNA"1 su orts se.era% t: es o+ shares and sharin' ser.ices +or ro.idin' stora'e data to the c%ients in a networ). It is recommended that :ou $elect o%l) o%e t)"e o* $hare "er 'ol!(e or data$et in order to re.ent ossi=%e con+%icts =etween di++erent t: es o+ shares. <he t: e o+ share :ou create de ends u on the o eratin' s:stemAsB runnin' in :our networ)D :our securit: reEuirementsD and e5 ectations +or networ) trans+er s eeds. <he +o%%owin' t: es o+ shares and ser.ices are a.ai%a=%eK A!!le HAFPF: $reeNA"1 uses Netata%) to ro.ide sharin' ser.ices to A %e c%ients. <his t: e o+ share is a 'ood choice i+ a%% o+ :our com uters run Mac -" 7. Con+i'uration e5am %es can =e +ound in section /.1. Uni- HNFSF: this t: e o+ share is accessi=%e =: Mac -" 7D 9inu5D #"(D and ro+essiona%@enter rise .ersions o+ Windows. It is a 'ood choice i+ there are man: di++erent o eratin' s:stems in :our networ). Con+i'uration e5am %es can =e +ound in section /.2. .indo0s H'IFSF: $reeNA"1 uses "am=a to ro.ide the "M#@CI$" sharin' ser.ice. <his t: e o+ share is accessi=%e =: WindowsD Mac -" 7D 9inu5D and #"( com utersD =ut it is s%ower than an N$" share. I+ :our networ) contains on%: Windows s:stemsD this is a 'ood choice. Con+i'uration e5am %es can =e +ound in section /.3.
F*P: this ser.ice ro.ides +ast access +rom an: o eratin' s:stemD usin' a cross; %at+orm $<> and +i%e mana'er c%ient a %ication such as $i%e8i%%a. $reeNA"1 su orts encr: tion and chroot +or $<>. Con+i'uration e5am %es can =e +ound in section 6.,. SS&: this ser.ice ro.ides encr: ted connections +rom an: o eratin' s:stem usin' ""H command %ine uti%ities or the 'ra hica% Win"C> a %ication +or Windows c%ients. Con+i'uration e5am %es can =e +ound in section 6.12. iS'SI: $reeNA"1 uses ist't to e5 ort .irtua% dis) dri.es that are accessi=%e to c%ients runnin' i"C"I initiator so+tware. Con+i'uration e5am %es can =e +ound in section 6./. #.1.8 Start A!!lica(le Ser,iceHsF
-nce :ou ha.e con+i'ured :our share or ser.iceD :ou wi%% need to start its associated ser.iceAsB in order to im %ement the con+i'uration. #: de+au%tD a%% ser.ices are o++ unti% :ou start them. <he status o+ ser.ices is mana'ed usin' "er.ices N Contro% "er.ices. <o start a ser.iceD c%ic) its red -$$ =utton. A+ter a second or soD it wi%% chan'e to a =%ue -ND indicatin' that the ser.ice has =een ena=%ed. Watch the conso%e messa'es as the ser.ice starts to determine i+ there are an: error messa'es. #.1.9 *est 'onfiguration fro3 'lient
I+ the ser.ice success+u%%: startsD tr: to ma)e a connection to the ser.ice +rom a c%ient s:stem. $or e5am %eD use Windows 45 %orer to tr: to connect to a CI$" shareD use an $<> c%ient such as $i%e8i%%a to tr: to connect to an $<> shareD or use $inder on a Mac -" 7 s:stem to tr: to connect to an A$> share. I+ the ser.ice starts correct%: and :ou can ma)e a connection =ut recei.e ermissions errorsD chec) that the user has ermissions to the .o%ume@dataset =ein' accessed. #.1.10 5ac9u! t e 'onfiguration
-nce :ou ha.e tested :our con+i'urationD =e sure to =ac) it u . 2o to ":stem N "ettin's and c%ic) the "a.e Con+i' =utton. Four =rowser wi%% ro.ide an o tion to sa.e a co : o+ the con+i'uration data=ase. Fou shou%d bac0!" )o!r co%*i#!ratio% -he%e'er )o! (a0e co%*i#!ratio% cha%#e$ a%d al-a)$ be*ore !"#radi%# FreeNAS.
#.2
Account 'onfiguration
<his section descri=es how to manua%%: create and mana'e users and 'rou s. #.2.1 Grou!s
<he 2rou s inter+ace a%%ows :ou to mana'e !NI7;st:%e 'rou s on the $reeNA"1 s:stem. N6*7: i+ Acti.e (irector: or - en9(A> is runnin' on :our networ)D :ou do not need to recreate the networ)'s users or 'rou s. InsteadD im ort the e5istin' account in+ormation into $reeNA"1 usin' "er.ices N (irector: "er.ices N Acti.e (irector: or "er.ices N (irector: "er.ices N 9(A>. <his section descri=es how to create a 'rou and assi'n it user accounts. <he ne5t section wi%% descri=e how to create user accounts.
I+ :ou c%ic) 2rou s N 3iew 2rou sD :ou wi%% see a screen simi%ar to $i'ure 3.2a. Figure #.2a: FreeNAS Grou!s 4anage3ent
A%% 'rou s that came with the o eratin' s:stem wi%% =e %isted. 4ach 'rou has an entr: indicatin' the 'rou I(D 'rou nameD whether or not it is a =ui%t;in 'rou which was insta%%ed with $reeNA"1D and whether or not the 'rou 's mem=ers are a%%owed to use sudo. I+ :ou c%ic) a 'rou entr:D a Mem=ers =utton wi%% a ear. C%ic) this =utton to .iew and modi+: that 'rou 's mem=ershi . + :ou c%ic) the Add 2rou =uttonD :ou wi%% see the screen shown in $i'ure 3.2=. <a=%e 3.2a summari8es the a.ai%a=%e o tions when creatin' a 'rou .
*a(le #.2a: 6!tions . en 'reating a Grou! Setting 2rou I( ?alue strin' 8escri!tion the ne5t a.ai%a=%e 'rou I( wi%% =e su''ested +or :ouR =: con.entionD !NI7 'rou s containin' user accounts ha.e an I( 'reater than 1000 and 'rou s reEuired =: a ser.ice ha.e an I( eEua% to the de+au%t ort num=er used =: the ser.ice Ae.'. the sshd 'rou has an I( o+ 22B mandator: i+ chec)edD mem=ers o+ the 'rou ha.e ermission to use sudo a%%ows mu%ti %e 'rou s to share the same 'rou idR this is use+u% when a 2I( is a%read: associated with the !NI7 ermissions +or e5istin' data
2rou strin' Name >ermit "udo chec)=o5 A%%ow re eated chec)=o5 2I(s
-nce the 'rou and users are createdD :ou can assi'n users as mem=ers o+ a 'rou . C%ic) on 3iew 2rou s then the Mem=ers =utton +or the 'rou :ou wish to assi'n users to. Hi'h%i'ht the user in the Mem=er users %ist Awhich shows a%% user accounts on the s:stemB and c%ic) the VV to mo.e that user to the ri'ht +rame. <he user accounts which a ear in the ri'ht +rame wi%% =e added as mem=ers o+ that 'rou . In the e5am %e shown in $i'ure 3.2cD the data1 'rou has =een created and the !ser1 user account has =een created with a rimar: 'rou o+ !ser1. <he Mem=ers =utton +or the data1 'rou has =een se%ected and !ser1 has =een added as a mem=er o+ that 'rou .
<o de%ete a 'rou D c%ic) its (e%ete 2rou =utton. <he o ;u messa'e wi%% as) whether or not :ou wou%d a%so %i)e to de%ete a%% mem=ers o+ that 'rou . Note that the =ui%t;in 'rou s do not ro.ide a (e%ete 2rou =utton. Figure #.2c: Assigning a User as a 4e3(er of a Grou!
#.2.2
Users
$reeNA"1 su orts usersD 'rou sD and ermissionsD a%%owin' 'reat +%e5i=i%it: in con+i'urin' which users ha.e access to the data stored on $reeNA"1. In order to assi'n ermissions which wi%% =e used =: sharesD :ou wi%% need to do o%e o* the *ollo-i%#K 1. Create a 'uest account that a%% users wi%% use. 2. Create a user account +or e.er: user in the networ) where the name o+ each account is the same as a %o'on name used on a com uter. $or e5am %eD i+ a Windows s:stem has a %o'in name o+ $o$smithD :ou shou%d create a user account with the name $o$smith on $reeNA"1. I+ :our intent is to assi'n 'rou s o+ users di++erent ermissions to sharesD :ou wi%% need to a%so create 'rou s and assi'n users to the 'rou s. 3. I+ :our networ) uses Acti.e (irector: to mana'e user accounts and ermissionsD ena=%e the Acti.e (irector: ser.ice. &. I+ :our networ) uses an - en9(A> ser.er to mana'e user accounts and ermissionsD ena=%e the 9(A> ser.ice. !ser accounts can =e 'i.en ermissions to .o%umes or datasets. I+ :ou wish to use 'rou s to mana'e ermissionsD :ou shou%d create the user accounts +irstD then assi'n the accounts as mem=ers o+ the 'rou s. <his section demonstrates how to create a user account. FreeNAS 9.2.1 Users Guide Page "8 of 280
N6*7: i+ Acti.e (irector: or - en9(A> is runnin' on :our networ)D :ou do not need to recreate the networ)'s users or 'rou s. InsteadD im ort the e5istin' account in+ormation into $reeNA"1 usin' "er.ices N Acti.e (irector: or "er.ices N 9(A>. Account N !sers N 3iew !sers ro.ides a %istin' o+ a%% o+ the s:stem accounts that were insta%%ed with the $reeNA"1 o eratin' s:stemD as shown in $i'ure 3.2d. Figure #.2d: 4anaging User Accounts
4ach account entr: indicates the user I(D usernameD rimar: 'rou I(D home director:D de+au%t she%%D +u%% nameD whether or not it is a =ui%t;in user that came with the $reeNA"1 insta%%ationD the emai% addressD whether or not %o'ins are disa=%edD whether or not the user account is %oc)edD and whether or not the user is a%%owed to use sudo. <o reorder the %istD c%ic) the desired co%umn. I+ :ou c%ic) a user accountD the +o%%owin' =uttons wi%% a ear +or that accountK ' ange Pass0ord: ro.ides +ie%ds to enter and con+irm the new assword. 4odif+ User: used to modi+: the account's settin'sD as %isted in <a=%e 3.2=. Au-iliar+ Grou!s: used to ma)e the account a mem=er o+ additiona% 'rou s. ' ange 7>3ail: used to chan'e the emai% address associated with the account. N6*7: it is im ortant to set the emai% address +or the =ui%t;in root user account as im ortant s:stem messa'es are sent to the root user. $or securit: reasonsD assword %o'ins are disa=%ed +or the root account and chan'in' this settin' is hi'h%: discoura'ed. 4.er: account that came with the $reeNA"1 o eratin' s:stemD e5ce t +or the root userD is a s:stem account. 4ach s:stem account is used =: a ser.ice and shou%d not =e a.ai%a=%e +or use as a %o'in account. $or this reasonD the de+au%t she%% is no%o'inA6B. $or securit: reasonsD and to re.ent =rea)a'e o+ s:stem ser.icesD :ou shou%d not modi+: the s:stem accounts. <o create a user accountD c%ic) the Add New !ser =utton to o en the screen shown in $i'ure 3.2e. "ome settin's are on%: a.ai%a=%e in Ad.anced Mode. <o see these settin'sD either c%ic) the Ad.anced Mode =utton or con+i'ure the s:stem to a%wa:s dis %a: these settin's =: chec)in' the =o5 O"how ad.anced +ie%ds =: de+au%tP in ":stem N "ettin's N Ad.anced. <a=%e 3.2= summari8es the o tions FreeNAS 9.2.1 Users Guide Page "9 of 280
which are a.ai%a=%e when :ou create or modi+: a user account. Figure #.2e: Adding or 7diting a User Account
*a(le #.2(: User Account 'onfiguration Setting !ser I( ?alue 8escri!tion 're:ed out i+ user a%read: createdR when creatin' an accountD the ne5t numeric I( wi%% =e su''estedR =: con.entionD user accounts inte'er ha.e an I( 'reater than 1000 and s:stem accounts ha.e an I( eEua% to the de+au%t ort num=er used =: the ser.ice 're:ed out i+ user a%read: createdR ma5imum 32 characters to a%%ow strin' +or %on'er A( names thou'h a ma5imum o+ 6 is recommended +or intero era=i%it:R can inc%ude numera%s =ut can not inc%ude a s ace =: de+au%tD a rimar: 'rou with the same name as the user wi%% =e createdR unchec) this =o5 to se%ect a di++erent rimar: 'rou name chec)=o5 AN6*7K in !ni5D a rimar: 'rou is not the same as a secondar:@au5i%iar: 'rou B must unchec) "reate a ne: *rimary gro!* in order to access this menuR +or securit: reasonsD $ree#"( wi%% not 'i.e a user su dro ;down ermissions i+ :heel is their rimar: 'rou ;;i+ :our intent is to menu 'i.e a user su accessD add them to the :heel 'rou in the Au5i%iar: 'rou s section %ea.e as 2none(istent +or s:stem accountsD otherwise =rowse to the =rowse =utton name o+ an exi$ti%# .o%ume or dataset that the user wi%% =e assi'ned ermission to access Page %0 of 280
!sername
>rimar: 2rou
Home (irector:
Setting Home (irector: Mode "he%% $u%% Name 4;mai% >assword >assword con+irmation
8escri!tion on%: a.ai%a=%e in Ad.anced Mode and wi%% =e read;on%: +or =ui%t;in usersR sets de+au%t ermissions o+ user's home director: i+ creatin' a s:stem accountD choose nologinR i+ creatin' a user accountD se%ect she%% o+ choice mandator:D ma: contain s aces emai% address associated with the account mandator: un%ess chec) =o5 to disa=%e assword %o'ins must match 1ass:ord when chec)edD the user can not %o' into the $reeNA"1 s:stem or authenticate to a CI$" shareR to undo this settin'D set a assword +or the user usin' the MChan'e >asswordM =utton +or the user in M3iew !sersMR chec)in' this =o5 wi%% 're: out ;o'k !ser which is mutua%%: e5c%usi.e a chec)ed =o5 re.ents user +rom %o''in' in unti% the account is un%oc)ed A=o5 is unchec)edBR chec)in' this =o5 wi%% 're: out isa$le *ass:ord login which is mutua%%: e5c%usi.e i+ chec)edD mem=ers o+ the 'rou ha.e ermission to use sudo aste the user's "!blic )e: to =e used +or ""H )e: authentication Ado %ot "a$te the "ri'ate 0e)9B hi'h%i'ht the 'rou AsB :ou wish to add the user to and use the VV =utton to add the user to the hi'h%i'hted 'rou s
S+ste3 'onfiguration
'ron Io(s: ro.ides a 'ra hica% +ront;end to cronta=A*B InitES utdo0n Scri!ts: used to con+i'ure a command or scri t to automatica%%: e5ecute durin' s:stem startu or shutdown N*P Ser,ers: used to con+i'ure N<> ser.er settin's 2s+nc *as9s: a%%ows :ou to schedu%e rs:nc tas)s S.4.A.2.*. *ests: a%%ows :ou to schedu%e which ".M.A.R.<. tests to run on a er;dis) =asis Settings: used to con+i'ure s:stem wide settin's such as time8oneD emai% setu D H<<>" accessD and +irmware u 'rades S+sctls: ro.ides a +ront;end +or tunin' the $reeNA"1 s:stem =: interactin' with the under%:in' $ree#"( )erne% S+ste3 Infor3ation: ro.ides 'enera% $reeNA"1 s:stem in+ormation such as hostnameD Page %1 of 280
<he ":stem section o+ the administrati.e 2!I contains the +o%%owin' entriesK
o eratin' s:stem .ersionD %at+ormD and u time *una(les: ro.ides a +ront;end to %oad additiona% )erne% modu%es at =oot time 4ach o+ these is descri=ed in more detai% in this section.
$.1
'ron Io(s
cronA6B is a daemon that runs a command or scri t on a re'u%ar schedu%e as a s eci+ied user. <: ica%%:D the user who wishes to schedu%e a tas) manua%%: creates a cronta=A*B usin' s:nta5 that can =e er %e5in' to new !ni5 users. <he $reeNA"1 2!I ma)es it eas: to schedu%e when :ou wou%d %i)e the tas) to occur. N6*7: due to a %imitation in $ree#"(D users with account names that contain s aces or e5ceed 1/ characters are una=%e to create cron Io=s. $i'ure &.1a shows the screen that o ens when :ou c%ic) ":stem N Cron Co=s N Add Cron Co=. Figure $.1a: 'reating a 'ron Io(
<a=%e &.1a summari8es the con+i'ura=%e o tions when creatin' a cron Io=.
Page %2 of 280
*a(le $.1a: 'ron Io( 6!tions Setting !ser Command "hort descri tion ?alue dro ;down menu strin' strin' 8escri!tion ma)e sure the se%ected user has ermission to run the s eci+ied command or scri t the *!ll "ath to the command or scri t to =e runR i+ it is a scri tD test it at the command %ine +irst to ma)e sure that it wor)s as e5 ected o tiona%
s%ider or i+ use the s%iderD cron Io= occurs e.er: N minutesR i+ use minute Minute minute se%ectionsD cron Io= occurs at the hi'h%i'hted minutes se%ections s%ider or hour i+ use the s%iderD cron Io= occurs e.er: N hoursR i+ use hour se%ectionsD Hour se%ections cron Io= occurs at the hi'h%i'hted hours s%ider or i+ use the s%iderD cron Io= occurs e.er: N da:sR i+ use da: se%ectionsD (a: o+ month month cron Io= occurs on the hi'h%i'hted da:s each month se%ections Month chec)=o5es cron Io= occurs on the se%ected months (a: o+ wee) chec)=o5es cron Io= occurs on the se%ected da:s Redirect "tdout chec)=o5 disa=%es emai%in' standard out ut to the root user account Redirect "tderr chec)=o5 disa=%es emai%in' errors to the root user account 4na=%ed chec)=o5 unchec) i+ :ou wou%d %i)e to disa=%e the cron Io= without de%etin' it
$.2
$reeNA"1 ro.ides the a=i%it: to schedu%e commands or scri ts to run at s:stem startu or shutdown. $i'ure &.2a shows the screen that o ens when :ou c%ic) ":stem N Init@"hutdown "cri ts N Add Init@"hutdown "cri t. <a=%e &.2a summari8es the a.ai%a=%e o tions. When schedu%in' a commandD ma)e sure that the command is in :our ath or 'i.e the +u%% ath to the command. -ne wa: to test the ath is to t: e 0 ic co33and:na3e. I+ the command is not +oundD it is not in :our ath. When schedu%in' a scri tD ma)e sure that the scri t is e5ecuta=%e and has =een +u%%: tested to ensure that it achie.es the desired resu%ts.
Page %# of 280
*a(le $.2a: 6!tions . en Adding an InitES utdo0n Scri!t Setting 8escri!tion se%ect +rom "ommand A+or an e5ecuta=%eB or S'ri*t A+or an e5ecuta=%e <: e dro ;down menu scri tB i+ "ommand is se%ectedD in ut the command %us an: desired o tionsR i+ Command strin' S'ri*t is se%ectedD =rowse to the %ocation o+ the scri t se%ect when the command@scri t wi%% runR choices are 1re 8nit A.er: ear%: <: e dro ;down menu in =oot rocess =e+ore +i%es:stems are mountedBD 1ost 8nit Atowards end o+ =oot rocess =e+ore $reeNA" ser.ices are startedBD or Sh!tdo:n ?alue
$.#
N*P Ser,ers
<he networ) time rotoco% AN<>B is used to s:nchroni8e the time on the com uters in a networ). Accurate time is necessar: +or the success+u% o eration o+ time sensiti.e a %ications such as Acti.e (irector:. #: de+au%tD $reeNA"1 is re;con+i'ured to use three u=%ic N<> ser.ers. I+ :our networ) is usin' Acti.e (irector:D ensure that the $reeNA"1 s:stem and the Acti.e (irector: (omain Contro%%er ha.e =een con+i'ured to use the same N<> ser.ers. $i'ure &.3a shows the de+au%t N<> con+i'uration +or $reeNA"1. I+ :ou wish to chan'e a de+au%t ser.er to match the settin's used =: :our networ)'s domain contro%%erD c%ic) an entr: to access its O4ditP =utton. A%ternate%:D :ou can de%ete the de+au%t N<> ser.ers and c%ic) OAdd N<> "er.erP to create :our own. $i'ure &.3= shows the OAdd N<> "er.erP screen and <a=%e &.3a summari8es the o tions when addin' or editin' an N<> ser.er. nt .con+A*B e5 %ains these o tions in more detai%.
Page %$ of 280
*a(le $.#a: N*P Ser,er 6!tions Setting Address #urst I#urst >re+er ?alue strin' chec)=o5 chec)=o5 chec)=o5 8escri!tion name o+ N<> ser.er recommended when <a(. 1oll is 'reater than 10R on%: use on :our own ser.ers i.e. do %ot use with a u=%ic N<> ser.er s eeds the initia% s:nchroni8ation Aseconds instead o+ minutesB shou%d on%: =e used +or N<> ser.ers that are )nown to =e hi'h%: accurateD such as those with time monitorin' hardware ower o+ 2 in secondsR can not =e %ower than 4 or hi'her than <a(. 1oll ower o+ 2 in secondsR can not =e hi'her than 17 or %ower than <in. 1oll +orces the addition o+ the N<> ser.erD e.en i+ it is current%: unreacha=%e
$.$
2s+nc *as9s
Rs:nc is a uti%it: that automatica%%: co ies s eci+ied data +rom one s:stem to another o.er a networ). -nce the initia% data is co iedD rs:nc reduces the amount o+ data sent o.er the networ) =: sendin' on%: the di++erences =etween the source and destination +i%es. Rs:nc can =e used +or =ac)u sD mirrorin' data on mu%ti %e s:stemsD or +or co :in' +i%es =etween s:stems. <o con+i'ure rs:ncD :ou need to con+i'ure =oth ends o+ the connectionK t e rs+nc ser,er: this s:stem u%%s Arecei.esB the data. <his s:stem is re+erred to as 19;; in the con+i'uration e5am %es. t e rs+nc client: this s:stem ushes AsendsB the data. <his s:stem is re+erred to as 19S= in the con+i'uration e5am %es. $reeNA"1 can =e con+i'ured as either an rs:nc c%ient or an rs:nc ser.er. <he o osite end o+ the connection can =e another $reeNA"1 s:stem or an: other s:stem runnin' rs:nc. In $reeNA"1 termino%o':D an r:snc tas) de+ines which data is s:nchroni8ed =etween the two s:stems. I+ :ou are s:nchroni8in' data =etween two $reeNA"1 s:stemsD create the rs:nc tas) on the rs:nc c%ient. $reeNA"1 su orts two modes o+ rs:nc o erationK rs+nc 3odule 3ode: e5 orts a director: treeD and its con+i'ured settin'sD as a s:m=o%ic name o.er an unencr: ted connection. <his mode reEuires that at %east one modu%e =e de+ined on the rs:nc ser.er. It can =e de+ined in the $reeNA"1 2!I under "er.ices N Rs:nc N Rs:nc Modu%es. In other o eratin' s:stemsD the modu%e is de+ined in rs:ncd.con+A*B. rs+nc o,er SS&: s:nchroni8es o.er an encr: ted connection. ReEuires the con+i'uration o+ ""H user and host u=%ic )e:s. <his section summari8es the o tions when creatin' an Rs:nc <as). It then ro.ides a con+i'uration e5am %e =etween two $reeNA"1 s:stems +or each mode o+ rs:nc o eration.
Page %% of 280
$.$.1
$i'ure &.&a shows the screen that a ears when :ou c%ic) ":stem N Rs:nc <as)s N Add Rs:nc <as). <a=%e &.&a summari8es the o tions that can =e con+i'ured when creatin' an rs:nc tas). Figure $.$a: Adding an 2s+nc *as9
*a(le $.$a: 2s+nc 'onfiguration 6!tions Setting 8escri!tion =rowse to the .o%ume@dataset@director: that :ou wish to co :R note >ath =rowse =utton that a ath %en'th 'reater than 2** characters wi%% +ai% Remote Host strin' I> address or hostname o+ the remote s:stem that wi%% store the co : Remote ""H on%: a.ai%a=%e in &syn' o#er SS= modeR a%%ows :ou to s eci+: an inte'er >ort a%ternate ""H ort other than the de+au%t o+ 22 dro ;down Rs:nc mode choices are &syn' mod!le or &syn' o#er SS= menu when usin' &syn' mod!le modeD at %east one modu%e must =e de+ined Remote Modu%e in rs:ncd.con+A*B o+ rs:nc ser.er or in "er.ices N Rs:nc N Rs:nc Name @ Remote strin' Modu%es o+ another $reeNA"1 s:stemR when usin' &syn' o#er SS= >ath modeD in ut the ath on the remote host to ush or u%% Ae.'. 2mnt2#ol!meB dro ;down choices are 1!sh or 1!llR de+au%t is to ush +rom the $reeNA"1 (irection menu s:stem to a remote host FreeNAS 9.2.1 Users Guide Page %) of 280 ?alue
Setting "hort (escri tion Minute Hour (a: o+ month Month (a: o+ wee) !ser Recursi.e <imes Com ress
?alue strin' s%ider or minute se%ections s%ider or hour se%ections s%ider or da: se%ections chec)=o5es chec)=o5es dro ;down menu chec)=o5 chec)=o5 chec)=o5
8escri!tion o tiona% i+ use the s%iderD s:nc occurs e.er: N minutesR i+ use minute se%ectionsD s:nc occurs at the hi'h%i'hted minutes i+ use the s%iderD s:nc occurs e.er: N hoursR i+ use hour se%ectionsD s:nc occurs at the hi'h%i'hted hours i+ use the s%iderD s:nc occurs e.er: N da:sR i+ use da: se%ectionsD s:nc occurs on the hi'h%i'hted da:s tas) occurs on the se%ected months tas) occurs on the se%ected da:s o+ the wee) s eci+ied user must ha.e ermission to write to the s eci+ied director: on the remote s:stemR due to a %imitation in $ree#"(D the user name can not contain s aces or e5ceed 1/ characters i+ chec)edD co : wi%% inc%ude a%% su=directories o+ the s eci+ied .o%ume reser.e modi+ication times o+ +i%es recommended on s%ow connections as reduces si8e o+ data to =e transmitted eEui.a%ent to >rl!tgo8 Arecursi.eD co : s:m%in)s as s:m%in)sD reser.e ermissionsD reser.e modi+ication timesD reser.e 'rou D reser.e owner Asu er;user on%:BD and reser.e de.ice +i%es Asu er; user on%:B and s ecia% +i%esB de%ete +i%es in destination director: that don't e5ist in sendin' director: su resses in+ormationa% messa'es +rom the remote ser.er reser.es ori'ina% +i%e ermissionsR use+u% i+ !ser is set to root =oth s:stems must su ort e5tended attri=utes
Archi.e
chec)=o5
(e%ete ?uiet >reser.e ermissions >reser.e e5tended attri=utes 45tra o tions 4na=%ed
rs:ncA1B o tions not co.ered =: the 2!I unchec) i+ :ou wou%d %i)e to disa=%e the rs:nc tas) without de%etin' it
I+ the r:snc ser.er reEuires assword authenticationD in ut --*ass:ord-file>21A?=?@2F8;.NA<. in the O45tra o tionsP =o5D re %acin' 21A?=?@2F8;.NA<. with the a ro riate ath to the +i%e containin' the .a%ue o+ the assword.
Page %8 of 280
$.$.2
<his con+i'uration e5am %e wi%% con+i'ure rs:nc modu%e mode =etween the two +o%%owin' $reeNA"1 s:stemsK 142.156.2.2 has e5istin' data in 2mnt2lo'al2images. It wi%% =e the rs:nc c%ientD meanin' that an rs:nc tas) needs to =e de+ined. It wi%% =e re+erred to as 19S=. 142.156.2.5 has an e5istin' .o%ume named 2mnt2remote. It wi%% =e the rs:nc ser.erD meanin' that it wi%% recei.e the contents o+ 2mnt2lo'al2images. An rs:nc modu%e needs to =e de+ined on this s:stem and the rs:ncd ser.ice needs to =e started. It wi%% =e re+erred to as 19;;. -n 19S=D an rs:nc tas) is de+ined in ":stem N Rs:nc <as)s N Add Rs:nc <as) as shown in $i'ure &.*=. In this e5am %eK the >ath oints to 2!sr2lo'al2imagesD the director: to =e co ied the Remote Host oints to 142.156.2.5D the I> address o+ the rs:nc ser.er the Rs:nc Mode is &syn' mod!le the Remote Modu%e Name is $a'k!*sR this wi%% need to =e de+ined on the rs:nc ser.er the (irection is 1!sh the rs:nc is schedu%ed to occur e.er: 1* minutes the !ser is set to root so it has ermission to write an:where the >reser.e >ermissions chec)=o5 is chec)ed so that the ori'ina% o.erwritten =: the root user ermissions are not
-n 19;;D an rs:nc modu%e is de+ined in "er.ices N Rs:nc Modu%es N Add Rs:nc Modu%eD shown in $i'ure &.&c. In this e5am %eK the Modu%e Name is $a'k!*sR this needs to match the settin' on the rs:nc c%ient the >ath is 2mnt2remoteR a director: ca%%ed images wi%% =e created to ho%d the contents o+ 2!sr2lo'al2images the !ser is set to root so it has ermission to write an:where Hosts a%%ow is set to 142.156.2.2D the I> address o+ the rs:nc c%ient (escri tions o+ the con+i'ura=%e o tions can =e +ound in Rs:nc Modu%es. <o +inish the con+i'urationD start the rs:nc ser.ice on 19;; in "er.ices N Contro% "er.ices. I+ the rs:nc is success+u%D the contents o+ 2mnt2lo'al2images2 wi%% =e mirrored to 2mnt2remote2images2.
Page %9 of 280
Page )0 of 280
$.$.#
""H re %ication mode does not reEuire the creation o+ an rs:nc modu%e or +or the rs:nc ser.ice to =e runnin' on the rs:nc ser.er. It does reEuire ""H to =e con+i'ured =e+ore creatin' the rs:nc tas)K a u=%ic@ ri.ate )e: air +or the rs:nc user account At: ica%%: rootB must =e 'enerated on 19S= and the u=%ic )e: co ied to the same user account on 19;; to miti'ate the ris) o+ man;in;the;midd%e attac)sD the u=%ic host )e: o+ 19;; must =e co ied to 19S= the ""H ser.ice must =e runnin' on 19;; <o create the u=%ic@ ri.ate )e: air +or the rs:nc user accountD o en "he%% on 19S=. <he @ +i%es:stem must +irst =e mounted as read;write. <he +o%%owin' e5am %e 'enerates an R"A t: e u=%ic@ ri.ate )e: air +or the root user. When creatin' the )e: airD do not enter the ass hrase as the )e: is meant to =e used +or an automated tas).
mount -o rw / ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/root/.ssh/id_rsa): Created directory '/root/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /root/.ssh/id_rsa. Your public key has been saved in /root/.ssh/id_rsa.pub. The key fingerprint is: f5:b0:06:d1:33:e4:95:cf:04:aa:bb:6e:a4:b7:2b:df root@freenas.local The key's randomart image is: +--[ RSA 2048]----+ | .o. oo | | o+o. . | | . =o + | | + + o | | S o . | | .o | | o. | | o oo | | **oE |
$reeNA"1 su orts the +o%%owin' t: es o+ ""H )e:sK ("AD and R"A. When creatin' the )e:D s eci+: the t: e :ou wish to use orD i+ :ou are 'eneratin' the )e: on another o eratin' s:stemD se%ect a t: e o+ )e: the )e: 'eneration so+tware su orts. N6*7: i+ a di++erent user account is used +or the rs:nc tas)D use the su ; command a+ter mountin' the +i%es:stem =ut =e+ore 'eneratin' the )e:. $or e5am %eD i+ the rs:nc tas) is con+i'ured to use the !ser1 user accountD use this command to =ecome that userK
su - user1
Page )1 of 280
2o to 19;; and aste Aor a endB the co ied )e: into the ""H >u=%ic Ke: +ie%d o+ Account N !sers N 3iew !sers N root Aor the s eci+ied rs:nc user accountB N Modi+: !ser. <he aste +or the a=o.e e5am %e is shown in $i'ure &.&d. When astin' the )e:D ensure that it is asted as one %on' %ine andD i+ necessar:D remo.e an: e5tra s aces re resentin' %ine =rea)s. Figure $.$d: Pasting t e User/s SS& Pu(lic 1e+
Whi%e on 19;;D .eri+: that the ""H ser.ice is runnin' in "er.ices N Contro% "er.ices and start it i+ it is not. Ne5tD co : the host )e: o+ 19;; usin' "he%% on 19S=. <he +o%%owin' command co ies the R"A host )e: o+ the 19;; ser.er used in our re.ious e5am %e. #e sure to inc%ude the dou=%e =rac)et AA to re.ent o.erwritin' an: e5istin' entries in the kno:n,hosts +i%e.
ssh-keyscan -t rsa 192.168.2.6 >> /root/.ssh/known_hosts
N6*7: I+ 19S= is a 9inu5 s:stemD use the +o%%owin' command to co : the R"A )e: to the 9inu5 s:stemK
cat ~/.ssh/id_rsa.pub | ssh user@192.168.2.6 'cat >> .ssh/authorized_keys'
Fou are now read: to create the rs:nc tas) on 19;;. <o con+i'ure rs:nc ""H mode usin' the s:stems in our re.ious e5am %eD the con+i'uration wou%d =e as +o%%owsK FreeNAS 9.2.1 Users Guide Page )2 of 280
the >ath oints to 2mnt2lo'al2imagesD the director: to =e co ied the Remote Host oints to 142.156.2.5D the I> address o+ the rs:nc ser.er the Rs:nc Mode is &syn' o#er SS= the rs:nc is schedu%ed to occur e.er: 1* minutes the !ser is set to root so it has ermission to write an:whereR the u=%ic )e: +or this user must =e 'enerated on 19S= and co ied to 19;; the 1reser#e 1ermissions chec)=o5 is chec)ed so that the ori'ina% o.erwritten =: the root user ermissions are not
-nce :ou sa.e the rs:nc tas)D the rs:nc wi%% automatica%%: occur accordin' to :our schedu%e. In this e5am %eD the contents o+ 2mnt2lo'al2images2 wi%% automatica%%: a ear in 2mnt2remote2images2 a+ter 1* minutes. I+ the content does not a earD use "he%% on 19;; to read 2#ar2log2messages. I+ the messa'e indicates a 0n Anew%ine characterB in the )e:D remo.e the s ace in :our asted )e:;;it wi%% =e a+ter the character that a ears Iust =e+ore the 0n in the error messa'e.
$."
S.4.A.2.*. *ests
".M.A.R.<. A"e%+;Monitorin'D Ana%:sis and Re ortin' <echno%o':B is a monitorin' s:stem +or com uter hard dis) dri.es to detect and re ort on .arious indicators o+ re%ia=i%it:. When a +ai%ure is antici ated =: ".M.A.R.<.D the dri.e shou%d =e re %aced. Most modern A<AD I(4 and "C"I;3 hard dri.es su ort ".M.A.R.<.;;re+er to :our dri.e's documentation i+ :ou are unsure. $i'ure &.*a shows the con+i'uration screen that a ears when :ou c%ic) ":stem N ".M.A.R.<. <ests N Add ".M.A.R.<. <est. <he tests that :ou create wi%% =e %isted under 3iew ".M.A.R.<. <ests. A+ter creatin' :our testsD chec) the con+i'uration in "er.ices N ".M.A.R.<.D then c%ic) the s%ider to -N +or the ".M.A.R.<. ser.ice in "er.ices N Contro% "er.ices. <he ".M.A.R.<. ser.ice wi%% not start i+ :ou ha.e not created an: .o%umes. N6*7: to re.ent ro=%emsD do not ena=%e the ".M.A.R.<. ser.ice i+ :our dis)s are contro%%ed =: a RAI( contro%%er as it is the Io= o+ the contro%%er to monitor ".M.A.R.<. and mar) dri.es as >redicti.e $ai%ure when the: tri .
Page )# of 280
<a=%e &.*a summari8es the con+i'ura=%e o tions when creatin' a ".M.A.R.<. test. *a(le $."a: S.4.A.2.*. *est 6!tions Setting (is) <: e "hort descri tion Hour (a: o+ month Month (a: o+ wee) ?alue %ist 8escri!tion hi'h%i'ht dis)AsB to monitor se%ect t: e o+ test to runR see smartct%A6B +or a descri tion o+ each dro ;down menu t: e o+ test Anote that some test t: es wi%% de'rade er+ormance or ta)e dis)AsB o++%ineB strin' s%ider or hour se%ections s%ider or da: se%ections chec)=o5es chec)=o5es o tiona% i+ use the s%iderD test occurs e.er: N hoursR i+ use hour se%ectionsD test occurs at the hi'h%i'hted hours i+ use the s%iderD test occurs e.er: N da:sR i+ use da: se%ectionsD test occurs on the hi'h%i'hted da:s se%ect the months when :ou wish the test to occur se%ect the da:s o+ the wee) when :ou wish the test to occur
Fou can .eri+: which tests wi%% run and when =: t: in' s3artd >B s o0tests within "he%%. FreeNAS 9.2.1 Users Guide Page )$ of 280
$.%
Settings
<he "ettin's ta=D shown in $i'ure &.,aD contains & ta=sK 2enera%D Ad.ancedD 4mai%D and ""9. Figure $.%a: General *a( of Settings
$.%.1
General *a(
<a=%e &.,a summari8es the settin's that can =e con+i'ured usin' the 2enera% ta=K *a(le $.%a: General *a(/s 'onfiguration Settings Setting >rotoco% We=2!I I>.& Address ?alue 8escri!tion rotoco% to use when connectin' to the administrati.e 2!I +rom a =rowserR i+ dro ;down :ou chan'e the de+au%t o+ =??1 to =??1SD an unsi'ned certi+icate and R"A menu )e: wi%% =e 'enerated and :ou wi%% =e %o''ed out in order to acce t the certi+icate dro ;down choose +rom a %ist o+ recent I> addresses to %imit the one to use when menu accessin' the administrati.e 2!IR the =ui%t;in H<<> ser.er wi%% automatica%%: =ind to the wi%dcard address o+ 0.0.0.0 Aan: addressB and wi%% issue an a%ert i+ Page )" of 280
Setting
8escri!tion the s eci+ied address =ecomes una.ai%a=%e choose +rom a %ist o+ recent I>., addresses to %imit the one to use when We=2!I dro ;down accessin' the administrati.e 2!IR the =ui%t;in H<<> ser.er wi%% automatica%%: I>., menu =ind to the wi%dcard address o+ )) Aan: addressB and wi%% issue an a%ert i+ the Address s eci+ied address =ecomes una.ai%a=%e a%%ows :ou to con+i'ure a non;standard ort +or accessin' the administrati.e We=2!I inte'er 2!I o.er H<<>R chan'in' this settin' ma: reEuire :ou to chan'e a +ire+o5 H<<> >ort con+i'uration settin' We=2!I a%%ows :ou to con+i'ure a non;standard ort +or accessin' the administrati.e H<<>" inte'er 2!I o.er H<<>" >ort dro ;down se%ect the %oca%i8ation +rom the dro ;down menu and re%oad the =rowserR :ou 9an'ua'e menu can .iew the status o+ %oca%i8ation at oot%e.+reenas.or' Conso%e dro ;down Ke:=oard se%ect the )e:=oard %a:out menu Ma dro ;down <ime8one se%ect the time8one +rom the dro ;down menu menu I> address or hostname o+ remote s:s%o' ser.er to send $reeNA"1 %o's toR ":s%o' strin' once setD %o' entries wi%% =e written to =oth the $reeNA"1 conso%e and the ser.er remote ser.er can se%ect one o+ A'ti#e ire'tory3 omain "ontroller3 ; A13 N8SD or N?4R i+ (irector: dro ;down a ser.ice is se%ectedD an entr: named ire'tory Ser#i'es wi%% =e added to "er.ice menu "er.ices N Contro% "er.ices +or mana'in' that se%ected ser.ice N6*7: =: de+au%tD %o's are stored in RAM as there is no s ace on the em=edded de.ice to store %o's. <his means that %o's are de%eted whene.er the s:stem re=oots. I+ :ou wish to sa.e the s:stem %o'sD eitherK con+i'ure a remote s:s%o' ser.er on another !ni5;%i)e o eratin' s:stemD or create a 0$" dataset ca%%ed syslog and re=oot the s:stemR $reeNA"1 wi%% automatica%%: create a log2 director: in this dataset which contains the %o's I+ :ou ma)e an: chan'esD c%ic) the "a.e =utton. <his ta= a%so contains the +o%%owin' =uttonsK Factor+ 2estore: resets the con+i'uration data=ase to the de+au%t =ase .ersion. Howe.erD it does not de%ete user ""H )e:s or an: other data stored in a user's home director:. "ince an: con+i'uration chan'es stored in the con+i'uration data=ase wi%% =e erasedD this o tion is hand: i+ :ou mess u :our s:stem or wish to return a test s:stem to the ori'ina% con+i'uration. Sa,e 'onfig: used to create a =ac)u co : o+ the current con+i'uration data=ase in the +ormat hostname-#ersion-ar'hite't!re. Al-a)$ $a'e the co%*i#!ratio% a*ter (a0i%# cha%#e$ a%d 'eri*) that )o! ha'e a $a'ed co%*i#!ratio% be*ore "er*or(i%# a% !"#rade. <his +orum ost contains a scri t to FreeNAS 9.2.1 Users Guide Page )% of 280
?alue
=ac)u the con+i'uration which cou%d =e customi8ed and added as a cron Io=. <his +orum ost contains an a%ternate scri t which on%: sa.es a co : o+ the con+i'uration when it chan'es. And this +orum ost contains a scri t +or =ac)in' u the con+i'uration +rom another s:stem. U!load 'onfig: a%%ows :ou to =rowse to %ocation o+ sa.ed con+i'uration +i%e in order to restore that con+i'uration. $.%.2 Ad,anced *a(
<he Ad.anced ta=D shown in $i'ure &.,=D a%%ows :ou to set some misce%%aneous settin's on the $reeNA"1 s:stem. <he con+i'ura=%e settin's are summari8ed in <a=%e &.,=. Figure $.%(: Ad,anced *a(
*a(le $.%(: Ad,anced *a(/s 'onfiguration Settings Setting 4na=%e Conso%e Menu !se "eria% Conso%e "eria% >ort Address "eria% >ort " eed 4na=%e screen sa.er 4na=%e owerd A>ower "a.in' (aemonB "wa si8e ?alue chec)=o5 chec)=o5 strin' dro ;down menu chec)=o5 chec)=o5 non;8ero inte'er re resentin' 2# 8escri!tion unchec)in' this =o5 remo.es the conso%e menu shown in $i'ure 2.*a do %ot chec) this =o5 i+ :our seria% ort is disa=%ed seria% ort address written in he5 se%ect the s eed used =: the seria% ort ena=%es@disa=%es the conso%e screen sa.er owerdA6B monitors the s:stem state and sets the C>! +reEuenc: accordin'%: =: de+au%tD a%% data dis)s are created with this amount o+ swa R this settin' does not a++ect %o' or cache de.ices as the: are created without swa wi%% dis %a: conso%e messa'es in rea% time at =ottom o+ =rowserR c%ic) the conso%e to =rin' u a scro%%a=%e Page )) of 280
"how conso%e messa'es in chec)=o5 the +ooter FreeNAS 9.2.1 Users Guide
Setting
?alue
"how trace=ac)s in case o+ chec)=o5 +ata% errors "how ad.anced +ie%ds =: de+au%t 4na=%e autotune 4na=%e de=u' )erne% chec)=o5
chec)=o5 chec)=o5
4na=%e automatic u %oad o+ chec)=o5 )erne% crash dum s M-<( =anner strin'
8escri!tion screenR chec) the O"to re+reshP =o5 in the scro%%a=%e screen to ause u datin' and unchec) the =o5 to continue to watch the messa'es as the: occur ro.ides a o ;u o+ dia'nostic in+ormation when a +ata% error occurs se.era% 2!I menus ro.ide an Ad.anced Mode =utton to access additiona% +eaturesR ena=%in' this shows these +eatures =: de+au%t ena=%es the autotune scri t which attem ts to o timi8e the s:stem de endin' u on the hardware which is insta%%ed i+ chec)edD ne5t =oot wi%% =oot into a de=u' .ersion o+ the )erne% i+ chec)edD )erne% crash dum s are automatica%%: sent to the $reeNA"1 de.e%o ment team +or dia'nosis in ut the messa'e to =e seen when a user %o's in .ia ""H
I+ :ou ma)e an: chan'esD c%ic) the "a.e =utton. <his ta= a%so contains the +o%%owin' =uttonsK 2e(uild <8APEA8 'ac e: c%ic) i+ :ou add a user to Acti.e (irector: who needs immediate access to $reeNA"1R otherwise this occurs automatica%%: once a da: as a cron Io=. Sa,e 8e(ug: used to 'enerate a te5t +i%e o+ dia'nostic in+ormation. t wi%% rom t +or the %ocation to sa.e the A"CII te5t +i%e. Fir30are U!date: used to ! 'rade $reeNA"1.
!.(.2.1 Autotune
$reeNA"1 ro.ides an autotune scri t which attem ts to o timi8e the s:stem de endin' u on the hardware which is insta%%ed. $or e5am %eD i+ a 0$" .o%ume e5ists on a s:stem with %imited RAMD the autotune scri t wi%% automatica%%: adIust some 0$" s:sct% .a%ues in an attem t to minimi8e 0$" memor: star.ation issues. It shou%d on%: =e used as a tem orar: measure on a s:stem that han's unti% the under%:in' hardware issue is addressed =: addin' more RAM. Autotune wi%% a%wa:s s%ow the s:stem down as it ca s the ARC. <he O4na=%e autotuneP chec)=o5 in ":stem N "ettin's N Ad.anced is unchec)ed =: de+au%tR chec) it i+ :ou wou%d %i)e the autotuner to run at =oot time. I+ :ou wou%d %i)e the scri t to run immediate%:D re=oot the s:stem. I+ autotuner +inds an: settin's that need adIustin'D the chan'ed .a%ues wi%% a ear in ":stem N ":sct%s A+or sys'tl.'onf .a%uesB and in ":stem N <una=%es A+or loader.'onf .a%uesB. I+ :ou do not %i)e the chan'esD :ou can modi+: the .a%ues that are dis %a:ed in the 2!I and :our chan'es wi%% o.erride the .a%ues that were created =: the autotune scri t. Howe.erD i+ :ou de%ete a s:sct% or tuna=%e that was FreeNAS 9.2.1 Users Guide Page )8 of 280
created =: autotuneD it wi%% =e recreated at ne5t =oot. <his is =ecause autotune on%: creates .a%ues that do not a%read: e5ist. I+ :ou are tr:in' to increase the er+ormance o+ :our $reeNA"1 s:stem and sus ect that the current hardware ma: =e %imitin' er+ormanceD tr: ena=%in' autotune. I+ :ou wish to read the scri t to see which chec)s are 2!sr2lo'al2$in2a!tot!ne. $.%.# 73ail *a( er+ormedD the scri t is %ocated in
<he 4mai% ta=D shown in $i'ure &.,cD is used to con+i'ure the emai% settin's on the $reeNA"1 s:stem. <a=%e &.,c summari8es the settin's that can =e con+i'ured usin' the 4mai% ta=. N6*7: it is im ortant to con+i'ure the s:stem so that it can success+u%%: send emai%s. An automatic scri t send a ni'ht%: emai% to the root user account containin' im ortant in+ormation such as the hea%th o+ the dis)s. A%ert e.ents are a%so emai%ed to the root user account. Figure $.%c: 73ail *a(
Page )9 of 280
*a(le $.%c: 73ail *a(/s 'onfiguration Settings Setting $rom emai% -ut'oin' mai% ser.er >ort to connect to <9"@""9 !se "M<> Authentication !sername >assword "end <est Mai% ?alue strin' 8escri!tion the Fro( emai% address to =e used when sendin' emai% noti+ications
strin' or I> address hostname or I> address o+ "M<> ser.er inte'er dro ;down menu chec)=o5 strin' strin' =utton "M<> ort num=erD t: ica%%: 2*D &,* Asecure "M<>BD or *6/ Asu=missionB encr: tion t: eR choices are 1lainD SS;D or ?;S ena=%es@disa=%es "M<> A!<H usin' >9AIN "A"9 used to authenticate with "M<> ser.er used to authenticate with "M<> ser.er c%ic) to chec) that con+i'ured emai% settin's are wor)in'R this wi%% +ai% i+ :ou do not set the To emai% address =: c%ic)in' the Chan'e 4;mai% =utton +or the root account in Accounts N !sers N 3iew !sers
$.%.$
SS< *a(
When :ou chan'e the >rotoco% .a%ue to H<<>" in ":stem N "ettin's N 2enera%D an unsi'ned R"A certi+icate and )e: are auto;'enerated. -nce 'eneratedD the certi+icate and )e: wi%% =e dis %a:ed in the ""9 Certi+icate +ie%d in ":stem N "ettin's N ""9D shown in $i'ure &.,d. I+ :ou a%read: ha.e :our own si'ned certi+icate that :ou wish to use +or ""9@<9" connectionsD re %ace the .a%ues in the ""9 certi+icate +ie%d with a co :@ aste o+ :our own )e: and certi+icate. <he certi+icate can =e used to secure the H<<> connection Aena=%ed in the "ettin's N 2enera% <a=B to the $reeNA"1 s:stem. <a=%e &.,d summari8es the settin's that can =e con+i'ured usin' the ""9 ta=. <his howto shows how to manua%%: 'enerate :our own certi+icate usin' - en""9 and ro.ides some e5am %es +or the .a%ues shown in <a=%e &.,d.
Page 80 of 280
*a(le $.%d: SS< *a(/s 'onfiguration Settings Setting -r'ani8ation -r'ani8ationa% !nit 4mai% Address 9oca%it: "tate Countr: Common Name >ass hrase ""9 Certi+icate ?alue strin' strin' strin' strin' strin' strin' strin' 8escri!tion o tiona% o tiona% o tiona% o tiona% o tiona% o tiona% o tiona% i+ the certi+icate was created with a ass hraseD in ut and con+irm itR strin' the .a%ue wi%% a ear as dots in the 2!I strin' aste the ri.ate )e: and certi+icate into the =o5
Page 81 of 280
N6*7: $reeNA"1 wi%% chec) the .a%idit: o+ the certi+icate and )e: and wi%% +a%%=ac) to H<<> i+ the: a ear to =e in.a%id.
$.)
S+sctls
s:sct%A6B is an inter+ace that is used to ma)e chan'es to the $ree#"( )erne% runnin' on a $reeNA"1 s:stem. It can =e used to tune the s:stem in order to meet the s eci+ic needs o+ a networ). -.er +i.e hundred s:stem .aria=%es can =e set usin' s:sct%A6B. 4ach .aria=%e is )nown as a MI# as it is com rised o+ a dotted set o+ com onents. "ince these MI#s are s eci+ic to the )erne% +eature that is =ein' tunedD descri tions can =e +ound in man: $ree#"( man a'es Ae.'. s:sct%A3BD tc A&B and tunin'A/BB and in man: sections o+ the $ree#"( Hand=oo). 8ANG72C chan'in' the .a%ue o+ a s:sct% MI# is an ad.anced +eature that immediate%: a++ects the )erne% o+ the $reeNA"1 s:stem. Do %ot cha%#e a M1, o% a "rod!ctio% $)$te( !%le$$ )o! !%der$ta%d the ra(i*icatio%$ o* that cha%#e. A =ad%: con+i'ured MI# cou%d cause the s:stem to =ecome un=oota=%eD unreacha=%e .ia the networ)D or can cause the s:stem to anic under %oad. Certain chan'es ma: =rea) assum tions made =: the $reeNA"1 so+tware. <his means that :ou shou%d a%wa:s test the im act o+ an: chan'es on a test s:stem +irst. $reeNA"1 ro.ides a 'ra hica% inter+ace +or mana'in' s:sct% MI#s. <o add a s:sct%D 'o to ":stem N ":sct%s N Add ":sct%D shown in $i'ure &./a. Figure $.)a: Adding a S+sctl
<a=%e &./a summari8es the o tions when addin' a s:sct%. *a(le $.)a: Adding a S+sctl Setting 3aria=%e ?alue strin' inte'er or 3a%ue strin' Comment strin' 4na=%ed chec)=o5 8escri!tion must =e in dotted +ormat e.'. kern.i*'.shmma( .a%ue to associate with the MI#R do %ot (a0e thi$ !"D re+er to the su''ested .a%ues in a man a'eD $ree#"( Hand=oo) a'eD or tutoria% o tiona%D =ut a use+u% reminder +or the reason =ehind usin' this MI#@.a%ue unchec) i+ :ou wou%d %i)e to disa=%e the s:sct% without de%etin' it
Page 82 of 280
As soon as :ou add or edit a s:sct%D the runnin' )erne% wi%% chan'e that .aria=%e to the .a%ue :ou s eci+:. As %on' as the s:sct% e5istsD that .a%ue wi%% ersist across re=oots and u 'rades. Note that an: s:sct% that is read;on%: wi%% reEuire a re=oot to ena=%e the settin' chan'e. Fou can .eri+: i+ a s:sct% is read;on%: =: attem tin' to chan'e it +rom "he%%. $or e5am %eD to chan'e the .a%ue o+ net.inet.t'*.delay,a'k to 1D use the command s+sctl net.inet.tc!.dela+:ac9D1. I+ the s:sct% .a%ue is read;on%:D an error messa'e wi%% indicate that the settin' is read;on%:. I+ :ou do not 'et an errorD the settin' is now a %ied. Howe.erD +or the settin' to =e ersistent across re=ootsD the s:sct% must =e added in ":stem N ":sct%s. An: MI#s that :ou add wi%% =e %isted in ":stem N ":sct%s N 3iew ":sct%s. <o chan'e the .a%ue o+ a MI#D c%ic) its 4dit =utton. <o remo.e a MI#D c%ic) its (e%ete =utton. At this timeD the 2!I does not dis %a: the s:sct% MI#s that are re;set in the insta%%ation ima'e. 9.2.1 shi s with the +o%%owin' MI#s setK
kern.metadelay=3 kern.dirdelay=4 kern.filedelay=5 kern.coredump=0 net.inet.tcp.delayed_ack=0
Do %ot add or edit the de*a!lt M1,S a$ $)$ctl$ as doin' so wi%% o.erwrite the de+au%t .a%ues which ma: render the s:stem unusa=%e.
$.8
S+ste3 Infor3ation
":stem N ":stem In+ormation dis %a:s 'enera% in+ormation a=out the $reeNA"1 s:stem. An e5am %e is seen in $i'ure &.6a. <he in+ormation inc%udes the hostnameD the =ui%d .ersionD t: e o+ C>! A %at+ormBD the amount o+ memor:D the current s:stem timeD the s:stem's u timeD and the current %oad a.era'e. <o chan'e the s:stem's hostnameD c%ic) its O4ditP =uttonD t: e in the new hostnameD and c%ic) O-KP. <he hostname must inc%ude the domain name. I+ the networ) does not use a domain name add .lo'al to the end o+ the hostname.
Page 8# of 280
$.9
*una(les
When a $ree#"(;=ased s:stem =ootsD %oader.con+A*B is read to determine i+ an: arameters shou%d =e assed to the )erne% or i+ an: additiona% )erne% modu%es Asuch as dri.ersB shou%d =e %oaded. "ince %oader .a%ues are s eci+ic to the )erne% arameter or dri.er to =e %oadedD descri tions can =e +ound in the man a'e +or the s eci+ied dri.er and in man: sections o+ the $ree#"( Hand=oo). $reeNA"1 ro.ides a 'ra hica% inter+ace +or mana'in' %oader .a%ues. <his ad.anced +unctiona%it: is intended to ma)e it easier to %oad additiona% )erne% modu%es at =oot time. A t: ica% usa'e wou%d =e to %oad a $ree#"( hardware dri.er that does not automatica%%: %oad a+ter a $reeNA"1 insta%%ation. <he de+au%t $reeNA"1 ima'e does not %oad e.er: ossi=%e hardware dri.er. <his is a necessar: e.i% as some dri.ers con+%ict with one another or cause sta=i%it: issuesD some are rare%: usedD and some dri.ers Iust don't =e%on' on a standard NA" s:stem. I+ :ou need a dri.er that is not automatica%%: %oadedD :ou need to add a tuna=%e. 8ANG72C addin' a tuna=%e is an ad.anced +eature that cou%d ad.erse%: e++ect the a=i%it: o+ the $reeNA"1 s:stem to success+u%%: =oot. It is 'er) i("orta%t that :ou do not ha.e a t: o when addin' a tuna=%e as this cou%d ha%t the =oot rocess. $i5in' this ro=%em reEuires h:sica% access to the FreeNAS 9.2.1 Users Guide Page 8$ of 280
$reeNA"1 s:stem and )now%ed'e o+ how to use the =oot %oader rom t as descri=ed in Reco.erin' $rom Incorrect <una=%es. <his means that :ou shou%d a%wa:s test the im act o+ an: chan'es on a test s:stem +irst. <o add a tuna=%eD 'o to ":stem N <una=%es N Add <una=%eD as seen in $i'ure &.9a. Figure $.9a: Adding a *una(le
<a=%e &.9a summari8es the o tions when addin' a tuna=%e. <he chan'es :ou ma)e wi%% not ta)e e++ect unti% the s:stem is re=ooted as %oader settin's are on%: read when the )erne% is %oaded at =oot time. As %on' as the tuna=%e e5istsD :our chan'es wi%% ersist at each =oot and across u 'rades. An: tuna=%es that :ou add wi%% =e %isted a% ha=etica%%: in ":stem N <una=%es N 3iew <una=%es. <o chan'e the .a%ue o+ a tuna=%eD c%ic) its 4dit =utton. <o remo.e a tuna=%eD c%ic) its (e%ete =utton. *a(le $.9a: Adding a *una(le Setting 3aria=%e ?alue strin' inte'er or 3a%ue strin' Comment strin' 4na=%ed chec)=o5 8escri!tion t: ica%%: the name o+ the dri.er to %oadD as indicated =: its man a'e .a%ue to associate with .aria=%eR t: ica%%: this is set to -.S to ena=%e the dri.er s eci+ied =: the .aria=%e o tiona%D =ut a use+u% reminder +or the reason =ehind addin' this tuna=%e unchec) i+ :ou wou%d %i)e to disa=%e the tuna=%e without de%etin' it
At this timeD the 2!I does not dis %a: the tuna=%es that are re;set in the insta%%ation ima'e. 9.2.1 shi s with the +o%%owin' tuna=%es setK
autoboot_delay="2" loader_logo="freenas-logo" loader_menu_title="Welcome to FreeNAS" loader_brand="freenas-brand" loader_version=" " debug.debugger_on_panic=1 debug.ddb.textdump.pending=1 hw.hptrr.attach_generic=0 kern.ipc.nmbclusters="262144" vfs.mountroot.timeout="30"
Do %ot add or edit the de*a!lt t!%able$ as doin' so wi%% o.erwrite the de+au%t .a%ues which ma: render the s:stem unusa=%e. <he 0$" .ersion used in 9.2.1 de recates the +o%%owin' tuna=%esK
vfs.zfs.write_limit_override vfs.zfs.write_limit_inflated vfs.zfs.write_limit_max vfs.zfs.write_limit_min vfs.zfs.write_limit_shift vfs.zfs.no_write_throttle
I+ :ou u 'rade +rom an ear%ier .ersion o+ $reeNA"1 where these tuna=%es are setD the: wi%% automatica%%: =e de%eted +or :ou. Fou shou%d not tr: to add these tuna=%es =ac). $.9.1 2eco,ering Fro3 Incorrect *una(les
I+ a tuna=%e is re.entin' the s:stem +rom =ootin'D :ou wi%% need h:sica% access to the $reeNA"1 s:stem. Watch the =oot messa'es and ress the num=er 3 )e: or the 4sc )e: to se%ect O3. 7sca e to %oader rom tP when :ou see the $reeNA"1 =oot menu shown in $i'ure &.9=. Figure $.9(: FreeNAS 5oot 4enu
<he =oot %oader rom t ro.ides a minima% set o+ commands descri=ed in %oaderA6B. -nce at the rom tD use the unset command to disa=%e a ro=%ematic .a%ueD the set command to modi+: the FreeNAS 9.2.1 Users Guide Page 8% of 280
ro=%ematic .a%ueD or the unload command to re.ent the ro=%ematic dri.er +rom %oadin'. 45am %e &.9a demonstrates se.era% e5am %es usin' these commands at the =oot %oader rom t. <he +irst command disa=%es the current .a%ue associated with the kern.i*'.nm$'l!sters MI# and wi%% +ai% with a Ono such +i%e or director:P error messa'e i+ a current tuna=%e does not e5ist to set this .a%ue. <he second command disa=%es AC>I. <he third command instructs the s:stem not to %oad the +use dri.er. When +inishedD t: e (oot to continue the =oot rocess. 7-a3!le $.9a: Sa3!le 'o33ands at t e 5oot <oader Pro3!t
Type '?' for a list of commands, 'help' for more detailed help. OK unset kern.ipc.nmbclusters OK set hint.acpi.0.disabled=1 OK unload fuse OK boot
An: chan'es made at the =oot %oader rom t on%: e++ect the current =oot. <his means that :ou need to edit or remo.e the ro=%ematic tuna=%e in ":stem N <una=%es N 3iew <una=%es to ma)e :our chan'e ermanent and to re.ent +uture =oot errors.
"
Net0or9 'onfiguration
2%o=a% Con+i'urationK used to to set non;inter+ace s eci+ic networ) settin's. Inter+acesK used to con+i'ure a s eci+ied inter+ace's networ) settin's. I>MIK ro.ides side;=and mana'ement shou%d the a %iance =ecome una.ai%a=%e throu'h the 'ra hica% administrati.e inter+ace. 9in) A''re'ationsK used to con+i'ure %in) a''re'ation and %in) +ai%o.er. Networ) "ummar:K ro.ides an o.er.iew o+ the current networ) settin's. "tatic RoutesK used to add static routes. 39ANsK used to con+i'ure I444 602.1E ta''in'.
<he Networ) section o+ the administrati.e 2!I contains the +o%%owin' com onents +or .iewin' and con+i'urin' the $reeNA"1 s:stem's networ) settin'sK
".1
Glo(al 'onfiguration
Networ) N 2%o=a% Con+i'urationD shown in $i'ure *.1aD a%%ows :ou to set non;inter+ace s eci+ic networ) settin's. <a=%e *.1a summari8es the settin's that can =e con+i'ured usin' the 2%o=a% Con+i'uration ta=. <he hostname and domain wi%% =e re;+i%%ed +or :ouD as seen in $i'ure *.1aD =ut can =e chan'ed to meet the %oca% networ)'s reEuirements. I+ :ou wi%% =e usin' Acti.e (irector:D set the I> address o+ the (N" ser.er used in the rea%m.
Page 8) of 280
I+ :our networ) does not ha.e a (N" ser.er or N$"D ""HD or $<> users are recei.in' Ore.erse (N"P or timeout errorsD add an entr: +or the I> address o+ the $reeNA"1 s:stem in the OHost name data=aseP +ie%d. N6*7: i+ :ou add a 'atewa: to the InternetD ma)e sure that the $reeNA"1 s:stem is rotected =: a ro er%: con+i'ured +irewa%%. Figure ".1a: Glo(al 'onfiguration Screen
*a(le ".1a: Glo(al 'onfiguration Settings Setting Hostname (omain I>.& (e+au%t 2atewa: I>., (e+au%t 2atewa: Nameser.er 1 Nameser.er 2 Nameser.er 3 ?alue strin' strin' I> address I> address I> address I> address I> address 8escri!tion s:stem host name s:stem domain name t: ica%%: not set Asee N-<4 =e%owB t: ica%%: not set Asee N-<4 =e%owB rimar: (N" ser.er At: ica%%: in Windows domainB secondar: (N" ser.er tertiar: (N" ser.er Page 88 of 280
Setting
8escri!tion i+ ena=%edD networ) ser.ices wi%% not =e started at =oot time unti% 4na=%e netwait +eature chec)=o5 the inter+ace is a=%e to in' the addresses %isted in Net:ait 81 list i+ .na$le net:ait feat!re is chec)edD %ist o+ I> addresses to in'R Netwait I> %ist strin' otherwiseD in' the de+au%t 'atewa: used to add one entr: er %ine which wi%% =e a ended to Host name data=ase strin' 2et'2hostsR use the +ormat 81,address s*a'e hostname where mu%ti %e hostnames can =e used i+ se arated =: a s ace N6*7: In man: casesD a $reeNA"1 con+i'uration wi%% de%i=erate%: e5c%ude de+au%t 'atewa: in+ormation as a wa: to ma)e it more di++icu%t +or a remote attac)er to communicate with the ser.er. Whi%e this is a reasona=%e recautionD such a con+i'uration does %ot restrict in=ound tra++ic +rom sources within the %oca% networ). Howe.erD omittin' a de+au%t 'atewa: wi%% re.ent the $reeNA"1 s:stem +rom communicatin' with (N" ser.ersD time ser.ersD and mai% ser.ers that are %ocated outside o+ the %oca% networ). In this caseD it is recommended that "tatic Routes =e added in order to reach e5terna% (N"D N<>D and mai% ser.ers which are con+i'ured with static I> addresses.
?alue
".2
Interfaces
Networ) N Inter+aces is used to .iew which inter+aces ha.e =een manua%%: con+i'uredD to add a manua%%: con+i'ured inter+aceD and to edit an inter+ace's manua% con+i'uration. N6*7: t: ica%%: the inter+ace used to access the $reeNA"1 administrati.e 2!I is con+i'ured =: (HC>. <his inter+ace wi%% not a ear in this screenD e.en thou'h it is a%read: d:namica%%: con+i'ured and in use. $i'ure *.2a shows the screen that o ens when :ou c%ic) Inter+aces N Add Inter+ace. <a=%e *.2a summari8es the con+i'uration o tions when :ou Add an inter+ace or 4dit an a%read: con+i'ured inter+ace.
Page 89 of 280
*a(le ".2a: Interface 'onfiguration Settings Setting 8escri!tion se%ect the $ree#"( de.ice nameR wi%% =e a read;on%: +ie%d when NIC dro ;down menu editin' an inter+ace Inter+ace Name strin' descri tion o+ inter+ace reEuires static I>.& or I>., con+i'uration i+ unchec)edR note that (HC> chec)=o5 on%: one inter+ace can =e con+i'ured +or (HC> I>.& Address I> address set i+ (HC> unchec)ed I>.& Netmas) dro ;down menu set i+ (HC> unchec)ed Auto con+i'ure on%: one inter+ace can =e con+i'ured +or this o tionR reEuires chec)=o5 I>., manua% con+i'uration i+ unchec)ed and wish to use I>., I>., Address I>., address must =e uniEue on networ) I>., >re+i5 dro ;down menu match the re+i5 used on networ) 9en'th additiona% arameters +rom i+con+i'A6BD one er %ineR +or e5am %eK - tions strin' mt! 4000 wi%% increase the M<! +or inter+aces that su ort Ium=o +rames ?alue
Page 90 of 280
<his screen a%so a%%ows :ou to con+i'ure an a%ias +or the inter+ace. I+ :ou wish to set mu%ti %e a%iasesD c%ic) the OAdd e5tra a%iasP %in) +or each a%ias :ou wish to con+i'ure. <o de%ete an a%iasD hi'h%i'ht the inter+ace in the tree to access its M4ditM screen. #e sure to chec) the M(e%eteM chec)=o5 associated with the a%ias. I+ :ou instead c%ic) the M(e%eteM =utton at the =ottom o+ this screenD :ou wi%% de%ete the who%e inter+aceD not Iust the a%ias. When con+i'urin' mu%ti %e inter+acesD the: can not =e mem=ers o+ the same su=net. Chec) the su=net mas) i+ :ou recei.e an error when settin' the I> addresses on mu%ti %e inter+aces. When con+i'urin' an inter+ace +or =oth I>.& and I>.,D this screen wi%% not %et :ou set =oth addresses as rimar:. In other wordsD :ou wi%% 'et an error i+ :ou +i%% in =oth the 81#4 address and 81#5 address +ie%ds. InsteadD set one o+ these address +ie%ds and create an a%ias +or the other address.
".#
IP4I
#e'innin' with .ersion 9.2.1D $reeNA"1 ro.ides a 'ra hica% screen +or con+i'urin' an I>MI inter+ace. <his screen wi%% on%: a ear i+ the s:stem hardware inc%udes a #ase=oard Mana'ement Contro%%er A#MCB and the I>MI )erne% modu%e is %oaded. I>MI ro.ides side;=and mana'ement shou%d the s:stem =ecome una.ai%a=%e throu'h the 'ra hica% administrati.e inter+ace. <his a%%ows +or a +ew .ita% +unctionsD such as chec)in' the %o'D accessin' the #I-" setu D and owerin' on the s:stem without reEuirin' h:sica% access to the s:stem. I>MI can a%so =e used to a%%ow another erson remote access to the s:stem in order to assist with a con+i'uration or trou=%eshootin' issue. #e+ore con+i'urin' I>MID ensure that the mana'ement inter+ace is h:sica%%: connected to the networ). (e endin' u on the hardwareD the I>MI de.ice ma: share the rimar: 4thernet inter+ace or it ma: =e a dedicated I>MI inter+ace. #e+ore con+i'urin' I>MID add a tuna=%e with a M3aria=%eM o+ i*mi,load and a M3a%ueM o+ -.S. <his wi%% con+i'ure the s:stem to %oad the dri.er at =ootu . <henD to %oad the i*mi )erne% modu%e nowD without re=ootin'D t: e this +rom "he%%K
kldload ipmi
-nce the modu%e is %oadedD I>MI shou%d =e con+i'ured +rom Networ) N I>MI. $i'ure *.3a shows the con+i'uration screen and <a=%e *.3a summari8es the o tions when con+i'urin' I>MI.
Page 91 of 280
*a(le ".#a: IP4I 6!tions Setting >assword (HC> I>.& Address I>.& Netmas) I>.& (e+au%t 2atewa: ?alue strin' chec)=o5 strin' dro ;down menu strin' 8escri!tion in ut the assword used to connect to the I>MI inter+ace +rom a we= =rowser i+ %e+t unchec)edD the +o%%owin' three +ie%ds must =e set I> address used to connect to the I>MI we= 2!I su=net mas) associated with the I> address de+au%t 'atewa: associated with the I> address
-nce con+i'uredD :ou can access the I>MI inter+ace usin' a we= =rowser and the I> address :ou s eci+ied in the con+i'uration. <he mana'ement inter+ace wi%% rom t +or a username and the assword that :ou con+i'ured. Re+er to the documentation +or the I>MI de.ice to determine the de+au%t administrati.e username. <he de+au%t username is A <8N Ain a%% ca sB. -nce :ou ha.e %o''ed into the mana'ement inter+aceD :ou can chan'e the administrati.e username as we%% as create additiona% users. <he a earance o+ the uti%it: and the +unctions that are a.ai%a=%e within the I>MI mana'ement uti%it: wi%% .ar: de endin' u on the hardware.
Page 92 of 280
".$
<in9 Aggregations
$reeNA"1 uses $ree#"('s %a''A&B inter+ace to ro.ide %in) a''re'ation and %in) +ai%o.er. <he %a'' inter+ace a%%ows a''re'ation o+ mu%ti %e networ) inter+aces into a sin'%e .irtua% %a'' inter+aceD ro.idin' +au%t;to%erance and hi'h;s eed mu%ti;%in) throu'h ut. <he a''re'ation rotoco%s su orted =: %a'' determine which orts are used +or out'oin' tra++ic and whether a s eci+ic ort acce ts incomin' tra++ic. <he %in) state o+ the %a'' inter+ace is used to .a%idate i+ the ort is acti.e or not. A''re'ation wor)s =est on switches su ortin' 9AC>D which distri=utes tra++ic =i;directiona%%: whi%e res ondin' to +ai%ure o+ indi.idua% %in)s. $reeNA"1 a%so su orts acti.e@ assi.e +ai%o.er =etween airs o+ %in)s. <he 9AC>D $4C and %oad;=a%ance modes se%ect the out ut inter+ace usin' a hash that inc%udes the 4thernet source and destination addressD 39AN ta' Ai+ a.ai%a=%eBD I> source and destination addressD and +%ow %a=e% AI>., on%:B. <he =ene+it can on%: =e o=ser.ed when mu%ti %e c%ients are trans+errin' +i%es *ro( :our NA". <he +%ow enterin' i%to :our NA" de ends on the 4thernet switch %oad;=a%ance a%'orithm. <he %a'' dri.er current%: su orts the +o%%owin' a''re'ation rotoco%sK
Failo,er: the de+au%t rotoco%. "ends tra++ic on%: throu'h the acti.e ort. I+ the master ort =ecomes una.ai%a=%eD the ne5t acti.e ort is used. <he +irst inter+ace added is the master ortR an: inter+aces added a+ter that are used as +ai%o.er de.ices. #: de+au%tD recei.ed tra++ic is on%: acce ted when recei.ed throu'h the acti.e ort. <his constraint can =e re%a5edD which is use+u% +or certain =rid'ed networ) setu sD =: settin' net.link.lagg.failo#er,r(,all to a non;8ero .a%ue in ":stem N ":sct%s N Add ":sct%. F7': su orts Cisco 4therChanne% on o%der Cisco switches. <his is a static setu and does not ne'otiate a''re'ation with the eer or e5chan'e +rames to monitor the %in). <A'P: su orts the I444 602.3ad 9in) A''re'ation Contro% >rotoco% A9AC>B and the Mar)er >rotoco%. 9AC> wi%% ne'otiate a set o+ a''re'a=%e %in)s with the eer into one or more %in) a''re'ated 'rou s A9A2sB. 4ach 9A2 is com osed o+ orts o+ the same s eedD set to +u%%;du %e5 o eration. <he tra++ic wi%% =e =a%anced across the orts in the 9A2 with the 'reatest tota% s eedR in most cases there wi%% on%: =e one 9A2 which contains a%% orts. In the e.ent o+ chan'es in h:sica% connecti.it:D %in) a''re'ation wi%% Euic)%: con.er'e to a new con+i'uration. 9AC> must =e con+i'ured on the switch as we%%. <oad 5alance: =a%ances out'oin' tra++ic across the acti.e orts =ased on hashed rotoco% header in+ormation and acce ts incomin' tra++ic +rom an: acti.e ort. <his is a static setu and does not ne'otiate a''re'ation with the eer or e5chan'e +rames to monitor the %in). <he hash inc%udes the 4thernet source and destination addressD 39AN ta' Ai+ a.ai%a=%eBD and I> source and destination address. ReEuires a switch which su orts I444 602.3ad static %in) a''re'ation. 2ound 2o(in: distri=utes out'oin' tra++ic usin' a round;ro=in schedu%er throu'h a%% acti.e orts and acce ts incomin' tra++ic +rom an: acti.e ort. <his mode can cause unordered ac)et arri.a% at the c%ient. <his has a side e++ect o+ %imitin' throu'h ut as reorderin' ac)ets can =e C>! intensi.e on the c%ient. ReEuires a switch which su orts I444 602.3ad static %in) a''re'ation. None: this rotoco% disa=%es an: tra++ic without disa=%in' the %a'' inter+ace itse%+. N6*7: the $reeNA"1 s:stem must =e re=ooted a+ter con+i'urin' the %a'' de.ice and <C> access wi%% =e %ost durin' re=oot. Do %ot con+i'ure the inter+aces used in the %a'' de.ice =e+ore creatin' the %a'' FreeNAS 9.2.1 Users Guide Page 9# of 280
9AC> =onds 4thernet connections in order to im ro.e =andwidth. $or e5am %eD +our h:sica% inter+aces can =e used to create one me'a inter+ace. Howe.erD it cannot increase the =andwidth +or a sin'%e con.ersation. It is desi'ned to increase =andwidth when mu%ti %e c%ients are simu%taneous%: accessin' the same s:stem. It a%so assumes that Eua%it: 4thernet hardware is used and it wi%% not ma)e much di++erence when usin' in+erior 4thernet chi sets such as a Rea%te). 9AC> reads the sender and recei.er I> addresses andD i+ the: are deemed to =e%on' to the same <C> connectionD a%wa:s sends the ac)et o.er the same inter+ace to ensure that <C> does not need to reorder ac)ets. <his ma)es 9AC> idea% +or %oad =a%ancin' man: simu%taneous <C> connectionsD =ut does nothin' +or increasin' the s eed o.er one <C> connection. M>I- o erates at the i"C"I rotoco% %e.e%. $or e5am %eD i+ :ou create +our I> addresses and there are +our simu%taneous <C> connectionsD M>I- wi%% send the data o.er a%% a.ai%a=%e %in)s. When con+i'urin' M>I-D ma)e sure that the I> addresses on the inter+aces are con+i'ured to =e on se arate su=nets with non;o.er%a in' netmas)s or con+i'ure static routes to do oint;to; oint communication. -therwiseD a%% ac)ets wi%% ass throu'h one inter+ace. 9AC> and other +orms o+ %in) a''re'ation 'enera%%: do not wor) we%% with .irtua%i8ation so%utions. In a .irtua%i8ed en.ironmentD consider the use o+ i"C"I M>I- throu'h the creation o+ an i"C"I >orta%. <his a%%ows an i"C"I initiator to reco'ni8e mu%ti %e %in)s to a tar'etD uti%i8in' them +or increased =andwidth or redundanc:. <his how;to contains instructions +or con+i'urin' M>I- on 4"7i. N$" does not understand M>I-. <here+oreD :ou wi%% need one +ast inter+ace since creatin' an i"C"I orta% wi%% not im ro.e =andwidth when usin' N$". 9AC> does not wor) we%% to increase the =andwidth +or oint;to; oint N$" Aone ser.er and one c%ientB. 9AC> is a 'ood so%ution +or %in) redundanc: or +or one ser.er and man: c%ients.
".$.2
#e+ore creatin' a %in) a''re'ationD dou=%e;chec) that no inter+aces ha.e =een manua%%: con+i'ured in Networ) N Inter+aces N 3iew Inter+aces. I+ an: con+i'ured inter+aces e5istD de%ete them as %a'' creation wi%% +ai% i+ an: inter+aces are manua%%: con+i'ured. $i'ure *.&a shows the con+i'uration o tions when addin' a %a'' inter+ace usin' Networ) N 9in) A''re'ations N Create 9in) A''re'ation.
Page 9$ of 280
N6*7: i+ inter+aces are insta%%ed =ut do not a ear in the >h:sica% NICs in the 9A22 %istD chec) that a $ree#"( dri.er +or the inter+ace e5ists here. "e%ect the desired a''re'ation rotoco%D hi'h%i'ht the inter+aceAsB to associate with the %a'' de.iceD and c%ic) the -K =utton. -nce the %a'' de.ice has =een createdD it wi%% =e %isted in the tree under an entr: which indicates the t: e o+ rotoco%. As seen in $i'ure *.&=D it wi%% a%so a ear in 3iew 9in) A''re'ations.
C%ic) a %in) a''re'ation entr: to see the =uttons to edit that %a'' inter+aceD de%ete the %in) a''re'ationD or edit the %a'''s mem=er inter+aces. I+ :ou c%ic) the 4dit =utton +or a %a''D :ou wi%% see the con+i'uration screen shown in $i'ure *.&c. <a=%e *.&a descri=es the o tions in this screen. A+ter creatin' the %a'' inter+aceD set the I> address manua%%: or with (HC> and sa.e. <he connection to the we= inter+ace ma: =e %ost at this ointD and i+ soD the s:stem must =e re=ooted +rom the conso%e setu menu. Fou ma: a%so ha.e to chan'e :our switch settin's to communicate throu'h the new %a'' inter+ace. A+ter re=ootD i+ the I> address was set manua%%:D :ou ma: a%so ha.e to manua%%: enter a de+au%t 'atewa: +rom the conso%e setu menu o tion in order to 'et access into the 2!I throu'h the new %a'' inter+ace.
Page 9% of 280
*a(le ".$a: 'onfigura(le 6!tions for a lagg Setting NIC ?alue strin' 8escri!tion read;on%: as automatica%%: assi'ned ne5t a.ai%a=%e numeric I( =: de+au%t same as de.ice ANICB nameD can =e chan'ed to a more descri ti.e .a%ue chec) i+ the %a'' de.ice 'ets its I> address in+o +rom (HC> ser.er mandator: i+ (HC> is %e+t unchec)ed mandator: i+ (HC> is %e+t unchec)ed chec) on%: i+ (HC> ser.er a.ai%a=%e to ro.ide I>., address in+o o tiona% reEuired i+ in ut I>., address additiona% i+con+i'A6B o tions
Inter+ace Name strin' (HC> I>.& Address I>.& Netmas) Auto con+i'ure I>., I>., Address I>., >re+i5 9en'th - tions chec)=o5 strin' dro ;down menu chec)=o5 strin' dro ;down menu strin'
<his screen a%so a%%ows :ou to con+i'ure an a%ias +or the %a'' inter+ace. I+ :ou wish to set mu%ti %e a%iasesD c%ic) the OAdd e5tra A%iasP %in) +or each a%ias :ou wish to con+i'ure.
Page 9) of 280
I+ :ou c%ic) the 4dit Mem=ers =uttonD c%ic) the entr: +or a mem=erD then c%ic) its 4dit =uttonD :ou wi%% see the con+i'uration screen shown in $i'ure *.&d. <he con+i'ura=%e o tions are summari8ed in <a=%e *.&=. Figure ".$d: 7diting a 4e3(er Interface
*a(le ".$(: 'onfiguring a 4e3(er Interface Setting 9A22 Inter+ace 'rou ?alue 8escri!tion dro ;down menu se%ect the mem=er inter+ace to con+i'ure order o+ se%ected inter+ace within the %a''R con+i'ure 9A22 >riorit: Num=er inte'er a +ai%o.er to set the master inter+ace to 0 and the other inter+aces to 1D 2D etc. 9A22 >h:sica% NIC dro ;down menu h:sica% inter+ace o+ the se%ected mem=er - tions strin' additiona% arameters +rom i+con+i'A6B N6*7: o tions can =e set at either the %a'' %e.e% Ausin' the 4dit =uttonB or the indi.idua% arent inter+ace %e.e% Ausin' the 4dit Mem=ers =uttonB. <: ica%%:D chan'es are made at the %a'' %e.e% A$i'ure *.&cB as each inter+ace mem=er wi%% inherit +rom the %a''. I+ :ou instead con+i'ure the inter+ace %e.e% A$i'ure *.&dBD :ou wi%% ha.e to re eat the con+i'uration +or each inter+ace within the %a''. Howe.erD some %a'' o tions can on%: =e set =: editin' the inter+ace. $or instanceD the M<! o+ a %a'' is inherited +rom the inter+ace. <o set an M<! on a %a''D set a%% the inter+aces to the same M<!. <o see i+ the %in) a''re'ation is %oad =a%ancin' ro er%:D run the +o%%owin' command +rom "he%%K
systat -ifstat
Page 98 of 280
"."
Net0or9 Su33ar+
Networ) N Networ) "ummar: a%%ows :ou to Euic)%: .iew the addressin' in+ormation o+ e.er: con+i'ured inter+ace. $or each inter+ace nameD the con+i'ured I> addressAesBD (N" ser.erAsBD and de+au%t 'atewa: wi%% =e dis %a:ed.
".%
Static 2outes
#: de+au%tD no static routes are de+ined on the $reeNA"1 s:stem. "hou%d :ou need a static route to reach ortions o+ :our networ)D add the route usin' Networ) N "tatic Routes N Add "tatic RouteD shown in $i'ure *.,a. Figure ".%a: Adding a Static 2oute
<he a.ai%a=%e o tions are summari8ed in <a=%e *.,a. *a(le ".%a: Static 2oute 6!tions Setting (estination networ) 2atewa: (escri tion ?alue inte'er inte'er strin' 8escri!tion use the +ormat A.B.". 2. where . is the CI(R mas) in ut the I> address o+ the 'atewa: o tiona%
I+ :ou add an: static routesD the: wi%% show in O3iew "tatic RoutesP. C%ic) a route's entr: to access its 4dit and (e%ete =uttons.
".)
?<ANs
$reeNA"1 uses $ree#"('s .%anA&B inter+ace to demu%ti %e5 +rames with I444 602.1E ta's. <his a%%ows nodes on di++erent 39ANs to communicate throu'h a %a:er 3 switch or router. A .%an inter+ace must =e assi'ned a arent inter+ace and a numeric 39AN ta'. A sin'%e arent can =e assi'ned to mu%ti %e .%an inter+aces ro.ided the: ha.e di++erent ta's. I+ :ou c%ic) Networ) N 39ANs N Add 39AND :ou wi%% see the screen shown in $i'ure *./a. FreeNAS 9.2.1 Users Guide Page 99 of 280
N6*7: 39AN ta''in' is the on%: 602.1E +eature that is im %emented. Additiona%%:D not a%% 4thernet inter+aces su ort +u%% 39AN rocessin'Wsee the HAR(WAR4 section o+ .%anA&B +or detai%s. Figure ".)a: Adding a ?<AN
<a=%e *./a summari8es the con+i'ura=%e +ie%ds. *a(le ".)a: Adding a ?<AN Setting 3irtua% Inter+ace 8escri!tion use the +ormat #lanX where X is a num=er re resentin' the .%an strin' inter+ace usua%%: an 4thernet card connected to a ro er%: con+i'ured switch >arent Inter+ace dro ;down menu ortR i+ usin' a new%: created %a'' de.iceD it wi%% not a ear in the dro ;down unti% the $reeNA"1 s:stem is re=ooted 39AN <a' inte'er shou%d match a numeric ta' set u in the switched networ) (escri tion strin' o tiona% ?alue
<he arent inter+ace o+ a .%an has to =e u D =ut it can ha.e an I> address or it can =e uncon+i'uredD de endin' u on the reEuirements o+ the 39AN con+i'uration. <his ma)es it di++icu%t +or the 2!I to do the ri'ht thin' without tram %in' the con+i'uration. <o remed: thisD a+ter addin' the 39AND 'o to Networ) N Inter+aces N Add Inter+ace. "e%ect the arent inter+ace +rom the NIC dro ;down menu and in the - tions +ie%dD t: e !*. <his wi%% =rin' u the arent inter+ace. I+ an I> address is reEuiredD it can =e con+i'ured usin' the rest o+ the o tions in the Add Inter+ace screen.
Storage 'onfiguration
>eriodic "na shot <as)sK used to schedu%e the automatic creation o+ 0$" sna shots. Re %ication <as)sK used to schedu%e the re %ication o+ sna shots o.er an encr: ted connection. 3o%umesK used to create and mana'e stora'e .o%umes. 0$" "cru=sK used to schedu%e 0$" scru=s as art o+ on'oin' dis) maintenance.
<he "tora'e section o+ the 'ra hica% inter+ace a%%ows :ou to con+i'ure the +o%%owin'K
%.1
A eriodic sna shot tas) a%%ows :ou to schedu%e the creation o+ read;on%: .ersions o+ 0$" .o%umes and datasets at a 'i.en oint in time. "na shots can =e created Euic)%: andD i+ %itt%e data chan'esD new sna shots ta)e u .er: %itt%e s ace. $or e5am %eD a sna shot where no +i%es ha.e chan'ed ta)es 0 M# o+ stora'eD =ut as :ou ma)e chan'es to +i%esD the sna shot si8e chan'es to re+%ect the si8e o+ the chan'es. "na shots ro.ide a c%e.er wa: o+ )ee in' a histor: o+ +i%esD shou%d :ou need to reco.er an o%der co : or e.en a de%eted +i%e. $or this reasonD man: administrators ta)e sna shots o+ten Ae.'. e.er: 1* minutesBD store them +or a eriod o+ time Ae.'. +or a monthBD and store them on another s:stem Ae.'. usin' Re %ication <as)sB. "uch a strate': a%%ows the administrator to ro%% the s:stem =ac) to a s eci+ic time orD i+ there is a catastro hic %ossD an o++;site sna shot can restore the s:stem u to the %ast sna shot inter.a%. #e+ore :ou can create a sna shotD :ou need to ha.e an e5istin' 0$" .o%ume. How to create a .o%ume is descri=ed in 0$" 3o%ume Mana'er.
%.1.1
<o create a eriodic sna shot tas)D c%ic) "tora'e N >eriodic "na shot <as)s N Add >eriodic "na shot which wi%% o en the screen shown in $i'ure ,.1a. <a=%e ,.1a summari8es the +ie%ds in this screen. N6*7: i+ :ou Iust need a one;time sna shotD instead use "tora'e N 3o%umes N 3iew 3o%umes and c%ic) the Create "na shot =utton +or the .o%ume or dataset that :ou wish to sna shot.
*a(le %.1a: 6!tions . en 'reating a Periodic Sna!s ot Setting 8escri!tion unchec) to disa=%e the schedu%ed re %ication tas) without 4na=%ed chec)=o5 de%etin' it se%ect an e5istin' 0$" .o%umeD datasetD or 8.o%R i+ :ou 3o%ume@(ataset dro ;down menu se%ect a .o%umeD se arate sna shots wi%% a%so =e created +or each o+ its datasets se%ect this =o5 to ta)e se arate sna shots o+ the .o%ume@dataset and each o+ its chi%d datasetsR i+ unchec)edD Recursi.e chec)=o5 on%: one sna shot is ta)en o+ the .o%ume@dataset s eci+ied in Filesystem 2 Bol!me how %on' to )ee the sna shot on this s:stemR i+ the inte'er and dro ;down 9i+etime sna shot is re %icatedD it is not remo.ed +rom the recei.in' menu s:stem when the %i+etime e5 ires #e'in dro ;down menu do not create sna shots =e+ore this time o+ da: FreeNAS 9.2.1 Users Guide Page 102 of 280 ?alue
8escri!tion do not create sna shots a+ter this time o+ da: how o+ten to ta)e sna shot =etween Begin and .nd times which da:s o+ the wee) to ta)e sna shots
I+ the Recursi.e =o5 is chec)edD :ou do not need to create sna shots +or e.er: dataset indi.idua%%: as the: are inc%uded in the sna shot. <he downside is that there is no wa: to e5c%ude certain datasets +rom =ein' inc%uded in a recursi.e sna shot. -nce :ou c%ic) the -K =uttonD a sna shot wi%% =e ta)en and this tas) wi%% =e re eated accordin' to :our settin's. %.1.2 4anaging Periodic Sna!s ot *as9s
A+ter creatin' a eriodic sna shot tas)D an entr: +or the sna shot tas) wi%% =e added to 3iew >eriodic "na shot <as)sD as seen in the e5am %e in $i'ure ,.1=. C%ic) an entr: to access its Modi+: and (e%ete =uttons. Figure %.1(: ?ie0 Periodic Sna!s ot *as9s
I+ :ou c%ic) the 0$" "na shots ta= Aa=o.e the Add >eriodic "na shot =uttonBD :ou can re.iew the %istin' o+ a.ai%a=%e sna shots. An e5am %e is shown in $i'ure ,.1c. N6*7: i+ sna shots do not a earD chec) that the current time does not con+%ict with the =e'inD endD and inter.a% settin's. I+ the sna shot was attem ted =ut +ai%edD an entr: wi%% =e added to 2#ar2log2messages. <his %o' +i%e can =e .iewed in "he%%.
<he most recent sna shot +or a .o%ume or dataset wi%% =e %isted %ast and wi%% ha.e 3 icons. <he icons associated with a sna shot a%%ow :ou toK 'lone Sna!s ot: wi%% rom t +or the name o+ the c%one to create. <he c%one wi%% =e a writa=%e co : o+ the sna shot. "ince a c%one is rea%%: a dataset which can =e mountedD the c%one wi%% a ear in the Acti.e 3o%umes ta=D instead o+ the >eriodic "na shots ta=D and wi%% ha.e the word 'lone in its name. 8estro+ Sna!s ot: a o ;u messa'e wi%% as) :ou to con+irm this action. Chi%d c%ones must =e destro:ed =e+ore their arent sna shot can =e destro:ed. Whi%e creatin' a sna shot is instantaneousD de%etin' a sna shot can =e I@- intensi.e and can ta)e a %on' timeD es ecia%%: when dedu %ication is ena=%ed. In order to de%ete a =%oc) in a sna shotD 0$" has to wa%) a%% the a%%ocated =%oc)s to see i+ that =%oc) is used an:where e%seR i+ it is notD it can =e +reed. 2oll(ac9 Sna!s ot: a o ;u messa'e wi%% as) i+ :ou are sure that :ou want to ro%%=ac) to this sna shot state. I+ :ou c%ic) FesD an: +i%es that ha.e chan'ed since the sna shot was ta)en wi%% =e re.erted =ac) to their state at the time o+ the sna shot. N6*7: ro%%=ac) is a otentia%%: dan'erous o eration and wi%% cause an: con+i'ured re %ication tas)s to +ai% as the re %ication s:stem uses the e5istin' sna shot when doin' an incrementa% =ac)u . I+ :ou do need to restore the data within a sna shotD the recommended ste s areK 1. C%one the desired sna shot. 2. "hare the c%one with the share t: e or ser.ice runnin' on the $reeNA"1 s:stem. 3. -nce users ha.e reco.ered the needed dataD destro: the c%one in the Acti.e 3o%umes ta=. <his a roach wi%% ne.er destro: an: on;dis) data and has no im act on re %ication. >eriodic sna shots can =e con+i'ured to a ear as shadow co ies in newer .ersions o+ Windows 45 %orer. !sers can access the +i%es in the shadow co : usin' 45 %orer without reEuirin' an: interaction with the $reeNA"1 'ra hica% administrati.e inter+ace. <he 0$" "na shots screen a%%ows :ou to create +i%ters to .iew sna shots =: se%ected criteria. <o create a +i%terD c%ic) the (e+ine +i%ter icon Anear the te5t ONo +i%ter a %iedPB. When creatin' a +i%terK se%ect the co%umn or %ea.e the de+au%t o+ An: Co%umn. Page 10$ of 280
se%ect the condition. >ossi=%e conditions areK 'ontains Ade+au%tBD is3 starts :ith3 ends :ith3 does not 'ontain3 is not3 does not start :ith3 does not end :ithD and is em*ty. in ut a .a%ue that meets :our .iew criteria. c%ic) the $i%ter =utton to sa.e :our +i%ter and e5it the de+ine +i%ter screen. A%ternate%:D c%ic) the X =utton to add another +i%ter.
I+ :ou create mu%ti %e +i%tersD se%ect the +i%ter :ou wish to use =e+ore %ea.in' the de+ine +i%ter screen. -nce a +i%ter is se%ectedD the ONo +i%ter a %iedP te5t wi%% chan'e to OC%ear +i%terP. I+ :ou c%ic) OC%ear +i%terPD a o ;u messa'e wi%% indicate that this wi%% remo.e the +i%ter and a%% a.ai%a=%e sna shots wi%% =e %isted.
%.2
2e!lication *as9s
A re %ication tas) a%%ows :ou to automate the co : o+ 0$" sna shots to another s:stem o.er an encr: ted connection. <his a%%ows :ou to create an o++;site =ac)u o+ a 0$" dataset or oo%. <his section wi%% re+er to the s:stem 'eneratin' the 0$" sna shots as 19S= and the s:stem to recei.e a co : o+ the 0$" sna shots as 19;;. #e+ore :ou can con+i'ure a re %ication tas)D the +o%%owin' re;reEuisites must =e metK a 0$" .o%ume must e5ist on =oth 19S= and 19;;. a eriodic sna shot tas) must =e created on 19S=. Fou wi%% not =e a=%e to create a re %ication tas) =e+ore the +irst sna shot e5ists. the ""H ser.ice must =e ena=%ed on 19;;. <he +irst time the ser.ice is ena=%edD it wi%% 'enerate the reEuired ""H )e:s. A re %ication tas) uses the +o%%owin' )e:sK EdataEss Ere!lication.!u(: the R"A u=%ic )e: used +or authenticatin' the 19S= re %ication user. <his )e: needs to =e co ied to the re %ication user account on 19;;. EetcEss Ess : ost:rsa:9e+.!u(: the R"A host u=%ic )e: o+ 19;; used to authenticate the recei.in' side in order to re.ent a man;in;the;midd%e attac). <his )e: needs to =e co ied to the re %ication tas) on 19S=.
<his section wi%% demonstrate how to con+i'ure a re %ication tas) =etween the +o%%owin' two $reeNA"1 s:stemsK 142.156.2.2 wi%% =e re+erred to as 19S=. <his s:stem has a eriodic sna shot tas) +or the 0$" dataset 2mnt2lo'al2data. 142.156.2.5 wi%% =e re+erred to as 19;;. <his s:stem has an e5istin' 0$" .o%ume named 2mnt2remote which wi%% store the ushed sna shots. %.2.1 'onfigure PU22
A co : o+ the u=%ic )e: +or the re %ication user on 19S= needs to =e asted to the u=%ic )e: o+ the re %ication user on the 19;; s:stem.
<o o=tain a co : o+ the re %ication )e:K on 19S= 'o to "tora'e N 3iew Re %ication <as)s. C%ic) the 3iew >u=%ic Ke: =utton and co : its contents. An e5am %e is shown in $i'ure ,.2a. Figure %.2a: 'o!+ t e 2e!lication 1e+
2o to 19;; and c%ic) Account N !sers N 3iew !sers. C%ic) the Modi+: !ser =utton +or the user account :ou wi%% =e usin' +or re %ication A=: de+au%t this is the root userB. >aste the co ied )e: into the O""H >u=%ic Ke:P +ie%d and c%ic) -K. I+ a )e: a%read: e5istsD a end the new te5t a+ter the e5istin' )e:. -n 19;;D ensure that the ""H ser.ice is ena=%ed in "er.ices N Contro% "er.ices. "tart it i+ it is not a%read: runnin'. %.2.2 'onfigure PUS7
-n 19S=D .eri+: that a eriodic sna shot tas) has =een created and that at %east one sna shot is %isted in "tora'e N >eriodic "na shot <as)s N 3iew >eriodic "na shot <as)s N 0$" "na shots. <o create the re %ication tas)D c%ic) "tora'e N Re %ication <as)s N Add Re %ication <as). $i'ure ,.2= shows the reEuired con+i'uration +or our e5am %eK the 3o%ume@(ataset is lo'al2data the Remote 0$" 3o%ume@(ataset is remote the Remote hostname is 142.156.2.5 the #e'in and 4nd times are at their de+au%t .a%uesD meanin' that re %ication wi%% occur whene.er a sna shot is created once the Remote hostname is in utD c%ic) the ""H Ke: "can =uttonR assumin' the address is FreeNAS 9.2.1 Users Guide Page 10% of 280
reacha=%e and the ""H ser.ice is runnin' on 19;;D its )e: wi%% automatica%%: =e o u%ated to the Remote host)e: =o5 <a=%e ,.2a summari8es the a.ai%a=%e o tions in the Add Re %ication <as) screen. Figure %.2(: Adding a 2e!lication *as9
*a(le %.2a: Adding a 2e!lication *as9 Setting 4na=%ed 3o%ume@(ataset Remote 0$" 3o%ume@(ataset Recursi.e%: re %icate Initia%i8e remote side 9imit A)#@sB #e'in 4nd Remote hostname ?alue chec)=o5 dro ;down menu strin' chec)=o5 chec)=o5 inte'er dro ;down menu dro ;down menu strin' 8escri!tion unchec) to disa=%e the schedu%ed re %ication tas) without de%etin' it the 0$" .o%ume or dataset on 19S= containin' the sna shots to =e re %icatedR the dro ;down menu wi%% =e em t: i+ a sna shot does not a%read: e5ist the 0$" .o%ume on 19;; that wi%% store the sna shotsR 2mnt2 is assumed and shou%d not =e inc%uded in the ath i+ chec)ed wi%% re %icate chi%d datasets and re %ace re.ious sna shot stored on 19;; does a reset once o eration which destro:s the re %ication data on 19;; =e+ore re.ertin' to norma% o erationR use this o tion i+ re %ication 'ets stuc) %imits re %ication s eed to s eci+ied .a%ue in )i%o=:tes@secondR de+au%t o+ 0 is un%imited the re %ication can not start =e+ore this timeR the times se%ected in the Begin and .nd +ie%ds set the re %ication window +or when re %ication can occur the re %ication must start =: this timeR once startedD re %ication wi%% occur unti% it is +inished Asee N-<4 =e%owB I> address or (N" name o+ 19;;
8escri!tion must match ort =ein' used =: ""H ser.ice on 19;; a%%ows a user account other than root to =e used +or re %ication on%: a.ai%a=%e i+ edi'ated 9ser .na$led is chec)edR se%ect the user account to =e used +or re %ication note that the ci her is Euic)er =ecause it has a %ower stren'th use the ""H Ke: "can =utton to retrie.e the u=%ic )e: o+ 19;;
#: de+au%tD re %ication occurs when sna shots occur. $or e5am %eD i+ sna shots are schedu%ed +or e.er: 2 hoursD re %ication occurs e.er: 2 hours. <he #e'in and 4nd times can =e used to create a window o+ time where re %ication occurs. Chan'e the de+au%t times Awhich a%%ow re %ication to occur at an: time o+ the da: a sna shot occursB i+ sna shot tas)s are schedu%ed durin' o++ice hours =ut the re %ication itse%+ shou%d occur a+ter o++ice hours. $or the 4nd timeD consider how %on' re %ication wi%% ta)e so that it +inishes =e+ore the ne5t da:'s o++ice hours =e'in. -nce the re %ication tas) is createdD it wi%% a ear in the 3iew Re %ication <as)s o+ 19S=. 19S= wi%% immediate%: attem t to re %icate its %atest sna shot to 19;;. I+ the re %ication is success+u%D the sna shot wi%% a ear in the "tora'e N >eriodic "na shot <as)s N 3iew >eriodic "na shot <as)s N 0$" "na shots ta= o+ 19;;D as seen in $i'ure ,.2c. I+ the sna shot is not re %icatedD see the ne5t section +or trou=%eshootin' ti s. Figure %.2c: ?erif+ing t e Sna!s ot 0as 2e!licated
%.2.#
I+ :ou ha.e +o%%owed a%% o+ the ste s a=o.e and ha.e 19S= sna shots that are not re %icatin' to 19;;D chec) to see i+ ""H is wor)in' ro er%:. -n 19S=D o en "he%% and tr: to ss into 19;;. Re %ace hostname,or,i* with the .a%ue +or 19;;K
ssh -vv -i /data/ssh/replication hostname_or_ip
<his command shou%d not as) +or a assword. I+ it as)s +or a asswordD ""H authentication is not wor)in'. 2o to "tora'e N Re %ication <as)s N 3iew Re %ication <as)s and c%ic) the O3iew >u=%ic Ke:P =utton. Ma)e sure that it matches one o+ the .a%ues in 2C2.ssh2a!thori/ed,keys on 19;;3 where Y re resents the home director: o+ the re %ication user. A%so chec) 2#ar2log2a!th.log on 19;; and 2#ar2log2messages on 19S= to see i+ either %o' 'i.es an indication o+ the error. I+ the )e: is correct and re %ication is sti%% not wor)in'D tr: de%etin' a%% sna shots on 19;; e5ce t +or the most recent one. In "tora'e N >eriodic "na shot <as)s N 3iew >eriodic "na shot <as)s N 0$" "na shots chec) the =o5 ne5t to e.er: sna shot e5ce t +or the %ast one Athe one with 3 icons instead o+ 2BD then c%ic) the '%o=a% (estro: =utton at the =ottom o+ the screen. -nce :ou ha.e on%: one sna shotD o en "he%% on 19S= and use the =fs send command. <o continue our e5am %eD the 0$" sna shot on the lo'al2data dataset o+ 19S= is named a!to-20110422.17D+-2hD the I> address o+ 19;; is 142.156.2.5D and the 0$" .o%ume on 19;; is remote. Note that the K is used to se arate the .o%ume@dataset name +rom the sna shot name.
zfs send local/data@auto-20110922.1753-2h | ssh -i 192.168.2.6 zfs receive local/data@auto-20110922.1753-2h /data/ssh/replication \
N6*7: i+ this command +ai%s with the error Ocannot recei.e new +i%es:stem streamK destination has sna shotsPD chec) the =o5 Oinitia%i8e remote side +or onceP in the re %ication tas) and tr: a'ain. I+ the =fs send command sti%% +ai%sD :ou wi%% need to o en "he%% on 19;; and use the =fs destro+ >2 ,olu3e:na3eKsna!s ot:na3e command to de%ete the stuc) sna shot. Fou can then use the =fs list >t sna!s ot on 19;; to con+irm i+ the sna shot success+u%%: re %icated. A+ter success+u%%: transmittin' the sna shotD rechec) a'ain a+ter the time eriod =etween sna shots %a ses to see i+ the ne5t sna shot success+u%%: transmitted. I+ it is sti%% not wor)in'D :ou can manua%%: send an incrementa% =ac)u o+ the %ast sna shot that is on =oth s:stems to the current one with this commandK
zfs send local/data@auto-20110922.1753-2h | ssh -i 192.168.2.6 zfs receive local/data@auto-20110922.1753-2h /data/ssh/replication \
%.#
?olu3es
"ince the stora'e dis)s are se arate +rom the $reeNA"1 o eratin' s:stemD :ou do not actua%%: ha.e a NA" Anetwor);attached stora'eB s:stem unti% :ou con+i'ure :our dis)s into at %east one .o%ume. <he $reeNA"1 'ra hica% inter+ace su orts the creation o+ =oth !$" and 0$" .o%umes. 0$" .o%umes are recommended to 'et the most out o+ :our $reeNA"1 s:stem. N6*7: in 0$" termino%o':D the stora'e that is mana'ed =: 0$" is re+erred to as a oo%. When con+i'urin' the 0$" oo% usin' the $reeNA"1 'ra hica% inter+aceD the term .o%ume is used to re+er to either a !$" .o%ume or a 0$" oo%. >ro er stora'e desi'n is im ortant +or an: NA". 1t i$ reco((e%ded that )o! read thro!#h thi$ e%tire cha"ter *ir$t/ be*ore co%*i#!ri%# )o!r $tora#e di$0$/ $o that )o! are a-are o* all o* the "o$$ible *eat!re$/ 0%o- -hich o%e$ -ill be%e*it )o!r $et!" (o$t/ a%d are a-are o* a%) ca'eat$ or hard-are re$trictio%$.
%.#.1
I+ :ou c%ic) "tora'e N 3o%umes N Auto Im ort 3o%umeD :ou can con+i'ure $reeNA"1 to use an exi$ti%# so+tware !$" or 0$" RAI( .o%ume. <his action is t: ica%%: er+ormed when an e5istin' $reeNA"1 s:stem is re;insta%%ed Arather than u 'radedB. "ince the o eratin' s:stem is se arate +rom the dis)sD a new insta%%ation does not a++ect the data on the dis)sR howe.erD the new o eratin' s:stem needs to =e con+i'ured to use the e5istin' .o%ume. "u orted .o%umes are !$" 24-M stri es ARAI(0BD !$" 24-M mirrors ARAI(1BD !$" 24-M RAI(3D as we%% as e5istin' 0$" oo%s. !$" RAI(* is not su orted as it is an unmaintained summer o+ code roIect which was ne.er inte'rated into $ree#"(. #e'innin' with .ersion 6.3.1D the im ort o+ e5istin' 249I;encr: ted 0$" oo%s is a%so su Howe.erD the oo% must =e decr: ted =e+ore it can =e im orted. orted.
$i'ure ,.3a shows the initia% o ;u window that a ears when :ou se%ect to auto im ort a .o%ume. I+ :ou are im ortin' a !$" RAI( or an e5istin'D unencr: ted 0$" oo%D se%ect ONoK ")i to im ortP to access the screen shown in $i'ure ,.3=. Figure %.#a: Initial Auto I3!ort ?olu3e Screen
45istin' so+tware RAI( .o%umes shou%d =e a.ai%a=%e +or se%ection +rom the dro ;down menu. In the e5am %e shown in $i'ure ,.3=D the $reeNA"1 s:stem has an e5istin'D unencr: ted 0$" oo%. -nce the .o%ume is se%ectedD c%ic) the O-KP =utton to im ort the .o%ume. $reeNA"1 wi%% not im ort a dirt: .o%ume. I+ an e5istin' !$" RAI( does not show in the dro ;down menuD :ou wi%% need to fsc9 the .o%ume. I+ an e5istin' 0$" oo% does not show in the dro ;down menuD run =!ool i3!ort +rom "he%% to im ort the oo%. I+ :ou %an to h:sica%%: insta%% 0$" +ormatted dis)s +rom another s:stemD =e sure to e5 ort the dri.es on that s:stem to re.ent an Oin use =: another machineP error durin' the im ort. I+ :ou sus ect that :our hardware is not =ein' detectedD run ca3control de,list +rom "he%%. I+ the dis) does not a ear in the out utD chec) to see i+ the contro%%er dri.er is su orted or i+ it needs to =e %oaded =: creatin' a tuna=%e.
(.3.1.1
I+ :ou are im ortin' an e5istin' 249I;encr: ted 0$" oo%D :ou must decr: t the dis)s =e+ore im ortin' the oo%. In $i'ure ,.3aD se%ect OFesK (ecr: t dis)sP to access the screen shown in $i'ure ,.3c.
"e%ect the dis)s in the encr: ted oo%D =rowse to the %ocation o+ the sa.ed encr: tion )e:D in ut the ass hrase associated with the )e:D then c%ic) -K to decr: t the dis)s. N6*7: the encr: tion )e: is reEuired to decr: t the oo%. I+ the oo% can not =e decr: tedD it can not =e re;im orted a+ter a +ai%ed u 'rade or %ost con+i'uration. <his means that it is 'er) i("orta%t to sa.e a co : o+ the )e: and to remem=er the ass hrase that was con+i'ured +or the )e:. <he 3iew 3o%umes screen is used to mana'e the )e:s +or encr: ted .o%umes. -nce the oo% is decr: tedD it shou%d a ear in the dro ;down menu o+ $i'ure ,.3=. C%ic) the -K =utton to +inish the .o%ume im ort.
%.#.2
I3!orting ?olu3es
<he 3o%ume N Im ort 3o%ume screenD shown in $i'ure ,.3dD is used to im ort a sin'%e dis) or artition that has =een +ormatted with a su orted +i%es:stem. $reeNA"1 su orts the im ort o+ dis)s that ha.e =een +ormatted with !$"D N<$"D M"(-"D or 47<2. <he im ort is meant to =e a tem orar: measure in order to co : the data +rom a dis) to a .o%ume. -n%: one dis) can =e im orted at a time.
In ut a name +or the .o%umeD use the dro ;down menu to se%ect the dis) or artition that :ou wish to im ortD and se%ect the t: e o+ +i%es:stem on the dis). #e+ore im ortin' a dis)D =e aware o+ the +o%%owin' ca.eatsK $reeNA"1 wi%% not im ort a dirt: +i%es:stem. I+ a su orted +i%es:stem does not show in the dro ;down menuD :ou wi%% need to fsc9 or run a dis) chec) on the +i%es:stem. $reeNA"1 can not im ort d:namic N<$" .o%umes at this time. A +uture .ersion o+ $ree#"( ma: address this issue. i+ an N<$" .o%ume wi%% not im ortD tr: eIectin' the .o%ume sa+e%: +rom a Windows s:stem. <his wi%% +i5 some Iourna% +i%es that are reEuired to mount the dri.e. %.#.# UFS ?olu3e 4anager
Whi%e the !$" +i%es:stem is su ortedD it is not recommended as it does not ro.ide an: 0$" +eatures such as com ressionD encr: tionD dedu %icationD co :;on;writeD %i'htwei'ht sna shotsD or the a=i%it: to ro.ide ear%: detection and correction o+ corru t data. I+ :ou are usin' !$" as a tem orar: so%ution unti% :ou can a++ord =etter hardwareD note that :ou wi%% ha.e to destro: :our e5istin' !$" .o%ume in order to create a 0$" oo%D then restore :our data +rom =ac)u . N6*7: it is not recommended to create a !$" .o%ume %ar'er than *<# as it wi%% =e ine++icient to fsc9D causin' %on' de%a:s at s:stem =oot i+ the s:stem was not shutdown c%ean%:. <o +ormat :our dis)s with !$"D 'o to "tora'e N 3o%umes N !$" 3o%ume Mana'er A%e'ac:B which wi%% o en the screen shown in $i'ure ,.3e.
<a=%e ,.3a summari8es the a.ai%a=%e o tions. *a(le %.#a: 6!tions . en 'reating a UFS ?olu3e Setting 8escri!tion mandator:R it is recommended to choose a name that wi%% stic) out in the 3o%ume name strin' %o's Ae.'. not data or freenasB use the mouse to se%ect the dis)AsB to =e usedR to se%ect mu%ti %e dis)sD Mem=er dis)s se%ection hi'h%i'ht the +irst dis)D then ho%d the shi+t )e: as :ou hi'h%i'ht the %ast dis). " eci+: chec)=o5 o tiona%R use+u% +or creatin' a 2#ar +or ersistent %o' stora'e custom ath on%: a.ai%a=%e when S*e'ify '!stom *ath is chec)edR must =e +u%% name o+ >ath strin' .o%ume Ae.'. 2mnt2#arB and i+ no ath is ro.idedD it wi%% a end the Bol!me name to 2mnt <he Add 3o%ume =utton warns that creati%# a 'ol!(e de$tro)$ all exi$ti%# data o% $elected di$0A$B. In other wordsD creatin' stora'e usin' !$" 3o%ume Mana'er is a destructi.e action that re+ormats the se%ected dis)s. I+ :our intent is to not o.erwrite the data on an e5istin' .o%umeD see i+ the .o%ume +ormat is su orted =: the auto;im ort or im ort actions. I+ soD er+orm the su orted action instead. I+ the current stora'e +ormat is not su ortedD :ou wi%% need to =ac)u the data to an e5terna% mediaD +ormat the dis)sD then restore the data to the new .o%ume. ?alue
%.#.$
I+ :ou ha.e un+ormatted dis)s or wish to o.erwrite the +i%es:stem Aand dataB on :our dis)sD use the 0$" 3o%ume Mana'er to +ormat the desired dis)s into a 0$" oo%. I+ :ou are new to RAI( conce ts or wou%d %i)e an o.er.iew o+ the di++erences =etween hardware RAI( and 0$" RAI(0ZD s)im throu'h the section on Hardware Recommendations =e+ore usin' 0$" 3o%ume Mana'er. I+ :ou c%ic) on "tora'e N 3o%umes N 0$" 3o%ume Mana'erD :ou wi%% see a screen simi%ar to the e5am %e shown in $i'ure ,.3+. Figure %.#f: 'reating a ;FS Pool Using ?olu3e 4anager
,.3= summari8es the con+i'uration o tions o+ this screen. *a(le %.#(: 6!tions . en 'reating a ;FS ?olu3e Setting ?alue 8escri!tion 0$" .o%umes must con+orm to these namin' con.entionsR it is recommended to choose a name that wi%% stic) out in the %o's Ae.'. %ot data or freenasB reEuires an e5istin' 0$" oo% to e5tendR see 45tendin' a 0$" 3o%ume +or instructions read the section on 4ncr: tion =e+ore choosin' to use encr: tion dis %a:s the si8e o+ a.ai%a=%e dis)sR ho.er o.er sho: to %ist the a.ai%a=%e de.ice names Page 11" of 280
3o%ume name strin' 3o%ume to e5tend 4ncr: tion A.ai%a=%e dis)s dro ;down menu chec)=o5 dis %a:
8escri!tion c%ic) and dra' the icon to se%ect the desired num=er o+ dis)s se%ect to con+i'ure mu%ti %e oo%s or to add %o' or cache de.ices durin' oo% creation
<o con+i'ure the oo%D dra' the s%ider to se%ect the desired num=er o+ dis)s. <he 0$" 3o%ume Mana'er wi%% automatica%%: se%ect the o tima% con+i'uration and the resu%tin' stora'e ca acit:D which ta)es swa into accountD wi%% =e dis %a:ed. I+ :ou wish to chan'e the %a:out or the num=er o+ dis)sD use the mouse to dra' the s%ider to the desired .o%ume %a:out. <he dro ;down menu showin' the o tima% con+i'uration can a%so =e c%ic)ed to chan'e the con+i'urationD thou'h the 2!I wi%% turn red i+ the se%ected con+i'uration is not recommended. N6*7: +or er+ormance and ca acit: reasonsD this screen wi%% not a%%ow :ou to create a .o%ume +rom dis)s o+ di++erin' si8es. Whi%e it is not recommendedD it is ossi=%e to create a .o%ume in this situation =: usin' the OManua% setu P =utton and +o%%owin' the instructions in Manua% 3o%ume Creation. 0$" 3o%ume Mana'er wi%% a%%ow :ou to sa.e sa.e a non;o tima% con+i'uration. It wi%% sti%% wor)D =ut wi%% er+orm %ess e++icient%: than an o tima% con+i'uration. Howe.erD the 2!I wi%% not a%%ow :ou to se%ect a con+i'uration i+ the num=er o+ dis)s se%ected is not enou'h to create that con+i'uration. C%ic) the too% ti icon to access a %in) to this documentation. <he Add 3o%ume =utton warns that creati%# a 'ol!(e -ill de$tro)$ a%) exi$ti%# data o% the $elected di$0A$B. In other wordsD creatin' a new .o%ume re+ormats the se%ected dis)s. I+ :our intent is to not o.erwrite the data on an e5istin' .o%umeD see i+ the .o%ume +ormat is su orted =: the auto;im ort or im ort actions. I+ soD er+orm the su orted action instead. I+ the current stora'e +ormat is not su ortedD :ou wi%% need to =ac)u the data to an e5terna% mediaD +ormat the dis)sD then restore the data to the new .o%ume. <he 0$" 3o%ume Mana'er wi%% automatica%%: se%ect the o tima% %a:out +or the new oo%D de endin' u on the num=er o+ dis)s se%ected. <he +o%%owin' +ormats are su ortedK Stri!e: reEuires at %east one dis) 4irror: reEuires at %east two dis)s 2AI8;1: reEuires at %east three dis)s 2AI8;2: reEuires at %east +our dis)s 2AI8;#: reEuires at %east +i.e dis)s log de,ice: add a dedicated %o' de.ice As%o'B cac e de,ice: add a dedicated cache de.ice I+ :ou ha.e more than +i.e dis)s and are usin' 0$"D consider the num=er o+ dis)s to use +or =est er+ormance and sca%a=i%it:. An o.er.iew o+ the .arious RAI( %e.e%s and recommended dis) 'rou si8es can =e +ound in the RAI( -.er.iew section. More in+ormation a=out %o' and cache de.ices can =e +ound in the 0$" -.er.iew section. FreeNAS 9.2.1 Users Guide Page 11% of 280
(e endin' u on the si8e and num=er o+ dis)sD the t: e o+ contro%%erD and whether or not encr: tion is se%ectedD creatin' the .o%ume ma: ta)e some time. -nce the .o%ume is createdD the screen wi%% re+resh and the new .o%ume wi%% =e %isted under "tora'e N 3o%umes.
(.3.!.1 *ncr- tion
#e'innin' with 6.3.1D $reeNA"1 su orts 249I +u%% dis) encr: tion when creatin' 0$" .o%umes. It is im ortant to understand the +o%%owin' when considerin' whether or not encr: tion is ri'ht +or :our $reeNA"1 s:stemK <his is %ot the encr: tion method used =: -rac%e 0$".30. <hat .ersion o+ 0$" has not =een o en sourced and is the ro ert: o+ -rac%e. <his is +u%% dis) encr: tion and %ot er;+i%es:stem encr: tion. <he under%:in' dri.es are +irst encr: tedD then the oo% is created on to o+ the encr: ted de.ices. <his t: e o+ encr: tion is rimari%: tar'eted at users who store sensiti.e data and want to retain the a=i%it: to remo.e dis)s +rom the oo% without ha.in' to +irst wi e the dis)'s contents. <his desi'n is on%: suita=%e +or sa+e dis osa% o+ dis)s inde endent o+ the encr: tion )e:. As %on' as the )e: and the dis)s are intactD the s:stem is .u%nera=%e to =ein' decr: ted. <he )e: shou%d =e rotected =: a stron' ass hrase and an: =ac)u s o+ the )e: shou%d =e secure%: stored. -n the other handD i+ the )e: is %ostD the data on the dis)s is inaccessi=%e. A%wa:s =ac)u the )e:S I4P62*AN* N6*7: the er;dri.e 249I master )e:s are not =ac)ed u a%on' with with the user )e:s. I+ a =it error occurs in the %ast sector o+ an encr: ted dis)D this ma: mean the data on that dis) is com %ete%: %ost. !nti% this issue is reso%.edD it is im ortant to read this +orum ost which e5 %ains how to =ac) u :our master )e:s manua%%:. <his +orum ost 'i.es an in;de th e5 %anation o+ how the .arious )e: t: es are used =: 249I. <o trac) +uture ro'ress on this issueD re+er to this =u' re ort. <he encr: tion )e: is er 0$" .o%ume A oo%B. I+ :ou create mu%ti %e oo%sD each oo% has its own encr: tion )e:. I+ the s:stem has a %ot o+ dis)sD there wi%% =e a er+ormance hit i+ the C>! does not su ort A4";NI or i+ no cr: to hardware is insta%%ed. Without hardware acce%erationD there wi%% =e a=out a 20L er+ormance hit +or a sin'%e dis). >er+ormance de'radation wi%% continue to increase with more dis)s. As data is writtenD it is automatica%%: encr: ted and as data is readD it is decr: ted on the +%:. I+ the rocessor does su ort the A4";NI instruction setD there shou%d =e .er: %itt%eD i+ an:D de'radation in er+ormance when usin' encr: tion. <his +orum ost com ares the er+ormance o+ .arious C>!s. (ata in the ARC cache and the contents o+ RAM are unencr: ted. "wa is a%wa:s encr: tedD e.en on unencr: ted .o%umes. <here is no wa: to con.ert an e5istin'D unencr: ted .o%ume. InsteadD the data must =e =ac)ed u D the e5istin' oo% must =e destro:edD a new encr: ted .o%ume must =e createdD and the =ac)u restored to the new .o%ume. H:=rid oo%s are not su FreeNAS 9.2.1 Users Guide orted. In other wordsD new%: created .de.s must match the e5istin' Page 11) of 280
encr: tion scheme. When e5tendin' a .o%umeD 3o%ume Mana'er wi%% automatica%%: encr: t the new .de. =ein' added to the e5istin' encr: ted oo%. N6*7: the encr: tion +aci%it: used =: $reeNA"1 is desi'ned to rotect a'ainst h:sica% the+t o+ the dis)s. It is not desi'ned to rotect a'ainst unauthori8ed so+tware access. 4nsure that on%: authori8ed users ha.e access to the administrati.e 2!I and that ro er ermissions are set on shares i+ sensiti.e data stored on the s:stem.
Creating an *ncr- ted Volu&e
<o create an encr: ted .o%umeD chec) the O4ncr: tionP =o5 shown in $i'ure ,.3+. In ut the .o%ume nameD se%ect the dis)s to add to the .o%umeD and c%ic) the Add 3o%ume =utton to ma)e the encr: ted .o%ume. -nce the .o%ume is createdD it i$ extre(el) i("orta%t to set a ass hrase on the )e:D ma)e a =ac)u o+ the )e:D and create a reco.er: )e:. Without theseD it is im ossi=%e to re;im ort the dis)s at a %ater time. <o er+orm these tas)sD 'o to "tora'e N 3o%umes ;V 3iew 3o%umes. <his screen is shown in $i'ure ,.3o. <o set a ass hrase on the )e:D c%ic) the .o%ume name and then the MCreate >ass hraseM =utton Athe )e: sha ed icon in $i'ure ,.3oB. Fou wi%% =e rom ted to in ut the assword used to access the $reeNA"1 administrati.e 2!ID and then to in ut and re eat the desired ass hrase. !n%i)e a asswordD a ass hrase can contain s aces and is t: ica%%: a series o+ words. A 'ood ass hrase is eas: to remem=er A%i)e the %ine to a son' or iece o+ %iteratureB =ut hard to 'uess A eo %e who )now :ou shou%d not =e a=%e to 'uess the ass hraseB. When :ou set the ass hraseD a warnin' messa'e wi%% remind :ou to create a new reco.er: )e: as a new ass hrase needs a new reco.er: )e:. <his wa:D i+ the ass hrase is +or'ottenD the associated reco.er: )e: can =e used instead. <o create the reco.er: )e:D c%ic) the MAdd reco.er: )e:M =utton Asecond %ast )e: icon in $i'ure ,.3oB. <his screen wi%% rom t :ou to in ut the assword used to access the $reeNA"1 administrati.e 2!I and then to se%ect the director: in which to sa.e the )e:. Note that the reco.er: )e: is sa.ed to the c%ient s:stemD not on the $reeNA"1 s:stem. $ina%%:D down%oad a co : o+ the encr: tion )e:D usin' the M(own%oad )e:M =utton Athe )e: icon with a down arrow in $i'ure ,.3oB. A'ainD the encr: tion )e: is sa.ed to the c%ient s:stemD not on the $reeNA"1 s:stem. Fou wi%% =e rom ted to in ut the assword used to access the $reeNA"1 administrati.e 2!I =e+ore the se%ectin' the director: in which to store the )e:. <he ass hraseD reco.er: )e:D and encr: tion )e: need to =e rotected. (o not re.ea% the ass hrase to others. -n the s:stem containin' the down%oaded )e:sD ta)e care that that s:stem and its =ac)u s are rotected. An:one who has the )e:s has the a=i%it: to re;im ort the dis)s shou%d the: =e discarded or sto%en.
(.3.!.2 Manual Volu&e Creation
<he MManua% "etu M =utton shown in $i'ure ,.3+ can =e used to create a non;o tima% 0$" .o%ume. Whi%e this is %ot recommendedD it canD +or e5am %eD =e used to create a .o%ume containin' dis)s o+ di++erent si8es or to ut more than the recommended num=er o+ dis)s into a .de.. N6*7: when usin' dis)s o+ di++erin' si8esD the .o%ume is %imited =: the si8e o+ the sma%%est dis). When usin' more dis)s than are recommended +or a .de.D :ou increase resi%.erin' time and the ris) FreeNAS 9.2.1 Users Guide Page 118 of 280
that more than the a%%owa=%e num=er o+ dis)s wi%% +ai% =e+ore a resi%.er com %etes. $or these reasonsD it is recommended to instead %et the 0$" 3o%ume Mana'er create an o tima% oo% +or :ouD as descri=ed in 0$" 3o%ume Mana'erD usin' same;si8e dis)s. $i'ure ,.3' shows the MManua% "etu M screen and <a=%e ,.3c summari8es the a.ai%a=%e o tions. Figure %.#g: 'reating a Non>6!ti3al ;FS ?olu3e
*a(le %.#c: 4anual Setu! 6!tions Setting ?alue 8escri!tion 0$" .o%umes must con+orm to these namin' con.entionsR it is recommended to choose a name that wi%% stic) out in the %o's Ae.'. %ot data or freenasB read the section on 4ncr: tion =e+ore choosin' to use encr: tion hi'h%i'ht desired num=er o+ dis)s +rom %ist o+ a.ai%a=%e dis)s choices are @ffD BerifyD and @nR care+u%%: consider the section on (edu %ication =e+ore chan'in' this settin' used to s eci+: i+ dis) is used +or stora'e AMNoneMBD a %o' de.iceD a cache de.iceD or a s are
3o%ume name strin' 4ncr: tion chec)=o5 Mem=er dis)s %ist dro ;down (edu %ication menu =u%%et 0$" 45tra se%ection
%.#."
<he O3o%ume to e5tendP dro ;down menu in "tora'e N 3o%umes N 0$" 3o%ume Mana'erD shown in $i'ure ,.3hD can =e used to add additiona% dis)s to an e5istin' 0$" .o%ume. <his dro ;down em t: wi%% =e em t: i+ an e5istin' 0$" .o%ume does not e5ist. Figure %.# : ?olu3e to 7-tend Field
N6*7: i+ the e5istin' .o%ume is encr: tedD a warnin' messa'e wi%% remind :ou that the o eration o+ e5tendin' a .o%ume wi%% reset the ass hrase and reco.er: )e:. A+ter e5tendin' the .o%umeD :ou shou%d immediate%: recreate =oth. -nce an e5istin' .o%ume has =een se%ected +rom the dro ;down menuD dra' and dro the desired dis)AsB and se%ect the desired .o%ume %a:out. $or e5am %e :ou canK se%ect an ""( or dis) with a .o%ume %a:out o+ ;og EF8;G to add a %o' de.ice to the 0$" oo%. "e%ectin' 2 ""(s or dis)s wi%% mirror the %o' de.ice. se%ect an ""( or dis) with a .o%ume %a:out o+ "a'he E;2A&"G to add a cache de.ice to the 0$" oo%. add additiona% dis)s to increase the ca acit: o+ the 0$" oo%. <he ca.eats to doin' this are descri=ed =e%ow.
When addin' dis)s to increase the ca acit: o+ a .o%umeD 0$" su orts the addition o+ .irtua% de.icesD )nown as .de.sD to an e5istin' 0$" oo%. A .de. can =e a sin'%e dis)D a stri eD a mirrorD a RAI(01D RAI(02D or a RAI(03. O%ce a 'de' i$ created/ )o! ca% %ot add (ore dri'e$ to that 'de' R howe.erD :ou can stri e a new .de. Aand its dis)sB with the $a(e t)"e o* exi$ti%# 'de' in order to increase the o.era%% si8e o+ 0$" the oo%. In other wordsD when :ou e5tend a 0$" .o%umeD :ou are rea%%: stri in' simi%ar .de.s. Here are some e5am %esK to e5tend a 0$" stri eD add one or more dis)s. "ince there is no redundanc:D :ou do not ha.e to add the same amount o+ dis)s as the e5istin' stri e. to e5tend a 0$" mirrorD add the same num=er o+ dri.es. <he resu%tin' stri ed mirror is a RAI( 10. $or e5am %eD i+ :ou ha.e 10 dri.esD :ou cou%d start =: creatin' a mirror o+ two dri.esD e5tendin' this mirror =: creatin' another mirror o+ two dri.esD and re eatin' three more times unti% a%% 10 dri.es ha.e =een added. to e5tend a three dri.e RAI(01D add three additiona% dri.es. <he resu%t is a RAI(0X0D simi%ar to RAI( *0 on a hardware contro%%er. to e5tend a RAI(02 reEuires a minimum o+ +our additiona% dri.es. <he resu%t is a RAI(02X0D simi%ar to RAI( ,0 on a hardware contro%%er. I+ :ou tr: to add an incorrect num=er o+ dis)s to the e5istin' .de.D an error messa'e wi%% a earD indicatin' the num=er o+ dis)s that are needed. Fou wi%% need to se%ect the correct num=er o+ dis)s in order to continue.
%.#.%
An e5istin' 0$" .o%ume can =e di.ided into datasets. >ermissionsD com ressionD dedu %icationD and Euotas can =e set on a er dataset =asisD a%%owin' more 'ranu%ar contro% o.er access to stora'e data. A dataset is simi%ar to a +o%der in that :ou can set ermissionsR it is a%so simi%ar to a +i%es:stem in that :ou can set ro erties such as Euotas and com ression as we%% as create sna shots. N6*7: 0$" ro.ides thic) ro.isionin' usin' Euotas and thin ro.isionin' usin' reser.ed s ace. I+ :ou se%ect an e5istin' 0$" .o%ume N Create 0$" (atasetD :ou wi%% see the screen shown in $i'ure ,.3i. -nce a dataset is createdD :ou can c%ic) on that dataset and se%ect Create 0$" (atasetD thus creatin' a nested datasetD or a dataset within a dataset. Fou can a%so create a 8.o% within a dataset. When creatin' datasetsD dou=%e;chec) that :ou are usin' the Create 0$" (ataset o tion +or the intended .o%ume or dataset. I+ :ou 'et con+used when creatin' a dataset on a .o%umeD c%ic) a%% e5istin' datasets to c%ose them;;the remainin' Create 0$" (ataset wi%% =e +or the .o%ume.
<a=%e ,.3d summari8es the o tions a.ai%a=%e when creatin' a 0$" dataset. "ome settin's are on%: a.ai%a=%e in Ad.anced Mode. <o see these settin'sD either c%ic) the Ad.anced Mode =utton or con+i'ure the s:stem to a%wa:s dis %a: these settin's =: chec)in' the =o5 O"how ad.anced +ie%ds =: de+au%tP in ":stem N "ettin's N Ad.anced. <hese attri=utes can a%so =e chan'ed a+ter dataset creation in "tora'e N 3o%umes N 3iew 3o%umes. *a(le %.#d: ;FS 8ataset 6!tions Setting (ataset Name ?alue strin' dro ;down Com ression 9e.e% menu 4na=%e atime ?uota +or this dataset ?uota +or this dataset and a%% chi%dren 8escri!tion mandator: see Com ression +or a com arison o+ the a.ai%a=%e a%'orithms
contro%s whether the access time +or +i%es is u dated when the: are InheritD -nD readR settin' this ro ert: to @ff a.oids roducin' %o' tra++ic when or -++ readin' +i%es and can resu%t in si'ni+icant er+ormance 'ains on%: a.ai%a=%e in Ad.anced ModeR de+au%t o+ 0 is o++R can s eci+: M inte'er Ame'a=:teBD 2 A'i'a=:teBD or < Atera=:teB as in 20H +or 20 2#D can a%so inc%ude a decima% oint Ae.'. 2.6HB inte'er on%: a.ai%a=%e in Ad.anced ModeR de+au%t o+ 0 is o++R can s eci+: M Ame'a=:teBD 2 A'i'a=:teBD or < Atera=:teB as in 20H +or 20 2# on%: a.ai%a=%e in Ad.anced ModeR de+au%t o+ 0 is un%imited A=esides hardwareBR can s eci+: M Ame'a=:teBD 2 A'i'a=:teBD or < Atera=:teB as in 20H +or 20 2# on%: a.ai%a=%e in Ad.anced ModeR de+au%t o+ 0 is un%imited A=esides hardwareBR can s eci+: M Ame'a=:teBD 2 A'i'a=:teBD or < Atera=:teB as in 20H +or 20 2# Page 122 of 280
Reser.ed s ace +or inte'er this dataset Reser.ed s ace +or this dataset and a%% inte'er chi%dren FreeNAS 9.2.1 Users Guide
Setting
?alue dro ;down 0$" (edu %ication menu Record "i8e dro ;down menu
8escri!tion read the section on dedu %ication =e+ore ma)in' a chan'e to this settin' on%: a.ai%a=%e in Ad.anced ModeR whi%e 0$" automatica%%: ada ts the record si8e d:namica%%: to ada t to dataD i+ the data has a +i5ed si8e Ae.'. a data=aseBD settin' the &e'ord Si/e ma: resu%t in =etter er+ormance
(.3.(.1
Dedu lication
<he FFS ed!*li'ation o tion warns that ena=%in' dedu ma: ha.e drastic er+ormance im %ications and that com ression shou%d =e used instead. #e+ore chec)in' the dedu %ication =o5D read the section on dedu %ication in the 0$" -.er.iew +irst. <his artic%e ro.ides a 'ood descri tion o+ the .a%ue ..s. cost considerations +or dedu %ication. U%le$$ )o! ha'e a lot o* RAM a%d a lot o* d!"licate data/ do %ot cha%#e the de*a!lt ded!"licatio% $etti%# o* CO**D. <he dedu ta=%es used durin' dedu %ication need Y6 2# o+ RAM er 1<# o+ data to =e dedu %icated. $or er+ormance reasonsD consider usin' com ression rather than turnin' this o tion on. I+ dedu %ication is chan'ed to @nD du %icate data =%oc)s are remo.ed s:nchronous%:. <he resu%t is that on%: uniEue data is stored and common com onents are shared amon' +i%es. I+ dedu %ication is chan'ed to BerifyD 0$" wi%% do a =:te;to;=:te com arison when two =%oc)s ha.e the same si'nature to ma)e sure that the =%oc) contents are identica%. "ince hash co%%isions are e5treme%: rareD .eri+: is usua%%: not worth the er+ormance hit. N6*7: once dedu %ication is ena=%edD the on%: wa: to disa=%e it is to use the =fs set dedu!Doff dataset:na3e command +rom "he%%. Howe.erD an: data that is a%read: stored as dedu %icated wi%% not =e un;dedu %icated as on%: new%: stored data a+ter the ro ert: chan'e wi%% not =e dedu %icated. <he on%: wa: to remo.e e5istin' dedu %icated data is to co : a%% o+ the data o++ o+ the datasetD set the ro ert: to o++D then co : the data =ac) in a'ain. A%ternate%:D create a new dataset with the FFS ed!*li'ation %e+t as disa=%edD co : the data to the new datasetD and destro: the ori'ina% dataset.
(.3.(.2 Co& ression
Most media Ae.'. .m*+D .m*4D .a#iB is a%read: com ressedD meanin' that :ou wi%% increase C>! uti%i8ation +or no 'ain i+ :ou store these +i%es on a com ressed dataset. Howe.erD i+ :ou ha.e raw .:a# ri s o+ C(s or .#o$ ri s o+ (3(sD :ou wi%% see a er+ormance 'ain usin' a com ressed dataset. When se%ectin' a com ression t: eD :ou need to =a%ance er+ormance with the amount o+ com ression. <he +o%%owin' com ression a%'orithms are su ortedK l=$: recommended com ression method as it a%%ows com ressed datasets to o erate at near rea%; time s eed. g=i!: .aries +rom %e.e%s 1 to 9 where g/i* fastest A%e.e% 1B 'i.es the %east com ression and g/i* ma(im!m A%e.e% 9B ro.ides the =est com ression =ut is discoura'ed due to its er+ormance im act.
=le: +ast and sim %e a%'orithm to e%iminate runs o+ 8eroes. l=@(: ro.ides decent data com ressionD =ut is considered de recated as %8& ro.ides much =etter er+ormance.
I+ :ou %ea.e the de+au%t o+ 8nheritD the dataset wi%% inherit +rom the arent. !n%ess the arent dataset has =een modi+iedD its de+au%t com ression %e.e% is l/4. I+ :ou se%ect @ffD com ression wi%% not =e used on the dataset. %.#.) 'reating a =,ol
A 8.o% is a +eature o+ 0$" that creates a =%oc) de.ice o.er 0$". <his a%%ows :ou to use a 8.o% as an i"C"I de.ice e5tent. <o create a 8.o%D se%ect an e5istin' 0$" .o%ume or dataset N Create 8.o% which wi%% o en the screen shown in $i'ure ,.3I. <he con+i'uration o tions are descri=ed in <a=%e ,.3e. "ome settin's are on%: a.ai%a=%e in Ad.anced Mode. <o see these settin'sD either c%ic) the Ad.anced Mode =utton or con+i'ure the s:stem to a%wa:s dis %a: these settin's =: chec)in' the =o5 O"how ad.anced +ie%ds =: de+au%tP in ":stem N "ettin's N Ad.anced. Figure %.#@: 'reating a =,ol
*a(le %.#e: =,ol 'onfiguration 6!tions Setting 8.o% Name ?alue strin' 8escri!tion in ut a name +or the 8.o%
Setting "i8e +or this 8.o% Com ression %e.e% " arse .o%ume
#%oc) si8e
inte'er
8escri!tion s eci+: si8e and .a%ue such as 10H de+au%t o+ 8nherit means it wi%% use the same com ression %e.e% as the e5istin' 8 oo% used to create the 8.o% used to ro.ide thin ro.isionin'R i+ this o tion is se%ectedD writes wi%% +ai% when the oo% is %ow on s ace on%: a.ai%a=%e in Ad.anced ModeR .a%id si8e is an: ower o+ 2 +rom *12= to 126)= with a de+au%t si8e o+ 6)=R can =e set to match the =%oc) si8e o+ the +i%es:stem which wi%% =e +ormatted onto the i"C"I tar'et
%.#.8
?ie0ing 8is9s
"tora'e N 3o%umes N 3iew (is)s a%%ows :ou to .iew a%% o+ the dis)s reco'ni8ed =: the $reeNA"1 s:stem. An e5am %e is shown in $i'ure ,.3). Figure %.#9: ?ie0ing 8is9s
$or each de.iceD the current con+i'uration o+ the o tions descri=ed in <a=%e ,.3e is dis %a:ed. C%ic) a dis)'s entr: and then its 4dit =utton to chan'e its con+i'uration. C%ic)in' a dis)'s entr: wi%% a%so dis %a: its Wi e =utton which can =e used to =%an) a dis) whi%e ro.idin' a ro'ress =ar o+ the wi e's status. !se this o tion =e+ore discardin' a dis). N6*7: shou%d a dis)'s seria% num=er not =e dis %a:ed in this screenD use the s3artctl command within "he%%. $or e5am %eD to determine the seria% num=er o+ dis) ada0D t: e s3artctl >a Ede,Eada0 L gre! Serial. %.#.9 ?ie0ing ?olu3es
I+ :ou c%ic) "tora'e N 3o%umes N 3iew 3o%umesD :ou can .iew and +urther con+i'ure e5istin' FreeNAS 9.2.1 Users Guide Page 12" of 280
.o%umesD 0$" datasetsD and 8.o%s. <he e5am %e shown in $i'ure ,.3% demonstrates one 0$" .o%ume with two datasets and one 8.o%. #uttons are ro.ided to ro.ide Euic) access to 0$" 3o%ume Mana'erD !$" 3o%ume Mana'erD Im ort 3o%umeD Auto Im ort 3o%umeD and 3iew (is)s. I+ the s:stem has mu%ti ath;ca a=%e hardwareD an e5tra =utton wi%% =e added to 3iew Mu%ti aths. Figure %.#l: ?ie0ing ?olu3es
I+ :ou c%ic) the entr: +or a 0$" .o%umeD ei'ht icons wi%% a ear at the =ottom o+ the screen. In order +rom %e+t to ri'htD these icons a%%ow :ou toK 1. 8etac ?olu3e: a%%ows :ou to either detach a dis) =e+ore remo.in' it +rom the s:stem Aa%so )nown as a 0$" e5 ortB or to de%ete the contents o+ the .o%umeD de endin' u on the choice :ou ma)e in the screen that o s u when :ou c%ic) this =utton. <he o ;u messa'eD seen in $i'ure ,.3mD wi%% show the current used s aceD ro.ide the chec) =o5 OMar) the dis)s as new Adestro: dataBPD rom t :ou to ma)e sure that :ou want to do thisD warn :ou i+ the .o%ume has an: associated shares and as) i+ :ou wish to de%ete themD and the =rowser wi%% turn red to a%ert :ou that :ou are a=out to do somethin' that wi%% ma)e the data inaccessi=%e. 1* )o! do %ot chec0 the box to (ar0 the di$0$ a$ %e-/ the 'ol!(e -ill be ex"orted A FS 'ol!(e$ o%l)B. <his means that the data is not destro:ed and the .o%ume can =e re;im orted at a %ater time. I+ :ou wi%% =e mo.in' a 0$" dri.e +rom one s:stem to anotherD er+orm this e5 ort action +irst. <his o eration +%ushes an: unwritten data to dis)D writes data to the dis) indicatin' that the e5 ort was doneD and remo.es a%% )now%ed'e o+ the oo% +rom the s:stem. 1* )o! do chec0 the box to (ar0 the di$0$ a$ %e-/ the 'ol!(e a%d all o* it$ data/ data$et$/ a%d .'ol$ -ill be de$tro)ed a%d the !%derl)i%# di$0$ -ill be ret!r%ed to their ra- $tate. 2. Scru( ?olu3e: 0$" scru=s and how to schedu%e them are descri=ed in more detai% in 0$" "cru=s. <his =utton a%%ows :ou to manua%%: initiate a scru=. A scru= is I@- intensi.e and can ne'ati.e%: im act er+ormanceD meanin' that :ou shou%d not initiate one whi%e the s:stem is =us:. A cance% =utton is ro.ided shou%d :ou need to cance% a scru=. FreeNAS 9.2.1 Users Guide Page 12% of 280
N6*7: i+ :ou do cance% a scru=D the ne5t scru= wi%% start o.er +rom the =e'innin'D not where the cance%%ed scru= %e+t o++. Figure %.#3: 8etac ing or 8eleting a ?olu3e
3. 7dit ;FS 6!tions: a%%ows :ou to edit the .o%ume's com ression %e.e%D atime settin'D dataset EuotaD and reser.ed s ace +or Euota. I+ com ression is new%: ena=%ed on a .o%ume or dataset that a%read: contains dataD e5istin' +i%es wi%% not =e com ressed unti% the: are modi+ied as com ression is on%: a %ied when a +i%e is written. $. 'reate ;FS 8ataset: a%%ows :ou to create a dataset. ". 'reate =,ol: a%%ows :ou to create a 8.o% to use as an i"C"I de.ice e5tent. ,. ' ange Per3issions: a%%ows :ou to edit the .o%ume's userD 'rou D !ni5 rw5 ermissionsD t: e o+ AC9D and to ena=%e recursi.e ermissions on the .o%ume's su=directories. /. 'reate Sna!s ot: a%%ows :ou to con+i'ure the sna shot's name and whether or not it is recursi.e =e+ore manua%%: creatin' a one;time sna shot. I+ :ou wish to schedu%e the re'u%ar creation o+ sna shotsD instead create a eriodic sna shot tas). 6. ?olu3e Status: as seen in the e5am %e in $i'ure ,.3nD this screen shows the de.ice name and status o+ each dis) in the 0$" oo% as we%% as an: readD writeD or chec)sum errors. It a%so indicates the status o+ the %atest 0$" scru=. I+ :ou c%ic) the entr: +or a de.iceD =uttons wi%% FreeNAS 9.2.1 Users Guide Page 12) of 280
a ear to edit the de.ice's o tions Ashown in $i'ure ,.3oBD o++%ine the de.iceD or re %ace the de.ice Aas descri=ed in Re %acin' a $ai%ed (ri.eB. Figure %.#n: ?olu3e Status
I+ :ou c%ic) a dis) in 3o%ume "tatus and c%ic) its O4dit (is)P =uttonD :ou wi%% see the screen shown in $i'ure ,.3o. <a=%e ,.3+ summari8es the con+i'ura=%e o tions.
*a(le %.#f: 8is9 6!tions Setting Name "eria% (escri tion H(( "tand=: Ad.anced >ower Mana'ement Acoustic 9e.e% 4na=%e ".M.A.R.< ".M.A.R.<. e5tra o tions ?alue strin' strin' strin' dro ;down menu dro ;down menu dro ;down menu chec)=o5 strin' 8escri!tion read;on%: .a%ue showin' $ree#"( de.ice name +or dis) read;on%: .a%ue showin' the dis)'s seria% num=er o tiona% indicates the time o+ inacti.it: Ain minutesB =e+ore the dri.e enters stand=: mode in order to conser.e ener':R this +orum ost demonstrates how to determine i+ a dri.e has s un down de+au%t is isa$ledD can se%ect a ower mana'ement ro+i%e +rom the menu de+au%t is isa$ledD can =e modi+ied +or dis)s that understand AAM ena=%ed =: de+au%t i+ the dis) su orts ".M.A.R.<.R unchec)in' this =o5 wi%% disa=%e an: con+i'ured ".M.A.R.<. <ests +or the dis) smartct%A6B o tions %: chan'es to the H(( Page 129 of 280
N6*7: .ersions o+ $reeNA"1 rior to 6.3.1 reEuired a re=oot in order to a FreeNAS 9.2.1 Users Guide
"tand=:D Ad.anced >ower Mana'ementD and Acoustic 9e.e% settin's. As o+ 6.3.1D chan'es to these settin's are a %ied immediate%:. A 0$" dataset on%: has +i.e icons as the scru= .o%umeD create 0$" .o%umeD and .o%ume status =uttons on%: a %: to .o%umes. In a datasetD the (etach 3o%ume =utton is re %aced with the (estro: (ataset =utton. I+ :ou c%ic) the (estro: (ataset =uttonD the =rowser wi%% turn red to indicate that this is a destructi.e action. <he o ;u warnin' messa'e wi%% warn that destro:in' the dataset wi%% de%ete a%% o+ the +i%es and sna shots o+ that dataset.
(.3.0.1 1e- Manage&ent for *ncr- ted Volu&es
I+ :ou chec) the O4na=%e +u%% dis) encr: tionP =o5 durin' the creation o+ a 0$" .o%umeD +i.e encr: tion icons wi%% =e added to the icons that are t: ica%%: seen when .iewin' a .o%ume. An e5am %e is seen in $i'ure ,.3 . Figure %.#!: 7ncr+!tion Icons Associated 0it an 7ncr+!ted ;FS ?olu3e
<hese icons are used toK 'reateE' ange Pass! rase: c%ic) this icon to set and con+irm the ass hrase associated with the 249I encr: tion )e:. Re(e(ber thi$ "a$$"hra$e a$ )o! ca% %ot re&i("ort a% e%cr)"ted 'ol!(e -itho!t it. In other wordsD i+ :ou +or'et the ass hraseD it is ossi=%e +or the data on the .o%ume to =ecome inaccessi=%e. An e5am %e wou%d =e a +ai%ed !"# stic) that reEuires a new insta%%ation on a new !"# stic) and a re;im ort o+ the e5istin' oo%D or the h:sica% remo.a% o+ dis)s when mo.in' +rom an o%der hardware s:stem to a new s:stem. >rotect this ass hrase as an:one who )nows it cou%d re; im ort :our encr: ted .o%umeD thus thwartin' the reason +or encr: tin' the dis)s in the +irst %ace. When :ou c%ic) this iconD a red warnin' is dis %a:edK &emem$er to add a ne: re'o#ery key as this FreeNAS 9.2.1 Users Guide Page 1#0 of 280
a'tion in#alidates the *re#io!s re'o#ery key. "ettin' a ass hrase in.a%idates the e5istin' )e:. -nce :ou set the ass hraseD immediate%: c%ic) the Add re'o#ery key =utton to create a new reco.er: )e:. -nce the ass hrase is setD the name o+ this icon wi%% chan'e to Chan'e >ass hrase. 8o0nload 1e+: c%ic) this icon to down%oad a =ac)u co : o+ the 249I encr: tion )e:. "ince the 249I encr: tion )e: is se arate +rom the $reeNA"1 con+i'uration data=aseD it i$ hi#hl) reco((e%ded to (a0e a bac0!" o* the 0e). 1* the 0e) i$ e'er) lo$t or de$tro)ed a%d there i$ %o bac0!" 0e)/ the data o% the di$0$ i$ i%acce$$ible. 7ncr+!tion 2e>9e+: 'enerates a new 249I encr: tion )e:. <: ica%%: this is on%: er+ormed when the administrator sus ects that the current )e: ma: =e com romised. <his action a%so remo.es the current ass hrase. Add reco,er+ 9e+: 'enerates a new reco.er: )e: and rom ts +or a %ocation to down%oad a =ac)u co : o+ the reco.er: )e:. <his reco.er: )e: can =e used i+ the ass hrase is +or'otten. Al-a)$ i((ediatel) add a reco.er: )e: whene.er the ass hrase is chan'ed. 2e3o,e reco,er 9e+: <: ica%%: this is on%: er+ormed when the administrator sus ects that the current reco.er: )e: ma: =e com romised. 1((ediatel) create a new ass hrase and reco.er: )e:. 4ach o+ these icons wi%% rom t +or the assword used to access the $reeNA"1 administrati.e 2!I.
%.#.10
Setting Per3issions
"ettin' ermissions is an im ortant as ect o+ con+i'urin' .o%umes. <he 'ra hica% administrati.e inter+ace is meant to set the i%itial ermissions +or a .o%ume or dataset in order to ma)e it a.ai%a=%e as a share. -nce a share is a.ai%a=%eD the c%ient o eratin' s:stem shou%d =e used to +ine;tune the ermissions o+ the +i%es and directories that are created =: the c%ient. "harin' contains con+i'uration e5am %es +or se.era% t: es o+ ro.ides an o.er.iew o+ the screen that is used to set ermissions. ermission scenarios. <his section
-nce a .o%ume or dataset is createdD it wi%% =e %isted =: its mount oint name in "tora'e N 3o%umes N 3iew 3o%umes. I+ :ou c%ic) the Chan'e >ermissions icon +or a s eci+ic .o%ume@datasetD :ou wi%% see the screen shown in $i'ure ,.3E. <a=%e ,.3' summari8es the o tions in this screen.
*a(le %.#g: 6!tions . en ' anging Per3issions Setting ?alue 8escri!tion dro ;down user to contro% the .o%ume@datasetR users which were manua%%: created or -wner AuserB menu im orted +rom Acti.e (irector: or 9(A> wi%% a ear in dro ;down menu dro ;down 'rou to contro% the .o%ume@datasetR 'rou s which were manua%%: created -wner A'rou B menu or im orted +rom Acti.e (irector: or 9(A> wi%% a ear in dro ;down Mode chec)=o5es chec) the desired U%ix ermissions +or userD 'rou D and other !ni5 and Windows AC9s are mutua%%: e5c%usi.eD this means that +ou =u%%et <: e o+ AC9 3ust select t e correct t+!e of A'< to 3atc t e s are R see the se%ection ara'ra hs =e%ow this <a=%e +or more detai%s i+ chec)edD ermissions wi%% a%so a %: to su=directories o+ the .o%ume or "et ermission datasetR i+ data a%read: e5ists on the .o%ume@datasetD it i$ reco((e%ded chec)=o5 recursi.e%: to i%$tead cha%#e the "er(i$$io%$ rec!r$i'el) o% the clie%t $ide to "re'e%t a "er*or(a%ce la# o% the FreeNAS $)$te( When in dou=tD or i+ :ou ha.e a mi5 o+ o eratin' s:stems in :our networ)D se%ect !ni5 AC9s as a%% c%ients understand them. Windows AC9s are a ro riate when the networ) contains on%: Windows c%ients and are the re+erred o tion within an Acti.e (irector: domain. Windows AC9s add a su erset FreeNAS 9.2.1 Users Guide Page 1#2 of 280
o+ ermissions that au'ment those ro.ided =: !ni5 AC9s. Whi%e Windows c%ients a%so understand !ni5 AC9sD the: won't =ene+it +rom the e5tra ermissions ro.ided =: Acti.e (irector: and Windows AC9s when !ni5 AC9s are used. I+ :ou chan'e :our mind a=out the t: e o+ AC9D :ou do not ha.e to recreate the .o%ume. <hat isD e5istin' data is not %ost i+ the t: e o+ AC9 is chan'ed. Howe.erD i+ :ou chan'e +rom Windows AC9s to !ni5 AC9sD the e5tended ermissions ro.ided =: Windows AC9s wi%% =e remo.ed +rom the e5istin' +i%es. When :ou se%ect Windows AC9sD the <ode wi%% =ecome 're:ed out as it on%: a %ies to !ni5 ermissions. <he de+au%t Windows AC9s are a%wa:s set to what Windows sets on new +i%es and directories =: de+au%t. <he Windows c%ient shou%d then =e used to +ine;tune the ermissions as reEuired. %.#.11 ?ie0ing 4ulti!at s
$reeNA"1 uses 'mu%ti athA6B to ro.ide mu%ti ath I@- su ort on s:stems containin' hardware that is ca a=%e o+ mu%ti ath. An e5am %e wou%d =e a dua% "A" e5 ander =ac) %ane in the chassis or an e5terna% C#-(. Mu%ti ath hardware adds +au%t to%erance to a NA" as the data is sti%% a.ai%a=%e e.en i+ one dis) I@- ath has a +ai%ure. $reeNA"1 automatica%%: detects acti.e@acti.e and acti.e@ assi.e mu%ti ath;ca a=%e hardware. An: mu%ti ath;ca a=%e de.ices that are detected wi%% =e %aced in mu%ti ath units with the arent de.ices hidden. <he con+i'uration wi%% =e dis %a:ed in "tora'e N 3o%umes N 3iew Mu%ti athsD as seen in the e5am %e in $i'ure ,.3r. Note that this o tion wi%% not =e dis %a:ed in the "tora'e N 3o%umes tree on s:stems that do not contain mu%ti ath;ca a=%e hardware. Figure %.#r: ?ie0ing 4ulti!at s
$i'ure ,.3E ro.ides an e5am %e o+ a s:stem with a "A" 0I9 and a "A" hard dri.e. <he 0I9 de.ice is ca a=%e o+ acti.e@acti.e writesD whereas the hard dri.e is ca a=%e o+ acti.e@read. %.#.12 2e!lacing a Failed 8ri,e
I+ :ou are usin' an: +orm o+ redundant RAI(D :ou shou%d re %ace a +ai%ed dri.e as soon as ossi=%e to re air the de'raded state o+ the RAI(. (e endin' u on the ca a=i%it: o+ :our hardwareD :ou ma: or ma: not need to re=oot in order to re %ace the +ai%ed dri.e. AHCI ca a=%e hardware does not reEuire a re=oot.
N6*7: a stri e ARAI(0B does not ro.ide redundanc:. I+ :ou %ose a dis) in a stri eD :ou wi%% need to recreate the .o%ume and restore the data +rom =ac)u . #e+ore h:sica%%: remo.in' the +ai%ed de.iceD 'o to "tora'e N 3o%umes N 3iew 3o%umes N 3o%ume "tatus and %ocate the +ai%ed dis). -nce :ou ha.e %ocated the +ai%ed de.ice in the 2!ID er+orm the +o%%owin' ste sK 1. I+ the dis) is +ormatted with 0$"D c%ic) the dis)'s entr: then its O-++%ineP =utton in order to chan'e that dis)'s status to -$$9IN4. <his ste is needed to ro er%: remo.e the de.ice +rom the 0$" oo% and to re.ent swa issues. I+ :our hardware su orts hot; %u''a=%e dis)sD c%ic) the dis)'s O-++%ineP =uttonD u%% the dis)D then s)i to ste 3. I+ there is no O-++%ineP =utton =ut on%: a ORe %aceP =uttonD then the dis) is a%read: o++%ined and :ou can sa+e%: s)i this ste . N6*7: i+ the rocess o+ chan'in' the dis)'s status to -$$9IN4 +ai%s with a Odis) o++%ine +ai%ed ; no .a%id re %icasP messa'eD :ou wi%% need to scru= the 0$" .o%ume +irst usin' its "cru= 3o%ume =utton in "tora'e N 3o%umes N 3iew 3o%umes. -nce the scru= com %etesD tr: to -++%ine the dis) a'ain =e+ore roceedin'. 2. I+ the hardware is not AHCI ca a=%eD shutdown the s:stem in order to h:sica%%: re %ace the dis). When +inishedD return to the 2!I and %ocate the -$$9IN4 dis). 3. -nce the dis) is showin' as -$$9IN4D c%ic) the dis) a'ain and then c%ic) its ORe %aceP =utton. "e%ect the re %acement dis) +rom the dro ;down menu and c%ic) the ORe %ace (is)P =utton. I+ the dis) is a mem=er o+ an encr: ted 0$" oo%D :ou wi%% =e rom ted to in ut the ass hrase +or the oo%. -nce :ou c%ic) the ORe %ace (is)P =uttonD the 0$" oo% wi%% start to resi%.er. Fou can use the =!ool status command in "he%% to monitor the status o+ the resi%.erin'. &. I+ the re %aced dis) continues to =e %isted a+ter resi%.erin' is com %eteD c%ic) its entr: and use the O(etachP =utton to remo.e the dis) +rom the %ist. In the e5am %e shown in $i'ure ,.3sD a +ai%ed dis) is =ein' re %aced =: dis) ada2 in the .o%ume named #ol!me1.
I+ the 0$" oo% is encr: tedD additiona% ste s are needed when re %acin' a +ai%ed dri.e. $irstD ma)e sure that a ass hrase has =een set be*ore attem tin' to re %ace the +ai%ed dri.e. <henD +o%%ow the ste s 1 and 2 as descri=ed a=o.e. (urin' ste 3D :ou wi%% =e rom ted to in ut the ass hrase +or the oo%. Wait unti% the resi%.erin' is com %ete. Ne5tD restore the encr: tion )e:s to the oo%. 1* the *ollo-i%# additio%al $te"$ are %ot "er*or(ed be*ore the %ext reboot/ )o! (a) lo$e acce$$ to the "ool "er(a%e%tl). 1. Hi'h%i'ht the oo% that contains the dis) :ou Iust re %aced and c%ic) the O4ncr: tion Re;)e:P =utton in the 2!I. Fou wi%% need to enter the root assword. 2. Hi'h%i'ht the oo% that contains the dis) :ou Iust re %aced and c%ic) the OCreate >ass hraseP =utton and enter the new ass hrase. Fou can reuse the o%d ass hrase i+ desired. 3. Hi'h%i'ht the oo% that contains the dis) :ou Iust re %aced and c%ic) the O(own%oad Ke:P =utton FreeNAS 9.2.1 Users Guide Page 1#" of 280
in order to sa.e the new encr: tion )e:. "ince the o%d )e: wi%% no %on'er +unctionD an: o%d )e:s can =e sa+e%: discarded. &. Hi'h%i'ht the oo% that contains the dis) :ou Iust re %aced and c%ic) the OAdd Reco.er: Ke:P =utton in order to sa.e the new reco.er: )e:. <he o%d reco.er: )e: wi%% no %on'er +unctionD so it can =e sa+e%: discarded.
(.3.12.2 "e&oving a +og or Cache Device
I+ :ou ha.e added an: %o' or cache de.icesD these de.ices wi%% a%so a ear in "tora'e N 3o%umes N 3iew 3o%umes N 3o%ume "tatus. I+ :ou c%ic) the de.iceD :ou can either use its MRe %aceM =utton to re %ace the de.ice as descri=ed a=o.eD or c%ic) its MRemo.eM =utton to remo.e the de.ice. #e+ore er+ormin' either o+ these o erationsD .eri+: the .ersion o+ 0$" runnin' on the s:stem =: runnin' =!ool u!grade >,L3ore +rom "he%%. I+ the oo% is runnin' 0$".1*D and a non;mirrored %o' de.ice +ai%sD is re %acedD or remo.edD the oo% is unreco.era=%e and the oo% must =e recreated and the data restored +rom a =ac)u . $or other 0$" .ersionsD remo.in' or re %acin' the %o' de.ice wi%% %ose an: data in the de.ice which had not :et =een written. <his is t: ica%%: the %ast +ew seconds o+ writes. Remo.in' or re %acin' a cache de.ice wi%% not resu%t in an: data %ossD =ut ma: ha.e an im act on read er+ormance unti% the de.ice is re %aced. %.#.1# 2e!lacing 8ri,es to Gro0 a ;FS Pool
<he recommended method +or e5 andin' the si8e o+ a 0$" oo% is to re; %an the num=er o+ dis)s in a .de. and to stri e additiona% .de.s usin' the 0$" 3o%ume Mana'er as additiona% ca acit: is needed. Howe.erD this is not an o tion i+ :ou do not ha.e o en dri.e orts or the a=i%it: to add a "A"@"A<A H#A card. In this caseD :ou can re %ace one dis) at a time with a %ar'er dis)D wait +or the resi%.erin' rocess to incor orate the new dis) into the oo% com %etesD then re eat with another dis) unti% a%% o+ the dis)s ha.e =een re %aced. <his rocess is s%ow and %aces the s:stem in a de'raded state. "ince a +ai%ure at this oint cou%d =e disastrousD do %ot atte("t thi$ (ethod !%le$$ the $)$te( ha$ a reliable bac0!". N6*7: this method reEuires the 0$" ro ert: autoe5 and. <his ro ert: =ecame a.ai%a=%e startin' with $reeNA"1 .ersion 6.3.0. I+ :ou are runnin' an ear%ier .ersion o+ $reeNA"1D u 'rade =e+ore attem tin' this method. Chec) and .eri+: that the autoe5 and ro ert: is ena=%ed be*ore attem tin' to 'row the oo%. I+ it is notD the oo% wi%% not reco'ni8e that the dis) ca acit: has increased. #: de+au%tD this ro ert: is ena=%ed in $reeNA"1 .ersions 6.3.1 and hi'her. <o .eri+: the ro ert:D use "he%%. <his e5am %e chec)s the 0$" .o%ume named Bol1K
zpool NAME Vol1 Vol1 Vol1 Vol1 Vol1 get all Vol1 PROPERTY size capacity altroot health guid
Vol1 Vol1 Vol1 Vol1 Vol1 Vol1 Vol1 Vol1 Vol1 Vol1 Vol1 Vol1 Vol1 Vol1
version bootfs delegation autoreplace cachefile failmode listsnapshots autoexpand dedupditto dedupratio free allocated readonly comment
default default default default local default default local default default
I+ autoe5 ansion is not ena=%edD ena=%e it =: s eci+:in' the name o+ the 0$" .o%umeK
zpool set autoexpand=on Vol1
3eri+: that autoe5 and is now ena=%ed =: re eatin' =!ool get all ?ol1. Fou are now read: to re %ace one dri.e with a %ar'er dri.e usin' the instructions in Re %acin' a $ai%ed (ri.e. Re %ace one dri.e at a time and wait +or the resi%.er rocess to com %ete on the re %aced dri.e =e+ore re %acin' the ne5t dri.e. -nce a%% the dri.es are re %aced and the resi%.er com %etesD :ou shou%d see the added s ace in the oo%. Fou can .iew the status o+ the resi%.er rocess =: runnin' =!ool status ?ol1.
(.3.13.1 *nabling .#S /ool *2 ansion After Drive "e lace&ent
It is recommended to ena=%e the autoe5 and ro ert: =e+ore :ou start re %acin' dri.es. I+ the ro ert: is not ena=%ed =e+ore re %acin' some or a%% o+ the dri.esD e5tra con+i'uration is needed to in+orm 0$" o+ the e5 anded ca acit:. 3eri+: that autoe5 and is set as descri=ed in the re.ious section. <henD =rin' each o+ the dri.es =ac) on%ine with the +o%%owin' commandD re %acin' the .o%ume name and 2>< I( +or each dis) in the 0$" oo%K
zpool online -e Vol1 gptid/xxx
-n%ine one dri.e at a time and chec) the status usin' the +o%%owin' e5am %e. I+ a dri.e starts to resi%.erD :ou need to wait +or the resi%.er to com %ete =e+ore roceedin' to on%ine the ne5t dri.e. <o +ind the 2>< I( in+ormation +or the dri.esD use =!ool status MPool:Na3eN which wi%% a%so show :ou i+ an: dri.es are +ai%ed or in the rocess o+ =ein' resi%.eredK
zpool status Vol1 pool: Vol1 state: ONLINE scan: scrub repaired 0 in 16h24m with 0 errors on Sun Mar 10 17:24:20 2013 config: NAME STATE READ WRITE CKSUM Vol1 ONLINE 0 0 0 raidz1-0 ONLINE 0 0 0
0 0 0 0 0
0 0 0 0 0
0 0 0 0 0
A+ter on%inin' a%% o+ the dis)sD t: e =!ool status to see i+ the dri.es start to resi%.er. I+ this ha ensD wait +or the resi%.erin' rocess to com %ete. Ne5tD e5 ort and then im ort the oo%K
zpool export Vol1 zpool import -R /mnt Vol1
-nce the im ort com %etesD a%% o+ the dri.e s ace shou%d =e a.ai%a=%e. 3eri+: that the increased si8e is reco'ni8edK
zpool list Vol1 NAME SIZE ALLOC Vol1 9.06T 1.41T FREE 7.24T CAP 31% DEDUP 1.00x HEALTH ONLINE ALTROOT /mnt
I+ :ou cannot see the e5tra s aceD :ou ma: need to run =!ool online >e O!oolP Ode,iceP +or e.er: de.ice %isted in =!ool status. %.#.1$ S!litting a 4irrored ;FS Storage Pool
0$".26 ro.ides the a=i%it: to to s %it a (irrored stora'e oo%D which detaches a dis) or dis)s in the ori'ina% 0$" .o%ume in order to create another identica% 0$" .o%ume on another s:stem. N6*7: 8 oo% s %it on%: wor)s on mirrored 0$" .o%umes. In this e5am %eD a 0$" mirror named test contains three dri.esK
zpool status pool: test state: ONLINE scan: resilvered 568K in 0h0m with 0 errors on Wed Jul config: NAME STATE READ WRITE CKSUM test ONLINE 0 0 0 mirror-0 ONLINE 0 0 0 da1 ONLINE 0 0 0 da0 ONLINE 0 0 0 da4 ONLINE 0 0 0
6 16:10:58 2011
<he +o%%owin' command s %its +rom the e5istin' three dis) mirror test a new 0$" .o%ume named migrant containin' one dis)D da4. (is)s da0 and da1 remain in test.
zpool split test migrant da4
At this ointD da4 can =e h:sica%%: remo.ed and insta%%ed to a new s:stem as the new oo% is e5 orted as it is created. -nce h:sica%%: insta%%edD im ort the identica% oo% on the new s:stemK FreeNAS 9.2.1 Users Guide Page 1#8 of 280
<his ma)es the 0$" .o%ume migrant a.ai%a=%e with a sin'%e dis). #e aware that ro erties come a%on' with the c%oneD so the new oo% wi%% =e mounted where the o%d oo% was mounted i+ the mount oint ro ert: was set on the ori'ina% oo%. 3eri+: the status o+ the new oo%K
zpool status pool: migrant state: ONLINE scan: resilvered 568K in 0h0m with 0 errors on Wed Jul config: NAME STATE READ WRITE CKSUM migrant ONLINE 0 0 0 da4 ONLINE 0 0 0 errors: No known data errors
6 16:10:58 2011
6 16:10:58 2011
At this ointD it is recommended to add dis)s to create a +u%% mirror set. <his e5am %e adds two dis)s named da2 and da+K
zpool attach migrant da4 da2 zpool attach migrant da4 da3
6 16:43:27 2011
Now that the new s:stem has =een c%onedD :ou can detach da4 and insta%% it =ac) to the ori'ina% s:stem. #e+ore h:sica%%: remo.in' the dis)D run this command on the new s:stemK
zpool detach migrant da4
-nce the dis) is h:sica%%: re;insta%%edD run this command on the ori'ina% s:stemK
zpool attach orig da0 da4
"hou%d :ou e.er need to create a new c%oneD remem=er to remo.e the o%d c%one +irstK
zpool destroy migrant
%.$
;FS Scru(s
"tora'e N 0$" "cru=s a%%ows :ou to schedu%e and mana'e scru=s on a 0$" .o%ume. >er+ormin' a 0$" scru= on a re'u%ar =asis he% s to identi+: data inte'rit: ro=%emsD detects si%ent data corru tions caused =: transient hardware issuesD and ro.ides ear%: a%erts to dis) +ai%ures. I+ :ou ha.e consumer;Eua%it: dri.esD consider a wee)%: scru==in' schedu%e. I+ :ou ha.e datacenter;Eua%it: dri.esD consider a month%: scru==in' schedu%e. (e endin' u on the amount o+ dataD a scru= can ta)e a %on' time. "cru=s are I@- intensi.e and can ne'ati.e%: im act er+ormance. <he: shou%d =e schedu%ed +or e.enin's or wee)ends to minimi8e the im act to users. A 0$" scru= on%: chec)s used dis) s ace. <o chec) unused dis) s aceD schedu%e a ".M.A.R.<. <est ?y*e o+ ;ong Self-?est to run once or twice a month. When :ou create a .o%ume that is +ormatted with 0$"D a 0$" scru= is automatica%%: schedu%ed +or :ou. An entr: o+ the same .o%ume name is added to "tora'e N 0$" "cru=s and a summar: o+ this entr: can =e .iewed in "tora'e N 0$" "cru=s N 3iew 0$" "cru=s. $i'ure ,.&a dis %a:s the de+au%t settin's +or the .o%ume named #ol!me1. <a=%e ,.&a summari8es the o tions in this screen. Figure %.$a: ?ie0ing a ?olu3e/s 8efault Scru( Settings
*a(le %.$a: ;FS Scru( 6!tions Setting 3o%ume ?alue 8escri!tion dro ;down menu se%ect 0$" .o%ume to scru= num=er o+ da:s since the %ast scru= com %eted =e+ore the ne5t scru= <hresho%d can occurD re'ard%ess o+ the ca%endar schedu%eR the de+au%t is a inte'er da:s mu%ti %e o+ / which shou%d ensure that the scru= a%wa:s occurs on the same da: o+ the wee) (escri tion strin' o tiona% s%ider or minute i+ use the s%iderD scru= occurs e.er: N minutesR i+ use minute Minute se%ections se%ectionsD scru= starts at the hi'h%i'hted minutes s%ider or hour i+ use the s%iderD scru= occurs e.er: N hoursR i+ use hour se%ectionsD Hour se%ections scru= occurs at the hi'h%i'hted hours s%ider or month i+ use the s%iderD scru= occurs e.er: N da:sR i+ use month se%ectionsD (a: o+ Month se%ections scru= occurs on the hi'h%i'hted da:s o+ the se%ected months Month chec)=o5es scru= occurs on the se%ected months scru= occurs on the se%ected da:sR de+au%t is S!nday to %east im act (a: o+ wee) chec)=o5es users 4na=%ed chec)=o5 unchec) to disa=%e the schedu%ed scru= without de%etin' it Fou shou%d re.iew the de+au%t se%ections andD i+ necessar:D modi+: them to meet the needs o+ :our en.ironment. Whi%e a de%ete =utton is ro.idedD deleti%# a $cr!b i$ %ot reco((e%ded a$ a $cr!b "ro'ide$ a% earl) i%dicatio% o* di$0 i$$!e$ that co!ld lead to a di$0 *ail!re. I+ :ou +ind that a scru= is too intensi.e +or :our hardwareD consider disa=%in' the scru= as a tem orar: measure unti% the hardware can =e u 'raded. I+ :ou do de%ete a scru=D :ou can create a new scru= tas) =: c%ic)in' "tora'e N 3o%umes N 0$" "cru=s N Add 0$" "cru=.
S aring 'onfiguration
-nce :ou ha.e a .o%umeD create at %east one share so that the stora'e is accessi=%e =: the other com uters in :our networ). <he t: e o+ share :ou create de ends u on the o eratin' s:stemAsB runnin' in :our networ)D :our securit: reEuirementsD and e5 ectations +or networ) trans+er s eeds. N6*7: shares are created to ro.ide and contro% access to an area o+ stora'e. #e+ore creatin' :our sharesD it is recommended to ma)e a %ist o+ the users that wi%% need access to stora'e dataD which o eratin' s:stems these users are usin'D whether or not a%% users shou%d ha.e the same ermissions to the stored dataD and whether or not these users shou%d authenticate =e+ore accessin' the data. <his in+ormation can he% :ou determine which t: e o+ shareAsB :ou need to createD whether or not :ou need to create mu%ti %e datasets in order to di.ide u the stora'e into areas with di++erin' access and ermission reEuirementsD and how com %e5 it wi%% =e to setu :our ermission reEuirements. It shou%d FreeNAS 9.2.1 Users Guide Page 1$1 of 280
=e noted that a share is used to ro.ide access to data. I+ :ou de%ete a shareD it remo.es access to data =ut does not de%ete the data itse%+. <he +o%%owin' t: es o+ shares and ser.ices are a.ai%a=%eK A!!le HAFPF S aresK the A com uters run Mac -" 7. %e $i%e >rotoco% AA$>B t: e o+ share is a 'ood choice i+ a%% o+ :our
Uni- HNFSF S aresK the Networ) $i%e ":stem AN$"B t: e o+ share is accessi=%e =: Mac -" 7D 9inu5D #"(D and the ro+essiona%@enter rise .ersions Anot the home editionsB o+ Windows. It is a 'ood choice i+ there are man: di++erent o eratin' s:stems in :our networ). (e endin' u on the o eratin' s:stemD it ma: reEuire the insta%%ation or con+i'uration o+ c%ient so+tware on the des)to . .indo0s H'IFSF S aresK the Common Internet $i%e ":stem ACI$"B t: e o+ share is accessi=%e =: WindowsD Mac -" 7D 9inu5D and #"( com utersD =ut it is s%ower than an N$" share due to the sin'%e; threaded desi'n o+ "am=a. It ro.ides more con+i'uration o tions than N$" and is a 'ood choice on a networ) containin' on%: Windows s:stems. Howe.erD it is a oor choice i+ the C>! on the $reeNA"1 s:stem is %imitedR i+ :our C>! is ma5ed outD :ou need to u 'rade the C>! or consider another t: e o+ share. I+ :ou are %oo)in' +or a so%ution that a%%ows +ast access +rom an: o eratin' s:stemD consider con+i'urin' the $<> ser.ice instead o+ a share and use a cross; %at+orm $<> and +i%e mana'er c%ient a %ication such as $i%e8i%%a. "ecure $<> can =e con+i'ured i+ the data needs to =e encr: ted. I+ data securit: is a concern and :our networ)'s users are +ami%iar with ""H command %ine uti%ities or Win"C>D consider con+i'urin' the ""H ser.ice instead o+ a share. It wi%% =e s%ower than unencr: ted $<> due to the o.erhead o+ encr: tionD =ut the data assin' throu'h the networ) wi%% =e encr: ted. N6*7: whi%e the 2!I wi%% %et :ou do itD it is a =ad idea to share the same .o%ume or dataset usin' mu%ti %e t: es o+ access methods. (i++erent t: es o+ shares and ser.ices use di++erent +i%e %oc)in' methods. $or e5am %eD i+ the same .o%ume is con+i'ured to use =oth N$" and $<>D N$" wi%% %oc) a +i%e +or editin' =: an N$" userD =ut a $<> user can simu%taneous%: edit or de%ete that +i%e. <his wi%% resu%t in %ost edits and con+used users. Another e5am %eK i+ a .o%ume is con+i'ured +or =oth A$> and CI$"D Windows users ma: =e con+used =: the e5tra +i%enames used =: Mac +i%es and de%ete the ones the: don't understandR this wi%% corru t the +i%es on the A$> share. >ic) the one t: e o+ share or ser.ice that ma)es the most sense +or the t: es o+ c%ients that wi%% access that .o%umeD and con+i'ure that .o%ume +or that one t: e o+ share or ser.ice. I+ :ou need to su ort mu%ti %e t: es o+ sharesD di.ide the .o%ume into datasets and use one dataset er share. <his section wi%% demonstrate how to create A$>D N$"D and CI$" shares. $<> and ""H con+i'urations are descri=ed in "er.ices Con+i'uration.
).1
$reeNA"1 uses the Netata%) A$> ser.er to share data with A %e s:stems. Con+i'urin' A$> shares is a mu%ti;ste rocess that reEuires :ou to create or im ort users and 'rou sD set .o%ume@dataset ermissionsD create the A$> shareAsBD con+i'ure the A$> ser.iceD then ena=%e the A$> ser.ice in "er.ices N Contro% "er.ices. <his section descri=es the con+i'uration screen +or creatin' the A$> share. It then ro.ides con+i'uration e5am %es +or creatin' a 'uest shareD con+i'urin' <ime Machine to =ac)u to a dataset on the $reeNA"1 s:stemD and +or connectin' to the share +rom a Mac -" 7 c%ient. FreeNAS 9.2.1 Users Guide Page 1$2 of 280
).1.1
I+ :ou c%ic) "harin' N A %e AA$>B "hares N Add A %e AA$>B "hareD :ou wi%% see the screen shown in $i'ure /.1a. "ome settin's are on%: a.ai%a=%e in Ad.anced Mode. <o see these settin'sD either c%ic) the Ad.anced Mode =utton or con+i'ure the s:stem to a%wa:s dis %a: these settin's =: chec)in' the =o5 O"how ad.anced +ie%ds =: de+au%tP in ":stem N "ettin's N Ad.anced. <a=%e /.1a summari8es the a.ai%a=%e o tions when creatin' an A$> share. Re+er to "ettin' u Netata%) +or a more detai%ed e5 %anation o+ the a.ai%a=%e o tions. -nce :ou ress the -K =utton when creatin' the A$> shareD a o ;u menu wi%% as) OWou%d :ou %i)e to ena=%e this ser.iceUP C%ic) Fes and "er.ices N Contro% "er.ices wi%% o en and indicate whether or not the A$> ser.ice success+u%%: started. Figure ).1a: 'reating an AFP S are
*a(le ).1a: AFP S are 'onfiguration 6!tions Setting 8escri!tion .o%ume name that wi%% a ear in the Mac com uter's Oconnect to Name strin' ser.erP dia%o'ueR %imited to 2/ characters and can not contain a eriod "hare Comment strin' o tiona% >ath =rowse =utton =rowse to the .o%ume@dataset to share comma de%imited %ist o+ a%%owed users and@or 'rou s where A%%ow 9ist strin' 'rou name =e'ins with a T FreeNAS 9.2.1 Users Guide Page 1$# of 280 ?alue
chec)=o5
chec)=o5
(e+au%t +i%e chec)=o5es ermission (e+au%t director: chec)=o5es ermission (e+au%t umas) inte'er
8escri!tion comma de%imited %ist o+ denied users and@or 'rou s where 'rou name =e'ins with a T comma de%imited %ist o+ users and@or 'rou s who on%: ha.e read access where 'rou name =e'ins with a T comma de%imited %ist o+ users and@or 'rou s who ha.e read and write access where 'rou name =e'ins with a T due to a %imitation in how Mac dea%s with %ow;dis)s ace issues when mu%ti %e Mac's share the same .o%umeD chec)in' ?ime <a'hine on mu%ti %e shares is discoura'ed as it ma: resu%t in intermittent +ai%ed =ac)u s s eci+: the ath to store the CNI( data=ases used =: A$> Ade+au%t is the root o+ the .o%umeBR the ath must =e writa=%e on%: a.ai%a=%e in Ad.anced ModeR ena=%e when the de.ice num=er is not constant across a re=oot on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD A$> won't stat the .o%ume ath when enumeratin' the .o%umes %istR use+u% +or automountin' or .o%umes created =: a ree5ec scri t ena=%es !ni5 ri.i%e'es su orted =: -"7 10.* and hi'herR do not ena=%e i+ the networ) contains Mac -" 7 10.& c%ients or %ower as the: do not su ort these on%: wor)s with !ni5 AC9sR new +i%es created on the share are set with the se%ected ermissions on%: wor)s with !ni5 AC9sR new directories created on the share are set with the se%ected ermissions umas) +or new%: created +i%esD de+au%t is 000 Aan:one can readD writeD and e5ecuteB
).1.2
A$> su orts 'uest %o'insD meanin' that a%% o+ :our Mac -" 7 users can access the A$> share without reEuirin' their user accounts to +irst =e created on or im orted into the the $reeNA"1 s:stem. N6*7: i+ :ou create a 'uest share as we%% a share that reEuires authenticationD A$> wi%% on%: ma users who %o'in as 'uest to the 'uest share. <his means that i+ a user %o's in to the share that reEuires authenticationD the ermissions on the 'uest share ma: re.ent that user +rom writin' to the 'uest share. <he on%: wa: to a%%ow =oth 'uest and authenticated users to write to a 'uest share is to set the ermissions on the 'uest share to /// or to add the authenticated users to a 'uest 'rou and set the ermissions to //5.
In this con+i'uration e5am %eD the A$> share has =een con+i'ured +or 'uest access as +o%%owsK 1. A 0$" .o%ume named 2mnt2data has its ermissions set to the =ui%t;in no$ody user account and no$ody 'rou . 2. An A$> share has =een created with the +o%%owin' attri=utesK NameK freenas Athis is the name that wi%% a ear to Mac -" 7 c%ientsB >athK 2mnt2data A%%ow 9istK set to no$ody Read;write AccessK set to no$ody "er.er NameK freenas 2uest AccessK chec)=o5 is chec)ed no$ody is se%ected in the 2uest account dro ;down menu
-nce the A$> ser.ice has =een started in "er.ices N Contro% "er.icesD Mac -" 7 users can connect to the A$> share =: c%ic)in' 2o N Connect to "er.er. In the e5am %e shown in $i'ure /.1=D the user has in ut af*)22 +o%%owed =: the I> address o+ the $reeNA"1 s:stem. C%ic) the Connect =utton. -nce connectedD $inder wi%% automatica%%: o en. <he name o+ the A$> share wi%% =e dis %a:ed in the "HAR4( section in the %e+t +rame and the contents o+ the share wi%% =e dis %a:ed in the ri'ht +rame. In the e5am %e shown in $i'ure /.1cD 2mnt2data has one +o%der named ima'es. <he user can now co : +i%es to and +rom the share. Figure ).1(: 'onnect to Ser,er 8ialogue
<o disconnect +rom the .o%umeD c%ic) the eIect =utton in the "hared side=ar. ).1.# Using *i3e 4ac ine
Mac -" 7 inc%udes the <ime Machine a %ication which can =e used to schedu%e automatic =ac)u s. In this con+i'uration e5am %eD <ime Machine wi%% =e con+i'ured to =ac)u to an A$> share on a $reeNA"1 s:stem. <o con+i'ure the A$> share on the $reeNA"1 s:stemK 1. A 0$" dataset named 2mnt2data2$a'k!*,!ser1 with a Euota o+ 50H was created in "tora'e N 3o%umes N Create 0$" (ataset. 2. A user account was created as +o%%owsK !sernameK !ser1 Home (irector:K 2mnt2data2$a'k!*,!ser1 the $u%% NameD 4;mai%D and >assword +ie%ds were set where the !sername and >assword match the .a%ues +or the user on the Mac -" 7 s:stem >athK 2mnt2data2$a'k!*,!ser1 A%%ow 9istK set to !ser1 Read;write AccessK set to !ser1 <ime MachineK chec)=o5 is chec)ed
3. An A$> share with a Name o+ $a'k!*,!ser1 has =een created with the +o%%owin' attri=utesK
&. "er.ices N A$> has =een con+i'ured as +o%%owsK FreeNAS 9.2.1 Users Guide Page 1$% of 280
*. <he A$> ser.ice has =een started in "er.ices N Contro% "er.ices. <o con+i'ure <ime Machine on the Mac -" 7 c%ientD 'o to ":stem >re+erences N <ime Machine which wi%% o en the screen shown in $i'ure /.1e. C%ic) -N and a o ;u menu shou%d show the $reeNA"1 s:stem as a =ac)u o tion. In our e5am %eD it is %isted as $a'k!*,!ser1 on IfreenasI. Hi'h%i'ht the entr: re resentin' the $reeNA"1 s:stem and c%ic) the O!se #ac)u (is)P =utton. A connection =ar wi%% o en and wi%% rom t +or the user account's assword;;in this e5am %eD the assword +or the !ser1 account. <ime Machine wi%% create a +u%% =ac)u a+ter waitin' two minutes. It wi%% then create a one hour incrementa% =ac)u +or the ne5t 2& hoursD and then one =ac)u each da:D each wee) and each month. Si%ce the olde$t bac0!"$ are deleted -he% the FS data$et beco(e$ *!ll/ (a0e $!re that the E!ota $i.e )o! $et i$ $!**icie%t to hold the bac0!"$. Note that a de+au%t insta%%ation o+ Mac -" 7 is Y21 2# in si8e. I+ :ou recei.e a O<ime Machine cou%d not com %ete the =ac)u . <he =ac)u dis) ima'e cou%d not =e created Aerror &*BP error when =ac)in' u to the $reeNA"1 s:stemD :ou wi%% need to create a s arse=und%e ima'e usin' these instructions. I+ :ou recei.e the messa'e O<ime Machine com %eted a .eri+ication o+ :our =ac)u s. <o im ro.e re%ia=i%it:D <ime Machine must create a new =ac)u +or :ou.P and :ou do not want to er+orm another com %ete =ac)u or %ose ast =ac)u sD +o%%ow the instructions in this ost. Note that this can occur a+ter er+ormin' a scru= as <ime Machine ma: mista)en%: =e%ie.e that the s arse=und%e =ac)u is corru t.
).2
$reeNA"1 su orts the Networ) $i%e ":stem AN$"B +or sharin' .o%umes o.er a networ). -nce the N$" share is con+i'uredD c%ients use the 3ount command to mount the share. -nce mountedD the share a ears as Iust another director: on the c%ient s:stem. "ome 9inu5 distros reEuire the insta%%ation o+ additiona% so+tware in order to mount an N$" share. -n Windows s:stemsD ena=%e "er.ices +or N$" in the !%timate or 4nter rise editions or insta%% an N$" c%ient a %ication. N6*7: +or er+ormance reasonsD i"C"I is re+erred to N$" shares when $reeNA" is insta%%ed on 4"7i. Con+i'urin' N$" is a mu%ti;ste rocess that reEuires :ou to create N$" shareAsBD con+i'ure N$" in "er.ices N N$"D then start N$" in "er.ices N "er.ices. It does not reEuire :ou to create users or 'rou s as N$" uses I> addresses to determine which s:stems are a%%owed to access the N$" share. <his section demonstrates how to create an N$" shareD ro.ides a con+i'uration e5am %eD demonstrates how to connect to the share +rom .arious o eratin' s:stemsD and ro.ides some trou=%eshootin' ti s.
).2.1
<o create an N$" shareD c%ic) "harin' N !ni5 AN$"B "hares N Add !ni5 AN$"B "hareD shown in $i'ure /.2a. <a=%e /.2a summari8es the o tions in this screen. Figure ).2a: 'reating an NFS S are
-nce :ou ress the -K =utton when creatin' the N$" shareD a o ;u menu wi%% as) OWou%d :ou %i)e to ena=%e this ser.iceUP C%ic) Fes and "er.ices N Contro% "er.ices wi%% o en and indicate whether or not the N$" ser.ice success+u%%: started. *a(le ).2a: NFS S are 6!tions Setting Comment Authori8ed networ)s Authori8ed I> addresses or hosts A%% directories Read on%: ?alue strin' strin' strin' chec)=o5 chec)=o5 8escri!tion used to set the share nameR i+ %e+t em t:D share name wi%% =e the %ist o+ se%ected >aths s ace de%imited %ist o+ a%%owed networ) addresses in the +orm 1.2.3.0@2& where the num=er a+ter the s%ash is a CI(R mas) s ace de%imited %ist o+ a%%owed I> addresses or hostnames
i+ chec)edD the c%ient can mount an: su=director: within the 1ath rohi=its writin' to the share inhi=its some s:s%o' dia'nostics which can =e use+u% to a.oid some ?uiet chec)=o5 anno:in' error messa'esR see e5 ortsA*B +or e5am %es Ma root !ser dro ;down menu i+ a user is se%ectedD the root user is %imited to that user's ermissions i+ a 'rou is se%ectedD the root user wi%% a%so =e %imited to that Ma root 2rou dro ;down menu 'rou 's ermissions FreeNAS 9.2.1 Users Guide Page 1$9 of 280
?alue 8escri!tion dro ;down menu the s eci+ied user's ermissions are used =: a%% c%ients dro ;down menu the s eci+ied 'rou 's ermission are used =: a%% c%ients =rowse to the .o%ume@dataset@director: to shareR c%ic) Add e(tra =rowse =utton *ath to se%ect mu%ti %e aths
When creatin' the N$" shareD )ee the +o%%owin' oints in mindK 1. <he Ma root and Ma a%% o tions are e5c%usi.eD meanin' :ou can on%: use one or the other;;the 2!I wi%% not %et :ou use =oth. <he Ma a%% o tions su ersede the Ma root o tions. I+ :ou on%: wish to restrict the root user's ermissionsD set the Ma root o tion. I+ :ou wish to restrict the ermissions o+ a%% usersD set the Ma a%% o tion. 2. 4ach .o%ume or dataset is considered to =e its own +i%es:stem and N$" is not a=%e to cross +i%es:stem =oundaries. 3. <he networ) or host must =e uniEue er share and er +i%es:stem or director:. &. <he OA%% directoriesP o tion can on%: =e used once er share er +i%es:stem. <o =etter understand these restrictionsD consider the +o%%owin' scenario where there areK 2 networ)s named 10.0.0.026 and 20.0.0.026 a 0$" .o%ume named #ol!me1 with 2 datasets named dataset1 and dataset2 dataset1 has a director: named dire'tory1 #ecause o+ restriction J3D :ou wi%% recei.e an error i+ :ou tr: to create one N$" share as +o%%owsK Aut ori=ed net0or9s: 10.0.0.026 20.0.0.026 Pat : 2mnt2#ol!me12dataset1 and @mnt2#ol!me12dataset12dire'tory1 InsteadD :ou shou%d se%ect the >ath o+ 2mnt2#ol!me12dataset1 and chec) the OA%% directoriesP =o5. Howe.erD :ou cou%d restrict that director: to one o+ the networ)s =: creatin' two shares as +o%%ows. $irst N$" shareK Aut ori=ed net0or9s: 10.0.0.026 Pat : 2mnt2#ol!me12dataset1 "econd N$" shareK Aut ori=ed net0or9s: 20.0.0.026 Pat : 2mnt2#ol!me12dataset12dire'tory1 Note that this reEuires the creation o+ two shares as it can not =e accom %ished in one share.
).2.2
#: de+au%t the Ma a%% o tions shown in $i'ure /.2a show as N2A. <his means that when a user connects to the N$" shareD the: connect with the ermissions associated with their user account. <his is a securit: ris) i+ a user is a=%e to connect as root as the: wi%% ha.e com %ete access to the share. A =etter scenario is to do the +o%%owin'K 1. " eci+: the =ui%t;in no$ody account to =e used +or N$" access. 2. In the ermissions o+ the .o%ume@dataset that is =ein' sharedD chan'e the owner and 'rou to no$ody and set the ermissions accordin' to :our s eci+ications. 3. "e%ect no$ody in the Ma a%% !ser and Ma a%% 2rou dro ;down menus +or the share in "harin' N !ni5 AN$"B "hares. With this con+i'urationD it does not matter which user account connects to the N$" shareD as it wi%% =e ma ed to the no$ody user account and wi%% on%: ha.e the ermissions that :ou s eci+ied on the .o%ume@dataset. $or e5am %eD e.en i+ the root user is a=%e to connectD it wi%% not 'ain root access to the share. ).2.# 'onnecting to t e NFS S are
In the +o%%owin' e5am %esD an N$" share on a $reeNA"1 s:stem with the I> address o+ 142.156.2.2 has =een con+i'ured as +o%%owsK 1. A 0$" .o%ume named 2mnt2data has its ermissions set to the no$ody user account and the no$ody 'rou . 2. A N$" share has =een created with the +o%%owin' attri=utesK
3.2.3.1
>athK 2mnt2data Authori8ed Networ)K 142.156.2.0224 Ma A%% !ser and Ma A%% 2rou are =oth set to no$ody the A%% (irectories chec)=o5 has =een chec)ed
<o ma)e this share accessi=%e on a #"( or a 9inu5 s:stemD run the +o%%owin' command as the su eruser Aor with sudoB +rom the c%ient s:stem. Re eat on each c%ient that needs access to the N$" shareK
mount -t nfs 192.168.2.2:/mnt/data /mnt
<he 3ount command uses the +o%%owin' o tionsK >t nfs: s eci+ies the t: e o+ share. 192.1%8.2.2: re %ace with the I> address o+ the $reeNA"1 s:stem E3ntEdata: re %ace with the name o+ the N$" share E3nt: a mount oint on the c%ient s:stem. <his must =e an e5istin'D e("t) director:. <he data in the N$" share wi%% =e made a.ai%a=%e to the c%ient in this director:. FreeNAS 9.2.1 Users Guide Page 1"1 of 280
<he 3ount command shou%d return to the command rom t without an: error messa'esD indicatin' that the share was success+u%%: mounted. -nce mountedD this con+i'uration a%%ows users on the c%ient s:stem to co : +i%es to and +rom 2mnt Athe mount ointB and a%% +i%es wi%% =e owned =: no$ody)no$ody. An: chan'es to 2mnt wi%% =e sa.ed to the $reeNA"1 s:stem's 2mnt2data .o%ume. "hou%d :ou wish to ma)e an: chan'es to the N$" share's settin's or wish to ma)e the share inaccessi=%eD +irst unmount the share on the c%ient as the su eruserK
umount /mnt
3.2.3.2
Windows s:stems can connect to N$" shares usin' "er.ices +or N$" Are+er to the documentation +or :our .ersion o+ Windows +or instructions on how to +indD acti.ateD and use this ser.iceB or a third; art: N$" c%ient. Connectin' to N$" shares is o+ten +aster than connectin' to CI$" shares due to the sin'%e; threaded %imitation o+ "am=a. Instructions +or connectin' +rom an 4nter rise .ersion o+ Windows / can =e +ound at Mount 9inu5 N$" "hare on Windows /. Ne)odri.e ro.ides an o en source 'ra hica% N$" c%ient. <o use this c%ientD :ou wi%% need to insta%% the +o%%owin' on the Windows s:stemK /8i to e5tract the Ne)odri.e down%oad +i%es N$"C%ient and N$"9i=rar: +rom the Ne)odri.e down%oad a'eR once down%oadedD e5tract these +i%es usin' /8i .N4< $ramewor) &.0 -nce e.er:thin' is insta%%edD run the N$"C%ient e5ecuta=%e to start the 2!I c%ient. In the e5am %e shown in $i'ure /.2=D the user has connected to the e5am %e 2mnt2data share o+ the $reeNA"1 s:stem at 142.156.2.2. N6*7: Ne)odri.e does not su this uti%it: instead. ort 45 %orer dri.e ma in' .ia N$". I+ :ou need this +unctiona%it:D tr:
3.2.3.3
<o mount the N$" .o%ume +rom a Mac -" 7 c%ientD c%ic) on 2o N Connect to "er.er. In the "er.er Address +ie%dD in ut nfs)22 +o%%owed =: the I> address o+ the $reeNA"1 s:stem and the name o+ the .o%ume@dataset =ein' shared =: N$". <he e5am %e shown in $i'ure /.2c continues with our e5am %e o+ 142.156.2.2)2mnt2data. -nce connectedD $inder wi%% automatica%%: o en. <he I> address o+ the $reeNA"1 s:stem wi%% =e dis %a:ed in the "HAR4( section in the %e+t +rame and the contents o+ the share wi%% =e dis %a:ed in the ri'ht +rame. In the e5am %e shown in $i'ure /.2dD 2mnt2data has one +o%der named images. <he user can now co : +i%es to and +rom the share.
).2.$
*rou(les ooting
"ome N$" c%ients do not su ort the N9M ANetwor) 9oc) Mana'erB rotoco% used =: N$". Fou wi%% )now that this is the case i+ the c%ient recei.es an error that a%% or art o+ the +i%e ma: =e %oc)ed when a +i%e trans+er is attem ted. <o reso%.e this errorD add the o tion >o noloc9 when runnin' the 3ount command on the c%ient in order to a%%ow write access to the N$" share. I+ :ou recei.e an error a=out a Otime out 'i.in' u P when tr:in' to mount the share +rom a 9inu5 s:stemD ma)e sure that the ortma er ser.ice is runnin' on the 9inu5 c%ient and start it i+ it is not. I+ ortma er is runnin' and :ou sti%% recei.e timeoutsD +orce it to use <C> =: inc%udin' >o tc! in :our 3ount command. I+ :ou recei.e an error OR>CK >ro'ram not re'isteredPD u 'rade to the %atest .ersion o+ $reeNA"1 and restart the N$" ser.ice a+ter the u 'rade in order to c%ear the N$" cache. I+ :our c%ients are recei.in' Ore.erse (N"P or errorsD add an entr: +or the I> address o+ the $reeNA"1 s:stem in the OHost name data=aseP +ie%d o+ Networ) N 2%o=a% Con+i'uration. I+ the c%ient recei.es timeout errors when tr:in' to mount the shareD add the I> address and hostname o+ the c%ient to the MHost name data =aseM +ie%d o+ Networ) N 2%o=a% Con+i'uration.
).#
$reeNA"1 uses "am=a to share .o%umes usin' Microso+t's CI$" rotoco%. CI$" is =ui%t into the Windows and Mac -" 7 o eratin' s:stems and most 9inu5 and #"( s:stems re;insta%% the "am=a c%ient which ro.ides su ort +or CI$". I+ :our distro did notD insta%% the "am=a c%ient usin' :our distro's so+tware re ositor:. Con+i'urin' CI$" shares is a mu%ti;ste rocess that reEuires :ou to set ermissionsD create CI$" shareAsBD con+i'ure the CI$" ser.ice in "er.ices N CI$"D then ena=%e the CI$" ser.ice in "er.ices N Contro% "er.ices. I+ :our Windows networ) has a Windows ser.er runnin' Acti.e (irector:D :ou wi%% a%so need to con+i'ure the Acti.e (irector: ser.ice in "er.ices N (irector: "er.ices N Acti.e (irector:. (e endin' u on :our authentication reEuirementsD :ou ma: need to create or im ort users and 'rou s. <his section wi%% demonstrate some common con+i'uration scenariosK ).#.1 I+ :ou wou%d %i)e an o.er.iew o+ the con+i'ura=%e arametersD see Creatin' CI$" "hares. I+ :ou wou%d %i)e an e5am %e o+ how to con+i'ure access that does not reEuire authenticationD see Con+i'urin' Anon:mous Access. I+ :ou wou%d %i)e each user to authenticate =e+ore accessin' the shareD see Con+i'urin' 9oca% !ser Access. I+ :ou wou%d %i)e to use "hadow Co iesD see Con+i'urin' "hadow Co ies. I+ :ou are ha.in' ro=%ems accessin' :our CI$" shareD see <rou=%eshootin' <i s. 'reating 'IFS S ares
$i'ure /.3a shows the con+i'uration screen that a ears when :ou c%ic) "harin' N Windows ACI$" "haresB N Add Windows ACI$"B "hare. "ome settin's are on%: a.ai%a=%e in Ad.anced Mode. <o see FreeNAS 9.2.1 Users Guide Page 1"" of 280
these settin'sD either c%ic) the Ad.anced Mode =utton or con+i'ure the s:stem to a%wa:s dis %a: these settin's =: chec)in' the =o5 O"how ad.anced +ie%ds =: de+au%tP in ":stem N "ettin's N Ad.anced. <a=%e /.3a summari8es the o tions when creatin' a CI$" share. sm=.con+A*B ro.ides more detai%s +or each con+i'ura=%e o tion. -nce :ou ress the -K =utton when creatin' the CI$" shareD a o ;u menu wi%% as) OWou%d :ou %i)e to ena=%e this ser.iceUP C%ic) Fes and "er.ices N Contro% "er.ices wi%% o en and indicate whether or not the CI$" ser.ice success+u%%: started. Figure ).#a: Adding a 'IFS S are
*a(le ).#a: 6!tions for a 'IFS S are Setting Name Comment >ath 45 ort Read -n%: #rowsa=%e to Networ) C%ients Inherit -wner Inherit >ermissions ?alue strin' strin' =rowse =utton chec)=o5 chec)=o5 chec)=o5 chec)=o5 8escri!tion mandator:R name o+ share o tiona% descri tion se%ect .o%ume@dataset@director: to share rohi=its write access to the share ena=%es Windows c%ients to =rowse the shared director: usin' Windows 45 %orer i+ chec)edD ownershi +or new +i%es and directories is inherited +rom arent director: rather than +rom the user i+ chec)edD the UN1F ermissions on new +i%es and directories are inherited +rom arent director:R this can =e use+u% on %ar'e s:stems Page 1"% of 280
Setting
?alue
chec)=o5
strin'
strin'
8escri!tion with man: users as it a%%ows a sin'%e homes share to =e used +%e5i=%: =: each userR do %ot chec0 i* T)"e o* A42 i$ $et to 8i%do-$ i% the 3ol!(eG$ "er(i$$io%$ de%eted +i%es are instead mo.ed to a hidden .re'y'le director: in the root +o%der o+ the share i+ ena=%edD wi%% dis %a: +i%enames that =e'in with a dot A!ni5 hidden +i%esB i+ chec)edD no assword is reEuired to connect to the share and a%% users share the ermissions o+ the 'uest user de+ined in "er.ices N CI$" reEuires Allo: g!est a''ess to a%so =e chec)edR +orces 'uest access +or a%% connections on%: a.ai%a=%e in Ad.anced ModeR commaD s aceD or ta= de%imited %ist o+ a%%owed hostnames or I> addressesR see N-<4 =e%ow on%: a.ai%a=%e in Ad.anced ModeR commaD s aceD or ta= de%imited %ist o+ denied hostnames or I> addressesR a%%owed hosts ta)e recedence so can use A;; in this +ie%d and s eci+: a%%owed hosts in =osts Allo:R see N-<4 =e%ow on%: a.ai%a=%e in Ad.anced ModeR add additiona% [share\ sm=.con+ arameters not co.ered =: other o tion +ie%ds
N6*7: hostname %oo)u s add some time to accessin' the CI$" share. I+ :ou on%: use I> addressesD unchec) the OHostnames %oo)u sP =o5 in "er.ices N CI$". I+ :ou wish some +i%es on a shared .o%ume to =e hidden and inaccessi=%e to usersD ut a #eto files> %ine in the Au5i%iar: >arameters +ie%d. <he s:nta5 +or this %ine and some e5am %es can =e +ound here. ).#.2 'onfiguring Anon+3ous Access
<o share a .o%ume without reEuirin' users to in ut a asswordD con+i'ure anon:mous CI$" sharin'. <his t: e o+ share can =e con+i'ured as +o%%owsK 1. 'reate a #!e$t user account to (e used for anon+3ous access in Account N !sers N Add !ser with the +o%%owin' attri=utesK !sernameK g!est Home (irector:K =rowse to the .o%ume to =e shared chec) the (isa=%e %o'ins =o5
2. Associate t e guest account 0it t e ,olu3e in "tora'e N 3o%umes. 45 and the .o%ume's name then c%ic) Chan'e >ermissions. "e%ect g!est as the -wnerAuserB and -wnerA'rou B and chec) that the ermissions are a ro riate +or the share. I+ non;Windows s:stems wi%% =e accessin' the CI$" shareD %ea.e the t: e o+ ermissions as !ni5. -n%: chan'e the t: e o+ ermissions to Windows i+ the share is o%l) accessed =: Windows s:stems. FreeNAS 9.2.1 Users Guide Page 1") of 280
3. 'reate a 'IFS s are in "harin' N Windows ACI$"B "hares N Add Windows ACI$"B "hare with the +o%%owin' attri=utesK NameK freenas >athK =rowse to the .o%ume to =e shared chec) the =o5es Allo: H!est A''ess and @nly Allo: H!est A''ess Hosts A%%owK add the addresses which are a%%owed to connect to the shareR acce ta=%e +ormats are the networ) or su=net address with CI(R mas) Ae.'. 142.156.2.0224 or 142.156.2.+2227B or s eci+ic host I> addressesD one address er %ine Authentication Mode%K Anonymo!s 2uest AccountK g!est chec) the =o5es =o5es Allo: .m*ty 1ass:ord and .na$le =ome ire'tories Home (irectoriesK =rowse to the .o%ume to =e shared
&. 'onfigure t e 'IFS ser,ice in "er.ices N CI$" with the +o%%owin' attri=utesK
*. Start t e 'IFS ser,ice in "er.ices N Contro% "er.ices. C%ic) the c%ic) the red -$$ =utton ne5t to CI$". A+ter a second or soD it wi%% chan'e to a =%ue -ND indicatin' that the ser.ice has =een ena=%ed. %. *est t e s are. <o test the share +rom a Windows s:stemD o en 45 %orerD c%ic) on Networ) and :ou shou%d see an icon named F&..NAS. "ince anon:mous access has =een con+i'uredD :ou shou%d not =e rom ted +or a username or assword in order to see the share. An e5am %e is seen in $i'ure /.3=. I+ :ou c%ic) on the F&..NAS iconD :ou can .iew the contents o+ the CI$" share. <o re.ent Windows 45 %orer +rom han'in' when accessin' the shareD ma the share as a networ) dri.e. <o do thisD ri'ht;c%ic) the share and se%ect OMa networ) dri.e...P as seen in $i'ure /.3c.
Choose a dri.e %etter +rom the dro ;down menu and c%ic) the $inish =utton as shown in $i'ure /.3d. Figure ).#d: Selecting t e Net0or9 8ri,e <etter
).#.#
I+ :ou wou%d %i)e each user to authenticate =e+ore accessin' the CI$" shareD con+i'ure %oca% user access as +o%%owsK 1. If +ou are not using Acti,e 8irector+ or <8APJ create a user account for eac user in Account N !sers N Add !ser with the +o%%owin' attri=utesK !sername and >asswordK matches the username and assword on the c%ient s:stem Home (irector:K =rowse to the .o%ume to =e shared Re eat this rocess to create a user account +or e.er: user that wi%% need access to the CI$" share
2. If +ou are not using Acti,e 8irector+ or <8APJ create a grou! in Account N 2rou s N Add 2rou . -nce the 'rou is createdD c%ic) its Mem=ers =utton and add the user accounts that :ou created in ste 1. 3. Gi,e t e grou! !er3ission to t e ,olu3e in "tora'e N 3iew 3o%umes. When settin' the ermissionsK set -wnerAuserB to no$ody set the -wnerA'rou B to the one :ou created in "te 2 ModeK chec) the write chec)=o5 +or the 2rou as it is unchec)ed =: de+au%t
&. 'reate a 'IFS s are in "harin' N CI$" "hares N Add CI$" "hare with the +o%%owin' attri=utesK NameK in ut the name o+ the share >athK =rowse to the .o%ume to =e shared )ee the #rowsa=%e to Networ) C%ients =o5 chec)ed
N6*7: =e care+u% a=out unchec)in' the #rowsa=%e to Networ) C%ients =o5. When this =o5 is chec)ed Athe de+au%tBD other users wi%% see the names o+ e.er: share that e5ists usin' Windows 45 %orerD =ut the: wi%% recei.e a ermissions denied error messa'e i+ the: tr: to access someone e%se's share. I+ this =o5 is unchec)edD e.en the owner o+ the share won't see it or =e a=%e to create a dri.e ma in' +or the share in Windows 45 %orer. Howe.erD the: can sti%% access the share +rom the command %ine. !nchec)in' this o tion ro.ides %imited securit: and is not a su=stitute +or ro er ermissions and assword contro%. ". 'onfigure t e 'IFS ser,ice in Ser,ices Q 'IFS as +o%%owsK Authentication Mode%K i+ :ou are not usin' Acti.e (irector: or 9(A>D se%ect ;o'al 9ser Wor)'rou K i+ :ou are not usin' Acti.e (irector: or 9(A>D set to the name =ein' used on the Windows networ)R un%ess it has =een chan'edD the de+au%t Windows wor)'rou name is J@&KH&@91 ,. Start t e 'IFS ser,ice in "er.ices N Contro% "er.ices. C%ic) the c%ic) the red -$$ =utton ne5t to CI$". A+ter a second or soD it wi%% chan'e to a =%ue -ND indicatin' that the ser.ice has =een ena=%ed. /. *est t e s are. <o test the share +rom a Windows s:stemD o en 45 %orer and c%ic) on Networ). $or this con+i'uration e5am %eD a s:stem named F&..NAS shou%d a ear with a share named $a'k!*s. I+ :ou c%ic) on $a'k!*sD a Windows "ecurit: o ;u screen shou%d rom t +or the user's username and assword. -nce authenticatedD the user can co : data to and +rom the CI$" share. N6*7: since the share is 'rou writa=%eD an: authenticated user can chan'e the data in the share. I+ :ou wish to setu shares where a 'rou o+ users ha.e access to some +o%ders =ut on%: indi.idua%s ha.e access to other +o%ders Awhere a%% these +o%ders reside on the same .o%umeBD create these directories and set their ermissions usin' "he%%. Instructions +or doin' so can =e +ound at the +orum ost "et >ermission to a%%ow users to share a common +o%der ] ha.e ri.ate ersona% +o%der.
).#.$
"hadow Co iesD a%so )nown as the 3o%ume "hadow Co : "er.ice A3""B or >re.ious 3ersionsD is a Microso+t ser.ice +or creatin' .o%ume sna shots. "hadow co ies a%%ow :ou to easi%: restore re.ious .ersions o+ +i%es +rom within Windows 45 %orer. "hadow Co : su ort is =ui%t into 3ista and Windows /. Windows 7> or 2000 users need to insta%% the "hadow Co : c%ient. When :ou create a eriodic sna shot tas) on a 0$" .o%ume that is con+i'ured as a CI$" share in $reeNA"1D it is automatica%%: con+i'ured to su ort shadow co ies.
3.3.!.1 /rere6uisites
#e+ore usin' shadow co ies with $reeNA"1D =e aware o+ the +o%%owin' ca.eatsK i+ the Windows s:stem is not +u%%: atched to the %atest ser.ice ac)D "hadow Co ies ma: not wor). I+ :ou are una=%e to see an: re.ious .ersions o+ +i%es to restoreD use Windows ! date to ma)e sure that the s:stem is +u%%: u ;to;date. at this timeD shadow co : su ort on%: wor)s +or 0$" oo%s or datasets. <his means that the CI$" share must =e con+i'ured on a .o%ume or datasetD not on a director:. (irector: su ort wi%% =e added in a +uture .ersion o+ $reeNA"1. since directories can not =e shadow co ied at this timeD i+ :ou con+i'ure O4na=%e home directoriesP on the CI$" ser.iceD an: data stored in the user's home director: wi%% not =e shadow co ied. shadow co ies wi%% not wor) with a manua% sna shotD :ou must create a eriodic sna shot tas) +or the oo% or dataset =ein' shared =: CI$" or a recursi.e tas) +or a arent dataset. At this timeD i+ mu%ti %e sna shot tas)s are created +or the same oo%@dataset =ein' shared =: CI$"D shadow co ies wi%% on%: wor) on the %ast e5ecuted tas) at the time the CI$" ser.ice started. A +uture .ersion o+ $reeNA"1 wi%% address this %imitation. the eriodic sna shot tas) shou%d =e created and at %east one sna shot shou%d e5ist be*ore creatin' the CI$" share. I+ :ou created the CI$" share +irstD restart the CI$" ser.ice in "er.ices N Contro% "er.ices. a ro riate ermissions must =e con+i'ured on the .o%ume@dataset =ein' shared =: CI$". users can not de%ete shadow co ies on the Windows s:stem due to the wa: "am=a wor)s. InsteadD the administrator can remo.e sna shots +rom the $reeNA"1 administrati.e 2!I. <he on%: wa: to disa=%e shadow co ies com %ete%: is to remo.e the eriodic sna shot tas) and de%ete a%% sna shots associated with the CI$" share.
3.3.!.2
Configuration *2a& le
In this e5am %eD a Windows / com uter has two usersK !ser1 and !ser2. <o con+i'ure $reeNA"1 to ro.ide shadow co : su ortK 1. $or the 0$" .o%ume named 2mnt2dataD create two 0$" datasets in "tora'e N 3o%umes N @mnt@data N Create 0$" (ataset. <he +irst dataset is named 2mnt2data2!ser1 and the second dataset is named 2mnt2data2!ser2. FreeNAS 9.2.1 Users Guide Page 1%2 of 280
2. I+ :ou are not usin' Acti.e (irector: or 9(A>D create two usersD !ser1 and !ser2 in Account N !sers N Add !ser. 4ach user has the +o%%owin' attri=utesK !sername and >asswordK matches that user's username and assword on the Windows s:stem Home (irector:K =rowse to the dataset created +or that user
3. "et the ermissions on 2mnt2data2!ser1 so that the -wnerAuserB and -wnerA'rou B is !ser1. "et the ermissions on 2mnt2data2!ser2 so that the -wnerAuserB and -wnerA'rou B is !ser2. $or each dataset's ermissionsD ti'hten the Mode so that -ther can not read or e5ecute the in+ormation on the dataset. &. Create two eriodic sna shot tas)s in "tora'e N >eriodic "na shot <as)s N Add >eriodic "na shotD one +or each dataset. A%ternati.e%:D :ou can create one eriodic sna shot tas) +or the entire data .o%ume. ,e*ore co%ti%!i%# to the %ext $te"/ con+irm that at %east one sna shot +or each dataset is dis %a:ed in the 0$" "na shots ta=. When creatin' :our sna shotsD )ee in mind how o+ten :our users need to access modi+ied +i%es and durin' which da:s and time o+ da: the: are %i)e%: to ma)e chan'es. *. Create two CI$" shares in "harin' N Windows ACI$"B "hares N Add Windows ACI$"B "hare. <he +irst CI$" share is named !ser1 and has a >ath o+ 2mnt2data2!ser1R the second CI$" share is named !ser2 and has a >ath o+ 2mnt2data2!ser2. When creatin' the +irst shareD c%ic) the No =utton when the o ;u =utton as)s i+ the CI$" ser.ice shou%d =e started. When the %ast share is createdD c%ic) the Fes =utton when the o ;u =utton rom ts to start the CI$" ser.ice. 3eri+: that the CI$" ser.ice is set to -N in "er.ices N Contro% "er.ices. ,. $rom a Windows s:stemD %o'in as !ser1 and o en Windows 45 %orer N Networ) N $R44NA". <wo shares shou%d a earD named !ser1 and !ser2. (ue to the ermissions on the datasetsD !ser1 shou%d recei.e an error i+ the: c%ic) on the !ser2 share. (ue to the ermissions on the datasetsD !ser1 shou%d =e a=%e to createD addD and de%ete +i%es and +o%ders +rom the !ser1 share. $i'ure /.3e ro.ides an e5am %e o+ usin' shadow co ies whi%e %o''ed in as !ser1. In this e5am %eD the user ri'ht;c%ic)ed modified file and se%ected ORestore re.ious .ersionsP +rom the menu. <his articu%ar +i%e has three .ersionsK the current .ersionD %us two re.ious .ersions stored on the $reeNA"1 s:stem. <he user can choose to o en one o+ the re.ious .ersionsD co : a re.ious .ersion to the current +o%derD or restore one o+ the re.ious .ersionsD which wi%% o.erwrite the e5istin' +i%e on the Windows s:stem.
Ser,ices 'onfiguration
A$> CI$" (irector: "er.ices (:namic (N" $<>
<he "er.ices section o+ the 2!I a%%ows :ou to con+i'ureD startD and sto the .arious ser.ices that shi with the $reeNA"1 s:stem. $reeNA"1 su orts the +o%%owin' =ui%t;in ser.icesK
<his section demonstrates how to start a $reeNA"1 ser.ice then descri=es the a.ai%a=%e con+i'uration o tions +or each $reeNA"1 ser.ice.
8.1
'ontrol Ser,ices
"er.ices N Contro% "er.icesD shown in $i'ure 6.1aD a%%ows :ou to Euic)%: determine which ser.ices are current%: runnin'D to start and sto ser.icesD and to con+i'ure ser.ices. #: de+au%tD a%% ser.ices Ae5ce t +or the ".M.A.R.<. ser.iceB are o++ unti% :ou start them. Figure 8.1a: 'ontrol Ser,ices
A ser.ice is sto ed i+ its icon is a red -$$. A ser.ice is runnin' i+ its icon is a =%ue -N. <o start or sto a ser.iceD c%ic) its -N@-$$ icon. <o con+i'ure a ser.iceD c%ic) the wrench icon associated with the ser.ice or c%ic) the name o+ the ser.ice in the "er.ices section o+ the tree menu. I+ a ser.ice does not startD 'o to ":stem N "ettin's N Ad.anced and chec) the =o5 O"how conso%e messa'es in the +ooterP. Conso%e messa'es wi%% now show at the =ottom o+ :our =rowser. I+ :ou c%ic) the conso%e messa'es areaD it wi%% o ;u as a windowD a%%owin' :ou to scro%% throu'h the out ut and to co : messa'es. Watch these messa'es +or errors when :ou sto and start the ro=%ematic ser.ice. I+ :ou wou%d %i)e to read the s:stem %o's to 'et more in+ormation a=out a ser.ice +ai%ureD o en "he%% and t: e 3ore E,arElogE3essages.
8.2
AFP
<he A %e $i%in' >rotoco% AA$>B is a networ) rotoco% that o++ers +i%e ser.ices +or Mac com uters. #e+ore con+i'urin' this ser.iceD :ou shou%d +irst create :our A$> "hares in "harin' N A %e AA$>B "hares N Add A %e AA$>B "hare. A+ter con+i'urin' this ser.iceD 'o to "er.ices N Contro% "er.ices to start the ser.ice. <he A$> shares wi%% not =e a.ai%a=%e on the networ) i+ this ser.ice is not runnin'. "tartin' this ser.ice wi%% o en the +o%%owin' orts on the $reeNA"1 s:stemK <C> *&6 Aa+ dB <C> &/99 AcnidGmetadataB !(> *3*3 and a random !(> ort Aa.ahiB
$i'ure 6.2a shows the con+i'uration o tions which are descri=ed in <a=%e 6.2a. Figure 8.2a: AFP 'onfiguration
*a(le 8.2a: AFP 'onfiguration 6!tions Setting 2uest Access 2uest Account ?alue chec)=o5 dro ;down menu 8escri!tion i+ chec)edD c%ients wi%% not =e rom ted to authenticate =e+ore accessin' the A$> share se%ect account to use +or 'uest accessR the se%ected account must ha.e ermissions to the .o%ume@dataset =ein' shared ma5imum num=er o+ simu%taneous connections i+ chec)edD an: user home directories %ocated under =ome dire'tories wi%% =e a.ai%a=%e o.er the share se%ect the .o%ume or dataset which contains user home directories
Ma5 Connections inte'er 4na=%e home chec)=o5 directories Home directories #rowse =utton
When con+i'urin' home directoriesD it is recommended to create a dataset to ho%d the home directories which contains a chi%d dataset +or each user. As an e5am %eD create a dataset named #ol!me12homedirs and =rowse to this dataset when con+i'urin' the OHome directoriesP +ie%d o+ the A$> ser.ice. <henD as :ou create each userD +irst create a chi%d dataset +or that user. $or e5am %eD create a dataset named #ol!me12homedirs2!ser1. When :ou create the !ser1 userD =rowse to the #ol!me12homedirs2!ser1 dataset in the OHome (irector:P +ie%d o+ the OAdd New !serP screen. 8.2.1 *rou(les ooting
I+ :ou recei.e a O"omethin' wron' with the .o%ume's CNI( (#P error messa'eD run the +o%%owin' command +rom "he%%D re %acin' the ath to the ro=%ematic A$> shareK
dbd -rf /path/to/share
<his command ma: ta)e a whi%eD de endin' u on the si8e o+ the .o%ume or dataset =ein' shared. <his command wi%% wi e the CNI( data=ase and re=ui%d it +rom the CNII(s stored in the A %e(ou=%e +i%es.
8.#
'IFS
<he Common Internet $i%e ":stem ACI$"B is a networ) rotoco% that o++ers +i%e ser.ices +or At: ica%%:B Windows com uters. !ni5;%i)e s:stems that ro.ide a CI$" c%ient can a%so connect to CI$" shares. #e+ore con+i'urin' this ser.iceD :ou shou%d +irst create :our CI$" shares in "harin' N Windows ACI$"B "hares N Add Windows ACI$"B "hare. A+ter con+i'urin' this ser.iceD 'o to "er.ices N Contro% "er.ices to start the ser.ice. <he CI$" shares wi%% not =e a.ai%a=%e on the networ) i+ this ser.ice is not runnin'. N6*7: a+ter startin' the CI$" ser.iceD it ma: ta)e se.era% minutes +or the master =rowser e%ection to occur and +or the $reeNA"1 s:stem to =ecome a.ai%a=%e in Windows 45 %orer. "tartin' this ser.ice wi%% o en the +o%%owin' orts on the $reeNA"1 s:stemK <C> 139 Asm=dB <C> &&* Asm=dB !(> 13/ Anm=dB Page 1%) of 280
$i'ure 6.3a shows the con+i'uration o tions which are descri=ed in <a=%e 6.3a. <his con+i'uration screen is rea%%: a +ront;end to sm=.con+A*B. Figure 8.#a: 'onfiguring 'IFS
*a(le 8.#a: 'IFS 'onfiguration 6!tions Setting Authentication Mode% Net#I-" Name Wor)'rou (escri tion (-" Charset !NI7 Charset 9o' 9e.e% 9oca% Master ?alue dro ;down menu strin' strin' strin' dro ;down menu dro ;down menu dro ;down menu chec)=o5 8escri!tion choices are Anonymo!s or ;o'al 9serL this settin' is i'nored i+ the Acti.e (irector: or 9(A> ser.ice is runnin' must =e %owercase and and is automatica%%: o u%ated with the hostname o+ the $reeNA"1 s:stemR it (!$t =e di++erent +rom the Jorkgro!* name must match Windows wor)'rou nameR this settin' is i'nored i+ the Acti.e (irector: or 9(A> ser.ice is runnin' o tiona% the character set "am=a uses when communicatin' with (-" and Windows 95@M4 c%ientsR de+au%t is "14+7 de+au%t is 9?F-6 which su orts a%% characters in a%% %an'ua'es
choices are <inim!mD NormalD F!llD or e$!g determines whether or not the $reeNA"1 s:stem artici ates in a =rowser e%ectionR shou%d =e disa=%ed when networ) contains an A( Page 1%8 of 280
Setting
?alue
<ime "er.er +or (omain 2uest Account $i%e mas) (irector: mas) 4A "u ort "u ort (-" $i%e Attri=utes A%%ow 4m t: >assword
Au5i%iar: strin' arameters 4na=%e home chec)=o5 directories 4na=%e home chec)=o5 directories =rowsin' =rowse Home directories =utton Homes au5i%iar: arameters !ni5 45tensions 0erocon+ share disco.er: strin' chec)=o5 chec)=o5
8escri!tion or 9(A> ser.er and is not necessar: i+ 3ista or Windows / machines are resent determines whether or not the $reeNA"1 s:stem ad.ertises itse%+ as a time ser.er to Windows c%ientsR shou%d =e disa=%ed when networ) contains an A( or 9(A> ser.er account to =e used +or 'uest accessR that account must ha.e ermission to access the shared .o%ume@dataset o.errides de+au%t +i%e creation mas) o+ 0,,, which creates +i%es with read and write access +or e.er:=od: o.errides de+au%t director: creation mas) o+ 0/// which 'rants director: readD write and e5ecute access +or e.er:=od: ena=%es e5tended attri=utes a%%ows a user who has write access to a +i%e to modi+: the ermissionsD e.en i+ not the owner o+ the +i%e i+ chec)edD users can Iust ress enter when rom ted +or a asswordR reEuires that the username@ assword =e the same +or the $reeNA"1 user account and the Windows user account sm$.'onf o tions not co.ered e%sewhere in this screenR see the "am=a 2uide +or additiona% settin's i+ chec)edD a +o%der with the same name as the user account wi%% =e created +or each user users can =rowse A=ut not write toB other users' home directories se%ect .o%ume@dataset where the home directories wi%% =e created o tions s eci+ic to the [homes\ section o+ sm$.'onfR +or e5am %eD ide dot files D +es hides +i%es =e'innin' with a dot in home directories a%%ows non;Windows CI$" c%ients to access s:m=o%ic %in)s and hard %in)sD has no a++ect on Windows c%ients ena=%e i+ Mac c%ients wi%% =e connectin' to the CI$" share a%%ows :ou to s eci+: hostnames rather than I> addresses in the Hosts A%%ow or Hosts (en: +ie%ds o+ a CI$" shareR unchec) i+ :ou on%: use I> addresses as it sa.es the time o+ a host %oo)u
#e'innin' with $reeNA"1 6.0.3;R494A"4D chan'es to CI$" settin's and CI$" shares ta)e e++ect immediate%:. $or re.ious .ersionsD chan'es wi%% not ta)e e++ect unti% :ou manua%%: sto and start the CI$" ser.ice.
N6*7: do not set the dire'tory name 'a'he si/e as an au5i%iar: arameter. (ue to di++erences in how 9inu5 and #"( hand%e +i%e descri torsD director: name cachin' is disa=%ed on #"( s:stems in order to im ro.e er+ormance. 8.#.1 *rou(les ooting *i!s
"am=a is sin'%e threadedD so C>! s eed ma)es a =i' di++erence in CI$" er+ormance. Four t: ica% 2.*2h8 Inte% Euad core or 'reater shou%d =e ca a=%e to hand%e s eeds in e5cess o+ 2= 9AN whi%e %ow ower C>!s such as Inte% Atoms and AM( C;30s^4;3*0^4;&*0 wi%% not =e a=%e to achie.e more than a=out 30;&0M#@sec t: ica%%:. Remem=er that other %oadin' such as 0$" %oadin' wi%% a%so reEuire C>! resources and ma: cause "am=a er+ormance to =e %ess than o tima%. "am=a's Owrite cacheP arameter has =een re orted to im ro.e write er+ormance in some con+i'urations and can =e added to the Au5i%iar: >arameters +ie%d. !se an inte'er .a%ue which is a mu%ti %e o+ G"CG>A24"I04 At: ica%%: &09,B to a.oid memor: +ra'mentation. <his wi%% increase "am=a's memor: reEuirements and shou%d not =e used on s:stems with %imited RAM. I+ :ou wish to increase networ) er+ormanceD read the "am=a section on soc)et o tions. It indicates which o tions are a.ai%a=%e and recommends that :ou e5 eriment to see which are su orted =: :our c%ients and im ro.e :our networ)'s er+ormance. Windows automatica%%: caches +i%e sharin' in+ormation. I+ :ou ma)e chan'es to a CI$" share or to the ermissions o+ a .o%ume@dataset =ein' shared =: CI$" and are no %on'er a=%e to access the shareD tr: %o''in' out and =ac) into the Windows s:stem. A%ternate%:D users can t: e net use Edelete R +rom the command %ine to c%ear their "M# sessions. Windows a%so automatica%%: caches %o'in in+ormation. I+ :ou wish users to =e rom ted to %o'in e.er: time access is reEuiredD reduce the cache settin's on the c%ient com uters. Where ossi=%eD a.oid usin' a mi5 o+ case in +i%enames as this ma: cause con+usion +or Windows users. Re resentin' and reso%.in' +i%enames with "am=a e5 %ains this in more detai%. I+ ermissions wor) +or Windows users =ut not +or -" 7 usersD tr: disa=%in' 9ni( .(tensions and restartin' the CI$" ser.ice. I+ the CI$" ser.ice wi%% not startD run this command +rom "he%% to see i+ there is an error in the con+i'urationK
testparm /usr/local/etc/smb.conf
<he Common 4rrors section o+ the "am=a documentation contains additiona% trou=%eshootin' ti s.
8.$
8irector+ Ser,ices
orts the +o%%owin' director: ser.icesK Acti.e (irector: A+or Windows 2000 and hi'her networ)sB (omain Contro%%er A+or con+i'urin' $reeNA"1 as a domain contro%%erB 9(A> NI"
$reeNA"1 su
N<& A+or Windows networ)s o%der than Windows 2000B <his section summari8es each o+ these ser.ices and their a.ai%a=%e con+i'urations within the $reeNA"1 2!I. N6*7: at this timeD o%l) o%e director) $er'ice ca% be co%*i#!red . <hat ser.ice must +irst =e se%ected in the ":stem N "ettin's N 2enera% N (irector: "er.ice dro ;down menu. -nce se%ectedD a (irector: "er.ice entr: wi%% =e added to "er.ices N Contro% "er.ices so that the ser.ice can =e startedD sto edD and con+i'ured. 8.$.1 Acti,e 8irector+
Acti.e (irector: AA(B is a ser.ice +or sharin' resources in a Windows networ). A( can =e con+i'ured on a Windows ser.er that is runnin' Windows "er.er 2000 or hi'her or on a !ni5;%i)e o eratin' s:stem that is runnin' "am=a .ersion &. "ince A( ro.ides authentication and authori8ation ser.ices +or the users in a networ)D :ou do not ha.e to recreate these user accounts on the $reeNA"1 s:stem. InsteadD con+i'ure the Acti.e (irector: ser.ice so that it can im ort the account in+ormation and im orted users can =e authori8ed to access the CI$" shares on the $reeNA"1 s:stem. N6*7: i+ :our networ) contains an N<& domain contro%%erD or an: domain contro%%er containin' a .ersion which is ear%ier than Windows 2000D con+i'ure N<& instead. Man: chan'es and im ro.ements ha.e =een made to Acti.e (irector: su ort within $reeNA"1. I+ :ou are not runnin' $reeNA"1 9.2.1;R494A"4D it is stron'%: recommended that :ou u 'rade =e+ore attem tin' Acti.e (irector: inte'ration. ,e*ore co%*i#!ri%# the Acti'e Director) $er'iceD ensure name reso%ution is ro er%: con+i'ured =: !ingin' the domain name o+ the Acti.e (irector: domain contro%%er +rom "he%% on the $reeNA"1 s:stem. I+ the !ing +ai%sD chec) the (N" ser.er and de+au%t 'atewa: settin's in Networ) N 2%o=a% Con+i'uration on the $reeNA"1 s:stem. Ne5tD add a (N" record +or the $reeNA"1 s:stem on the Windows ser.er and .eri+: that :ou can !ing the hostname o+ the $reeNA"1 s:stem +rom the domain contro%%er. Acti.e (irector: re%ies on Ker=erosD which is a time sensiti.e rotoco%. <his means that the time on =oth the $reeNA"1 s:stem and the Acti.e (irector: (omain Contro%%er can not =e out o+ s:nc =: more than a +ew minutes. <he =est wa: to ensure that the same time is runnin' on =oth s:stems is to con+i'ure =oth s:stems toK use the same N<> ser.er Aset in ":stem N N<> "er.ers on the $reeNA"1 s:stemB ha.e the same time8one =e set to either %oca%time or uni.ersa% time at the #I-" %e.e% $i'ure 6.&a shows the screen that a ears when :ou c%ic) "er.ices N (irector: "er.ices N Acti.e (irector:. <a=%e 6.&a descri=es the con+i'ura=%e o tions. "ome settin's are on%: a.ai%a=%e in Ad.anced Mode. <o see these settin'sD either c%ic) the Ad.anced Mode =utton or con+i'ure the s:stem to a%wa:s dis %a: these settin's =: chec)in' the =o5 O"how ad.anced +ie%ds =: de+au%tP in ":stem N "ettin's N Ad.anced.
*a(le 8.$a: Acti,e 8irector+ 'onfiguration 6!tions Setting (omain Name Net#I-" Name ?alue strin' strin' 8escri!tion name o+ Acti.e (irector: domain Ae.'. e(am*le.'omB or chi%d domain Ae.'. sales.e(am*le.'omB automatica%%: o u%ated with the hostname o+ the $reeNA"1 s:stemR !$e ca!tio% -he% cha%#i%# thi$ $etti%# as settin' an incorrect .a%ue can corru t an A( insta%%ation name o+ Windows ser.er's wor)'rou A+or o%der Microso+t c%ientsB name o+ the Acti.e (irector: administrator account assword +or the Acti.e (irector: administrator account
Wor)'rou Name strin' (omain Account Name strin' (omain Account strin' >assword !se )e:ta= Ker=eros )e:ta= 3er=ose %o''in' !NI7 e5tensions chec)=o5
on%: a.ai%a=%e in Ad.anced ModeR i+ se%ectedD =rowse to the Ker$eros keyta$ =rowse on%: a.ai%a=%e in Ad.anced ModeR =rowse to the %ocation o+ the =utton )e:ta= created usin' the instructions in !sin' a Ke:ta= on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD %o's attem ts to chec)=o5 Ioin the domain to 2#ar2log2messages chec)=o5 on%: a.ai%a=%e in Ad.anced ModeR o%l) chec) this =o5 i+ the A( ser.er has =een e5 %icit%: con+i'ured to ma ermissions +or !NI7 usersR chec)in' this =o5 ro.ides ersistent !I(s and 2!I(sD otherwiseD users@'rou s 'et ma ed to the !I(@2!I( Page 1)2 of 280
Setting
8escri!tion ran'e con+i'ured in "am=a on%: a.ai%a=%e in Ad.anced ModeR shou%d on%: =e ena=%ed i+ networ) has acti.e domain@+orest trusts and :ou need to mana'e A%%ow <rusted (omains chec)=o5 +i%es on mu%ti %e domainsR use with caution as it wi%% 'enerate more win=indd tra++icD s%owin' down the a=i%it: to +i%ter throu'h user@'rou in+ormation on%: a.ai%a=%e in Ad.anced ModeR when unchec)edD the domain name is re ended to the usernameR i+ Allo: ?r!sted omains is !se de+au%t domain chec)=o5 chec)ed and mu%ti %e domains use the same usernamesD unchec) this =o5 to re.ent name co%%isions on%: a.ai%a=%e in Ad.anced ModeR can =e used to s eci+: (omain Contro%%er strin' hostname o+ domain contro%%er to use on%: a.ai%a=%e in Ad.anced ModeR can =e used to s eci+: 2%o=a% Cata%o' "er.er strin' hostname o+ '%o=a% cata%o' ser.er to use on%: a.ai%a=%e in Ad.anced ModeR can =e used to s eci+: Ker=eros "er.er strin' hostname o+ )er=eros ser.er to use Ker=eros >assword on%: a.ai%a=%e in Ad.anced ModeR can =e used to s eci+: strin' "er.er hostname o+ )er=eros assword ser.er to use on%: a.ai%a=%e in Ad.anced ModeR in secondsD increase i+ the A( A( timeout inte'er ser.ice does not start a+ter connectin' to the domain on%: a.ai%a=%e in Ad.anced ModeR in secondsD increase i+ A( (N" timeout inte'er (N" Eueries timeout N6*7: Acti.e (irector: %aces restrictions on which characters are a%%owed in (omain and Net#I-" names. I+ :ou are ha.in' ro=%ems connectin' to the rea%mD .eri+: that :our settin's do not inc%ude an: disa%%owed characters. A%soD the Administrator >assword cannot contain the M character. I+ a M e5ists in the domain administrator's asswordD )init wi%% re ort a O>assword IncorrectP error and %da G=ind wi%% re ort an OIn.a%id credentia%s A&9BP error. -nce :ou ha.e con+i'ured the Acti.e (irector: ser.iceD start it in "er.ices N Contro% "er.ices N (irector: "er.ices. It ma: ta)e a +ew minutes +or the Acti.e (irector: in+ormation to =e o u%ated to the $reeNA"1 s:stem. -nce o u%atedD the A( users and 'rou s wi%% =e a.ai%a=%e in the dro ;down menus o+ the ermissions screen o+ a .o%ume@dataset. $or er+ormance reasonsD e.er: a.ai%a=%e user ma: not show in the %istin'. Howe.erD it wi%% autocom %ete a%% a %ica=%e users i+ :ou start t: in' in a username. Fou can .eri+: which Acti.e (irector: users and 'rou s ha.e =een im orted to the $reeNA"1 s:stem =: usin' these commands within the $reeNA"1 "he%%K
wbinfo -u wbinfo -g
?alue
In additionD 0(info >t wi%% test the connection andD i+ success+u%D wi%% 'i.e a messa'e simi%ar toK
checking the trust secret for domain YOURDOMAIN via RPC calls succeeded
I+ no users or 'rou s are %isted in the out ut o+ those commandsD these commands wi%% ro.ide more trou=%eshootin' in+ormationK
getent passwd getent group
7.!.1.1
'sing a 1e-tab
Ker=eros )e:ta=s are used to do Acti.e (irector: Ioins without a assword. <his means that the assword +or the Acti.e (irector: administrator account does not need to =e sa.ed into the $reeNA"1 con+i'uration data=aseD which is a securit: ris) in some en.ironments. When usin' a )e:ta=D it is recommended to create and use a %ess ri.i%e'ed account +or er+ormin' the reEuired 9(A> Eueries as the assword +or that account wi%% =e stored in the $reeNA"1 con+i'uration data=ase. Create this account on the domain contro%%erD then in ut that account name and its associated assword into the omain A''o!nt Name and omain A''o!nt 1ass:ord +ie%ds in the screen shown in $i'ure 6.&a. <he )e:ta= itse%+ can =e created on a Windows s:stem usin' these commands. <he te5t in red needs to =e modi+ied to the actua% .a%ues used in the domain.
ktpass.exe -out hostname.keytab host/hostname@DOMAINNAME -ptype KRB5_NT_PRINCIPAL -mapuser DOMAIN\username -pass userpass setspn -A host/hostname@DOMAINNAME DOMAIN\username
whereK ostna3e is the +u%%: Eua%i+ied hostname o+ the domain contro%%er 864AINNA47 is the domain name in a%% ca s 864AIN is the re;Windows 2000 short name +or the domain userna3e is the ri.i%e'ed account name user!ass is the assword associated with username <his wi%% create a )e:ta= with su++icient ri.i%e'es to 'rant tic)ets +or CI$" and 9(A>. -nce the )e:ta= is 'eneratedD trans+er it to the $reeNA"1 s:stemD chec) the 9se keyta$ =o5 and =rowse to the %ocation o+ the )e:ta=.
7.!.1.2
Troubleshooting Ti s
I+ :ou are runnin' A( in a 2003@2006 mi5ed domainD see this +orum ost +or instructions on how to re.ent the secure channe% )e: +rom =ecomin' corru t. Acti.e (irector: uses (N" to determine the %ocation o+ the domain contro%%ers and '%o=a% cata%o' ser.ers in the networ). !se the ost >t sr, :lda!.:tc!.do3ainna3e.co3 command to determine the networ)'s "R3 records andD i+ necessar:D chan'e the wei'ht and@or riorit: o+ the "R3 record to re+%ect the +astest ser.er. More in+ormation a=out "R3 records can =e +ound in the <echnet artic%e How (N" "u ort +or Acti.e (irector: Wor)s. <he rea%m that is used de ends u on the riorit: in the "R3 (N" recordD meanin' that (N" can o.erride :our Acti.e (irector: settin's. I+ :ou are una=%e to connect to the correct rea%mD chec) the "R3 records on the (N" ser.er. <his artic%e descri=es how to con+i'ure K(C disco.er: o.er (N" and ro.ides some e5am %es o+ records with di++erin' riorities. I+ the cache =ecomes out o+ s:nc due to an A( ser.er =ein' ta)en o++ and =ac) on%ineD res:nc the cache usin' ":stem N "ettin's N Ad.anced N Re=ui%d 9(A>@A( Cache. An e5 ired assword +or the administrator account wi%% cause )init to +ai% so ensure that the assword is sti%% .a%id. <r: creatin' a Com uter entr: on the Windows ser.er's -!. When creatin' this entr:D enter the $reeNA"1 hostname in the name +ie%d. Ma)e sure it is the same name as the one set in the =ostname +ie%d in Networ) N 2%o=a% Con+i'uration and the NetB8@S Name in "er.ices N (irector: "er.ices N Acti.e (irector: settin's. Ma)e sure the hostname o+ the domain contro%%er is set in the omain "ontroller +ie%d o+ "er.ices N (irector: "er.ices N Acti.e (irector:.
8.$.2
8o3ain 'ontroller
#e'innin' with $reeNA"1 9.2.1D $reeNA"1 uses "am=a&D meanin' that it can =e con+i'ured to act as the domain contro%%er +or a networ). Re+er to the "am=a $A? +or +urther in+ormation. N6*7: creatin' a domain contro%%er is a com %e5 rocess that reEuires a 'ood understandin' o+ how Acti.e (irector: wor)s. Whi%e $reeNA"1 ma)es it eas: to in ut the needed settin's into the administrati.e 'ra hica% inter+aceD it can't te%% :ou what those settin's shou%d =e. Re+er to the "am=a A( (C H-W<- +or more in+ormation a=out creatin' a new domain. <he current im %ementation does not su ort a con+i'uration that a%%ows $reeNA"1 to Ioin an e5istin' domain as a domain contro%%er. <his %imitation wi%% =e addressed in a +uture .ersion o+ $reeNA"1. $i'ure 6.&= shows the con+i'uration screen +or creatin' a domain contro%%er and <a=%e 6.&= summari8es the a.ai%a=%e o tions.
*a(le 8.$(: 8o3ain 'ontroller 'onfiguration 6!tions Setting Rea%m (omain "er.er Ro%e (N" #ac)end (N" $orwarder (omain $orest 9e.e% Administrator assword ?alue strin' strin' dro ;down menu dro ;down menu strin' dro ;down menu strin' 8escri!tion ca ita%i8ed (N" rea%m name ca ita%i8ed domain name at this timeD the on%: su orted ro%e is as the domain contro%%er +or a new domain choices are SA<BA,8N?.&NA;D B8N 4,F;A?F8;.D B8N 4, ;FD or N@N. R re+er to Which (N" =ac)end shou%d I chooseU +or detai%s I> address o+ (N" +orwarderR reEuired +or recursi.e Eueries when SA<BA,8N?.&NA; is se%ected choices are 2000D 200+D 2006D or 2006,&2L re+er to !nderstandin' Acti.e (irector: (omain "er.ices AA( ("B $unctiona% 9e.e%s +or detai%s assword to =e used +or the Acti.e (irector: administrator account
8.$.#
<8AP
$reeNA"1 inc%udes an - en9(A> c%ient +or accessin' in+ormation +rom an 9(A> ser.er. An 9(A> ser.er ro.ides director: ser.ices +or +indin' networ) resources such as users and their associated ermissions. 45am %es o+ 9(A> ser.ers inc%ude Microso+t "er.er A2000 and newerBD Mac -" 7 "er.erD No.e%% e(irector:D and - en9(A> runnin' on a #"( or 9inu5 s:stem. I+ an 9(A> ser.er is runnin' on :our networ)D :ou shou%d con+i'ure the $reeNA"1 9(A> ser.ice so that the networ)'s users can authenticate to the 9(A> ser.er and thus =e ro.ided authori8ed access to the data stored on the $reeNA"1 s:stem. N6*7: 9(A> wi%% not wor) with CI$" shares unti% the 9(A> director: has =een con+i'ured +or and o u%ated with "am=a attri=utes. <he most o u%ar scri t +or er+ormin' this tas) is sm=%da ;too%s and instructions +or usin' it can =e +ound at <he 9inu5 "am=a;- en9(A> Howto. $i'ure 6.&c shows the 9(A> Con+i'uration screen that is seen when :ou c%ic) "er.ices N (irector: "er.ices N 9(A>. Figure 8.$c: 'onfiguring <8AP
<a=%e 6.&c summari8es the a.ai%a=%e con+i'uration o tions. I+ :ou are new to 9(A> termino%o':D s)im throu'h the - en9(A> "o+tware 2.& Administrator's 2uide. *a(le 8.$c: <8AP 'onfiguration 6!tions Setting Hostname #ase (N ?alue strin' strin' 8escri!tion hostname or I> address o+ 9(A> ser.er to %e.e% o+ the 9(A> director: tree to =e used when searchin' +or resources Ae.'. d'>test3d'>orgB Page 1)) of 280
Setting A%%ow Anon:mous #indin' Root =ind (N Root =ind assword >assword 4ncr: tion !ser "u++i5 2rou "u++i5 >assword "u++i5 Machine "u++i5 4ncr: tion Mode "e%+ si'ned certi+icate Au5i%iar: >arameters
?alue chec)=o5 strin' strin' dro ;down menu strin' strin' strin' strin' dro ;down menu strin' strin'
8escri!tion instructs 9(A> ser.er to not ro.ide authentication and to a%%ow read@write access to an: c%ient name o+ administrati.e account 'n><anager3d'>test3d'>orgG assword +or &oot $ind N se%ect a t: e su orted =: the 9(A> ser.erD choices areK 'lear Aunencr: tedBD 'ry*tD mdDD ndsD ra'fD adD e(o* o tiona%D can =e added to name when user account added to 9(A> director: Ae.'. de t. or com an: nameB o tiona%D can =e added to name when 'rou added to 9(A> director: Ae.'. de t. or com an: nameB o tiona%D can =e added to assword when assword added to 9(A> director: o tiona%D can =e added to name when s:stem added to 9(A> director: Ae.'. ser.erD accountin'B choices are @ffD SS;D or ?;S used to .eri+: the certi+icate o+ the 9(A> ser.er i+ ""9 connections are usedR aste the out ut o+ the command o!enssl s:client >connect ser,er:!ort >s o0certs %da .con+A*B o tionsD one er %ineD not co.ered =: other o tions in this screen on 9(A> ser.er Ae.'.
N6*7: $reeNA"1 automatica%%: a ends the root (N. <his means that :ou shou%d not inc%ude the sco e and root (N when con+i'urin' the userD 'rou D asswordD and machine su++i5es. A+ter con+i'urin' the 9(A> ser.iceD start it in "er.ices N Contro% "er.ices N (irector: "er.ices. I+ the ser.ice wi%% not startD re+er to the Common errors encountered when usin' - en9(A> "o+tware +or common errors and how to +i5 them. When trou=%eshootin' 9(A>D o en "he%% and %oo) +or error messa'es in 2#ar2log2a!th.log. <o .eri+: that the users ha.e =een im ortedD t: e getent !ass0d +rom "he%%. <o .eri+: that the 'rou s ha.e =een im ortedD t: e getent grou!. 8.$.$ NIS
Networ) In+ormation "er.ice ANI"B is a ser.ice which maintains and distri=utes a centra% director: o+ !ni5 user and 'rou in+ormationD hostnamesD emai% a%iases and other te5t;=ased ta=%es o+ in+ormation. I+ a NI" ser.er is runnin' on :our networ)D the $reeNA"1 s:stem can =e con+i'ured to im ort the users and 'rou s +rom the NI" director:. A+ter con+i'urin' this ser.iceD start it in "er.ices N Contro% "er.ices N (irector: "er.ices. FreeNAS 9.2.1 Users Guide Page 1)8 of 280
$i'ure 6.&d shows the con+i'uration screen which o ens when :ou c%ic) "er.ices N (irector: "er.ices N NI". <a=%e 6.&d summari8es the con+i'uration o tions. Figure 8.$d: NIS 'onfiguration
*a(le 8.$d: NIS 'onfiguration 6!tions Setting NI" domain NI" ser.ers "ecure mode Man:cast ?alue strin' strin' 8escri!tion name o+ NI" domain comma de%imited %ist o+ hostnames or I> addresses i+ chec)edD : =indA6B wi%% re+use to =ind to an: NI" ser.er that is not runnin' chec)=o5 as root on a <C> ort num=er o.er 102& i+ chec)edD : =ind wi%% =ind to the ser.er that res onds the +astestR this is chec)=o5 use+u% when no %oca% NI" ser.er is a.ai%a=%e on the same su=net
8.$."
N*$
<his ser.ice shou%d on%: =e con+i'ured i+ the Windows networ)'s domain contro%%er is runnin' N<&. I+ it is notD :ou shou%d con+i'ure Acti.e (irector: instead. FreeNAS 9.2.1 Users Guide Page 1)9 of 280
$i'ure 6.&e shows the con+i'uration screen that a ears when :ou c%ic) "er.ices N (irector: "er.ices N N<&. <hese o tions are summari8ed in <a=%e 6.&e. A+ter con+i'urin' the N<& ser.iceD start it in "er.ices N Contro% "er.ices N (irector: "er.ices. Figure 8.$e: N*$ 'onfiguration 6!tions
*a(le 8.$e: N*$ 'onfiguration 6!tions Setting (omain Contro%%er Net#I-" Name Wor)'rou Name Administrator Name Administrator >assword ?alue strin' strin' strin' strin' strin' 8escri!tion hostname o+ domain contro%%er hostname o+ $reeNA"1 s:stem name o+ Windows ser.er's wor)'rou name o+ the domain administrator account in ut and con+irm the assword +or the domain administrator account
8."
8+na3ic 8NS
(:namic (N" A((N"B is use+u% i+ :our $reeNA"1 s:stem is connected to an I"> that eriodica%%: chan'es the I> address o+ the s:stem. With d:namic (N"D the s:stem can automatica%%: associate its FreeNAS 9.2.1 Users Guide Page 180 of 280
current I> address with a domain nameD a%%owin' :ou to access the $reeNA"1 s:stem e.en i+ the I> address chan'es. ((N" reEuires :ou to re'ister with a ((N" ser.ice such as (:n(N". $i'ure 6.*a shows the ((N" con+i'uration screen and <a=%e 6.*a summari8es the con+i'uration o tions. <he .a%ues :ou need to in ut wi%% =e 'i.en to :ou =: the ((N" ro.ider. A+ter con+i'urin' ((N"D don't +or'et to start the ((N" ser.ice in "er.ices N Contro% "er.ices. Figure 8."a: 'onfiguring 88NS
*a(le 8."a: 88NS 'onfiguration 6!tions Setting >ro.ider (omain name !sername >assword ! date eriod $orced u date eriod Au5i%iar: arameters ?alue 8escri!tion se.era% ro.iders are su ortedR i+ :our ro.ider is not %istedD %ea.e this dro ;down +ie%d =%an) and s eci+: the custom ro.ider in the A!(iliary *arameters menu +ie%d strin' +u%%: Eua%i+ied domain name Ae.'. yo!rname.dyndns.orgB strin' username used to %o'on to the ro.ider and u date the record strin' assword used to %o'on to the ro.ider and u date the record in secondsR =e care+u% with this settin' as the ro.ider ma: =%oc) :ou +or inte'er a=use i+ this settin' occurs more o+ten than the I> address chan'es in seconds so =e care+u% with this settin' as the ro.ider ma: =%oc) :ou inte'er +or a=useR issues a ((N" u date reEuest e.en when the address has not chan'ed so that the ser.ice ro.ider )nows that the account is sti%% acti.e additiona% arameters assed to the ro.ider durin' record u dateR an strin' e5am %e o+ s eci+:in' a custom ro.ider is dyndns,system defa!ltN*ro#ider.'om
8.%
F*P
$reeNA"1 uses the ro+t d $<> ser.er to ro.ide $<> ser.ices. -nce the $<> ser.ice is con+i'ured and startedD c%ients can =rowse and down%oad data usin' a we= =rowser or $<> c%ient so+tware. <he ad.anta'e o+ $<> is that eas:;to;use cross; %at+orm uti%ities are a.ai%a=%e to mana'e u %oads to and down%oads +rom the $reeNA"1 s:stem. <he disad.anta'e o+ $<> is that it is considered to =e an insecure rotoco%D meanin' that it shou%d not =e used to trans+er sensiti.e +i%es. I+ :ou are concerned a=out sensiti.e dataD see 4ncr: tin' $<>. <his section ro.ides an o.er.iew o+ the $<> con+i'uration o tions. It then ro.ides e5am %es +or con+i'urin' anon:mous $<>D s eci+ied user access within a chroot en.ironmentD encr: tin' $<> connectionsD and trou=%eshootin' ti s. 8.%.1 F*P 'onfiguration 6!tions
$i'ure 6.,a shows the con+i'uration screen +or "er.ices N $<>. "ome settin's are on%: a.ai%a=%e in Ad.anced Mode. <o see these settin'sD either c%ic) the Ad.anced Mode =utton or con+i'ure the s:stem to a%wa:s dis %a: these settin's =: chec)in' the =o5 O"how ad.anced +ie%ds =: de+au%tP in ":stem N "ettin's N Ad.anced. Figure 8.%a: 'onfiguring F*P
<a=%e 6.,a summari8es the a.ai%a=%e o tions when con+i'urin' the $<> ser.erK
*a(le 8.%a: F*P 'onfiguration 6!tions Setting >ort C%ients Connections 9o'in Attem ts <imeout A%%ow Root 9o'in A%%ow Anon:mous 9o'in >ath A%%ow 9oca% !ser 9o'in ?alue inte'er inte'er inte'er inte'er inte'er chec)=o5 chec)=o5 =rowse =utton chec)=o5 8escri!tion ort the $<> ser.ice %istens on ma5imum num=er o+ simu%taneous c%ients ma5imum num=er o+ connections er I> address where 0 means un%imited ma5imum num=er o+ attem ts =e+ore c%ient is disconnectedR increase this i+ users are rone to t: os ma5imum c%ient id%e time in seconds =e+ore c%ient is disconnected discoura'ed as increases securit: ris) ena=%es anon:mous $<> %o'ins with access to the director: s eci+ied in 1ath root director: +or anon:mous $<> connections
reEuired i+ Anonymo!s ;ogin is disa=%ed messa'e dis %a:ed to %oca% %o'in users a+ter authenticationR (is %a: 9o'in strin' not dis %a:ed to anon:mous %o'in users on%: a.ai%a=%e in Ad.anced ModeR sets de+au%t ermissions $i%e >ermission chec)=o5es +or new%: created +i%es on%: a.ai%a=%e in Ad.anced ModeR sets de+au%t ermissions (irector: >ermission chec)=o5es +or new%: created directories on%: a.ai%a=%e in Ad.anced ModeR ena=%es $i%e e7chan'e 4na=%e $7> chec)=o5 >rotoco% which is discoura'ed as it ma)es the ser.er .u%nera=%e to $<> =ounce attac)s A%%ow <rans+er Resum tion chec)=o5 a%%ows $<> c%ients to resume interru ted trans+ers a %oca% user is on%: a%%owed access to their home director: A%wa:s Chroot chec)=o5 un%ess the user is a mem=er o+ 'rou :heel ReEuire I(4N< on%: a.ai%a=%e in Ad.anced ModeR wi%% resu%t in timeouts i+ chec)=o5 Authentication identd is not runnin' on the c%ient >er+orm Re.erse (N" er+orm re.erse (N" %oo)u s on c%ient I>sR can cause %on' chec)=o5 9oo)u s de%a:s i+ re.erse (N" is not con+i'ured u=%ic I> address or hostnameR set i+ $<> c%ients can not MasEuerade address strin' connect throu'h a NA< de.ice on%: a.ai%a=%e in Ad.anced ModeR used =: c%ients in >A"3 Minimum assi.e ort inte'er modeD de+au%t o+ 0 means an: ort a=o.e 1023 on%: a.ai%a=%e in Ad.anced ModeR used =: c%ients in >A"3 Ma5imum assi.e ort inte'er modeD de+au%t o+ 0 means an: ort a=o.e 1023 9oca% user u %oad on%: a.ai%a=%e in Ad.anced ModeR in K#@sD de+au%t o+ 0 inte'er =andwidth means un%imited FreeNAS 9.2.1 Users Guide Page 18# of 280
Setting 9oca% user down%oad =andwidth Anon:mous user u %oad =andwidth Anon:mous user down%oad =andwidth 4na=%e <9"
?alue
<9" o%ic:
<9" a%%ow er user <9" common name reEuired <9" ena=%e dia'nostics <9" e5 ort certi+icate data
<9" no em t: +ra'ments <9" no session reuse reEuired <9" e5 ort standard .ars
8escri!tion on%: a.ai%a=%e in Ad.anced ModeR in K#@sD de+au%t o+ 0 inte'er means un%imited on%: a.ai%a=%e in Ad.anced ModeR in K#@sD de+au%t o+ 0 inte'er means un%imited on%: a.ai%a=%e in Ad.anced ModeR in K#@sD de+au%t o+ 0 inte'er means un%imited on%: a.ai%a=%e in Ad.anced ModeR ena=%es encr: ted connectionsR i+ not ro.idedD a certi+icate wi%% automatica%%: chec)=o5 =e 'enerated and wi%% a ear in the "ertifi'ate and *ri#ate key =o5 once :ou c%ic) -K on%: a.ai%a=%e in Ad.anced ModeR the se%ected o%ic: dro ;down de+ines whether the contro% channe%D data channe%D =oth menu channe%sD or neither channe%D o+ an $<> session must occur o.er ""9@<9"R the o%icies are descri=ed here on%: a.ai%a=%e in Ad.anced ModeR chec)in' this =o5 is %ot recommended as it =rea)s se.era% securit: measuresR +or this chec)=o5 and the rest o+ the <9" +ie%dsD re+er to modGt%s +or more detai%s on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD the user's home director: is chec)ed +or a .tlslogin +i%e which contains chec)=o5 one or more >4M;encoded certi+icatesR i+ not +oundD the user wi%% =e rom ted +or assword authentication on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD the user's chec)=o5 assword ma: =e sent unencr: ted on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD the common chec)=o5 name in the certi+icate must match the $?(N o+ the host on%: a.ai%a=%e in Ad.anced ModeR i+ chec)ed when chec)=o5 trou=%eshootin' a connectionD wi%% %o' more .er=ose%: on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD e5 orts the chec)=o5 certi+icate en.ironment .aria=%es on%: a.ai%a=%e in Ad.anced ModeR tr: chec)in' this =o5 i+ the c%ient can not connect and :ou sus ect that the c%ient chec)=o5 so+tware is not ro er%: hand%in' the ser.er's certi+icate reEuest on%: a.ai%a=%e in Ad.anced ModeR chec)in' this =o5 is %ot chec)=o5 recommended as it =: asses a securit: mechanism on%: a.ai%a=%e in Ad.anced ModeR chec)in' this =o5 chec)=o5 reduces the securit: o+ the connection so on%: do so i+ the c%ient does not understand reused ""9 sessions on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD sets se.era% chec)=o5 en.ironment .aria=%es Page 18$ of 280
<9" I> address reEuired Certi+icate and ri.ate )e: Au5i%iar: arameters
8escri!tion on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD wi%% =rea) c%ients that e5 ect e5 %icit connections on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD the c%ient's (N" name must reso%.e to its I> address and the cert must contain the same (N" name on%: a.ai%a=%e in Ad.anced ModeR i+ chec)edD the c%ient's certi+icate must contain the I> address that matches the I> address o+ the c%ient on%: a.ai%a=%e in Ad.anced ModeR the ""9 certi+icate and ri.ate )e: to =e used +or <9" $<> connections on%: a.ai%a=%e in Ad.anced ModeR on%: a.ai%a=%e in Ad.anced ModeR inc%ude ro+t dA6B arameters not co.ered e%sewhere in this screen arameters that wi%% re.ent a%% users +rom
<he +o%%owin' e5am %e demonstrates the au5i%iar: er+ormin' the $<> (494<4 commandK
<Limit DELE> DenyAll </Limit>
8.%.2
Anon+3ous F*P
Anon:mous $<> ma: =e a ro riate +or a sma%% networ) where the $reeNA"1 s:stem is not accessi=%e +rom the Internet and e.er:one in :our interna% networ) needs eas: access to the stored data. Anon:mous $<> does not reEuire :ou to create a user account +or e.er: user. In additionD asswords are not reEuired so :ou don't ha.e to mana'e chan'ed asswords on the $reeNA"1 s:stem. <o con+i'ure anon:mous $<>K 1. Gi,e t e (uilt>in ft! user account !er3issions to the .o%ume@dataset to =e shared in "tora'e N 3o%umes as +o%%owsK -wnerAuserBK se%ect the =ui%t;in ft* user +rom the dro ;down menu -wnerA'rou BK se%ect the =ui%t;in ft* 'rou +rom the dro ;down menu ModeK re.iew that the ermissions are a ro riate +or the share
N6*7: +or $<>D the t: e o+ c%ient does not matter when it comes to the t: e o+ AC9. <his means that :ou a%wa:s use !ni5 AC9sD e.en i+ Windows c%ients wi%% =e accessin' $reeNA"1 .ia $<>. 2. 'onfigure anon+3ous F*P in "er.ices N $<> =: settin' the +o%%owin' attri=utesK chec) the =o5 Allo: Anonymo!s ;ogin >athK =rowse to the .o%ume@dataset@director: to =e shared Page 18" of 280
3. Start t e F*P ser,ice in Contro% "er.ices. C%ic) the red -$$ =utton ne5t to $<>. A+ter a second or soD it wi%% chan'e to a =%ue -N D indicatin' that the ser.ice has =een ena=%ed. &. *est t e connection +rom a c%ient usin' a uti%it: such as $i%e8i%%a. In the e5am %e shown in $i'ure 6.,=D a user has in ut the +o%%owin' in+ormation into the $i%e8i%%a c%ientK I> address o+ the $reeNA"1 ser.erK 142.156.1.11+ !sernameK anonymo!s >asswordK the emai% address o+ the user Figure 8.%(: 'onnecting Using File=illa
<he messa'es within the c%ient indicate that the $<> connection is success+u%. <he user can now na.i'ate the contents o+ the root +o%der on the remote site_this is the .o%ume@dataset that was s eci+ied in the $<> ser.ice con+i'uration. <he user can a%so trans+er +i%es =etween the %oca% site Atheir s:stemB and the remote site Athe $reeNA"1 s:stemB. 8.%.# S!ecified User Access in c root
I+ :ou reEuire :our users to authenticate =e+ore accessin' the data on the $reeNA"1 s:stemD :ou wi%% need to either create a user account +or each user or im ort e5istin' user accounts usin' Acti.e (irector: or 9(A>. I+ :ou then create a 0$" dataset +or each userD :ou can chroot each user so that the: are %imited to the contents o+ their own home director:. (atasets ro.ide the added =ene+it o+ con+i'urin' a Euota so that the si8e o+ the user's home director: is %imited to the si8e o+ the Euota. <o con+i'ure this scenarioK 1. 'reate a ;FS dataset for eac user in "tora'e N 3o%umes. C%ic) an e5istin' 0$" .o%ume N Create 0$" (ataset and set an a ro riate Euota +or each dataset. Re eat this rocess to create a dataset +or e.er: user that wi%% need access to the $<> ser.ice. 2. If +ou are not using A8 or <8APJ create a user account for eac user in Account N !sers N Add !ser. $or each userD =rowse to the dataset created +or that user in the =ome ire'tory +ie%d. Re eat this rocess to create a user account +or e.er: user that wi%% need access to the $<> ser.iceD ma)in' sure to assi'n each user their own dataset. FreeNAS 9.2.1 Users Guide Page 18% of 280
3. Set t e !er3issions for eac dataset in "tora'e N 3o%umes. C%ic) the Chan'e >ermissions =utton +or a dataset to assi'n a user account as -wner o+ that dataset and to set the desired ermissions +or that user. Re eat +or each dataset. N6*7: +or $<>D the t: e o+ c%ient does not matter when it comes to the t: e o+ AC9. <his means that :ou a%wa:s use !ni5 AC9sD e.en i+ Windows c%ients wi%% =e accessin' $reeNA"1 .ia $<>. &. 'onfigure F*P in "er.ices N $<> with the +o%%owin' attri=utesK >athK =rowse to the arent .o%ume containin' the datasets ma)e sure the =o5es +or Allo: Anonymo!s ;ogin and Allo: &oot ;ogin are !%chec0ed chec) the =o5 Allo: ;o'al 9ser ;ogin chec) the =o5 Al:ays "hroot
*. Start t e F*P ser,ice in Contro% "er.ices. C%ic) the red -$$ =utton ne5t to $<>. A+ter a second or soD it wi%% chan'e to a =%ue -N D indicatin' that the ser.ice has =een ena=%ed. ,. *est t e connection fro3 a client usin' a uti%it: such as $i%e8i%%a. <o test this con+i'uration in $i%e8i%%aD use the I> address o+ the $reeNA"1 s:stemD the !sername o+ a user that has =een associated with a datasetD and the >assword +or that user. <he messa'es shou%d indicate that the authori8ation and the $<> connection are success+u%. <he user can now na.i'ate the contents o+ the root +o%der on the remote site_this time it is not the entire .o%ume =ut the dataset that was created +or that user. <he user shou%d =e a=%e to trans+er +i%es =etween the %oca% site Atheir s:stemB and the remote site Atheir dataset on the $reeNA"1 s:stemB. 8.%.$ 7ncr+!ting F*P
<o con+i'ure an: $<> scenario to use encr: ted connectionsK 1. 7na(le *<S in "er.ices N $<>. Chec) the =o5 .na$le ?;S. -nce :ou ress -KD a certi+icate and )e: wi%% automatica%%: =e 'enerated +or :ou and ro+t d wi%% restart and =e con+i'ured to use that certi+icate. I+ :ou re+er to use :our own certi+icateD de%ete the automatica%%: 'enerated one that a ears in the "ertifi'ate and *ri#ate key field and aste in :our own certi+icate and )e:. 2. S!ecif+ secure F*P 0 en accessing t e FreeNAS s+ste3. $or e5am %eD in $i%e8i%%a in ut ft*s)2281,address A+or an im %icit connectionB or ft*es)2281,address A+or an e5 %icit connectionB as the Host when connectin'. <he +irst time a user connectsD the: shou%d =e resented with the certi+icate o+ the $reeNA"1 s:stem. C%ic) -K to acce t the certi+icate and ne'otiate an encr: ted connection. <o +orce encr: ted connectionsD add the +o%%owin' %ine to Au5i%iar: >arametersK
TLS Required on
8.%."
*rou(les ooting
<he $<> ser.ice wi%% not start i+ it can not reso%.e the s:stem's hostname to an I> address usin' (N". <o see i+ the $<> ser.ice is runnin'D o en "he%% and issue the commandK
sockstat -4p 21
I+ there is nothin' %istenin' on ort 21D ro+t d isn't runnin'. <o see the error messa'e that occurs when $reeNA"1 tries to start the $<> ser.iceD 'o to ":stem N "ettin's N Ad.ancedD chec) the =o5 O"how conso%e messa'es in the +ooterP and c%ic) "a.e. Ne5tD 'o to "er.ices N Contro% "er.ices and switch the $<> ser.ice o++ then =ac) on in the 2!I. Watch the conso%e messa'es at the =ottom o+ the =rowser +or errors. I+ the error re+ers to (N"D either create an entr: in :our %oca% (N" ser.er with the $reeNA"1 s:stem's hostname and I> address or add an entr: +or the I> address o+ the $reeNA"1 s:stem in the OHost name data=aseP +ie%d o+ Networ) N 2%o=a% Con+i'uration.
8.)
iS'SI
i"C"I is a rotoco% standard +or the conso%idation o+ stora'e data. i"C"I a%%ows $reeNA"1 to act %i)e a stora'e area networ) A"ANB o.er an e5istin' 4thernet networ). " eci+ica%%:D it e5 orts dis) de.ices o.er an 4thernet networ) that i"C"I c%ients Aca%%ed initiatorsB can attach to and mount. <raditiona% "ANs o erate o.er +i=re channe% networ)s which reEuire a +i=re channe% in+rastructure such as +i=re channe% H#AsD +i=re channe% switchesD and discrete ca=%in'. i"C"I can =e used o.er an e5istin' 4thernet networ)D a%thou'h dedicated networ)s can =e =ui%t +or i"C"I tra++ic in an e++ort to =oost er+ormance. i"C"I a%so ro.ides an ad.anta'e in an en.ironment that uses Windows she%% ro'ramsR these ro'rams tend to +i%ter ONetwor) 9ocationP =ut i"C"I mounts are not +i%tered. $reeNA"1 uses ist't to ro.ide i"C"I. #e+ore con+i'urin' the i"C"I ser.iceD :ou shou%d =e +ami%iar with the +o%%owin' i"C"I termino%o':K '&AP: an authentication method which uses a shared secret and three;wa: authentication to determine i+ a s:stem is authori8ed to access the stora'e de.ice and to eriodica%%: con+irm that the session has not =een hiIac)ed =: another s:stem. In i"C"ID the initiator Ac%ientB er+orms the CHA> authentication. 4utual '&AP: a su erset o+ CHA> in that =oth ends o+ the communication authenticate to each other. Initiator: a c%ient which has authori8ed access to the stora'e data on the $reeNA"1 s:stem. <he c%ient reEuires initiator so+tware to connect to the i"C"I share. *arget: a stora'e resource on the $reeNA"1 s:stem. 7-tent: the stora'e unit to =e shared. It can either =e a +i%e or a de.ice. <UN: stands +or 9o'ica% !nit Num=er and re resents a %o'ica% "C"I de.ice. An initiator ne'otiates with a tar'et to esta=%ish connecti.it: to a 9!NR the resu%t is an i"C"I connection that emu%ates a connection to a "C"I hard dis). Initiators treat i"C"I 9!Ns the same wa: as the: wou%d a raw "C"I or I(4 hard dri.eR rather than mountin' remote directoriesD initiators +ormat and direct%: mana'e +i%es:stems on i"C"I 9!Ns. $reeNA"1 su orts mu%ti %e i"C"I dri.es. When con+i'urin' mu%ti %e i"C"I 9!NsD create a new tar'et +or each 9!N. >orta% 'rou s and initiator 'rou s can =e reused without an: issue. "ince ist't mu%ti %e5es a tar'et with mu%ti %e 9!Ns o.er the same <C> connectionD :ou wi%% e5 erience contention +rom <C> i+ there is more than one tar'et er 9!N. In order to con+i'ure i"C"IK 1. (ecide i+ :ou wi%% use authenticationD and i+ soD whether it wi%% =e CHA> or mutua% CHA>. I+ usin' authenticationD create an authori8ed access. 2. Create either a de.ice e5tent or a +i%e e5tent to =e used as stora'e. FreeNAS 9.2.1 Users Guide Page 188 of 280
3. (etermine which hosts are a%%owed to connect usin' i"C"I and create an initiator. &. Create at %east one orta%. *. Re.iew the tar'et '%o=a% con+i'uration arameters. ,. Create a tar'et. /. Associate a tar'et with an e5tent. 6. "tart the i"C"I ser.ice in "er.ices N Contro% "er.ices. <he rest o+ this section descri=es these ste s in more detai%. 8.).1 Aut ori=ed Accesses
I+ :ou wi%% =e usin' CHA> or mutua% CHA> to ro.ide authenticationD :ou must create an authori8ed access in "er.ices N I"C"I N Authori8ed Accesses N Add Authori8ed Access. <his screen is shown in $i'ure 6./a. N6*7: this screen sets %o'in authentication. <his is di++erent +rom disco.er: authentication which is set in <ar'et 2%o=a% Con+i'uration. Figure 8.)a: Adding an iS'SI Aut ori=ed Access
<a=%e 6./a summari8es the settin's that can =e con+i'ured when addin' an authori8ed accessK
*a(le 8.)a: Aut ori=ed Access 'onfiguration Settings Setting 2rou I( ?alue 8escri!tion a%%ows di++erent 'rou s to =e con+i'ured with di++erent authentication inte'er ro+i%esR +or instanceD a%% users with a 2rou I( o+ 1 wi%% inherit the authentication ro+i%e associated with 2rou 1 name o+ user account that wi%% =e created on the $reeNA"1 de.ice +or strin' CHA> authentication with the user on the remote s:stemR man: initiators de+au%t to usin' the initiator name as the user assword to =e associated with 9serR the i"C"I standard reEuires that this strin' =e at %east 12 characters %on' on%: in ut when con+i'urin' mutua% CHA>R in most cases it wi%% need to =e strin' the same .a%ue as 9ser the mutua% secret assword which (!$t be di**ere%t tha% the Secret R strin' reEuired i+ the 1eer 9ser is set
N6*7: CHA> does not wor) with 2%o=a%"AN initiators on Mac -" 7. As authori8ed accesses are addedD the: wi%% =e %isted under 3iew Authori8ed Accesses. In the e5am %e shown in $i'ure 6./=D three users A test1D test2D and test+B and two 'rou s A1 and 2B ha.e =een createdD with 'rou 1 consistin' o+ one CHA> user and 'rou 2 consistin' o+ one mutua% CHA> user and one CHA> user. C%ic) an authori8ed access entr: to dis %a: its 4dit and (e%ete =uttons.
8.).2
7-tents
In i"C"ID the tar'et .irtua%i8es somethin' and resents it as a de.ice to the i"C"I c%ient. <hat somethin' can =e a de.ice e5tent or a +i%e e5tentK 8e,ice e-tent: .irtua%i8es an un+ormatted h:sica% dis)D RAI( contro%%erD 8.o%D 8.o% sna shotD or an e5istin' HA"< de.ice. 3irtua%i8in' a sin'%e dis) is s%ow as there is no cachin' =ut .irtua%i8in' a hardware RAI( contro%%er has hi'her er+ormance due to its cache. <his t: e o+ .irtua%i8ation does a ass;throu'h to the dis) or hardware RAI( contro%%er. None o+ the =ene+its o+ 0$" are ro.ided and er+ormance is %imited to the ca a=i%ities o+ the dis) or contro%%er. 3irtua%i8in' a 8.o% adds the =ene+its o+ 0$" such as its read cache and write cache. 4.en i+ the c%ient +ormats the de.ice e5tent with a di++erent +i%es:stemD as +ar as $reeNA"1 is concernedD the data =ene+its +rom 0$" +eatures such as =%oc) chec)sums and sna shots. File e-tent: a%%ows :ou to e5 ort a ortion o+ a 0$" .o%ume. <he ad.anta'e o+ a +i%e e5tent is that :ou can create mu%ti %e e5 orts er .o%ume. FreeNAS 9.2.1 Users Guide Page 191 of 280
In theor:D a 8.o% and a +i%e e5tent shou%d ha.e identica% er+ormance. In racticeD a +i%e e5tent out er+orms in reads@writes =ut this is on%: noticea=%e at 10 2# 4thernet s eeds or hi'her. $or hi'h er+ormanceD +i%e e5tents are recommended at this time. $uture chan'es to $ree#"('s 8.o% code wi%% increase its er+ormance.
7.3.2.1 Adding an *2tent
<o add an e5tentD 'o to "er.ices N I"C"I N 45tents N Add 45tent. In the e5am %e shown in $i'ure 6./cD the de.ice e5tent is usin' the e(*ort 8.o% that was re.ious%: created +rom the 2mnt2#ol!me1 .o%ume. N6*7: in $reeNA"1 .ersions rior to 6.3.1D i+ a h:sica% dis) was used instead o+ a 8.o% to create a de.ice e5tentD a =u' wi ed the artition ta=%e on the dis)D resu%tin' in data %oss. <his =u' was +i5ed in 6.3.1. <a=%e 6./= summari8es the settin's that can =e con+i'ured when creatin' an e5tent. Note that *ile exte%t creatio% -ill *ail i* )o! do %ot a""e%d the %a(e o* the *ile to be created to the 'ol!(eHdata$et %a(e. Figure 8.)c: Adding an iS'SI 7-tent
*a(le 8.)(: 7-tent 'onfiguration Settings Setting 45tent Name 45tent <: e >ath to the e5tent (e.ice 45tent si8e Comment ?alue strin' 8escri!tion name o+ e5tentR i+ the .(tent si/e is not 0D it can not =e an e5istin' +i%e within the .o%ume@dataset
dro ;down se%ect +rom File or e#i'e menu on%: a ears i+ File is se%ectedR either =rowse to an e5istin' +i%e and use 0 =rowse as the .(tent si/eD or =rowse to the .o%ume or datasetD c%ic) the C%ose =utton =uttonD a end the .(tent Name to the athD and s eci+: a .a%ue in .(tent si/e dro ;down on%: a ears i+ e#i'e is se%ectedR se%ect the un+ormatted dis)D contro%%erD menu 8.o%D 8.o% sna shotD or HA"< de.ice on%: a ears i+ File is se%ectedR i+ the si8e is s eci+ied as 0D the +i%e must inte'er a%read: e5ist and the actua% +i%e si8e wi%% =e usedR otherwise s eci+ies the si8e o+ the +i%e to create strin' o tiona%
8.).#
Initiators
<he ne5t ste is to con+i'ure authori8ed initiatorsD or the s:stems which are a%%owed to connect to the i"C"I tar'ets on the $reeNA"1 s:stem. <o con+i'ure which s:stems can connectD use "er.ices N I"C"I N Initiators N Add InitiatorD shown in $i'ure 6./d. Figure 8.)d: Adding an iS'SI Initiator
N6*7: =e'innin' with 6.2.0D $reeNA"1 contains iscontro%A6B. <his uti%it: a%%ows the $reeNA"1 s:stem to act as an initiator Arather than a tar'etB and must =e run +rom the command %ine. I+ :ou create a custom con+i'uration +or iscontrolD =ac) it u as it wi%% not sur.i.e a re=oot o+ the s:stem. <a=%e 6./c summari8es the settin's that can =e con+i'ured when addin' an initiator.
*a(le 8.)c: Initiator 'onfiguration Settings Setting Initiators Authori8ed networ) Comment ?alue 8escri!tion use A;; )e:word or a %ist o+ initiator hostnames se arated =: commas with strin' no s ace use A;; )e:word or a networ) address with CI(R mas) such as strin' 142.156.2.0224 strin' o tiona% descri tion
In the e5am %e shown in $i'ure 6./eD two 'rou s ha.e =een created. 2rou 1 a%%ows connections +rom an: initiator on an: networ)R 2rou 2 a%%ows connections +rom an: initiator on the 10.10.1.0224 networ). C%ic) an initiator's entr: to dis %a: its 4dit and (e%ete =uttons. N6*7: i+ :ou de%ete an initiatorD a warnin' wi%% indicate i+ an: tar'ets or tar'et@e5tent ma de end u on the initiator. I+ :ou con+irm the de%eteD these wi%% =e de%eted as we%%. Figure 8.)e: Sa3!le iS'SI Initiator 'onfiguration in's
8.).$
Portals
A orta% s eci+ies the I> address and ort num=er to =e used +or i"C"I connections. "er.ices N I"C"I N >orta%s N Add >orta% wi%% =rin' u the screen shown in $i'ure 6./+. <a=%e 6./d summari8es the settin's that can =e con+i'ured when addin' a orta%. I+ :ou need to assi'n additiona% I> addresses to the orta%D c%ic) the %in) OAdd e5tra >orta% I>P. Figure 8.)f: Adding an iS'SI Portal
*a(le 8.)d: Portal 'onfiguration Settings Setting Comment I> address >ort ?alue strin' dro ;down menu inte'er 8escri!tion o tiona% descri tionR orta%s are automatica%%: assi'ned a numeric 'rou I( se%ect the I> address associated with an inter+ace or the wi%dcard address o+ 0.0.0.0 Aan: inter+aceB <C> ort used to access the i"C"I tar'etR de+au%t is +250
$reeNA"1 s:stems with mu%ti %e I> addresses or inter+aces can use a orta% to ro.ide ser.ices on di++erent inter+aces or su=nets. <his can =e used to con+i'ure mu%ti; ath I@- AM>I-B. M>I- is more e++icient than a %in) a''re'ation.
I+ the $reeNA"1 s:stem has mu%ti %e con+i'ured inter+acesD orta%s can a%so =e used to ro.ide networ) access contro%. $or e5am %eD consider a s:stem with +our inter+aces con+i'ured with the +o%%owin' addressesK 192.1,6.1.1@2& 192.1,6.2.1@2& 192.1,6.3.1@2& 192.1,6.&.1@2& Fou cou%d create a orta% containin' the +irst two I> addresses A'rou I( 1B and a orta% containin' the remainin' two I> addresses A'rou I( 2B. Fou cou%d then create a tar'et named A with a >orta% 2rou I( o+ 1 and a second tar'et named # with a >orta% 2rou I( o+ 2. In this scenarioD ist't wou%d %isten on a%% +our inter+acesD =ut connections to tar'et A wou%d =e %imited to the +irst two networ)s and connections to tar'et # wou%d =e %imited to the %ast two networ)s. Another scenario wou%d =e to create a orta% which inc%udes e.er: I> address exce"t +or the one used =: a mana'ement inter+ace. <his wou%d re.ent i"C"I connections to the mana'ement inter+ace.
8.)."
"er.ices N i"C"I N <ar'et 2%o=a% Con+i'urationD shown in $i'ures 6./'D contains settin's that a %: to a%% i"C"I shares. <a=%e 6./e summari8es the settin's that can =e con+i'ured in the <ar'et 2%o=a% Con+i'uration screen. <he inte'er .a%ues in the ta=%e are used to tune networ) er+ormanceR most o+ these .a%ues are descri=ed in R$C 3/20. 9!C A9o'ica% !nit Contro%%erB is an A>I ro.ided =: ist't to contro% remo.a=%e media =: ro.idin' +unctions to %ist tar'etsD %oad or un%oad a media to a unitD chan'e media +i%eD or reset a 9!N. In order to d:namica%%: add or remo.e tar#et$ without restartin' the i"C"I ser.iceD which can disru t i"C"I initiatorsD set the +o%%owin' o tionsK chec) the .na$le ;9" =o5 %ea.e the "ontroller 81 address and "ontrol A!thori/ed Net:ork at their de+au%t .a%ues chan'e the "ontroller A!th <ethod to None N6*7: the +o%%owin' o erations do reEuire that the i"C"I ser.ice =e restartedK editin' a tar'etD addin' or de%etin' 9!NsD or chan'in' the si8e o+ an e5istin' e5tent.
*a(le 8.)f: *arget Glo(al 'onfiguration Settings Setting #ase Name (isco.er: Auth Method ?alue 8escri!tion see the OConstructin' i"C"I names usin' the iEn. +ormatP section strin' o+ R$C 3/21 i+ :ou are un+ami%iar with this +ormat con+i'ures the authentication %e.e% reEuired =: the tar'et +or dro ;down disco.er: o+ .a%id de.icesD where None wi%% a%%ow anon:mous menu disco.er:D "=A1 and <!t!al "=A1 reEuire authenticationD and A!to %ets the initiator decide the authentication scheme de ends on (isco.er: Auth Method settin'K reEuired i+ set to dro ;down "=A1 or <!t!al "=A1D o tiona% i+ set to A!toD and not needed menu i+ set to None inte'er sets the %imit on how %on' an I@- can =e outstandin' =e+ore an re resentin' error condition is returnedR .a%ues ran'e +rom 0;300 with a seconds de+au%t o+ +0 Page 19) of 280
I@- <imeout
Ma5-utstandin'R2<
?alue 8escri!tion inte'er how o+ten the tar'et sends a N->;IN ac)et to )ee a disco.ered re resentin' session a%i.eR .a%ues ran'e +rom 0;300 with a de+au%t o+ 20 seconds %imits the num=er o+ sessions the tar'et orta% wi%% create@acce t inte'er +rom initiator orta%sR .a%ues ran'e +rom 1;,**3, with a de+au%t o+ 15 the num=er o+ connections a sin'%e initiator can ma)e to a sin'%e inte'er tar'etR .a%ues ran'e +rom 1;,**3, with a de+au%t o+ 6 inte'er .a%ues ran'e +rom 1;2** with a de+au%t o+ +2 the ma5imum num=er o+ read: to recei.e ac)ets AR2<sB the tar'et can ha.e outstandin' +or a sin'%e i"C"I commandD where %ar'er .a%ues shou%d :ie%d er+ormance increases unti% inte'er Ma5-utstandin'R2< e5ceeds the si8e o+ the %ar'est Write I@di.ided =: Ma5#urst9en'thR .a%ues ran'e +rom 1;2** with a de+au%t o+ 15 ma5imum amount in =:tes o+ unso%icited data an i"C"I initiator inte'er ma: send to the tar'et durin' the e5ecution o+ a sin'%e "C"I commandR .a%ues ran'e +rom 1; 2`32 with a de+au%t o+ 5D3D+5 ma5imum write si8e in =:tes the tar'et is wi%%in' to recei.e inte'er =etween R2<sR .a%ues ran'e +rom 1;2`32 with a de+au%t o+ 2523144 inte'er inte'er in =:tesR .a%ues ran'e +rom 1;2`32 with a de+au%t o+ 2523144 minimum time in seconds to wait =e+ore attem tin' a %o'out or an acti.e tas) reassi'nment a+ter an une5 ected connection termination or resetR .a%ues ran'e +rom 1;300 with a de+au%t o+ 2 ma5imum time in seconds a+ter <ime2Wait =e+ore which an acti.e tas) reassi'nment is sti%% ossi=%e a+ter an une5 ected connection termination or resetR .a%ues ran'e +rom 1;300 with a de+au%t o+ 50 chec) i+ :ou need to d:namica%%: add and remo.e tar'etsR i+ chec)edD the ne5t three +ie%ds are acti.ated and reEuired )ee the de+au%t .a%ue o+ 127.0.0.1 ossi=%e .a%ues ran'e +rom 102&;,**3* with a de+au%t .a%ue o+ +251 )ee the de+au%t .a%ue o+ 127.0.0.026 choices are NoneD A!toD "=A1D or <!t!al "=A1 reEuired i+ Contro%%er Auth Method is set to "=A1 or <!t!al "=A1D o tiona% i+ set to A!toD and not needed i+ set to None Page 198 of 280
(e+au%t<ime2Retain
inte'er
Contro%%er Authori8ed su=net mas) netmas) Contro%%er Auth dro ;down Method menu dro ;down Contro%%er Auth 2rou menu FreeNAS 9.2.1 Users Guide
I+ the settin's in this screen di++er +rom the settin's on the initiatorD set them to =e the same. When ma)in' chan'esD a%wa:s match the %ar'er settin'. I+ :ou are chan'in' inte'er .a%ues to o timi8e the connectionD re+er to the i"C"I initiator's documentation. $or e5am %eD the +o%%owin' modi+ications are recommended i+ the i"C"I initiator is runnin' on 7enser.erK Ma5. re;send R2<K 2DD Ma5-utstandin'R2<K 54 $irst =urst %en'thK 2523144 Ma5 =urst %en'thK 2304731D2
8.).%
*argets
Ne5tD create a <ar'et usin' "er.ices N I"C"I N <ar'ets N Add <ar'etD as shown in $i'ure 6./h. A tar'et com=ines a orta% I(D a%%owed initiator I(D and an authentication method. <a=%e 6./+ summari8es the settin's that can =e con+i'ured when creatin' a <ar'et. N6*7: an i"C"I tar'et creates a =%oc) de.ice that ma: =e accessi=%e to mu%ti %e initiators. A c%ustered +i%es:stem is reEuired on the =%oc) de.iceD such as 3M$" used =: 3MWare 4"7@4"7iD in order +or mu%ti %e initiators to mount the =%oc) de.ice read@write. I+ a traditiona% +i%es:stem such as 47<D 7$"D $A<D N<$"D !$"D or 0$" is %aced on the =%oc) de.iceD care must =e ta)en that on%: one initiator at a time has read@write access or the resu%t wi%% =e +i%es:stem corru tion. I+ :ou need to su ort mu%ti %e c%ients to the same data on a non;c%ustered +i%es:stemD use CI$" or N$" instead o+ i"C"I or create mu%ti %e i"C"I tar'ets Aone er c%ientB.
*a(le 8.)f: *arget Settings Setting <ar'et Name <ar'et A%ias "eria% <ar'et $%a's ?alue strin' strin' strin' 8escri!tion reEuired .a%ueR =ase name wi%% =e a ended automatica%%: i+ it does not start with iOn o tiona% user;+riend%: name uniEue I( +or tar'et to a%%ow +or mu%ti %e 9!NsR the de+au%t is 'enerated +rom the s:stem's MAC address choices are read-:rite or read-only %ea.e em t: or se%ect num=er o+ e5istin' orta% to use se%ect which e5istin' initiator 'rou has access to the tar'et choices are NoneD A!toD "=A1D or <!t!al "=A1 None or inte'er re resentin' num=er o+ e5istin' authori8ed access see this ost +or an e5 %anation o+ the math in.o%.edR .a%ues are 0; 2** where 0 is disa=%ed and de+au%t is +2 Page 200 of 280
dro ;down menu dro ;down >orta% 2rou I( menu dro ;down Initiator 2rou I( menu dro ;down Auth Method menu Authentication dro ;down 2rou num=er menu ?ueue (e th inte'er
Setting
?alue
8escri!tion shou%d on%: =e chan'ed to emu%ate a h:sica% dis)'s si8e or to increase the =%oc) si8e to a%%ow +or %ar'er +i%es:stems on an o eratin' s:stem %imited =: =%oc) countR de+au%t is D12
8.).)
*argetE7-tents
<he %ast ste is associatin' an e5tent to a tar'et within "er.ices N I"C"I N <ar'et@45tents N Add <ar'et@45tent. <his screen is shown in $i'ure 6./i. !se the dro ;down menus to se%ect the e5istin' tar'et and e5tent. Figure 8.)i: Associating iS'SI *argetsE7-tents
<a=%e 6./' summari8es the settin's that can =e con+i'ured when associatin' tar'ets and e5tents. *a(le 8.)g: *argetE7-tents 'onfiguration Settings Setting <ar'et 45tent ?alue dro ;down menu dro ;down menu 8escri!tion se%ect the re;created tar'et se%ect the re;created e5tent
It is recommended to a%wa:s associate e5tents to tar'ets in a 1K1 mannerD e.en thou'h the 2!I wi%% a%%ow mu%ti %e e5tents to =e associated with the same tar'et. -nce i"C"I has =een con+i'uredD don't +or'et to start it in "er.ices N Contro% "er.ices. C%ic) the red -$$ =utton ne5t to i"C"I. A+ter a second or soD it wi%% chan'e to a =%ue -ND indicatin' that the ser.ice has started. 8.).8 'onnecting to iS'SI S are
In order to access the i"C"I tar'etD c%ients wi%% need to use i"C"I initiator so+tware. An i"C"I Initiator c%ient is re;insta%%ed with Windows /. A detai%ed how;to +or this c%ient can =e +ound here. A c%ient +or Windows 2000D 7>D and 2003 can =e +ound here. <his how;to shows how to create an i"C"I tar'et +or a Windows / s:stem. Mac -" 7 does not inc%ude an initiator. '%o=a%"AN is a commercia%D eas:;to;use Mac initiator. #"( s:stems ro.ide command %ine initiatorsK iscontro%A6B comes with $ree#"(D iscsi;initiatorA6B FreeNAS 9.2.1 Users Guide Page 201 of 280
comes with Net#"(D and iscsidA6B comes with - en#"(. "ome 9inu5 distros ro.ide the command %ine uti%it: iscsiad3 +rom - en;i"C"I. !se a we= search to see i+ a ac)a'e e5ists +or :our distri=ution shou%d the command not e5ist on :our 9inu5 s:stem. I+ :ou add a 9!N whi%e iscsiad3 is a%read: connectedD it wi%% not see the new 9!N unti% :ou rescan usin' iscsiad3 >3 node >2. A%ternate%:D use iscsiad3 >3 disco,er+ >t st >! O!ortal:IPP to +ind the new 9!N and iscsiad3 >3 node >* O<UN:Na3eP >l to %o' into the 9!N. Instructions +or connectin' +rom a 3Mware 4"7i "er.er can =e +ound at How to con+i'ure $reeNA" 6 +or i"C"I and connect to 4"7AiB. Note that the reEuirements +or =ootin' ." here &.5 o++ i"C"I di++er =etween 4"7 and 4"7i. 4"7 reEuires a hardware i"C"I ada ter whi%e 4"7i reEuires s eci+ic i"C"I =oot +irmware su ort. <he ma'ic is on the =ootin' host sideD meanin' that there is no di++erence to the $reeNA"1 con+i'uration. "ee the i"C"I "AN Con+i'uration 2uide +or detai%s. I+ :ou can see the tar'et =ut not connect to itD chec) the disco.er: authentication settin's in <ar'et 2%o=a% Con+i'uration. I+ the 9!N is not disco.ered =: 4"7iD ma)e sure that romiscuous mode is set to Acce t in the .switch. <o determine which initiators are connectedD t: e istgtcontrol info within "he%%. 8.).9 Gro0ing <UNs
<he method used to 'row the si8e o+ an e5istin' i"C"I 9!N de ends on whether the 9!N is =ac)ed =: a +i%e e5tent or a 8.o%. #oth methods are descri=ed in this section. A+ter the 9!N is e5 anded usin' one o+ the methods =e%owD use the too%s +rom the initiator so+tware to 'row the artitions and the +i%es:stems it contains.
7.3.0.1 .vol Based +'$
#e+ore 'rowin' a 8.o% =ased 9!ND ma)e sure that a%% initiators are disconnected. "to the i"C"I ser.ice in Contro% "er.ices. - en "he%% and identi+: the 8.o% to =e 'rownK
zfs list -t volume NAME USED tank/iscsi_zvol 4G AVAIL 17.5G REFER 33.9M MOUNTPOINT -
<henD 'row the 8.o%. <his e5am %e 'rows tank2is'si,/#ol +rom &2 to ,2K
zfs set volsize=6G tank/iscsi_zvol zfs set refreservation=6G tank/iscsi_zvol
Fou can now start the i"C"I ser.ice and a%%ow initiators to connect.
7.3.0.2
#e+ore 'rowin' a +i%e e5tent =ased 9!ND ma)e sure that a%% initiators are disconnected. "to the i"C"I ser.ice in Contro% "er.ices. <henD 'o to "er.ices N i"C"I N $i%e 45tents N 3iew $i%e 45tents to determine the ath o+ the +i%e e5tent to 'row. - en "he%% to 'row the e5tent. <his e5am %e 'rows 2mnt2#ol!me12data =: 22K
truncate -s +2g /mnt/volume1/data
2o =ac) to "er.ices N i"C"I N $i%e 45tents N 3iew $i%e 45tents and c%ic) the 4dit =utton +or the +i%e e5tent. "et the si8e to 0 as this causes the i"C"I tar'et to use the new si8e o+ the +i%e. Fou can now start the i"C"I ser.ice and a%%ow initiators to connect.
8.8
NFS
Networ) $i%e ":stem AN$"B is a rotoco% +or sharin' +i%es on a networ). #e+ore con+i'urin' this ser.iceD :ou shou%d +irst create :our N$" "hares in "harin' N !ni5 AN$"B "hares N Add !ni5 AN$"B "hare. A+ter con+i'urin' this ser.iceD 'o to "er.ices N Contro% >ane% to start the ser.ice. "tartin' this ser.ice wi%% o en the +o%%owin' orts on the $reeNA"1 s:stemK <C> and !(> 111 Aused =: r!c(indB <C> 20&9 Aused =: nfsdB
Additiona%%:D 3ountd and r!c(ind wi%% each =ind to a random%: a.ai%a=%e !(> ort. $i'ure 6.6a shows the con+i'uration screen and <a=%e 6.6a summari8es the con+i'uration o tions +or the N$" ser.ice.
*a(le 8.8a: NFS 'onfiguration 6!tions Setting Num=er o+ ser.ers "er.e c%ients !(> N$" ?alue inte'er chec)=o5 chec)=o5es chec)=o5 inte'er inte'er inte'er 8escri!tion run s+sctl >n 9ern.s3!.c!us +rom "he%% to determine the num=erR do not e5ceed the num=er %isted in the out ut o+ that command chec) i+ N$" c%ient needs to use !(> se%ect the I> addressAesB to %isten +or N$" reEuestsR i+ %e+t unchec)edD N$" wi%% %isten on a%% a.ai%a=%e addresses chec) this =o5 on%: i+ the N$" c%ient reEuires it o tiona%R s eci+: ort +or mountdA6B to =ind to o tiona%R s eci+: ort +or r c.statdA6B to =ind to o tiona%R s eci+: ort +or r c.%oc)dA6B to =ind to
#ind I> Addresses A%%ow non;root mount mountdA6B =ind ort r c.statdA6B =ind ort r c.%oc)dA6B =ind ort
8.9
2s+nc
"er.ices N Rs:nc is used to con+i'ure an rs:nc ser.er when usin' rs:nc modu%e mode. "ee Con+i'urin' Rs:nc Modu%e Mode +or a con+i'uration e5am %e. <his section descri=es the con+i'ura=%e o tions +or the rs+ncd ser.ice and rs:nc modu%es. $i'ure 6.9a shows the rs:ncd con+i'uration screen which is accessed +rom "er.ices N Rs:nc N Con+i'ure Rs:ncd. Figure 8.9a: 2s+ncd 'onfiguration
<a=%e 6.9a summari8es the o tions that can =e con+i'ured +or the rs:nc daemonK *a(le 8.9a: 2s+nc 'onfiguration 6!tions Setting ?alue 8escri!tion <C> >ort inte'er ort +or rs+ncd to %isten onD de+au%t is 67+ Au5i%iar: arameters strin' additiona% arameters +rom rs:ncd.con+A*B
8.9.1
2s+nc 4odules
$i'ure 6.9= shows the con+i'uration screen that a ears when :ou c%ic) "er.ices N Rs:nc N Rs:nc Modu%es N Add Rs:nc Modu%e. <a=%e 6.9= summari8es the o tions that can =e con+i'ured when creatin' a rs:nc modu%e.
*a(le 8.9(: 2s+nc 4odule 'onfiguration 6!tions Setting Modu%e name Comment >ath Access Mode Ma5imum connections !ser ?alue strin' strin' =rowse =utton dro ;down menu inte'er 8escri!tion mandator:R needs to match the settin' on the rs:nc c%ient o tiona% descri tion .o%ume@dataset to ho%d recei.ed data choices are &ead and JriteD &ead-onlyD or Jrite-only 0 is un%imited se%ect user that +i%e trans+ers to and +rom that modu%e shou%d ta)e %ace as se%ect 'rou that +i%e trans+ers to and +rom that modu%e shou%d ta)e %ace as see rs:ncd.con+A*B +or a%%owed +ormats see rs:ncd.con+A*B +or a%%owed +ormats additiona% arameters +rom rs:ncd.con+A*B
dro ;down menu dro ;down 2rou menu Hosts a%%ow strin' Hosts den: strin' Au5i%iar: arameters strin'
8.10 S.4.A.2.*.
$reeNA"1 uses the smartdA6B ser.ice to monitor dis) ".M.A.R.<. data +or dis) hea%th. <o +u%%: con+i'ure ".M.A.R.<. :ou need toK 1. "chedu%e when to run the ".M.A.R.<. tests in ":stem N ".M.A.R.<. <ests N Add ".M.A.R.<. <est. 2. 4na=%e or disa=%e ".M.A.R.<. +or each dis) mem=er o+ a .o%ume in 3o%umes N 3iew 3o%umes. #: de+au%tD this is a%read: ena=%ed on a%% dis)s that su ort ".M.A.R.<. 3. Chec) the con+i'uration o+ the ".M.A.R.<. ser.ice as descri=ed in this section. &. "tart the ".M.A.R.<. ser.ice in "er.ices N Contro% "er.ices $i'ure 6.10a shows the con+i'uration screen that a ears when :ou c%ic) "er.ices N ".M.A.R.<. Figure 8.10a: S.4.A.2.* 'onfiguration 6!tions
N6*7: s3artd wi%% wa)e u at e.er: "he'k 8nter#al con+i'ured in $i'ure 6.10a. It wi%% chec) the times :ou con+i'ured in :our tests Adescri=ed in $i'ure &.*aB to see i+ an: tests shou%d =e run. "ince the sma%%est time increment +or a test is an hour A,0 minutesBD it does not ma)e sense to set a chec) inter.a% .a%ue hi'her than ,0 minutes. $or e5am %eD i+ :ou set the chec) inter.a% +or 120 minutes and the smart test to e.er: hourD the test wi%% on%: =e run e.er: 2 hours since the daemon on%: wa)es u e.er: 2 hours. <a=%e 6.10a summari8es the o tions in the ".M.A.R.< con+i'uration screen.
*a(le 8.10a: S.4.A.2.* 'onfiguration 6!tions Setting ?alue 8escri!tion in minutesD how o+ten to wa)e u s3artd to chec) to see i+ an: tests ha.e =een con+i'ured to run the con+i'ured test is not er+ormed i+ the s:stem enters the s eci+ied ower modeR choices areK Ne#erD Slee*D Stand$yD or 8dle de+au%t o+ 0 disa=%es this chec)D otherwise re orts i+ the tem erature o+ a dri.e has chan'ed =: N de'rees Ce%sius since %ast re ort de+au%t o+ 0 disa=%es this chec)D otherwise wi%% messa'e with a %o' %e.e% o+ 9-2GIN$- i+ the tem erature is hi'her than s eci+ied de'rees in Ce%sius de+au%t o+ 0 disa=%es this chec)D otherwise wi%% messa'e with a %o' %e.e% o+ 9-2GCRI< and send an emai% i+ the tem erature is hi'her than s eci+ied de'rees in Ce%sius emai% address o+ erson to recei.e ".M.A.R.<. a%ertR se arate mu%ti %e emai% reci ients with a comma and no s ace
Chec) inter.a% inte'er >ower mode (i++erence dro ;down menu inte'er in de'rees Ce%sius inte'er in de'rees Ce%sius inte'er in de'rees Ce%sius
In+ormationa%
Critica%
8.11 SN4P
"NM> A"im %e Networ) Mana'ement >rotoco%B is used to monitor networ);attached de.ices +or conditions that warrant administrati.e attention. $reeNA"1 can =e con+i'ured as a =snm dA6B ser.er usin' $ree#"('s sim %e and e5tensi=%e "NM> daemon. When :ou start the "NM> ser.iceD the +o%%owin' ort wi%% =e ena=%ed on the $reeNA"1 s:stemK !(> 1,1 A(sn3!d %istens here +or "NM> reEuestsB
A.ai%a=%e MI#" are %ocated in 2!sr2share2SN<12mi$s and 2!sr2lo'al2share2SN<12mi$s. $i'ure 6.11a shows the "NM> con+i'uration screen. <a=%e 6.11a summari8es the con+i'uration o tions.
*a(le 8.11a: SN4P 'onfiguration 6!tions Setting 9ocation Contact Communit: ?alue strin' strin' strin' 8escri!tion o tiona% descri tion o+ $reeNA"1 s:stem's %ocation o tiona% emai% address o+ $reeNA"1 administrator assword used on the "NM> networ)D de+au%t is *!$li' and $ho!ld be cha%#ed *or $ec!rit) rea$o%$ additiona% =snm dA6B o tions not co.ered in this screenD one er %ine
8.12 SS&
"ecure "he%% A""HB a%%ows +or +i%es to =e trans+erred secure%: o.er an encr: ted networ). I+ :ou con+i'ure :our $reeNA"1 s:stem as an ""H ser.erD the users in :our networ) wi%% need to use ""H c%ient so+tware in order to trans+er +i%es usin' ""H. <his section shows the $reeNA"1 ""H con+i'uration o tionsD demonstrates an e5am %e con+i'uration that restricts users to their home director:D and ro.ides some trou=%eshootin' ti s. 8.12.1 SS& 'onfiguration Screen
$i'ure 6.12a shows the "er.ices N ""H con+i'uration screen. -nce :ou ha.e con+i'ured ""HD don't +or'et to start it in "er.ices N Contro% "er.ices.
<a=%e 6.12a summari8es the con+i'uration o tions. "ome settin's are on%: a.ai%a=%e in Ad.anced Mode. <o see these settin'sD either c%ic) the Ad.anced Mode =utton or con+i'ure the s:stem to a%wa:s dis %a: these settin's =: chec)in' the =o5 O"how ad.anced +ie%ds =: de+au%tP in ":stem N "ettin's N Ad.anced. *a(le 8.12a: SS& 'onfiguration 6!tions Setting <C> >ort 9o'in as Root with assword A%%ow >assword Authentication A%%ow <C> >ort $orwardin' Com ress Connections Host >ri.ate Ke: "$<> 9o' 9e.e% "$<> 9o' $aci%it: ?alue inte'er chec)=o5 chec)=o5 chec)=o5 chec)=o5 strin' 8escri!tion ort to o en +or ""H connection reEuestsR 22 =: de+au%t *or $ec!rit) rea$o%$/ root lo#i%$ are di$co!ra#ed a%d di$abled b) de*a!ltI i+ ena=%edD assword must =e set +or root user in Account N !sers N 3iew !sers i+ unchec)edD )e: =ased authentication +or a%% users is reEuiredR reEuires additiona% setu on =oth the ""H c%ient and ser.er a%%ows users to =: ass +irewa%% restrictions usin' ""H's ort +orwardin' +eature ma: reduce %atenc: o.er s%ow networ)s
45tra - tions
on%: a.ai%a=%e in Ad.anced ModeR a%%ows :ou to aste a s eci+ic host )e: as the de+au%t )e: is chan'ed with e.er: insta%%ation dro ;down on%: a.ai%a=%e in Ad.anced ModeR se%ect the s:s%o'A3B %e.e% o+ the menu "$<> ser.er dro ;down on%: a.ai%a=%e in Ad.anced ModeR se%ect the s:s%o'A3B +aci%it: o+ menu the "$<> ser.er on%: a.ai%a=%e in Ad.anced ModeR additiona% sshdGcon+i'A*B o tions not co.ered in this screenD one er %ineR these o tions are strin' case;sensiti.e and mis;s e%%in's ma: re.ent the ""H ser.ice +rom startin' Page 210 of 280
A +ew sshdGcon+i'A*B o tions that are use+u% to in ut in the .(tra @*tions +ie%d inc%udeK 'lientAli,eInter,alK increase this num=er i+ ssh connections tend to dro 'lient4a-Startu!K de+au%ts to 10R increase i+ :ou ha.e more users
8.12.2
#: de+au%t when :ou con+i'ure ""HD users can use the ss command to %o'in to the $reeNA"1 s:stem. A user's home director: wi%% =e the .o%ume@dataset s eci+ied in the =ome ire'tory +ie%d o+ their user account on the $reeNA"1 s:stem. !sers can a%so use the sc! and sft! commands to trans+er +i%es =etween their %oca% com uter and their home director: on the $reeNA"1 s:stem. Whi%e these commands wi%% de+au%t to the user's home director:D users are a=%e to na.i'ate outside o+ their home director: which can ose a securit: ris). ""H su orts usin' a chroot to con+ine users to on%: the sft! command and to =e %imited to the contents o+ their own home director:. <o con+i'ure this scenario on $reeNA"1D er+orm the +o%%owin' ste s. N6*7: some uti%ities such as Win"C> can =: ass the chroot. <his section assumes that users are accessin' the chroot usin' the command %ine sft!. 1. 'reate a ;FS dataset for eac user reBuiring sft! access in "tora'e N 3o%umes. 2. If +ou are not using Acti,e 8irector+ or <8APJ create a user account +or each user in Account N !sers N Add !ser. In the =ome ire'tory +ie%dD =rowse to the %ocation o+ the dataset :ou created +or that user. Re eat this rocess to create a user account +or e.er: user that wi%% need access to the ""H ser.ice. 3. 'reate a grou! named sft* in Account N 2rou s N Add 2rou . <henD c%ic) on the sft* 'rou in 3iew 2rou s and add the users who are to =e restricted to their home directories when usin' sft!. &. Set !er3issions for eac dataset in "tora'e N 3o%ume N 3iew 3o%umes. ""H chroot is 'er) $"eci*ic with re'ards to the reEuired ermissions Asee the Chroot(irector: )e:word in sshdGcon+i'A*B +or detai%sB. 6o!r co%*i#!ratio% -ill %ot -or0 i* the "er(i$$io%$ o% the data$et$ !$ed b) SS7 chroot !$er$ di**er *ro( tho$e $ho-% i% Fi#!re >.:<b. *. Create a home director: within each dataset usin' "he%%. (ue to the ermissions reEuired =: ""H chrootD the user wi%% not ha.e ermissions to write to the root o+ their own dataset unti% :ou do this. "ince :our intention is to %imit them to the contents o+ their home director:D manua%%: create a home director: +or each user -ithi% their o-% data$et and chan'e the ownershi o+ the director: to the user. 45am %e 6.12a demonstrates the commands used to create a home director: ca%%ed !ser1 +or the user account !ser1 on dataset 2mnt2#ol!me12!ser1K
,. 'onfigure SS& in "er.ices N ""H. Add these %ines to the 45tra - tions sectionK
Match Group sftp ChrootDirectory %h ForceCommand internal-sftp AllowTcpForwarding no
/. Start t e SS& ser,ice in Contro% "er.ices. C%ic) the red -$$ =utton ne5t to ""H. A+ter a second or soD it wi%% chan'e to a =%ue -ND indicatin' that the ser.ice has =een ena=%ed. 6. *est t e connection +rom a c%ient =: runnin' sft!D ss D and sc! as the user. <he sft! command shou%d wor) =ut =e %imited to the user's home director: and the ss and sc! commands shou%d +ai%. 8.12.# *rou(les ooting SS& 'onnections
I+ :ou add an: .(tra @*tions in the ""H con+i'uration screenD =e aware that the )e:words %isted in sshdGcon+i'A*B are case sensiti.e. <his means that :our con+i'uration wi%% +ai% to do what :ou intended i+ :ou do not match the u er and %owercase %etters o+ the )e:word. I+ :our c%ients are recei.in' Ore.erse (N"P or timeout errorsD add an entr: +or the I> address o+ the $reeNA"1 s:stem in the =ost name data$ase +ie%d o+ Networ) N 2%o=a% Con+i'uration. When con+i'urin' ""HD a%wa:s test :our con+i'uration as an ""H user account to ensure that the user FreeNAS 9.2.1 Users Guide Page 212 of 280
is %imited to what :ou ha.e con+i'ured and that the: ha.e ermission to trans+er +i%es within the intended directories. I+ the user account is e5 eriencin' ro=%emsD the ""H error messa'es are usua%%: rett: s eci+ic to what the ro=%em is. <: e the +o%%owin' command within "he%% to read these messa'es as the: occurK
tail -f /var/log/messages
8.1# *F*P
<ri.ia% $i%e <rans+er >rotoco% A<$<>B is a %i'ht;wei'ht .ersion o+ $<> usua%%: used to trans+er con+i'uration or =oot +i%es =etween machinesD such as routersD in a %oca% en.ironment. <$<> ro.ides an e5treme%: %imited set o+ commands and ro.ides no authentication. I+ the $reeNA"1 s:stem wi%% =e used to store ima'es and con+i'uration +i%es +or the networ)'s de.icesD con+i'ure and start the <$<> ser.ice. "tartin' the <$<> ser.ice wi%% o en !(> ort ,9. N6*7: in .ersions o+ $reeNA"1 rior to 6.3.0D <$<> is %imited to a ma5imum +i%e si8e o+ 32M#. $i'ure 6.13a shows the <$<> con+i'uration screen and <a=%e 6.13a summari8es the a.ai%a=%e o tionsK Figure 8.1#a: *F*P 'onfiguration
*a(le 8.1#a: *F*P 'onfiguration 6!tions Setting (irector: A%%ow New $i%es >ort ?alue 8escri!tion =rowse to the director: to =e used +or stora'eR some de.ices reEuire a =rowse =utton s eci+ic director: nameD re+er to the de.ice's documentation +or detai%s ena=%e i+ networ) de.ices need to send +i%es to the $reeNA"1 s:stem chec)=o5 Ae.'. =ac)u their con+i'B inte'er !(> ort to %isten +or <$<> reEuestsD 54 =: de+au%t Page 21# of 280
8escri!tion account used +or t+t reEuestsR must ha.e ermission to the ire'tory umas) +or new%: created +i%esD de+au%t is 022 Ae.er:one can readD no=od: can writeBR some de.ices reEuire a %ess strict umas) additiona% t+t dA6B o tions not shown in this screenD one er %ine
8.1$ UPS
$reeNA"1 uses N!< ANetwor) !>" <oo%sB to ro.ide !>" su ort. I+ the $reeNA"1 s:stem is connected to a !>" de.iceD con+i'ure the !>" ser.ice then start it in "er.ices N Contro% "er.ices. $i'ure 6.1&a shows the !>" con+i'uration screenK Figure 8.1$a: UPS 'onfiguration Screen
<a=%e 6.1&a summari8es the o tions in the !>" Con+i'uration screen. *a(le 8.1$a: UPS 'onfiguration 6!tions Setting !>" Mode Identi+ier (ri.er ?alue dro ;down menu strin' dro ;down menu 8escri!tion se%ect +rom <aster or Sla#e can contain a% hanumericD eriodD commaD h: henD and underscore characters su orted !>" de.ices are %isted at htt K@@www.networ)u stoo%s.or'@sta=%e;hc%.htm%
Setting >ort Au5i%iar: >arameters (escri tion "hutdown mode "hutdown timer Monitor !ser Monitor >assword 45tra users Remote monitor "end 4mai% "tatus ! dates <o emai% 4mai% su=Iect
8escri!tion se%ect the seria% or !"# ort the !>" is %u''ed into Asee N-<4 =e%owB additiona% o tions +rom u s.con+A*B o tiona% choices are 91S goes on $attery and 91S rea'hes lo: $attery in secondsR wi%% initiate shutdown a+ter this man: seconds inte'er a+ter !>" enters 91S goes on $atteryD un%ess ower is restored strin' de+au%t is !*smon de+au%t is )nown .a%ue fi(me*ass and shou%d =e chan'edR strin' can not contain a s ace or J de+ines the accounts that ha.e administrati.e accessR see strin' u sd.usersA*B +or e5am %es i+ ena=%edD =e aware that the de+au%t is to %isten on a%% chec)=o5 inter+aces and to use the )nown .a%ues user !*smon and assword fi(me*ass chec)=o5 i+ chec)edD acti.ates the ?o email +ie%d i+ Send .mail =o5 chec)edD emai% address o+ erson to emai% address recei.e status u dates strin' i+ Send .mail =o5 chec)edD su=Iect o+ emai% u dates
N6*7: +or !"# de.icesD the easiest wa: to determine the correct de.ice name is to chec) the =o5 O"how conso%e messa'esP in ":stem N "ettin's N Ad.anced. >%u' in the !"# de.ice and the conso%e messa'es wi%% 'i.e the name o+ the 2de#2!genX.X de.iceR where the 7's are the num=ers that show on the conso%e. u scA6B can =e used to 'et status .aria=%es +rom the !>" daemon such as the current char'e and in ut .o%ta'e. It can =e run +rom "he%% usin' the +o%%owin' s:nta5. <he man a'e 'i.es some other usa'e e5am %es.
upsc ups@localhost
u scmdA6B can =e used to send commands direct%: to the !>"D assumin' that the hardware su orts the command =ein' sent. -n%: users with administrati.e ri'hts can use this command. <hese users are created in the .(tra !sers +ie%d.
Plugins
$reeNA"1 6.2.0 introduced the a=i%it: to e5tend the =ui%t;in NA" ser.ices =: ro.idin' a mechanism +or insta%%in' additiona% so+tware. <his mechanism was )nown as the >%u'ins architecture and is =ased FreeNAS 9.2.1 Users Guide Page 21" of 280
on $ree#"( Iai%s and >C;#"( >#Is. <his a%%owed users to insta%% and con+i'ure additiona% a %ications once the: had created and con+i'ured a %u'ins Iai%. $reeNA"1 9.5 sim %i+ies this rocedure =: ro.idin' two methods +or so+tware insta%%ation. <he >%u'ins methodD descri=ed in this sectionD is meant +or users who re+er to =rowse +orD insta%%D and con+i'ure a.ai%a=%e so+tware usin' the 2!I. <his method is .er: eas: to useD =ut is %imited in the amount o+ so+tware that is a.ai%a=%e. 4ach a %ication wi%% automatica%%: =e insta%%ed into its own Iai%D meanin' that this method ma: not =e suita=%e +or users who wish to run mu%ti %e a %ications within the same Iai%. <he Cai%s method ro.ides much more contro% o.er so+tware insta%%ation =ut assumes that the user is com+orta=%e wor)in' +rom the command %ine can and has a 'ood understandin' o+ networ)in' =asics and so+tware insta%%ation on $ree#"(;=ased s:stems. It is recommended that users s)im throu'h =oth the >%u'ins and Cai%s sections in order to =ecome +ami%iar with the +eatures and %imitations o+ each and to choose the method that =est meets their so+tware needs. (ue to A#I Aa %ication =inar: inter+aceB chan'esD $reeNA"1 6.5 >#Is can not =e insta%%ed on a 9.5 s:stem.
9.1
A $reeNA"1 >#I is a se%+;contained a %ication insta%%er which has =een desi'ned to inte'rate into the $reeNA"1 2!I. A $reeNA"1 >#I o++ers se.era% ad.anta'esK the $reeNA"1 2!I ro.ides a =rowser +or .iewin' the %ist o+ a.ai%a=%e $reeNA"1 >#Is. <his %ist is a%so a.ai%a=%e at A.ai%a=%e $reeNA"1 >#Is. the $reeNA"1 2!I ro.ides =uttons +or insta%%in'D startin'D u 'radin'D and de%etin' $reeNA"1 >#Is. i+ the $reeNA"1 >#Is has con+i'uration o tionsD a screen wi%% =e added to the $reeNA"1 2!I so that these o tions can =e con+i'ured +rom the 2!I. $reeNA"1 >#Is can =e insta%%ed usin' either the >%u'ins or the Cai%s method. <o insta%% a $reeNA"1 >#I usin' the %u'ins methodD c%ic) >%u'ins. As seen in $i'ure 9.1aD the %ist o+ a.ai%a=%e $reeNA"1 >#Is wi%% =e dis %a:ed.
N6*7: i+ the %ist o+ a.ai%a=%e >#Is is not dis %a:edD o en "he%% and .eri+: that the $reeNA"1 s:stem can !ing an address on the Internet. I+ it cannotD :ou ma: ha.e to add a de+au%t 'atewa: address and@or (N" ser.er address in Networ) N 2%o=a% Con+i'uration. Hi'h%i'ht the entr: o+ the >#I :ou wou%d %i)e to insta%%D then c%ic) its Insta%% =utton. In the e5am %e shown in $i'ure 9.1=D the transmission >#I is se%ected +or insta%%ation. Figure 9.1(: Selecting a P5I to Install
C%ic) O-KP to start the insta%%ation. It wi%% ta)e a +ew minutes as the s:stem wi%% +irst down%oad and con+i'ure a Iai% to contain the insta%%ed so+tware. It wi%% then insta%% the >#I and add it to the OInsta%%edP FreeNAS 9.2.1 Users Guide Page 21) of 280
ta= as shown in $i'ure 9.1c. #e atient as it ma: ta)e a +ew minutes +or the insta%%ation to +inish. Figure 9.1c: ?ie0ing Installed P5Is
9.1.1
As seen in the e5am %e shown in $i'ure 9.1cD entries +or the insta%%ed >#I wi%% a ear in the +o%%owin' %ocationsK the Insta%%ed ta= o+ >%u'ins the >%u'ins section o+ the tree the Cai%s section o+ the tree <he entr: in the Insta%%ed ta= o+ >%u'ins wi%% dis %a: the %u'in name and .ersionD the name o+ the >#I that was insta%%edD the name o+ the Iai% that was createdD whether the a %ication status is -N or -$$D and a =utton to de%ete the a %ication and its associated Iai%. I+ a newer .ersion o+ the a %ication is a.ai%a=%eD a =utton to u date the a %ication wi%% a%so a ear. <he M"er.ice statusM o+ a >#I must =e turned to M-NM =e+ore the insta%%ed a %ication is a.ai%a=%e. #e+ore startin' the ser.iceD chec) to see i+ it has an: con+i'uration o tions =: c%ic)in' its entr: in the >%u'ins section o+ the tree. I+ the a %ication is con+i'ura=%eD this wi%% o en a 'ra hica% screen that contains its a.ai%a=%e con+i'uration o tions. <he o tions that are a.ai%a=%e wi%% .ar: =: >#I. >#Is which are not con+i'ura=%e wi%% instead dis %a: a messa'e with a h: er%in) +or accessin' the so+tware. <hat h: er%in) wi%% not wor) unti% the >#I is started. Fou shou%d a%wa:s re.iew a >#I's con+i'uration o tions =e+ore attem tin' to start it as some >#Is ha.e FreeNAS 9.2.1 Users Guide Page 218 of 280
o tions that need to =e set =e+ore their ser.ice wi%% success+u%%: start. I+ :ou ha.e ne.er con+i'ured this a %ication =e+oreD chec) the a %ication's we=site to see what documentation is a.ai%a=%e. A %in) to the we=site +or each a.ai%a=%e >#I can =e +ound in A.ai%a=%e $reeNA"1 >#Is. I+ the a %ication reEuires access to the data stored on the $reeNA"1 s:stemD c%ic) the entr: +or the associated Iai% in the Cai%s section o+ the tree and add a stora'e as descri=ed here. I+ :ou need to access the she%% o+ the Iai% containin' the a %ication to com %ete or test :our con+i'urationD c%ic) the entr: +or the associated Iai% in the Cai%s section o+ the tree. Fou can then c%ic) its she%% icon as descri=ed in Mana'in' Cai%s. -nce the con+i'uration is com %eteD c%ic) the red -$$ =utton in the entr: +or the >#I. I+ the ser.ice success+u%%: startsD it wi%% chan'e to a =%ue -N. I+ it +ai%s to startD c%ic) the Iai%'s she%% icon and t: e tail E,arElogE3essages to see i+ an: errors were %o''ed. 9.1.2 U!dating an Installed FreeNAS P5I
I+ a newer .ersion o+ a $reeNA"1 >#I =ecomes a.ai%a=%e in the o++icia% re ositor:D an M! dateM =utton wi%% =e added to the entr: o+ the >#I in the MInsta%%edM ta=. In the e5am %e shown in $i'ure 9.1dD a newer .ersion o+ Minid%na is a.ai%a=%e. Figure 9.1d: U!dating an Installed P5I
C%ic) the M-KM =utton and the %atest .ersion o+ the >#I wi%% automatica%%: =e down%oaded and insta%%ed. -nce the u date is com %eteD the entr: +or the >#I wi%% =e re+reshed to show the new .ersion num=er and the M! dateM =utton wi%% disa ear. 9.1.# Installing Additional P5Is
<he MA.ai%a=%eM ta= o+ >%u'ins contains an M! %oadM =utton. <his =utton a%%ows :ou to insta%% >#Is that are not :et a.ai%a=%e in the o++icia% re ositor:. <hese >#Is inc%ude $reeNA"1 >#Is which are sti%% =ein' tested as we%% as >C;#"( >#Is. <hese >#Is must =e manua%%: down%oaded +irst and shou%d end FreeNAS 9.2.1 Users Guide Page 219 of 280
in a .*$i e5tension. When down%oadin' a >#ID ma)e sure that it matches the architecture A32; or ,&;=itB o+ the $reeNA"1 s:stem and that it was de.e%o ed +or 9.5 as 6.5 and 10.5 >#Is wi%% not wor) on a 9.5 $reeNA"1 s:stem. -nce :ou ha.e down%oaded the >#ID c%ic) the M! %oadM =utton. As seen in the e5am %e in $i'ure 9.1eD this wi%% rom t :ou to =rowse to the %ocation o+ the down%oaded >#I. -nce the >#I is se%ectedD c%ic) the M! %oadM =utton to insta%% the >#I. In this e5am %eD the user is insta%%in' the >C;#"( >#I +or we=min. Figure 9.1e: Installing a Pre,iousl+ 8o0nloaded P5I
When the insta%%ation is com %eteD an entr: +or the >#I wi%% =e added to the MInsta%%edM ta= and its associated Iai% wi%% =e %isted under MCai%sM. Howe.erD i+ it is not a $reeNA"1 >#ID it wi%% not =e added to M>%u'insM. In other wordsD i+ the a %ication reEuires an: con+i'urationD :ou wi%% ha.e to er+orm it +rom the command %ine o+ the Iai%'s she%% instead o+ the 2!I. 9.1.$ 8eleting a P5I
When :ou insta%% a >#I usin' the >%u'ins methodD an associated Iai% is created. I+ :ou decide to de%ete a >#ID the associated Iai% is a%so de%eted as it is no %on'er reEuired. ,e*ore deleti%# a P,1/ ma)e sure that :ou don't ha.e an: data or con+i'uration in the Iai% that :ou do not want to %ose. I+ :ou doD =ac) it u +irstD =e+ore de%etin' the >#I. In the e5am %e shown in $i'ure 9.1+D the Couch>otato >#I has =een insta%%ed and the user has c%ic)ed its M(e%eteM =utton. As descri=ed in the re.ious sectionsD this >#I a ears in the >%u'ins ortion o+ the treeD its associated Iai%D 'o!'h*otato,1D a ears in the Cai%s ortion o+ the treeD and the >#I shows as insta%%ed in the Insta%%ed ta= o+ >%u'ins. A o ;u messa'e as)s the user i+ the: are sure that the: want to de%ete. Thi$ i$ the o%e a%d o%l) -ar%i%#. I+ the user c%ic)s MFesMD this >#I wi%% =e remo.ed +rom the FreeNAS 9.2.1 Users Guide Page 220 of 280
>%u'ins ortion o+ the treeD its associated Iai%D 'o!'h*otato,1D wi%% =e de%etedD and the >#I wi%% no %on'er show as insta%%ed in the Insta%%ed ta= o+ >%u'ins. Figure 9.1f: 8eleting an Installed P5I
9.2
>%e5 Media "er.er "A#n8=d "ic) #eard <ransmission N6*7: on%: a sma%% su=;set o+ these >#Is are a.ai%a=%e +or 32;=it s:stems as most a =it. %ications are ,&;
Whi%e the $reeNA"1 >%u'ins s:stem ma)es it eas: to insta%% a >#ID it is sti%% u to :ou to )now how to con+i'ure and use the insta%%ed a %ication. When in dou=tD re+er to the documentation +or that a %ication. 9.2.1 P5I 2eBuests
I+ :ou wou%d %i)e to reEuest a 9.5 >C;#"( or $reeNA"1 >#I +or an a %ication %ease add an entr: to the >#I ReEuests ta=%e. When addin' an entr:D insert the a %ication name in a% ha=etica% order. I+ :ou are wor)in' on a >C;#"( or $reeNA"1 >#I modu%eD indicate this in the O9.5 >#I +or <estin'P co%umn +or that entr:. #e+ore reEuestin' a >#ID chec) that a $ree#"( ort a%read: e5ists +or the a %ication at $resh>orts. I+ the so+tware has =een ortedD $resh>orts wi%% indicate the name and cate'or: o+ the ort. $or e5am %eD the 2!I +or the #acu%a ser.er is %ocated in s:suti%s@=acu%a;=at. I+ the so+tware has not =een orted to $ree#"( :etD issue a ort reEuest at the >C;#"( >ort ReEuests +orum usin' these instructions. A%ternate%:D i+ :ou ha.e orted so+tware =e+oreD the >orters Hand=oo) contains detai%ed instructions +or ortin' so+tware to $ree#"(.
10 Iails
<he re.ious section descri=ed how to +indD insta%%D and con+i'ure so+tware usin' the >%u'ins method. <his section descri=es how to use the Cai%s methodD which a%%ows users who are com+orta=%e usin' the command %ine to ha.e more contro% o.er so+tware insta%%ation and mana'ement. Whi%e the >%u'ins method automatica%%: created a $ree#"( Iai% +or each insta%%ed >#ID the Cai%s method a%%ows the user to create as man: Iai%s as needed and to s eci+: the t: e o+ Iai%. !n%i)e the >%u'ins methodD one is not %imited to insta%%in' on%: one a %ication er Iai%. 4ssentia%%:D a $ree#"( Iai% ro.ides a .er: %i'ht;wei'htD o eratin' s:stem;%e.e% .irtua%i8ation. Consider it as an inde endent $ree#"( o eratin' s:stem runnin' on the same hardwareD without a%% o+ the o.erhead usua%%: associated with .irtua%i8ation. <his means that an: so+tware and con+i'urations within a Iai% are iso%ated +rom =oth the $reeNA"1 o eratin' s:stem and an: other Iai%s runnin' on that s:stem. (urin' creationD some Iai% t: es ro.ide a B8<AH. o tion which ro.ides that Iai% with its ownD inde endent networ)in' stac). <his a%%ows the Iai% to do its own I> =roadcastin'D which is reEuired =: some a %ications. <he +o%%owin' t: es o+ Iai%s can =e createdK 1. Plugin @ail: this t: e o+ Iai% ro.ides the most +%e5i=i%it: +or so+tware insta%%ation. "imi%ar to the >%u'ins methodD this t: e o+ Iai% su orts the insta%%ation o+ $reeNA"1 >#IsD which inte'rate FreeNAS 9.2.1 Users Guide Page 222 of 280
into the $reeNA"1 2!I. In addition to $reeNA"1 >#IsD :ou can a%so insta%% the +o%%owin' t: es o+ so+tware within a %u'in Iai%K $ree#"( orts and $ree#"( )'n' ac)a'es. Howe.erD on%: $reeNA"1 >#Is can =e mana'ed +rom the 2!I as the other t: es o+ so+tware are mana'ed +rom the command %ine o+ the Iai%. $urtherD the other t: es o+ Iai%s do not su ort the a=i%it: to insta%% $reeNA"1 >#Is. I+ :ou %an to insta%% $reeNA"1 >#IsD insta%% a %u'in Iai%. 2. Port @ail: this t: e o+ Iai% su orts the insta%%ation o+ $ree#"( orts and $ree#"( )'n' ac)a'es. It does %ot su ort the insta%%ation o+ $reeNA"1 >#IsD meanin' that an: so+tware insta%%ed in this t: e o+ Iai% must =e mana'ed +rom the command %ine o+ the Iai%. 3. Standard @ail: this t: e o+ Iai% is +unctiona%%: the same as a ort Iai%. A distinction is made +or those users who re+er to se arate networ) ser.ersD such as (HC> or (N" ser.icesD +rom other insta%%ed so+tware. &. <inu- @ail: due to the $ree#"( %inu5 =inar: com ati=i%it: %a:erD 9inu5 can =e insta%%ed into a Iai% and so+tware can =e insta%%ed usin' the ac)a'e mana'ement s:stem ro.ided =: the insta%%ed 9inu5 distro. At this timeD the 9inu5 distro must =e a 32;=it .ersion and an: a %ications insta%%ed into the Iai% must =e a.ai%a=%e as a 32;=it =inar:. <a=%e 10a summari8es the t: e o+ so+tware which can =e insta%%ed into each t: e o+ Iai%. C%ic) the name o+ the t: e o+ so+tware +or instructions on how to insta%% that t: e o+ so+tware. N6*7: the so+tware which can =e insta%%ed into a 9inu5 Iai% is %imited to the command %ine ac)a'e mana'ement too% ro.ided =: that 9inu5 distri=ution. I+ :ou insta%% so+tware into a 9inu5 Iai%D insta%% the 32;=it .ersion o+ the so+tware. *a(le 10a: . at *+!e of Soft0are can (e Installed Into a IailS *+!e of Iail >%u'in >ort "tandard 9inu5 FreeNAS P5I :es no no no Free5S8 !9gng !ac9age :es noD un%ess #anilla is unchec)ed durin' Iai% creation noD un%ess #anilla is unchec)ed durin' Iai% creation no Free5S8 !ort :es :es :es no
<he a=i%it: to create mu%ti %e Iai%s and mu%ti %e t: es o+ Iai%s o++ers 'reat +%e5i=i%it: and a %ication se aration to the administrator. $or e5am %eD one cou%d create a se arate %u'in Iai% +or each $reeNA"1 %u'inD a se arate ort Iai% +or each a %ication that is not a.ai%a=%e as a $reeNA"1 %u'inD and a se arate standard Iai% +or each insta%%ed networ) ser.er. A%ternate%:D one has the a=i%it: to create one Iai% and to mi5 and match how the so+tware is insta%%ed into that Iai%. <he rest o+ this section descri=es the +o%%owin'K Cai%s Con+i'uration Addin' Cai%s Cai% <em %ates Insta%%in' $reeNA"1 >#Is Insta%%in' non;>#I "o+tware FreeNAS 9.2.1 Users Guide Page 22# of 280
N6*7: i+ :ou ha.e a%read: used the >%u'ins methodD a%% o+ the +ie%ds in this screen wi%% automatica%%: =e +i%%ed in. Fou shou%d sti%% dou=%e;chec) that the re;con+i'ured .a%ues are a ro riate +or :our Iai%s. Whi%e a Iai% can =e insta%%ed on a !$" .o%umeD it is recommended to use 0$" and to create a dataset to use +or the %ail &oot. As Iai%s are created on a 0$" s:stemD the: wi%% automatica%%: =e insta%%ed into their own dataset under the s eci+ied ath. $or e5am %eD i+ :ou con+i'ure a %ail &oot o+ 2mnt2#ol!me12dataset1 and create a Iai% named Pail1D it wi%% =e insta%%ed into its own dataset named 2mnt2#ol!me12dataset12Pail1. <a=%e 10.1a summari8es the +ie%ds in this con+i'uration screen. *a(le 10.1a: Iail 'onfiguration 6!tions Setting Cai% Root I>.& Networ) ?alue =rowse =utton strin' 8escri!tion mandator: as :ou cannot add a Iai% unti% this is set see e5 %anation =e%ow ta=%eR +ormat is I> address o+ networ) @ CI(R mas) Page 22$ of 280
8escri!tion see e5 %anation =e%ow ta=%eR +ormat is I> address o+ host @ CI(R mas) see e5 %anation =e%ow ta=%eR +ormat is I> address o+ host @ CI(R mas)
When se%ectin' the OCai% RootPD ensure that the si8e o+ the se%ected .o%ume or dataset is su++icient to ho%d the num=er o+ Iai%s to =e insta%%ed as we%% as an: so+twareD %o' +i%esD and data to =e stored within each Iai%. At a =are minimumD =ud'et at %east 22# er Iai% and do not se%ect a dataset that is %ess than 22# in si8e. N6*7: i+ :ou %an to add stora'e to a Iai%D =e aware that ath si8e is %imited to 66 characters. Ma)e sure that the %en'th o+ :our .o%ume name %us the dataset name %us the Iai% name does not e5ceed this %imit. $reeNA"1 wi%% automatica%%: detect and dis %a: the OI>.& Networ)P that the administrati.e inter+ace is connected to. <his settin' is im ortant as the I>.& networ) must =e !inga=%e +rom the $reeNA"1 s:stem in order +or :our Iai%s and an: insta%%ed so+tware to =e accessi=%e . I+ :our networ) to o%o': reEuires :ou to chan'e the de+au%t .a%ueD :ou wi%% a%so need to con+i'ure a de+au%t 'atewa:D and ossi=%: a static routeD to the s eci+ied networ). I+ :ou chan'e this .a%ueD ensure that the su=net mas) .a%ue is correct as an incorrect mas) can ma)e the I> networ) unreacha=%e. When in dou=tD )ee the de+au%t settin' +or OI>.& Networ)P. I+ :ou are usin' 3MwareD ma)e sure that the .switch is set to romiscuous mode. Re.iew the de+au%t .a%ues o+ the OI>.& Networ) "tart AddressP and OI>.& Networ) 4nd AddressP to determine i+ that ran'e is a ro riate +or the num=er o+ Iai%s that :ou wi%% create. I+ there is a (HC> ser.er on the networ)D ma)e sure that this ran'e o+ addresses is e5c%uded +rom the sco e o+ the (HC> ser.er. As Iai%s are createdD the: wi%% automatica%%: =e assi'ned the ne5t +ree I> address within the ran'e s eci+ied =: these two .a%ues. N6*7: these & +ie%ds are necessar: +or the ro er o eration o+ Cai%s. I+ :ou are una=%e to addD startD or access the so+tware insta%%ed into Iai%sD dou=%e;chec) the .a%ues in these +ie%ds. In articu%arD ma)e sure that the s eci+ied I>.& settin's are reacha=%e =: c%ients and that the s eci+ied addresses are not in use =: an: other c%ients in the networ).
*a(le 10.2a: Iail 'onfiguration 6!tions Setting Cai% Name t: e ?alue strin' dro ;down menu 8escri!tion mandator:R can on%: contain %etters and num=ers de+au%t choices are *l!ginPailD *ortPailD standardD de$ianD gentooD !$!nt!D s!seD and 'entosR on a ,&;=it s:stemD o tions are a%so a.ai%a=%e +or creatin' the 32;=it .ersions o+ a %u'inD ortD or standard Iai% wi%% =e automatica%%: assi'ned the ne5t +ree address +rom the ran'e s eci+ied in Cai%s Con+i'urationR i+ :ou chan'e the de+au%t addressD ma)e sure it is reacha=%e within the $reeNA"1 s:stem's networ) and is not in use =: an: other host on the networ) se%ect the su=net mas) associated with 81#4 address see N-<4 =e%owR wi%% =e 're:ed out +or 9inu5 Iai%s or i+ B8<AH. is unchec)ed se%ect the su=net mas) associated with 81#4 $ridge addressR wi%% =e 're:ed out +or 9inu5 Iai%s or i+ B8<AH. is unchec)ed used to set the Iai%'s de+au%t 'atewa: I>.& addressR wi%% =e 're:ed out +or 9inu5 Iai%s or i+ B8<AH. is unchec)ed Page 22% of 280
I>.& address inte'er dro ;down menu inte'er dro ;down menu strin'
I>.& netmas) I>.& =rid'e address I>.& =rid'e netmas) I>.& de+au%t 'atewa:
Setting
?alue
I>., address inte'er I>., re+i5 %en'th I>., =rid'e address I>., =rid'e re+i5 %en'th I>., de+au%t 'atewa: MAC ":sct%s Autostart 3IMA24 NA< .ani%%a dro ;down menu inte'er dro ;down menu strin' strin' strin' chec)=o5 chec)=o5 chec)=o5 chec)=o5
8escri!tion i+ I>., has =een con+i'uredD wi%% =e automatica%%: assi'ned the ne5t +ree address +rom the ran'e s eci+ied in Cai%s Con+i'uration se%ect the re+i5 %en'th associated with 81#5 address see N-<4 =e%owR wi%% =e 're:ed out +or 9inu5 Iai%s or i+ B8<AH. is unchec)ed se%ect the re+i5 %en'th associated with 81#5 addressR wi%% =e 're:ed out +or 9inu5 Iai%s or i+ B8<AH. is unchec)ed used to set the Iai%'s de+au%t 'atewa: I>., addressR wi%% =e 're:ed out +or 9inu5 Iai%s or i+ B8<AH. is unchec)ed i+ a static MAC address is neededD in ut it hereR reEuires B8<AH. to =e chec)ed comma;de%imited %ist o+ s:sct%s to set inside Iai% Ae.'. allo:.sys#i*'>13allo:.ra:,so'kets>1B unchec) i+ :ou want to start the Iai% manua%%: 'i.es a Iai% its own .irtua%i8ed networ) stac)R reEuires romiscuous mode to =e ena=%ed on the inter+aceR does not a %: to 9inu5 Iai%s ena=%es Networ) Address <rans%ation +or the Iai%R wi%% =e 're:ed out +or 9inu5 Iai%s or i+ B8<AH. is unchec)ed unchec) this =o5 i+ :ou %an to insta%% $ree#"( ac)a'es into a *ortPail or standard Iai%
N6*7: <he I>.& and I>., =rid'e inter+ace is used to =rid'e the e airA&B de.iceD which is automatica%%: created +or each started Iai%D to a h:sica% networ) de.ice. <he de+au%t networ) de.ice is the one that is con+i'ured with a de+au%t 'atewa:. "oD i+ em0 is the $ree#"( name o+ the h:sica% inter+ace and three Iai%s are runnin'D the +o%%owin' .irtua% inter+aces wi%% =e automatica%%: createdK $ridge0D e*air0aD e*air1aD and e*air2a. <he h:sica% inter+ace em0 wi%% =e added to the =rid'eD as we%% as each e air de.ice. <he other ha%+ o+ the e air wi%% =e %aced inside the Iai% and wi%% =e assi'ned the I> address s eci+ied +or that Iai%. <he =rid'e inter+ace wi%% =e assi'ned an a%ias o+ the de+au%t 'atewa: +or that Iai%D i+ con+i'uredD or the =rid'e I>D i+ con+i'uredR either is correct. A Otraditiona%P $ree#"( Iai% does not use 3IMA24 or NA<. I+ :ou unchec) =oth o+ these =o5esD :ou need to con+i'ure the Iai% with an I> address within the same networ) as the inter+ace it is =ound toD and that address wi%% =e assi'ned as an a%ias on that inter+ace. <o use a 3IMA24 Iai% on the same su=netD disa=%e NA<D and con+i'ure an I> address within the same networ). In =oth o+ these casesD :ou on%: con+i'ure an I> address and do not con+i'ure a =rid'e or a 'atewa: address. A+ter ma)in' :our se%ectionsD c%ic) the -K =utton. <he Iai% wi%% =e created and wi%% =e added to the tree under Cai%s. #: de+au%tD a %u'in Iai% wi%% =e created and automatica%%: startedD un%ess :ou s eci+: otherwise. <he +irst time :ou add a t: e o+ Iai%D the 2!I wi%% automatica%%: down%oad the necessar: com onents +rom the Internet. I+ it is una=%e to connect to the InternetD the Iai% creation wi%% +ai%. -therwiseD a FreeNAS 9.2.1 Users Guide Page 22) of 280
ro'ress =ar wi%% indicate the status o+ the down%oad and ro.ide an estimated time +or the rocess to com %ete. -nce the +irst Iai% is createdD su=seEuent Iai%s o+ that t: e wi%% =e added instantaneous%: as the down%oaded =ase +or creatin' that t: e o+ Iai% is sa.ed to the %ail &oot. 10.2.1 4anaging Iails
<o .iew and con+i'ure the added Iai%sD c%ic) Cai%s N 3iew a%% Cai%s. In the e5am %e shown in $i'ure 10.2=D +our Iai%s ha.e =een created and the %ist entr: +or the Iai% named *l!ginPail has =een c%ic)ed. Figure 10.2(: 'reated Iails Added to t e GUI
C%ic) a Iai%'s entr: to access its con+i'uration icons. In orderD +rom %e+t to ri'htD these icons are used toK 7dit Iail: edit the Iai%'s settin's as descri=ed in the ne5t section. Add Storage: con+i'ure the Iai% to access an area o+ stora'e as descri=ed in Addin' "tora'e. U!load Plugin: on%: a.ai%a=%e in a %u'in Iai%. !sed to insta%% %u'ins as descri=ed in Insta%%in' $reeNA"1 >#Is. StartESto!: this icon wi%% .ar:D de endin' u on the current runnin' status o+ the Iai%. I+ the Iai% is FreeNAS 9.2.1 Users Guide Page 228 of 280
current%: sto edD the icon wi%% =e 'reen and can =e used to start the Iai%. I+ the Iai% is current%: runnin'D the icon wi%% =e red and can =e used to sto the Iai%. A sto ed Iai% and its a %ications are inaccessi=%e unti% it is restarted. S ell: used to access a root command rom t in order to con+i'ure the se%ected Iai% +rom the command %ine. 8elete: de%etin' the s eci+ied Iai% a%so de%etes an: so+tware that was insta%%ed in that Iai%. <he 2!I wi%% dis %a: a warnin' which reEuires :ou to c%ic) the Fes =uttonD indicatin' that :ou are sure that :ou want to de%ete the Iai%D =e+ore this o eration is er+ormed. 10.2.2 Accessing a Iail Using SS& Instead of its S ell Icon
I+ :ou re+er to use ss to access a Iai% :ou wi%% need to +irst start the ss ser.ice and create a user account +or ss access. "ince this con+i'uration occurs on a Iai%;=:;Iai% =asisD c%ic) the O"he%%P icon +or the Iai% :ou wish to con+i'ure ss access to. <o start the ""H ser.ice on a non;9inu5 Iai%D %oo) +or the +o%%owin' %ine in that Iai%'s 2et'2r'.'onfK
sshd_enable="NO"
Chan'e the N@ to -.S and sa.e the +i%e. <henD start the ""H daemonK
service sshd start
<he host R"A )e: air shou%d =e 'enerated and the )e:'s +in'er rint and random art ima'e dis %a:ed. $or a 9inu5 Iai%D re+er to the documentation +or that 9inu5 distri=ution +or instructions on how to start the ""H ser.ice. (e endin' u on the distri=utionD :ou ma: ha.e to +irst insta%% a ""H ser.er. Ne5tD add a user account. I+ :ou want the user to ha.e su eruser ri.i%e'es to a non;9inu5 Iai%D ma)e sure the user is %aced in the :heel 'rou when it is created. <: e adduser and +o%%ow the rom ts. When :ou 'et to this rom tD do not ress enter =ut instead t: e :heelK
Login group is user1. Invite user1 into other groups? []: wheel
-nce the user is createdD set the root assword so that the new user wi%% =e a=%e to use the su command to 'ain su eruser ri.i%e'e. <o set the asswordD t: e !ass0d then in ut and con+irm the desired assword. $or a 9inu5 Iai%D :ou wi%% need to create a user account usin' the so+tware that comes with the 9inu5 distri=ution. "ince 9inu5 does not use the :heel 'rou D i+ :ou wish to 'i.e this user su eruser ri.i%e'esD instead insta%% and con+i'ure the sudo a %ication. $ina%%:D test +rom another s:stem that the user can success+u%%: ss in and =ecome the su eruser. In this e5am %eD a user named !ser1 uses ss to access the non;9inu5 Iai% at 192.1,6.2.3. <he +irst time the user %o's inD the: wi%% =e as)ed to .eri+: the +in'er rint o+ the hostK
ssh user1@192.168.2.3 The authenticity of host '192.168.2.3 (192.168.2.3)' can't be established. RSA key fingerprint is 6f:93:e5:36:4f:54:ed:4b:9c:c8:c2:71:89:c1:58:f0. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.2.3' (RSA) to the list of known hosts. Password: type_password_here
N6*7: each Iai% has its own user accounts and ser.ice con+i'uration. <his means that :ou wi%% need to re eat these ste s +or each Iai% that reEuires ""H access.
18.2.2.1 *dit a 9ail:s Settings
$i'ure 10.2c shows the con+i'uration screen that a ears when :ou c%ic) the O4dit Cai%P =utton +or a hi'h%i'hted Iai%'s entr:. <his screen can a%so =e accessed =: e5 andin' the Iai%'s name in the tree .iew and c%ic)in' 4dit. Figure 10.2c: Iail/s 7dit Settings
Most o+ these settin's were re.ious%: descri=ed in <a=%e 10.2a and can =e chan'ed usin' this screen a+ter Iai% creation. <he +o%%owin' settin's di++er =etween the OAdd Cai%P and O4dit Cai%P screensK Iail Na3e: this settin' is read;on%: once the Iai% has =een created. IP,$ aliases: once a Iai% has =een createdD this +ie%d can =e used to add additiona% I>.& addressesD which are )nown as a%iases. When addin' mu%ti %e a%iasesD use a comma de%imited %ist. IP,% aliases: once a Iai% has =een createdD this +ie%d can =e used to add additiona% I>., Page 2#0 of 280
addresses. When addin' mu%ti %e a%iasesD use a comma de%imited %ist. N6*7: i+ :ou need to modi+: the I> address in+ormation +or a Iai%D use it's M4dit Cai%M =utton instead o+ the associated networ)in' commands +rom the command %ine o+ the Iai%.
It is ossi=%e to 'i.e a Iai% access to an area o+ stora'e on the $reeNA"1 s:stem. <his is use+u% i+ :ou insta%% an a %ication that stores a %ar'e amount o+ data or i+ an insta%%ed a %ication needs access to the data stored on the $reeNA"1 s:stem. An e5am %e wou%d =e transmissionD which stores torrents. <he stora'e is added usin' the mountGnu%%+sA6B mechanism which %in)s data that resides outside o+ the Iai% as a stora'e area within the Iai%. <o add stora'eD c%ic) the OAdd "tora'eP =utton +or a hi'h%i'hted Iai%'s entr:. <his screen can a%so =e accessed =: e5 andin' the Iai%'s name in the tree .iew and c%ic)in' "tora'e N Add "tora'eD shown in $i'ure 10.2d. #rowse to the O"ourceP and O(estinationPD whereK Source: is the director: or dataset on the $reeNA"1 s:stem :ou wou%d %i)e to 'ain access to +rom the Iai%. <his director: (!$t reside outside o+ the .o%ume or dataset =ein' used =: the Iai%. <his is wh: it is recommended to create a se arate dataset to store Iai%sD as the dataset ho%din' the Iai%s wi%% a%wa:s =e se arate +rom an: datasets used +or stora'e on the $reeNA"1 s:stem. 8estination: se%ect the director: within the Iai% which wi%% =e %in)ed to the O"ourceP stora'e area.
When :ou are addin' stora'eD it is t: ica%%: =ecause the user and 'rou account associated with an a %ication insta%%ed inside o+ a Iai% needs to access data stored on the $reeNA"1 s:stem. #e+ore se%ectin' the M"ourceMD it is im ortant to +irst ensure that the ermissions o+ the se%ected director: or dataset 'rant ermission to the user@'rou account inside o+ the Iai%. <his is t: ica%%: not the de+au%tD as the users and 'rou s created inside o+ a Iai% are tota%%: se arate +rom the users and 'rou s o+ the $reeNA"1 s:stem. <his means that the wor)+%ow +or addin' stora'e is usua%%: as +o%%owsK 1. (etermine the name o+ the user and 'rou account used =: the a %ication. $or e5am %eD the insta%%ation o+ the transmission a %ication automatica%%: creates a user account named transmission and a 'rou account named transmission. When in dou=tD chec) the +i%es 2et'2*ass:d Ato +ind the user accountB and 2et'2gro!* Ato +ind the 'rou accountB inside o+ the Iai%. <: ica%%:D the user and 'rou names are simi%ar to the a %ication name. A%soD the !I( and 2I( are usua%%: the same as the ort num=er used =: the ser.ice. 2. -n the $reeNA"1 s:stemD create a user account and 'rou account to match the name o+ the user and 'rou used =: the a %ication in the Iai%.
3. -n the $reeNA"1 s:stemD determine i+ :ou want the Iai% to ha.e access to e5istin' data or i+ :ou want to set aside an area o+ stora'e +or the Iai% to use. &. I+ the Iai% shou%d access e5istin' dataD edit the ermissions o+ the .o%ume or dataset so that the user and 'rou account has the desired read and write access. I+ mu%ti %e a %ications or Iai%s are to ha.e access to the same dataD :ou wi%% need to create a se arate 'rou and add each needed user account to that 'rou . *. I+ :ou are instead settin' aside an area o+ stora'e +or that Iai% Aor indi.idua% a %icationBD create a dataset. <henD edit the ermissions o+ that dataset so that the user and 'rou account has the desired read and write access. ,. !se the MAdd "tora'eM =utton o+ the Iai% and se%ect the con+i'ured .o%ume@dataset as the M"ourceM. I+ :ou wish to re.ent writes to the stora'eD chec) the =o5 ORead;-n%:P. #: de+au%tD the OCreate director:P =o5 is chec)ed. <his means that the director: wi%% automatica%%: =e created +or :ou under the s eci+ied O(estinationP ath i+ the director: does not a%read: e5ist. -nce a stora'e has =een addedD it wi%% =e added to the tree under the s eci+ied Iai%. In the e5am %e shown in $i'ure 10.2eD a dataset named #ol!me12data has =een chosen as the O"ourceP as it contains the +i%es stored on the $reeNA"1 s:stem. When the stora'e was createdD the user =rowsed to #ol!me12Pails2*l!ginPail2!sr2lo'al in the O(estinationP +ie%dD then t: ed in test as the director:. "ince this director: did not a%read: e5istD it was created as the OCreate director:P =o5 was %e+t as chec)ed. <he resu%tin' stora'e was added to the *l!ginPail entr: in the tree as 2!sr2lo'al2test. <he user has c%ic)ed this 2!sr2lo'al2test entr: in order to access its edit screen. #: de+au%tD the stora'e is mounted as it is created. <o unmount the stora'eD unchec) its OMountedUP =o5. N6*7: a mounted dataset wi%% not automatica%%: mount an: o+ its chi%d datasets. Whi%e the chi%d datasets ma: a ear =rowsa=%e inside the Iai%D an: chan'es wi%% not =e .isi=%e. "ince each dataset is considered to =e its own +i%es:stemD each chi%d dataset must ha.e its own mount ointD meanin' that :ou need to create a se arate stora'e +or an: chi%d datasets which need to =e mounted. <o de%ete the stora'eD c%ic) its O(e%eteP =utton. 8ANG72C it is im ortant to rea%i8e that an added stora'e is rea%%: Iust a ointer to the se%ected stora'e director: on the $reeNA"1 s:stem. It does %ot create a co : o+ that data within the Iai%. Thi$ (ea%$ that i* )o! delete a%) *ile$ *ro( the CDe$ti%atio%D director) located i% the Jail/ )o! are reall) deleti%# tho$e *ile$ *ro( the CSo!rceD director) located o% the FreeNAS $)$te( . Howe.erD i+ :ou de%ete the stora'eD :ou are on%: de%etin' the ointerD not the data itse%+.
<he %istin' contains the +o%%owin' co%umnsK Na3e: wi%% a ear in the Mt: eM dro ;down menu when addin' a new Iai%. U2<: when addin' a new Iai%D the tem %ate wi%% =e down%oaded +rom this %ocation. Instances: indicates i+ the tem %ate has =een used to create a Iai%. In this e5am %eD no tem %ates ha.e =een used to create a Iai%D so a%% o+ the instances are set to 0. 10.#.1 'reating Tour 60n *e3!lates
Creatin' :our own custom tem %ates a%%ows :ou to de %o: di++erent .ersions and architectures o+ $ree#"( or di++erent 32;=it 9inu5 distri=utions into a $reeNA"1 Iai%. Additiona%%:D the tem %ate can =e re;con+i'ured to inc%ude the a %icationsD con+i'urationsD and user accounts that :ou need in order to Euic)%: de %o: :our Iai%s. <o create a tem %ateD +irst insta%% the desired $ree#"( or 9inu5 o eratin' s:stem and con+i'ure it the wa: :ou want. <he insta%%ation can =e either to an e5istin' Iai% or on another s:stem. N6*7: i+ :ou are insta%%in' 9inu5D ma)e sure to insta%% the 32;=it .ersion o+ the o eratin' s:stem as ,&;=it 9inu5 .ersions are not su orted at this time. -nce :our con+i'uration is com %eteD :ou need to create a tar=a%% o+ the entire o eratin' s:stem that :ou wish to use as a tem %ate. <his tar=a%% needs to =e com ressed with g=i! and end in a .tg/ e5tension. #e care+u% when creatin' the tar=a%% as :ou don't want to end u in a recursi.e %oo . In other wordsD the resu%tin' tar=a%% needs to =e sa.ed outside o+ the o eratin' s:stem =ein' tar=a%%edD such as to an e5terna% !"# dri.e or networ) share. A%ternate%:D :ou can create a tem orar: director: within the o eratin' s:stem and use the --e('l!de switch to tar to e5c%ude this director: +rom the tar=a%%. <he e5act tar command to use wi%% .ar:D de endin' u on the o eratin' s:stem =ein' used to create the tar=a%%. FreeNAS 9.2.1 Users Guide Page 2#" of 280
-nce :ou ha.e the .tg/ +i%e +or the o eratin' s:stemD sa.e it to either an $<> share or an H<<> ser.er. Fou wi%% need the associated $<> or H<<> !R9 in order to add the tem %ate to the %ist o+ a.ai%a=%e tem %ates. <o add the tem %ateD c%ic) Cai%s N Add Cai% <em %ates which wi%% o en the screen seen in $i'ure 10.3=. Figure 10.#(: Adding A 'usto3 Iail *e3!late
<a=%e 10.3a summari8es the +ie%ds in this screen. *a(le 10.#a: Iail *e3!late 6!tions Setting Name -" Architecture !R9 ?alue strin' dro ;down menu dro ;down menu strin' 8escri!tion .a%ue wi%% a ear in the Name co%umn o+ 3iew Cai% <em %ates choices are FreeBS or ;in!( choices are (65 or (54R (65 is reEuired i+ ;in!( is se%ected in ut the +u%% !R9 to the .tg/ +i%eD inc%udin' the rotoco% Aft*)22 or htt*)22B
Howe.erD i+ a user has created their own %u'ins Iai%D $reeNA"1 >#Is can =e insta%%ed into it. Insta%%in' a >#I this wa: reEuires the user to +irst down%oad the >#I +or their architecture and .ersion. N6*7: $reeNA"1 >#Is can not =e insta%%ed inside a standard or orts Iai%. <o insta%% a $reeNA"1 >#ID 'o to Cai%s N 3iew Cai%s and c%ic) the %u'in Iai% :ou wish to insta%% into. An e5am %e is seen in $i'ure 10.&a. Figure 10.$a: Select Plugin Iail to Install Into
C%ic) the O! %oad >%u'inP =utton. When rom tedD O#rowseP to the %ocation o+ the down%oaded >#I then c%ic) the O! %oadP =utton to insta%% the >#I. A status =ar wi%% indicate the ro'ress o+ the insta%%ation. -nce insta%%edD the a %ication wi%% a ear under the >%u'ins entr: o+ the tree. In the e5am %e shown in $i'ure 10.&=D the Mini(9NA %u'in has =een insta%%ed. Fou can now con+i'ure and mana'e the insta%%ed so+tware as descri=ed in >%u'ins.
<he Euic)est and easiest wa: to insta%% so+tware inside the Iai% is to insta%% a $ree#"( ac)a'e. A $ree#"( ac)a'e is re;com i%edD meanin' that it contains a%% the =inaries and de endencies reEuired +or the so+tware to run on a $ree#"( s:stem. A %ot o+ so+tware has =een orted to $ree#"( Acurrent%: o.er 2&D000 a %icationsB and most o+ that so+tware is a.ai%a=%e as a ac)a'e. -ne wa: to +ind $ree#"( so+tware is to use the search=ar at $resh>orts.or'. -nce :ou ha.e %ocated the name o+ the ac)a'e :ou wou%d %i)e to insta%%D use the !9g install command to insta%% it. $or e5am %eD to insta%% the audiota' ac)a'eD use this commandK FreeNAS 9.2.1 Users Guide Page 2#8 of 280
When rom tedD t: e + to com %ete the insta%%ation. <he insta%%ation messa'es wi%% indicate i+ the ac)a'e and its de endencies success+u%%: down%oad and insta%%. 8ANG72C do %ot use the !9g:add command in a $reeNA"1 Iai% as it wi%% cause inconsistencies in :our ac)a'e mana'ement data=ase. Fou can con+irm that the insta%%ation was success+u% =: Euer:in' the ac)a'e data=aseK
pkg info -f audiotag audiotag-0.19_1 Name : audiotag Version : 0.19_1 Origin : audio/audiotag Architecture : freebsd:9:x86:64 Prefix : /usr/local Categories : multimedia audio Licenses : GPLv2 Maintainer : ports@FreeBSD.org WWW : http://github.com/Daenyth/audiotag Comment : Command-line tool for mass tagging/renaming of audio files Options : DOCS : on FLAC : on ID3 : on MP4 : on VORBIS : on Flat size : 62.8KiB Description : Audiotag is a command-line tool for mass tagging/renaming of audio files it supports the vorbis comment, id3 tags, and MP4 tags. WWW: http://github.com/Daenyth/audiotag
In $ree#"(D third; art: so+tware is a%wa:s stored in 2!sr2lo'al to di++erentiate it +rom the so+tware that came with the o eratin' s:stem. #inaries are a%most a%wa:s %ocated in a su=director: ca%%ed $in or s$in and con+i'uration +i%es in a su=director: ca%%ed et'. 10.".2 'o3!iling Free5S8 Ports 0it 3a9e
<: ica%%:D so+tware is insta%%ed usin' ac)a'es. -ccasiona%%: :ou ma: re+er to com i%e the ort :ourse%+. Com i%in' the ort o++ers the +o%%owin' ad.anta'esK not e.er: ort has an a.ai%a=%e ac)a'e. <his is usua%%: due to %icensin' restrictions or )nownD unaddressed securit: .u%nera=i%ities. FreeNAS 9.2.1 Users Guide Page 2#9 of 280
sometimes the ac)a'e is out;o+;date and :ou need a +eature that =ecame a.ai%a=%e in the newer .ersion. some orts ro.ide com i%e o tions that are not a.ai%a=%e in the re;com i%ed ac)a'e. <hese o tions are used to add additiona% +eatures or to stri out the +eatures :ou do not need. Com i%in' the ort :ourse%+ has the +o%%owin' dis;ad.anta'esK it ta)es time. (e endin' u on the si8e o+ the a %icationD the amount o+ de endenciesD the amount o+ C>! and RAM on the s:stemD and the current %oad on the $reeNA"1 s:stemD the amount o+ time can ran'e +rom a +ew minutes to a +ew hours or e.en to a +ew da:s. N6*7: i+ the ort doesn't ro.ide an: com i%e o tionsD :ou are =etter o++ sa.in' :our time and the $reeNA"1 s:stem's resources =: usin' the !9g install command instead. Fou can determine i+ the ort has an: con+i'ura=%e com i%e o tions =: c%ic)in' its $resh>orts %istin'. $i'ure 10.*a shows the OCon+i'uration - tionsP +or audiota'. Figure 10."a: 'onfiguration 6!tions for Audiotag
In $ree#"(D a <akefile is used to ro.ide the com i%in' instructions to the 3a9e command. <he <akefile is in ascii te5tD +air%: eas: to understandD and documented in =sd. ort.m). I+ the ort has an: con+i'ura=%e com i%e o tionsD the: wi%% =e %isted at $resh>orts in the ort's OCon+i'uration - tionsP. <his ort contains +i.e con+i'ura=%e o tions A(-C"D $9ACD I(3D M>&D and 3-R#I"B and each o tion is ena=%ed AonB =: de+au%t. FreeNAS 9.2.1 Users Guide Page 2$0 of 280
$ree#"( ac)a'es are a%wa:s =ui%t usin' the de+au%t o tions. When :ou com i%e the ort :ourse%+D those o tions wi%% =e resented to :ou in a menuD a%%owin' :ou to chan'e their de+au%t settin's. #e+ore :ou can com i%e a ortD the orts co%%ection must =e insta%%ed within the Iai%. $rom within the Iai%D use the !ortsna! uti%it:K
portsnap fetch extract
<his command wi%% down%oad the orts co%%ection and e5tract it to the Iai%'s 2!sr2*orts2 director:. N6*7: i+ :ou insta%% additiona% so+tware at a %ater dateD :ou shou%d ma)e sure that the orts co%%ection is u ;to;date usin' this commandK
portsnap fetch update
<o com i%e a ortD :ou wi%% cd into a su=director: o+ 2!sr2*orts2. $resh>orts ro.ides the %ocation to cd into and the 3a9e command to run. <his e5am %e wi%% com i%e the audiota' ortK
cd /usr/ports/audio/audiotag make install clean
"ince this ort has con+i'ura=%e o tionsD the +irst time this command is run the con+i'ure screen shown in $i'ure 10.*= wi%% =e dis %a:edK Figure 10."(: 'onfiguration 6!tions for Audiotag Port
<o chan'e an o tion's settin'D use the arrow )e:s to hi'h%i'ht the o tionD then ress the $"acebar to to''%e the se%ection. -nce :ou are +inishedD ta= o.er to -K and ress enter. <he ort wi%% =e'in to com i%e and insta%%. N6*7: i+ :ou chan'e :our mindD the con+i'uration screen wi%% not =e dis %a:ed a'ain shou%d :ou sto and restart the =ui%d. <: e 3a9e config UU 3a9e install clean i+ :ou need to chan'e :our se%ected o tions. I+ the ort has an: de endencies with o tionsD their con+i'uration screens wi%% =e dis %a:ed and the com i%e wi%% ause unti% it recei.es :our in ut. It is a 'ood idea to )ee an e:e on the com i%e unti% it +inishes and :ou are returned to the command rom t. FreeNAS 9.2.1 Users Guide Page 2$1 of 280
-nce the ort is insta%%edD it is re'istered in the same ac)a'e data=ase that mana'es ac)a'es. <his means that :ou can use !9g info to determine what was insta%%edD as descri=ed in the re.ious section. 10.".# 'onfiguring and Starting Installed Free5S8 Soft0are
-nce the ac)a'e or ort is insta%%edD :ou wi%% need to con+i'ure and start it. I+ :ou are +ami%iar with how to con+i'ure the so+twareD %oo) +or its con+i'uration +i%e in 2!sr2lo'al2et' or a su=director: thereo+. Man: $ree#"( ac)a'es contain a sam %e con+i'uration +i%e to 'et :ou started. I+ :ou are un+ami%iar with the so+twareD :ou wi%% need to s end some time at the so+tware's we=site to %earn which con+i'uration o tions are a.ai%a=%e and which con+i'uration +i%eAsB need to =e edited. Most $ree#"( ac)a'es that contain a starta=%e ser.ice inc%ude a startu scri t which is automatica%%: insta%%ed to 2!sr2lo'al2et'2r'.d2. -nce :our con+i'uration is com %eteD :ou can test that the ser.ice starts =: runnin' the scri t with the onestart o tion. As an e5am %eD i+ o en. n is insta%%ed into the Iai%D these commands wi%% run its startu scri t and .eri+: that the ser.ice startedK
/usr/local/etc/rc.d/openvpn onestart Starting openvpn. /usr/local/etc/rc.d/openvpn onestatus openvpn is running as pid 45560. sockstat -4 USER COMMAND PID FD PROTO LOCAL ADDRESS root openvpn 48386 4 udp4 *:54789
Run tail E,arElogE3essages to see i+ an: error messa'es hint at the ro=%em. Most startu +ai%ures are re%ated to a mis;con+i'urationK either a t: o or a missin' o tion in a con+i'uration +i%e. -nce :ou ha.e .eri+ied that the ser.ice starts and is wor)in' as intendedD add a %ine to 2et'2r'.'onf to ensure that the ser.ice automatica%%: starts whene.er the Iai% is started. <he %ine to start a ser.ice a%wa:s ends in ,ena$le>I-.SI and t: ica%%: starts with the name o+ the so+tware. $or e5am %eD this is the entr: +or the o en. n ser.iceK
openvpn_enable="YES"
When in dou=tD the startu scri t wi%% te%% :ou which %ine to ut in 2et'2r'.'onf. <his is the descri tion in 2!sr2lo'al2et'2r'.d2o*en#*n)
# # # # # # # # # # # This script supports running multiple instances of openvpn. To run additional instances link this script to something like % ln -s openvpn openvpn_foo and define additional openvpn_foo_* variables in one of /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d /openvpn_foo Below NAME should be substituted with the name of this script. By default it is openvpn, so read as openvpn_enable. If you linked the script to openvpn_foo, then read as openvpn_foo_enable etc. The following variables are supported (defaults are shown).
# You can place them in any of # /etc/rc.conf, /etc/rc.conf.local or /etc/rc.conf.d/NAME # # NAME_enable="NO" # set to YES to enable openvpn
<he startu scri t wi%% a%so indicate i+ an: additiona% arameters are a.ai%a=%eK
# # # # # # # NAME_if= # driver(s) to load, set to "tun", "tap" or "tun tap" # it is OK to specify the if_ prefix.
# optional: NAME_flags= # additional command line arguments NAME_configfile="/usr/local/etc/openvpn/NAME.conf" # --config file NAME_dir="/usr/local/etc/openvpn" # --cd directory
11 2e!orting
Re ortin' dis %a:s se.era% 'ra hsD as seen in the e5am %e in $i'ure 11a. C%ic) the ta= +or a de.ice t: e to see its 'ra hs. Figure 11a: 2e!orting Gra! s
$reeNA"1 uses co%%ectd to ro.ide re ortin' statistics. <he +o%%owin' co%%ectd %u'ins are ena=%ed in 2'onf2$ase2et'2lo'al2'olle'td.'onfD and thus ro.ide re ortin' 'ra hsK C>! usa'eK co%%ects the amount o+ time s ent =: the C>! in .arious states such as e5ecutin' user codeD e5ecutin' s:stem codeD and =ein' id%e. FreeNAS 9.2.1 Users Guide Page 2$# of 280
s:stem %oadK ro.ides a rou'h o.er.iew o+ s:stem uti%i8ation o.er a oneD +i.eD and +i+teen minute a.era'e. dis)K shows the a.era'e time a dis) I@- o eration too) to com %ete. h:sica% memor:K dis %a:s h:sica% memor: usa'e. er second +or each con+i'ured swa uti%i8ationK dis %a:s the amount o+ +ree and used swa s ace. inter+aceK shows recei.ed and transmitted tra++ic in =its inter+ace.
dis) s aceK dis %a:s +ree and used s ace +or each .o%ume and dataset. Howe.erD the dis) s ace used =: an indi.idua% 8.o% is not dis %a:ed as it is a =%oc) de.ice. rocessesK dis %a:s the num=er o+ rocessesD 'rou ed =: state. u timeK )ee s trac) o+ the s:stem u timeD the a.era'e runnin' timeD and the ma5imum reached u time. Re ortin' data is sa.edD a%%owin' :ou to .iew and monitor usa'e trends o.er time. Re ortin' data is sa.ed to 2data2rrd,dir.tar.$/2 and shou%d =e reser.ed across s:stem u 'rades and at shutdown. !se the ma'ni+ier =uttons ne5t to each 'ra h to increase or decrease the dis %a:ed time increment +rom 10 minutesD hour%:D dai%:D wee)%:D or month%:. Fou can a%so use the aa and VV =uttons to scro%% throu'h the out ut.
12 Additional 6!tions
<his section co.ers the remainin' misce%%aneous o tions a.ai%a=%e +rom the $reeNA"1 'ra hica% administrati.e inter+ace.
<he dis %a: wi%% automatica%%: re+resh itse%+. "im %: c%ic) the 7 in the u er ri'ht corner to c%ose the dis %a: when :ou are +inished. Note that the dis %a: is read;on%:D meanin' that :ou won't =e a=%e to issue a 9ill command within it.
12.2 S ell
#e'innin' with .ersion 6.2.0D the $reeNA"1 2!I ro.ides a we= she%%D ma)in' it con.enient to run command %ine too%s +rom the we= =rowser as the root user. <he %in) to "he%% is the third entr: +rom the =ottom o+ the menu tree. In $i'ure 12.2aD the %in) has =een c%ic)ed and "he%% is o en. <he rom t indicates that the current user is rootD the hostname is freenasD and the current wor)in' director: is C Aroot's home director:B. <o chan'e the si8e o+ the she%%D c%ic) the 60(2D dro ;down menu and se%ect a di++erent si8e. <o co : te5t +rom she%%D hi'h%i'ht the te5tD ri'ht;c%ic)D and se%ect Co : +rom the ri'ht;c%ic) menu. <o aste into the she%%D c%ic) the >aste =uttonD aste the te5t into the =o5 that o ensD and c%ic) the -K =utton to com %ete the aste o eration.
Whi%e :ou are in "he%%D :ou wi%% not ha.e access to an: o+ the other 2!I menus. I+ :ou are usin' "he%% +or trou=%eshootin' ur oses and need to %ea.e the "he%% in order to modi+: a con+i'urationD c%ic) the 5 in the window's u er ri'ht corner. <he ne5t time :ou enter "he%%D :ou wi%% return to :our %ast session. When :ou are +inished usin' "he%%D t: e e-it to %ea.e the session com %ete%:. "he%% ro.ides histor: Ause :our u arrow to see re.ious%: entered commands and ress enter to re eat the current%: dis %a:ed commandB and ta= com %etion At: e a +ew %etters and ress ta= to com %ete a command name or +i%ename in the current director:B. N6*7: not a%% o+ "he%%'s +eatures render correct%: in Chrome. $ire+o5 is the recommended =rowser +or usin' "he%%. (ue to the em=edded nature o+ $reeNA"1D some $ree#"( com onents are missin' and noticea=%e in "he%%. $or e5am %eD man a'es are not inc%udedR howe.erD a %in) to the on%ine $ree#"( man a'es is a.ai%a=%e +rom He% . Most $ree#"( command %ine uti%ities shou%d =e a.ai%a=%e in "he%%. Additiona% trou=%eshootin' uti%ities that are ro.ided =: $reeNA"1 are descri=ed in !se+u% Command 9ine !ti%ities. FreeNAS 9.2.1 Users Guide Page 2$% of 280
12.# 2e(oot
I+ :ou c%ic) Re=ootD :ou wi%% recei.e the warnin' messa'e shown in $i'ure 12.3a and :our =rowser co%or wi%% chan'e to red to indicate that :ou ha.e se%ected an o tion that wi%% ne'ati.e%: im act users o+ the $reeNA"1 s:stem. N6*7: i+ an: .o%umes are encr: tedD ma)e sure that :ou ha.e set the ass hrase and ha.e co ies o+ the encr: tion )e: and the %atest reco.er: )e: =e+ore er+ormin' a re=oot. 8itho!t the$e/ )o! -ill %ot be able to !%loc0 the e%cr)"ted 'ol!(e a*ter the reboot. Figure 12.#a: 2e(oot .arning 4essage
I+ a scru= or resi%.er is in ro'ress when a re=oot is reEuestedD an additiona% warnin' wi%% as) :ou to ma)e sure that :ou wish to roceed. In this caseD it is recommended to MCance%M the re=oot reEuest and to eriodica%%: run =!ool status +rom "he%% unti% it is .eri+ied that the scru= or resi%.er rocess is com %ete. -nce com %eteD the re=oot reEuest can =e re;issued. C%ic) the Cance% =utton i+ :ou wish to cance% the re=oot reEuest. -therwiseD c%ic) the Re=oot =utton to re=oot the s:stem. Re=ootin' the s:stem wi%% disconnect a%% c%ientsD inc%udin' the we= administration 2!I. <he !R9 in :our we= =rowser wi%% chan'e to add 2system2re$oot2 to the end o+ the I> address. Wait a +ew minutes +or the s:stem to =ootD then use :our =rowser's =ac) =utton to return to the $reeNA"1 s:stem's I> address. I+ a%% went we%%D :ou shou%d recei.e the 2!I %o'in screen. I+ the %o'in screen does not a earD :ou wi%% need h:sica% access to the $reeNA"1 s:stem's monitor and )e:=oard so that :ou can determine what ro=%em is re.entin' the s:stem +rom resumin' norma% o eration.
12.$ S utdo0n
I+ :ou c%ic) "hutdownD :ou wi%% recei.e the warnin' messa'e shown in $i'ure 12.&a and :our =rowser co%or wi%% chan'e to red to indicate that :ou ha.e se%ected an o tion that wi%% ne'ati.e%: im act users o+ the $reeNA"1 s:stem. N6*7: if an+ ,olu3es are encr+!tedJ 3a9e sure t at +ou a,e set t e !ass! rase and a,e co!ies of t e encr+!tion 9e+ and t e latest reco,er+ 9e+ (efore !erfor3ing a s utdo0n. 8itho!t the$e/ )o! -ill %ot be able to !%loc0 the e%cr)"ted 'ol!(e -he% the $)$te( i$ re$tarted. Figure 12.$a: S utdo0n .arning 4essage
I+ a scru= or resi%.er is in ro'ress when a shutdown is reEuestedD an additiona% warnin' wi%% as) :ou to ma)e sure that :ou wish to roceed. In this caseD it is recommended to OCance%P the shutdown reEuest and to eriodica%%: run =!ool status +rom "he%% unti% it is .eri+ied that the scru= or resi%.er rocess is com %ete. -nce com %eteD the shutdown reEuest can =e re;issued. C%ic) the OCance%P =utton i+ :ou wish to cance% the shutdown reEuest. -therwiseD c%ic) the O"hutdownP =utton to ha%t the s:stem. "huttin' down the s:stem wi%% disconnect a%% c%ientsD inc%udin' the we= administration 2!ID and wi%% ower o++ the $reeNA"1 s:stem. Fou wi%% need h:sica% access to the $reeNA"1 s:stem in order to turn it =ac) on.
12." &el!
<he He% =utton in the u er ri'ht corner ro.ides a o ;u menu containin' h: er%in)s to the .arious $reeNA"1 on%ine resourcesD inc%udin'K FreeNAS 9.2.1 Users Guide Page 2$8 of 280
the Communit: $orum each mai%in' %ist the we= inter+ace to the IRC channe% the #u' <rac)er a'e which %in)s to the =u' data=aseD .ideo wa%)throu'hsD +orumsD and the documentation wi)i the on%ine $ree#"( manua% a'es a %in) to ro+essiona% su ort <hese resources are discussed in more detai% in the ne5t section.
12.) Alert
$reeNA"1 ro.ides an a%ert s:stem to ro.ide a .isua% warnin' o+ an: conditions that reEuire administrati.e attention. <he A%ert =utton in the +ar ri'ht corner wi%% +%ash red when there is an outstandin' a%ert. In the e5am %e a%ert shown in $i'ure 12./a. one o+ the dis)s in a 0$" oo% is o++%ine which has de'raded the state o+ the oo%. Figure 12.)a: 7-a3!le Alert 4essage
In+ormationa% messa'es wi%% ha.e a 'reen -K whi%e messa'es reEuirin' attention wi%% =e %isted as a red CRI<ICA9. CRI<ICA9 messa'es wi%% a%so =e emai%ed to the root user account. I+ :ou are aware o+ a critica% condition =ut wish to remo.e the +%ashin' a%ert unti% :ou dea% with itD unchec) the =o5 ne5t to that messa'e. #ehind the scenesD an a%ert scri t chec)s +or .arious a%ert conditionsD such as .o%ume and dis) statusD and writes the current conditions to 2#ar2tm*2alert. A Ia.ascri t retrie.es the current a%ert status e.er: * minutes and wi%% chan'e the so%id 'reen a%ert icon to +%ashin' red i+ a new a%ert is detected. "ome o+ the conditions that tri''er an a%ert inc%udeK non;o tima% mu%ti ath states FreeNAS 9.2.1 Users Guide Page 2$9 of 280
!>" -N#A<<@9-W#A<< e.ent 0$" oo% status chan'es +rom H4A9<HF the s:stem is una=%e to =ind to the We=2!I Address set in ":stem N "ettin's N 2enera% the s:stem can not +ind an I> address con+i'ured on an i"C"I orta% the status o+ a 9"I Me'aRAI( "A" contro%%er has chan'edR m+iuti%A6B is inc%uded +or mana'in' these de.ices
1#.2 Foru3s
Another in+ormation source +or $reeNA"1 is the $orums. $orums contain user;contri=uted ti s and 'uides which ha.e =een cate'ori8edD ma)in' it an idea% resource i+ :ou wish to %earn more a=out a FreeNAS 9.2.1 Users Guide Page 2"0 of 280
certain as ect o+ $reeNA"1. A search=ar is inc%uded shou%d :ou wish to search =: )e:wordR a%ternate%:D :ou can c%ic) a cate'or: to =rowse throu'h the threads that e5ist +or that to ic. <he +o%%owin' cate'ories are a.ai%a=%e under Foru3 Infor3ation: $orum 2uide%inesK read this +irst =e+ore creatin' a +orum ost. AnnouncementsK su=scri=e to this +orum i+ :ou wish to recei.e announcements a=out new $reeNA"1 .ersions and +eatures. <he +o%%owin' cate'ories are a.ai%a=%e under &el! and Su!!ort: $reeNA" & N00=sK ost here i+ :ou are new to $reeNA"1 and are unsure which cate'or: =est matches :our Euestion. $eature ReEuestsK +or the discussion o+ u comin' +eatures. #u' Re ortin'K use this +orum i+ :ou thin) :ou ha.e +ound a =u' in $reeNA"1 and want to discuss it =e+ore creatin' a su ort tic)et. HardwareK +or the discussion o+ hardware and ti s +or 'ettin' the most out o+ :our hardware. !ser AuthenticationK 9(A> and Acti.e (irector:. "harin'K A$>D CI$"D N$"D and i"C"I. "tora'eK re %icationD sna shotsD .o%umesD and 0$". Networ)in'K networ)in' hardwareD "NM>D ""HD and <$<>. er+ormanceD %in) a''re'ationD 39ANsD ((N"D $<>D
Insta%%ationK insta%%in' he% or ad.ice =e+ore er+ormin' the insta%%ation. >%u'insK ro.ides a discussion area +or creatin' and trou=%eshootin' >#Is. <he +o%%owin' cate'ories are a.ai%a=%e under 8e,elo!3ent: $reeNA"K 'enera% de.e%o ment discussion. nano=sdK the em=edded o eratin' s:stem $reeNA"1 is =ased u on. (Ian'oK the we= +ramewor) used =: the $reeNA"1 'ra hica% administrati.e inter+ace. (oIo <oo%)itK the Ia.ascri t too%)it used to create wid'ets and hand%e c%ient side rocessin'. <he +o%%owin' cate'ories are a.ai%a=%e under &o0>*o Guides: Hac)in'K undocumented tric)s +or 'ettin' the most out o+ :our $reeNA"1 s:stem. Insta%%ationK s eci+ic insta%%ation scenarios Ahardware and@or so+twareB. Con+i'urationK s eci+ic con+i'uration scenarios Ae.'. so+tware or c%ient con+i'urationB. HardwareK instructions +or settin' u s eci+ic hardware. I+ :ou are %oo)in' +or ti s on how to test and increase the er+ormance o+ :our s:stemD chec) out the >er+ormance +orum.
<he +o%%owin' cate'ories are a.ai%a=%e under 'o33unit+ Foru3: -++;to icK want to discuss somethin' o+ interest to $reeNA"1 users =ut which is not necessari%: re%ated to $reeNA"1U <his is :our %ace. ResourcesK =%o'sD re.iewsD and other sources o+ $reeNA"1 in+ormation not %isted at +reenas.or'. IntroductionsK $reeNA"1 Communit: meet 'n 'reet ; introduce :ourse%+ and %et us )now who we are chattin' with. <he +o%%owin' %an'ua'e;s eci+ic cate'ories are a.ai%a=%e under InternationalD a%%owin' $reeNA"1 users to interact with each other in their nati.e %an'ua'eK (utch ; Neder%ands $rench ; $rancais 2erman ; (eutsch Ita%ian ; Ita%iano >ortu'uese ; >ortu'ubs Russian ; cdeefgh " anish W 4s ano% <ur)ish ; <ir)je I+ :ou wish to as) a Euestion on the +orumD :ou wi%% need to c%ic) the O"i'n ! NowSP %in) to create an account and %o'in usin' that account. When as)in' a Euestion on the +orumD it is im ortant that :ouK $irst chec) to see i+ the Euestion has a%read: =een as)ed. I+ :ou +ind a simi%ar EuestionD do not create a new thread. Instead use the ORe %:P %in) at the =ottom o+ the ost to add :our comments to the e5istin' thread. Re.iew the a.ai%a=%e cate'ories to see which one is most c%ose%: re%ated to :our Euestion. C%ic) on that cate'or: and use the O>ost New <hreadP =utton to o en the editor. A+ter t: in' :our ost and =e+ore :ou c%ic) the OCreate <hreadP =uttonD ma)e sure the OWatch this thread...P =o5 is chec)ed. I+ :ou want to =e noti+ied =: emai%D a%so chec) the Oand recei.e emai% noti+icationsP =o5. <hat wa: :ou wi%% =e noti+ied whene.er an:one answers :our Euestion.
As art o+ :our researchD er+orm the +o%%owin' ste sK (etermine i+ :ou are runnin' the %atest re%ease o+ $reeNA"1. $reeNA"1 de.e%o ers tend to +i5 =u's ra id%: and new +eatures are =ein' im %emented as $reeNA"1 matures. I+ :ou are not runnin' the %atest .ersionD it is Euite %i)e%: that the =u' has a%read: =een +i5ed or the missin' +eature has =een im %emented. I+ this is the caseD :our =est course o+ action is to =ac)u :our data and con+i'uration and er+orm an u 'rade to the %atest .ersion. I+ :ou are runnin' the %atest .ersionD use the search +eature to see i+ a simi%ar issue a%read: e5ists. I+ one doesD do not create a new issue. InsteadD add a comment to the e5istin' issue i+ :ou ha.e additiona% in+ormation to add. I+ a simi%ar issue does not a%read: e5istD )ee the +o%%owin' oints in mind as :ou create a new issueK 1. Fou wi%% need to re'ister +or an accountD con+irm :ou re'istration emai% addressD and =e %o''ed in =e+ore :ou can create a new issue. 2. In the <rac)er dro ;down menuD se%ect B!g i+ :ou are re ortin' a =u' or Feat!re i+ :ou are ma)in' a +eature reEuest. 3. In the "u=Iect +ie%dD inc%ude descri ti.e )e:words that descri=e the issue. <his is use+u% +or other users who search +or a simi%ar ro=%em. &. In the (escri tion sectionD descri=e the ro=%emD how to recreate itD and inc%ude the te5t o+ an: error messa'es. I+ :ou are reEuestin' a +eatureD descri=e the =ene+it ro.ided =: the +eature andD i+ a %ica=%eD ro.ide e5am %es o+ other roducts that use that +eature or the !R9 o+ the home a'e +or the so+tware. *. I+ :ou wou%d %i)e to inc%ude a screenshot or %o' o+ :our con+i'uration or errorD use the #rowse =utton ne5t to the $i%es +ie%d to u %oad the +i%e. ,. 9ea.e a%% o+ the other +ie%ds at their de+au%t .a%ues as these are used =: de.e%o ers as the: ta)e action on the issue. /. >ress the >re.iew %in) to read throu'h :our tic)et =e+ore su=mittin' it. Ma)e sure it inc%udes a%% o+ the in+ormation that someone e%se wou%d need to understand :our ro=%em or reEuest. -nce :ou are satis+ied with :our tic)etD c%ic) the Create <ic)et =utton to su=mit it. An emai% wi%% automatica%%: =e sent to the address :ou used when re'isterin' whene.er a comment or action occurs on :our issue.
1#.$ I2'
I+ :ou wish to as) a Euestion in Orea% timePD :ou can tr: the Qfreenas channe% on IRC $reenode. (e endin' u on the time o+ da: and :our time 8oneD a $reeNA"1 de.e%o er or other $reeNA"1 users ma: =e a.ai%a=%e to assist :ou. I+ :ou do not 'et an answer ri'ht awa:D remain on the channe% as other users tend to read the channe% histor: in order to answer Euestions as the: are a=%e to. <: ica%%:D an IRC c%ient is used to access the Qfreenas IRC channe%. A%ternate%:D :ou can access the we=chat .ersion o+ the channe% +rom a we= =rowser. <o 'et the most out o+ the IRC channe%D )ee the +o%%owin' oints in mindK (o not as) Ocan an:one he% meUPR insteadD Iust as) :our Euestion. I+ someone )nows the Page 2"# of 280
answerD the: wi%% tr: to assist :ou. (o not as) a Euestion and then %ea.e. !sers who )now the answer can not he% :ou i+ :ou disa ear. (o not ta)e it ersona%%: i+ no one answers or demand that someone answers :our Euestion. Ma:=e no one who )nows the answer is a.ai%a=%eD ma:=e :our Euestion is rea%%: hardD or ma:=e it is a Euestion that has a%read: =een answered man: times in the other su ort resources. <r: as)in' a'ain in a +ew hours or research the other resources to see i+ :ou ha.e missed an:thin'. (o not ost error messa'es in the channe% as the IRC so+tware wi%% ro=a=%: )ic) :ou out. InsteadD use a astin' ser.ice such as aste=in and aste the resu%tin' !R9 into the IRC discussion.
1$.1 I!erf
I er+ is a uti%it: +or measurin' ma5imum <C> and !(> =andwidth er+ormance. It can =e used to chart networ) throu'h ut o.er time. $or e5am %eD :ou can use it to test the s eed o+ di++erent t: es o+ shares to determine which t: e =est er+orms on :our networ). $reeNA"1 inc%udes the I er+ ser.er. <o er+orm networ) testin'D :ou wi%% need to insta%% an I er+ c%ient on a des)to s:stem that has networ) access to the $reeNA"1 s:stem. <his section wi%% demonstrate how to use the 5I er+ 2!I c%ient as it wor)s on WindowsD Mac -" 7D 9inu5D and #"( s:stems. "ince this c%ient is Ia.a =asedD :ou wi%% a%so need to insta%% the a ro riate CR4 +or the c%ient o eratin' s:stem. 9inu5 and #"( users wi%% need to insta%% the i er+ ac)a'e usin' their o eratin' s:stem's ac)a'e mana'ement s:stem. <o start 5I er+ on WindowsK un8i the down%oaded +i%eD start Command >rom t in Run as administrator modeD cd to the un8i ed +o%derD and run @!erf.(at. <o start 5I er+ on Mac -" 7D 9inu5D or #"(D un8i the down%oaded +i%eD cd to the un8i ed director:D t: e c 3od uV- @!erf.s D and run .E@!erf.s . -nce the c%ient is read:D :ou need to start the I er+ ser.er on $reeNA"1. <o see the a.ai%a=%e ser.er o tionsD o en "he%% and t: eK
iperf --help | more Usage: iperf [-s|-c host] [options] iperf [-h|--help] [-v|--version]
Client/Server: -f, --format [kmKM] format to report: Kbits, Mbits, KBytes, MBytes -i, --interval # seconds between periodic bandwidth reports -l, --len #[KM] length of buffer to read or write (default 8 KB) -m, --print_mss print TCP maximum segment size (MTU - TCP/IP header) -o, --output <filename> output the report or error message to this specified file -p, --port # server port to listen on/connect to -u, --udp use UDP rather than TCP -w, --window #[KM] TCP window size (socket buffer size) -B, --bind <host> bind to <host>, an interface or multicast address -C, --compatibility for use with older versions does not sent extra msgs -M, --mss # set TCP maximum segment size (MTU - 40 bytes) -N, --nodelay set TCP no delay, disabling Nagle's Algorithm -V, --IPv6Version Set the domain to IPv6 Server specific: -s, --server -U, --single_udp -D, --daemon Client specific: -b, --bandwidth #[KM]
run in server mode run in single threaded UDP mode run the server as a daemon
for UDP, bandwidth to send at in bits/sec (default 1 Mbit/sec, implies -u) -c, --client <host> run in client mode, connecting to <host> -d, --dualtest Do a bidirectional test simultaneously -n, --num #[KM] number of bytes to transmit (instead of -t) -r, --tradeoff Do a bidirectional test individually -t, --time # time in seconds to transmit for (default 10 secs) -F, --fileinput <name> input the data to be transmitted from a file -I, --stdin input the data to be transmitted from stdin -L, --listenport # port to receive bidirectional tests back on -P, --parallel # number of parallel client threads to run -T, --ttl # time-to-live, for multicast (default 1) -Z, --linux-congestion <algo> set TCP congestion control algorithm (Linux only) Miscellaneous: -x, --reportexclude [CDMSV] exclude C(connection) D(data) M(multicast) S(settings) V(server) reports -y, --reportstyle C report as a Comma-Separated Values -h, --help print this message and quit -v, --version print version information and quit [KM] Indicates options that support a K or M suffix for kilo- or megaThe TCP window size option can be set by the environment variable TCP_WINDOW_SIZE. Most other options can be set by an environment variable IPERF_<long option name>, such as IPERF_BANDWIDTH.
$or e5am %eD to er+orm a <C> test and start the ser.er in daemon mode Aso that :ou 'et :our rom t =ac)BD t: eK
iperf -sD -----------------------------------------------------------Server listening on TCP port 5001 TCP window size: 64.0 KByte (default)
-----------------------------------------------------------Running Iperf Server as a daemon The Iperf daemon process ID: 4842
N6*7: i+ :ou c%ose "he%%D the daemon rocess wi%% sto . Ha.e :our en.ironment setu Ae.'. shares con+i'ured and startedB be*ore startin' the i er+ rocess. $rom :our des)to D o en the c%ient. In ut the I> o+ address o+ the $reeNA"1 s:stemD s eci+: the runnin' time +or the test under A %ication %a:er o tions N <ransmit Athe de+au%t test time is 10 secondsBD and c%ic) the Run I er+S =utton. $i'ure 1&.1a shown an e5am %e o+ the c%ient runnin' on a Windows s:stem whi%e an "$<> trans+er is occurrin' on the networ). Figure 1$.1a: ?ie0ing 5and0idt Statistics Using -@!erf
(e endin' u on the tra++ic =ein' tested Ae.'. the t: e o+ share runnin' on :our networ)BD :ou ma: need to test !(> instead o+ <C>. <o start the i er+ ser.er in !(> modeD use i!erf >s8u as the u s eci+ies !(>R the startu messa'e shou%d indicate that the ser.er is %istenin' +or !(> data'rams. I+ :ou are not sure i+ the tra++ic that :ou wish to test is !(> or <C>D run this command to determine which ser.ices are runnin' on the $reeNA"1 s:stemK FreeNAS 9.2.1 Users Guide Page 2") of 280
sockstat USER root root www www www root root root root root root root root root root root root root root root
-4 | more COMMAND iperf iperf nginx nginx nginx sshd python mountd mountd rpcbind rpcbind rpcbind nginx python python python ntpd ntpd ntpd syslogd
PID 4870 4842 4827 4827 4827 3852 2503 2363 2363 2359 2359 2359 2044 2029 2029 2029 1548 1548 1548 1089
FD 6 6 3 5 7 5 5 7 8 9 10 11 7 3 4 7 20 22 25 6
PROTO udp4 tcp4 tcp4 tcp4 tcp4 tcp4 udp4 udp4 tcp4 udp4 udp4 tcp4 tcp4 udp4 tcp4 tcp4 udp4 udp4 udp4 udp4
LOCAL ADDRESS *:5001 *:5001 127.0.0.1:15956 192.168.2.11:80 *:80 *:22 *:* *:812 *:812 *:111 *:886 *:111 *:80 *:* 127.0.0.1:9042 127.0.0.1:9042 *:123 192.168.2.11:123 127.0.0.1:123 127.0.0.1:514
FOREIGN ADDRESS *:* *:* 127.0.0.1:9042 192.168.2.26:56964 *:* *:* *:* *:* *:* *:* *:* *:* *:* *:* *:* 127.0.0.1:15956 *:* *:* *:* *:*
When :ou are +inished testin'D either t: e 9illall i!erf or c%ose "he%% to terminate the i er+ ser.er rocess.
1$.2 Net!erf
Net er+ is a =enchmar)in' uti%it: that can =e used to measure the er+ormance o+ unidirectiona% throu'h ut and end;to;end %atenc:. #e+ore :ou can use the net!erf commandD :ou must start its ser.er rocess usin' this commandK
netserver Starting netserver with host 'IN(6)ADDR_ANY' port '12865' and family AF_UNSPEC
<he +o%%owin' command wi%% dis %a: the a.ai%a=%e o tions +or er+ormin' tests with the net!erf command. <he Net er+ Manua% descri=es each o tion in more detai% and e5 %ains how to er+orm man: t: es o+ tests. It is the =est re+erence +or understandin' how each test wor)s and how to inter ret :our resu%ts. When :ou are +inished with :our testsD t: e 9illall netser,er to sto the ser.er rocess.
netperf -h |more Usage: netperf [global options] -- [test options] Global options: -a send,recv Set the local send,recv buffer alignment -A send,recv Set the remote send,recv buffer alignment -B brandstr Specify a string to be emitted with brief output -c [cpu_rate] Report local CPU usage -C [cpu_rate] Report remote CPU usage -d Increase debugging output -D [secs,units] * Display interim results at least every secs seconds using units as the initial guess for units per second -f G|M|K|g|m|k Set the output units -F fill_file Pre-fill buffers with data from fill_file -h Display this text
testlen name|ip,fam * send,recv send,recv numcpu port,lport* 0|1 seconds testname lcpu,rcpu verbosity send,recv level
Specify the target machine and/or local ip and family Specify the max and min number of iterations (15,1) Specify confidence level (95 or 99) (99) and confidence interval in percentage (10) Keep additional timing statistics Specify test duration (>0 secs) (<0 bytes|trans) Specify the local ip|name and address family Set the local send,recv buffer offsets Set the remote send,recv buffer offset Set the number of processors for CPU util Establish no control connection, do 'send' side only Specify netserver port number and/or local port Don't/Do display test headers Allow confidence to be hit on result only Wait seconds between test setup and test start Set SO_KEEPALIVE on the data connection Specify test to perform Request netperf/netserver be bound to local/remote cpu Specify the verbosity level Set the number of send,recv buffers Set the verbosity level (default 1, min 0) Display the netperf version and exit
For those options taking two parms, at least one must be specified; specifying one value without a comma will set both parms to that value, specifying a value with a leading comma will set just the second parm, a value with a trailing comma will set just the first. To set each parm to unique values, specify both and separate them with a comma. * For these options taking two parms, specifying one value with no comma will only set the first parms and will leave the second at the default value. To set the second value it must be preceded with a comma or be a comma-separated pair. This is to retain previous netperf behaviour.
1$.# I6=one
I-8one is a dis) and +i%es:stem =enchmar)in' too%. It can =e used to test +i%e I@- er+ormance +or the +o%%owin' o erationsK readD writeD re;readD re;writeD read =ac)wardsD read stridedD +readD +writeD random readD readD mma D aioGreadD and aioGwrite. $reeNA"1 shi s with I-8oneD meanin' that it can =e run +rom "he%%. When usin' I-8one on $reeNA"1D cd to a director: in a .o%ume that :ou ha.e ermission to write toD otherwise :ou wi%% 'et an error a=out =ein' una=%e to write the tem orar: +i%e. #e+ore usin' I-8oneD read throu'h the I-8one documentation >($ as it descri=es the testsD the man: command %ine switchesD and how to inter ret :our resu%ts. I+ :ou ha.e ne.er used this too% =e+oreD these resources ro.ide 'ood startin' oints on which tests to runD when to run themD and how to inter ret the resu%tsK How <o Measure 9inu5 $i%es:stem I@- >er+ormance With io8one Ana%:8in' N$" C%ient >er+ormance with I-8one 10 io8one 45am %es +or (is) I@- >er+ormance Measurement on 9inu5
Fou can recei.e a summar: o+ the a.ai%a=%e switches =: t: in' the +o%%owin' command.
iozone -h | more iozone: help mode Usage: iozone[-s filesize_Kb] [-r record_size_Kb] [-f [path]filename] [-h] [-i test] [-E] [-p] [-a] [-A] [-z] [-Z] [-m] [-M] [-t children] [-l min_number_procs] [-u max_number_procs] [-v] [-R] [-x] [-o] [-d microseconds] [-F path1 path2...] [-V pattern] [-j stride] [-T] [-C] [-B] [-D] [-G] [-I] [-H depth] [-k depth] [-U mount_point] [-S cache_size] [-O] [-L cacheline_size] [-K] [-g maxfilesize_Kb] [-n minfilesize_Kb] [-N] [-Q] [-P start_cpu] [-e] [-c] [-b Excel.xls] [-J milliseconds] [-X write_telemetry_filename] [-w] [-W] [-Y read_telemetry_filename] [-y minrecsize_Kb] [-q maxrecsize_Kb] [-+u] [-+m cluster_filename] [-+d] [-+x multiplier] [-+p # ] [-+r] [-+t] [-+X] [-+Z] [-+w percent dedupable] [-+y percent_interior_dedup] [-+C percent_dedup_within] -a Auto mode -A Auto2 mode -b Filename Create Excel worksheet file -B Use mmap() files -c Include close in the timing calculations -C Show bytes transferred by each child in throughput testing -d # Microsecond delay out of barrier -D Use msync(MS_ASYNC) on mmap files -e Include flush (fsync,fflush) in the timing calculations -E Run extension tests -f filename to use -F filenames for each process/thread in throughput test -g # Set maximum file size (in Kbytes) for auto mode (or #m or #g) -G Use msync(MS_SYNC) on mmap files -h help -H # Use POSIX async I/O with # async operations -i # Test to run (0=write/rewrite, 1=read/re-read, 2=random-read/write 3=Read-backwards, 4=Re-write-record, 5=stride-read, 6=fwrite/re-fwrite 7=fread/Re-fread, 8=random_mix, 9=pwrite/Re-pwrite, 10=pread/Re-pread 11=pwritev/Re-pwritev, 12=preadv/Re-preadv) -I Use VxFS VX_DIRECT, O_DIRECT,or O_DIRECTIO for all file operations -j # Set stride of file accesses to (# * record size) -J # milliseconds of compute cycle before each I/O operation -k # Use POSIX async I/O (no bcopy) with # async operations -K Create jitter in the access pattern for readers -l # Lower limit on number of processes to run -L # Set processor cache line size to value (in bytes) -m Use multiple buffers -M Report uname -a output -n # Set minimum file size (in Kbytes) for auto mode (or #m or #g) -N Report results in microseconds per operation -o Writes are synch (O_SYNC) -O Give results in ops/sec. -p Purge on -P # Bind processes/threads to processors, starting with this cpu -q # Set maximum record size (in Kbytes) for auto mode (or #m or #g) -Q Create offset/latency files -r # record size in Kb or -r #k .. size in Kb or -r #m .. size in Mb
or -r #g .. size in Gb -R Generate Excel report -s # file size in Kb or -s #k .. size in Kb or -s #m .. size in Mb or -s #g .. size in Gb -S # Set processor cache size to value (in Kbytes) -t # Number of threads or processes to use in throughput test -T Use POSIX pthreads for throughput tests -u # Upper limit on number of processes to run -U Mount point to remount between tests -v version information -V # Verify data pattern write/read -w Do not unlink temporary file -W Lock file when reading or writing -x Turn off stone-walling -X filename Write telemetry file. Contains lines with (offset reclen compute_time) in ascii -y # Set minimum record size (in Kbytes) for auto mode (or #m or #g) -Y filename Read telemetry file. Contains lines with (offset reclen compute_time) in ascii -z Used in conjunction with -a to test all possible record sizes -Z Enable mixing of mmap I/O and file I/O -+E Use existing non-Iozone file for read-only testing -+K Sony special. Manual control of test 8. -+m Cluster_filename Enable Cluster testing -+d File I/O diagnostic mode. (To troubleshoot a broken file I/O subsystem) -+u Enable CPU utilization output (Experimental) -+x # Multiplier to use for incrementing file and record sizes -+p # Percentage of mix to be reads -+r Enable O_RSYNC|O_SYNC for all testing. -+t Enable network performance test. Requires -+m -+n No retests selected. -+k Use constant aggregate data set size. -+q Delay in seconds between tests. -+l Enable record locking mode. -+L Enable record locking mode, with shared file. -+B Sequential mixed workload. -+A # Enable madvise. 0 = normal, 1=random, 2=sequential 3=dontneed, 4=willneed -+N Do not truncate existing files on sequential writes. -+S # Dedup-able data is limited to sharing within each numerically identified file set -+V Enable shared file. No locking. -+X Enable short circuit mode for filesystem testing ONLY ALL Results are NOT valid in this mode. -+Z Enable old data set compatibility mode. WARNING.. Published hacks may invalidate these results and generate bogus, high values for results. -+w ## Percent of dedup-able data in buffers. -+y ## Percent of dedup-able within & across files in buffers. -+C ## Percent of dedup-able within & not across files in buffers. -+H Hostname Hostname of the PIT server. -+P Service Service of the PIT server. -+z Enable latency histogram logging.
As :ou can see +rom the num=er o+ o tionsD I-8one is com rehensi.e and it ma: ta)e some time to %earn how to use the tests e++ecti.e%:. N6*7: i+ :ou re+er to .isua%i8e the co%%ected dataD scri ts are a.ai%a=%e to render I-8one's out ut in 2nu %ot.
1$.$ arcstat
Arcstat is a scri t that rints out 0$" ARC statistics. -ri'ina%%: it was a er% scri t created =: "un. <hat er% scri t was orted to $ree#"( and was then orted as a >:thon scri t +or use on $reeNA"1. Watchin' ARC hits@misses and ercenta'es wi%% ro.ide an indication o+ how we%% :our 0$" oo% is +etchin' +rom the ARC rather than usin' dis) I@-. Idea%%:D :ou want as man: thin's +etchin' +rom cache as ossi=%e. Kee :our %oad in mind as :ou re.iew the stats. $or random readsD e5 ect a miss and ha.in' to 'o to dis) to +etch the data. $or cached readsD e5 ect it to u%% out o+ the cache and ha.e a hit. 9i)e a%% cache s:stemsD the ARC ta)es time to +i%% with data. <his means that it wi%% ha.e a %ot o+ misses unti% the oo% has =een in use +or a whi%e. I+ there continues to =e %ots o+ misses and hi'h dis) I@- on cached readsD there is cause to in.esti'ate +urther and tune the s:stem. <he $ree#"( 0$" <unin' 2uide ro.ides some su''estions +or common%: tuned s+sctl .a%ues. It shou%d =e noted that er+ormance tunin' is more o+ an art than a science and that an: chan'es :ou ma)e wi%% ro=a=%: reEuire se.era% iterations o+ tune and test. #e aware that what needs to =e tuned wi%% .ar: de endin' u on the t: e o+ wor)%oad and that what wor)s +or one erson's networ) ma: not =ene+it :ours. In articu%arD the .a%ue o+ re;+etchin' de ends u on the amount o+ memor: and the t: e o+ wor)%oadD as seen in these two e5am %esK !nderstandin' 0$"K >re+etch 0$" re+etch a%'orithm can cause er+ormance draw=ac)s 1$.$.1 Using t e Scri!ts
$reeNA"1 ro.ides two command %ine scri ts which an =e manua%%: run +rom "he%%K arc:su33ar+.!+: ro.ides a summar: o+ the statistics arcstat.!+: used to watch the statistics in rea% time <he ad.anta'e o+ these scri ts is that the: can =e used to ro.ide rea% time Ari'ht nowB in+ormationD whereas the current 2!I re ortin' mechanism is desi'ned to on%: ro.ide 'ra hs charted o.er time. <his +orum ost demonstrates some e5am %es o+ usin' these scri ts with hints on how to inter ret the resu%ts. <o .iew the he% +or arcstat. :K
arcstat.py -h Usage: arcstat [-hvx] [-f fields] [-o file] [-s string] [interval [count]] -h: Print this help message -v: List all possible field headers and definitions -x: Print extended stats
-f: Specify specific fields to print (see -v) -o: Redirect output to the specified file -s: Override default field separator with custom character or string Examples: arcstat -o /tmp/a.log 2 10 arcstat -s "," -o /tmp/a.log 2 10 arcstat -v arcstat -f time,hit%,dh%,ph%,mh% 1
<o .iew ARC statistics in rea% timeD s eci+: an inter.a% and a count. <his command wi%% dis %a: e.er: 1 second +or a count o+ +i.e.
arcstat.py 1 5 time read 06:19:03 0 06:19:04 0 06:19:05 0 06:19:06 0 06:19:07 0 miss 0 0 0 0 0 miss% 0 0 0 0 0 dmis 0 0 0 0 0 dm% 0 0 0 0 0 pmis 0 0 0 0 0 pm% 0 0 0 0 0 mmis 0 0 0 0 0 mm% 0 0 0 0 0 arcsz 425K 425K 425K 425K 425K c 6.6G 6.6G 6.6G 6.6G 6.6G
<his command ro.ides a =rie+ descri tion o+ the +ie%ds in the out utK
arcstat.py -v System Memory: 2.00% 156.36 MiB Active, 39.49% 3.02 GiB Wired, 56.97% 4.35 GiB Free, Real Installed: Real Available: Real Managed: Logical Total: Logical Used: Logical Free: Kernel Memory: Data: Text: Kernel Memory Map: Size: Free: ARC Summary: (HEALTHY) Storage pool Version: Filesystem Version: Memory Throttle Count: ARC Misc: Deleted: Recycle Misses: Mutex Misses: Evict Skips: ARC Size: Target Size: (Adaptive) Min Size (Hard Limit): Max Size (High Water): ARC Size Breakdown: Recently Used Cache Size: Frequently Used Cache Size: ARC Hash Breakdown: Elements Max:
1.49% 116.70 MiB Inact 0.03% 2.53 MiB Cache 0.02% 1.23 MiB Gap 8.00 GiB 98.65% 7.89 GiB 96.83% 7.64 GiB 8.00 GiB 44.12% 3.53 GiB 55.88% 4.47 GiB 226.69 MiB 90.16% 204.39 MiB 9.84% 22.31 MiB 7.64 GiB 22.56% 1.72 GiB 77.44% 5.92 GiB 5000 5 0 0 0 0 0 28.39% 100.00% 12.50% 8:1 50.30% 49.70%
1.89 GiB 6.64 GiB 850.23MiB 6.64 GiB 3.34 GiB 3.30GiB 258.19k
Elements Current: 100.00% Collisions: Chain Max: Chains: ARC Total accesses: Cache Hit Ratio: 99.94% Cache Miss Ratio: 0.06% Actual Hit Ratio: 99.86% Data Demand Efficiency: 100.00% Data Prefetch Efficiency: 100.00% CACHE HITS BY CACHE LIST: Anonymously Used: 0.02% Most Recently Used: 2.70% Most Frequently Used: 97.22% Most Recently Used Ghost: 0.06% Most Frequently Used Ghost: 0.00% CACHE HITS BY DATA TYPE: Demand Data: 88.26% Prefetch Data: 0.27% Demand Metadata: 11.47% Prefetch Metadata: 0.00% CACHE MISSES BY DATA TYPE: Demand Data: 0.00% Prefetch Data: 0.00% Demand Metadata: 9.76% Prefetch Metadata: 90.24% File-Level Prefetch: (HEALTHY)DMU Efficiency: Hit Ratio: 80.03% Miss Ratio: 19.97% Colinear: Hit Ratio: 0.00% Miss Ratio: 100.00% Stride: Hit Ratio: 100.00% Miss Ratio: 0.00% DMU Misc: Reclaim: Successes: 0.08% Failures: 99.92% Streams: +Resets: 0.00% -Resets: 100.00% Bogus: ZFS Tunable (sysctl): kern.maxusers vm.kmem_size vm.kmem_size_scale vm.kmem_size_min vm.kmem_size_max vfs.zfs.l2c_only_size vfs.zfs.mfu_ghost_data_lsize vfs.zfs.mfu_ghost_metadata_lsize vfs.zfs.mfu_ghost_size vfs.zfs.mfu_data_lsize vfs.zfs.mfu_metadata_lsize vfs.zfs.mfu_size vfs.zfs.mru_ghost_data_lsize
258.19k 157.63k 8 79.46k 2.25m 2.25m 1.38k 2.25m 1.99m 6.11k 353 60.83k 2.19m 1.34k 13 1.99m 6.11k 258.29k 0 0 0 135 1.25k 10.16m 8.13m 2.03m 2.03m 91 2.03m 8.06m 8.06m 0 2.03m 1.65k 2.03m 72.11k 0 72.11k 0 384 8205963264 1 0 329853485875 0 623119872 348672 623468544 302145536 8972288 326883328 769186304
vfs.zfs.mru_ghost_metadata_lsize vfs.zfs.mru_ghost_size vfs.zfs.mru_data_lsize vfs.zfs.mru_metadata_lsize vfs.zfs.mru_size vfs.zfs.anon_data_lsize vfs.zfs.anon_metadata_lsize vfs.zfs.anon_size vfs.zfs.l2arc_norw vfs.zfs.l2arc_feed_again vfs.zfs.l2arc_noprefetch vfs.zfs.l2arc_feed_min_ms vfs.zfs.l2arc_feed_secs vfs.zfs.l2arc_headroom vfs.zfs.l2arc_write_boost vfs.zfs.l2arc_write_max vfs.zfs.arc_meta_limit vfs.zfs.arc_meta_used vfs.zfs.arc_min vfs.zfs.arc_max vfs.zfs.dedup.prefetch vfs.zfs.mdcomp_disable vfs.zfs.nopwrite_enabled vfs.zfs.zfetch.array_rd_sz vfs.zfs.zfetch.block_cap vfs.zfs.zfetch.min_sec_reap vfs.zfs.zfetch.max_streams vfs.zfs.prefetch_disable vfs.zfs.no_scrub_prefetch vfs.zfs.no_scrub_io vfs.zfs.resilver_min_time_ms vfs.zfs.free_min_time_ms vfs.zfs.scan_min_time_ms vfs.zfs.scan_idle vfs.zfs.scrub_delay vfs.zfs.resilver_delay vfs.zfs.top_maxinflight vfs.zfs.write_to_degraded vfs.zfs.mg_noalloc_threshold vfs.zfs.mg_alloc_failures vfs.zfs.condense_pct vfs.zfs.metaslab.weight_factor_enable vfs.zfs.metaslab.preload_enabled vfs.zfs.metaslab.preload_limit vfs.zfs.metaslab.unload_delay vfs.zfs.metaslab.load_pct vfs.zfs.metaslab.min_alloc_size vfs.zfs.metaslab.df_free_pct vfs.zfs.metaslab.df_alloc_threshold vfs.zfs.metaslab.debug_unload vfs.zfs.metaslab.debug_load vfs.zfs.metaslab.gang_bang vfs.zfs.ccw_retry_interval vfs.zfs.check_hostid vfs.zfs.deadman_enabled vfs.zfs.deadman_checktime_ms vfs.zfs.deadman_synctime_ms
8935424 778121728 1127638016 30442496 1274765312 0 0 279040 1 1 1 200 1 2 8388608 8388608 1783055360 594834472 891527680 7132221440 1 0 1 1048576 256 2 8 0 0 0 3000 1000 1000 50 4 2 32 0 0 8 200 0 1 3 8 50 10485760 4 131072 0 0 131073 300 1 1 5000 1000000
vfs.zfs.recover vfs.zfs.txg.timeout vfs.zfs.max_auto_ashift vfs.zfs.vdev.cache.bshift vfs.zfs.vdev.cache.size vfs.zfs.vdev.cache.max vfs.zfs.vdev.trim_on_init vfs.zfs.vdev.write_gap_limit vfs.zfs.vdev.read_gap_limit vfs.zfs.vdev.aggregation_limit vfs.zfs.vdev.scrub_max_active vfs.zfs.vdev.scrub_min_active vfs.zfs.vdev.async_write_max_active vfs.zfs.vdev.async_write_min_active vfs.zfs.vdev.async_read_max_active vfs.zfs.vdev.async_read_min_active vfs.zfs.vdev.sync_write_max_active vfs.zfs.vdev.sync_write_min_active vfs.zfs.vdev.sync_read_max_active vfs.zfs.vdev.sync_read_min_active vfs.zfs.vdev.max_active vfs.zfs.vdev.larger_ashift_minimal vfs.zfs.vdev.bio_delete_disable vfs.zfs.vdev.bio_flush_disable vfs.zfs.vdev.trim_max_pending vfs.zfs.vdev.trim_max_bytes vfs.zfs.cache_flush_disable vfs.zfs.zil_replay_disable vfs.zfs.sync_pass_rewrite vfs.zfs.sync_pass_dont_compress vfs.zfs.sync_pass_deferred_free vfs.zfs.zio.use_uma vfs.zfs.snapshot_list_prefetch vfs.zfs.version.ioctl vfs.zfs.version.zpl vfs.zfs.version.spa vfs.zfs.version.acl vfs.zfs.debug vfs.zfs.super_owner vfs.zfs.trim.enabled vfs.zfs.trim.max_interval vfs.zfs.trim.timeout vfs.zfs.trim.txg_delay
When readin' the tuna=%e .a%uesD 0 means noD 1 t: ica%%: means :esD and an: other num=er re resents a .a%ue. <o recei.e a =rie+ descri tion o+ a s+sctl .a%ueD use s+sctl >d. $or e5am %eK
sysctl -d vfs.zfs.zio.use_uma vfs.zfs.zio.use_uma: Use uma(9) for ZIO allocations
<he 0$" tuna=%es reEuire a +air understandin' o+ how 0$" wor)sD meanin' that :ou wi%% =e readin' man a'es and searchin' +or the meanin' o+ acron:ms :ou are un+ami%iar with. Do %ot cha%#e a t!%ableG$ 'al!e -itho!t re$earchi%# it *ir$t. I+ the tuna=%e ta)es a numeric .a%ue Arather than 0 +or no or 1 +or :esBD do not ma)e one u . InsteadD research e5am %es o+ =ene+icia% .a%ues that match :our wor)%oad. FreeNAS 9.2.1 Users Guide Page 2%% of 280
I+ :ou decide to chan'e an: o+ the 0$" tuna=%esD continue to monitor the s:stem to determine the e++ect o+ the chan'e. It is recommended that :ou test :our chan'es +irst at the command %ine usin' s+sctl. $or e5am %eD to disa=%e re;+etch Ai.e. chan'e disa=%e to 1 or :esBK
sysctl vfs.zfs.prefetch_disable=1 vfs.zfs.prefetch_disable: 0 -> 1
<he out ut wi%% indicate the o%d .a%ue +o%%owed =: the new .a%ue. I+ the chan'e is not =ene+icia%D chan'e it =ac) to the ori'ina% .a%ue. I+ the chan'e turns out to =e =ene+icia%D :ou can ma)e it ermanent =: creatin' a tuna=%e.
1$." A88
7(( is a uti%it: which ro.ides accurate and detai%ed measurements o+ dis) I@- er+ormance. <his section ro.ides some usa'e e5am %es. <: e the name o+ the command without an: o tions to see its usa'eK
xdd Usage: xdd command-line-options -align [target <target#>] <#bytes> -blocksize [target <target#>] <#bytes/block> -combinedout <filename> -createnewfiles [target <target#>] -csvout <filename> -datapattern [target <target#>] <c> |random|sequenced|ascii <asciistring>|hex <hexdigits>|replicate -delay #seconds -deletefile [target <target#>] -deskew -devicefile -dio [target <target#>] -errout <filename> -fullhelp -heartbeat # -id "string" | commandline -kbytes [target <target#>] <#> -lockstep <mastertarget#> <slavetarget#> <time|op|percent|mbytes|kbytes> # <time| op|percent|mbytes|kbytes># <wait|run> <complete|stop> -lockstepoverlapped -maxall -maxerrors # -maxpri -mbytes [target <target#>] <#> -minall -nobarrier -nomemlock -noproclock -numreqs [target <target#>] <#> -operation [target <target#>] read|write -output <filename> -passes # -passoffset [target <target#>] <#blocks> -preallocate [target <target#>] <#blocks> -processlock -processor target# processor#
-queuedepth #cmds -qthreadinfo -randomize [target <target#>] -readafterwrite [target #] trigger <stat|mp> |lag <#> | reader <hostname>|port <#> -reallyverbose -recreatefiles [target <target#>] -reopen [target <target#>] -reportthreshold [target #] <#.#> -reqsize [target <target#>] <#blocks> -roundrobin # or 'all' -runtime #seconds -rwratio [target <target#>] <ratio> -seek [target <target#>] save <filename> |load <filename> |disthist #buckets | seekhist #buckets|sequential|random|range #blocks|stagger|interleave #blocks|seed # | none -setup filename -sgio -sharedmemory [target <target#>] -singleproc # -startdelay [target <target#>]#.#seconds -startoffset [target <target#>] # -starttime #seconds -starttrigger <target#> <target#> <<time|op|percent|mbytes|kbytes> #> -stoptrigger <target#> <target#> <<time|op|percent|mbytes|kbytes> #> -syncio # -syncwrite [target <target#>] -target filename -targetdir [target <target#>] <directory_name> -targetoffset # -targets # filename filename filename... -or- -targets -# filename -targetstartdelay #.#seconds -throttle [target <target#>] <ops|bw|var> <#.#ops | #.#MB/sec | #.#var> -timelimit [target <target#>] <#seconds> -timerinfo -timeserver <host hostname | port # | bounce #> -ts [target <target#>] summary|detailed|wrap|oneshot|size #|append|output <filename>|dump <filename>|triggertime <seconds>|triggerop <op#> -verbose -verify [target <target#>] location|contents -version
<his test wi%% write seEuentia%%: +rom two e5istin' tar'et +i%esD 2mnt2tank2B8HF8;.1 and 2mnt2tank2B8HF8;.2. It starts at the =e'innin' o+ each +i%e usin' a +i5ed reEuest si8e o+ 126 =%oc)s with *12 =:tes er =%oc) unti% it has read 20&6 M#D at which time it wi%% end the current ass and roceed to the ne5t ass. It wi%% do this 3 times and dis %a: er+ormance in+ormation +or each ass. <he com=ined er+ormance o+ =oth de.ices is ca%cu%ated and dis %a:ed at the end o+ the run. -nce the test is +inishedD :ou can test the read er+ormance =: chan'in' the >o! to read. Fou can a%so test read or write o erations on a s eci+ied dis). Re %ace 2de#2ada0 with the de.ice name +or the dis) :ou wish to test.
xdd op read targets 1 /dev/ada0 reqsize 128 -mbytes 64 passes 3 verbose
I+ :ou use the same switches o+tenD create a setu +i%e and re+er to it with the >setu! switch. $or e5am %eD in a writa=%e %ocation Ae.'. .o%ume or datasetB create a (dd.set!* +i%e containin' this %ineK
reqsize 128 -mbytes 64 passes 3 verbose
<his random I@- test wi%% read +rom the tar'et de.ice at some random %ocation usin' a +i5ed reEuest si8e o+ 6 =%oc)s unti% it has read 1, M#. It wi%% do this 3 times and dis %a: er+ormance in+ormation +or each ass. "ince this is a random I@- atternD the read reEuests are distri=uted o.er a ran'e o+ &D000D000 =%oc)s. <his is use+u% in constrainin' the area o.er which the random %ocations are chosen +rom. <he same see) %ocations are used +or each ass in order to 'enerate re roduci=%e resu%ts. In +actD u on each in.ocation o+ -dd usin' the same arametersD the same random %ocations are 'enerated each time. <his a%%ows the user to chan'e the dis) or startin' o++set and o=ser.e the e++ects. <he random %ocations ma: =e chan'ed +rom ass to ass within an -dd run =: usin' the >rando3i=e o tion which 'enerates a new set o+ %ocations +or each ass. <he random %ocations ma: =e chan'ed +rom run to run usin' the K$ee0 seed o tion to s eci+: a di++erent random num=er 'eneration seed .a%ue +or each in.ocation o+ -dd.
1$.% t0:cli
$reeNA"1 inc%udes the t0:cli command %ine uti%it: +or ro.idin' contro%%erD %o'ica% unitD and dri.e mana'ement +or AMCC@3ware A<A RAI( Contro%%ers. <he su orted mode%s are %isted in the man a'es +or the tweA&B and twaA&B dri.ers. #e+ore usin' this commandD read its man a'e as it descri=es the termino%o': and ro.ides some usa'e e5am %es. I+ :ou t: e t0:cli in "he%%D the rom t wi%% chan'eD indicatin' that :ou ha.e entered interacti.e mode where :ou can run a%% sorts o+ maintenance commands on the contro%%er and its arra:s. A%ternate%:D :ou can s eci+: one command to run. $or e5am %eD to .iew the dis)s in the arra:K
tw_cli /c0 show Unit UnitType Status %RCmpl %V/I/M Stripe Size(GB) Cache AVrfy -----------------------------------------------------------------------------u0 RAID-6 OK 256K 5587.88 RiW ON u1 SPARE OK 931.505 OFF u2 RAID-10 OK 256K 1862.62 RiW ON VPort Status Unit Size Type Phy Encl-Slot Model -----------------------------------------------------------------------------p8 OK u0 931.51 GB SAS /c0/e0/slt0 SEAGATE ST31000640SS p9 OK u0 931.51 GB SAS /c0/e0/slt1 SEAGATE ST31000640SS p10 OK u0 931.51 GB SAS /c0/e0/slt2 SEAGATE ST31000640SS p11 OK u0 931.51 GB SAS /c0/e0/slt3 SEAGATE ST31000640SS p12 OK u0 931.51 GB SAS /c0/e0/slt4 SEAGATE ST31000640SS p13 OK u0 931.51 GB SAS /c0/e0/slt5 SEAGATE ST31000640SS p14 OK u0 931.51 GB SAS /c0/e0/slt6 SEAGATE ST31000640SS
p15 OK u0 931.51 GB SAS /c0/e0/slt7 SEAGATE ST31000640SS p16 OK u1 931.51 GB SAS /c0/e0/slt8 SEAGATE ST31000640SS p17 OK u2 931.51 GB SATA /c0/e0/slt9 ST31000340NS p18 OK u2 931.51 GB SATA /c0/e0/slt10 ST31000340NS p19 OK u2 931.51 GB SATA /c0/e0/slt11 ST31000340NS p20 OK u2 931.51 GB SATA /c0/e0/slt15 ST31000340NS Name OnlineState BBUReady Status Volt Temp Hours LastCapTest --------------------------------------------------------------------------bbu On Yes OK OK OK 212 03-Jan-2012
I+ :ou add some dis)s to the arra: and the: are not showin' u in the 2!ID tr: runnin' the +o%%owin' commandK
tw_cli /c0 rescan
!se the dri.es to create units and e5 ort them to the o eratin' s:stem. When +inishedD run ca3control rescan all and the: shou%d now =e a.ai%a=%e in the $reeNA"1 2!I. <his +orum ost contains a hand: wra er scri t that wi%% noti+: :ou o+ errors.
1$.) 4ega'li
4ega'li is the command %ine inter+ace +or the 9"I Me'aRAI( "A" +ami%: o+ RAI( contro%%ers. $reeNA"1 a%so inc%udes the m+iuti%A6B uti%it: which can =e used to con+i'ure and mana'e connected stora'e de.ices. <he 4ega'li command is Euite com %e5 with se.era% do8en o tions. Whi%e it is +u%%: documented in this &&2 a'e >($D the commands demonstrated in the 4mer'enc: Cheat "heet can 'et :ou started.
1$.8 freenas>de(ug
<he $reeNA"1 2!I ro.ides an o tion to sa.e de=u''in' in+ormation to a te5t +i%e usin' ":stem N "ettin's N Ad.anced N "a.e (e=u'. <his de=u''in' in+ormation is created =: the freenas>de(ug command %ine uti%it: and a co : o+ the in+ormation is sa.ed to 2#ar2tm*2fnde$!g. !sin' "he%%D :ou can run this command manua%%: to 'ather the s eci+ic de=u''in' in+ormation that :ou need. <o see the a.ai%a=%e o tionsD t: eK
freenas-debug usage: /usr/local/bin/freenas-debug <options> Where options is: -e A list of comma delimited list of email addresses to email the debug log to. -a Dump Active Directory Configuration -c Dump (AD|LDAP) Cache -g Dump GEOM configuration -h Dump Hardware Configuration -I Dump IPMI Configuration -i Dump iSCSI Configuration -l Dump LDAP Configuration -T Loader Configuration Information -n Dump Network Configuration -N Dump NFS Configuration -s Dump SSL Configuration -y Dump Sysctl Configuration -t Dump System Information -z Dump ZFS configuration Output will be saved to /var/tmp/fndebug
$or e5am %eD i+ :ou are trou=%eshootin' :our Acti.e (irector: con+i'urationD tr: the +o%%owin' commands to 'enerate and .iew the de=u' +i%eK
freenas-debug -a more /var/tmp/fndebug
1$.9 t3utmu5 is a termina% mu%ti %e5er which ena=%es a num=er o+ termina%s to =e createdD accessedD and contro%%ed +rom a sin'%e screen. tmu5 is an a%ternati.e to 2N! screen. "imi%ar to screenD tmu5 can =e detached +rom a screen and continue runnin' in the =ac)'roundD then %ater reattached. <o start a sessionD sim %: t: e t3u-. As seen in $i'ure 1&.9aD a new session with a sin'%e window wi%% o en with a status %ine at the =ottom o+ the screen. <his %ine shows in+ormation on the current session FreeNAS 9.2.1 Users Guide Page 2)1 of 280
<o create a second windowD ress 'trl $ then I. <o c%ose a windowD t: e e-it within the window. tmu5A1B %ists a%% o+ the )e: =indin's and commands +or interactin' with t3u- windows and sessions. I+ :ou c%ose "he%% whi%e t3u- is runnin'D it wi%% detach its session. <he ne5t time :ou o en "he%%D run t3u- attac to return to the re.ious session. <o %ea.e the t3u- session entire%:D t: e e-itR i+ :ou ha.e mu%ti %e windows runnin'D :ou wi%% need to e-it out o+ each +irst.
1$.10 83idecode
(midecode re orts hardware in+ormation as re orted =: the s:stem #I-". (midecode does not scan the hardwareD it on%: re orts what the #I-" to%d it to. A sam %e out ut can =e seen here. <o .iew the #I-" re ortD t: e the command with no ar'umentsK
dmidecode | more
<he %oca%i8ations $reeNA"1 users ha.e reEuested are %isted a% ha=etica%%: on the %e+t. I+ :our %an'ua'e is missin' and :ou wou%d %i)e to he% in its trans%ationD send an emai% to the trans%ations mai%in' %ist so it can =e added. <he 'reen =ar in the -.era%% Com %etion co%umn indicates the ercenta'e o+ $reeNA"1 menus that ha.e =een %oca%i8ed. I+ a %an'ua'e is not at 100LD it means that the menus that current%: are not trans%ated wi%% a ear in 4n'%ish instead o+ in that %an'ua'e. I+ :ou wish to he% %oca%i8e :our %an'ua'eD :ou shou%d +irst Ioin the trans%ations mai%in' %ist and introduce :ourse%+ and which %an'ua'eAsB :ou can assist with. <his wi%% a%%ow :ou to meet other .o%unteers as we%% as )ee a=reast o+ an: notices or u dates that ma: e++ect the trans%ations. Fou wi%% a%so need to c%ic) on the Re'ister %in) in order to create a >oot%e %o'in account. <he +irst time :ou %o' into the $reeNA"1 >oot%e inter+aceD :ou wi%% =e rom ted to se%ect :our %an'ua'e so that :ou can access that %an'ua'e's trans%ation whene.er :ou %o'in. A%ternate%:D :ou can c%ic) the Home %in) to see the status o+ a%% o+ the %an'ua'es. <o wor) on a trans%ationD c%ic) the %in) +or the %an'ua'e N c%ic) the $reeNA"1 %in) +or the roIect N c%ic) the %in) +or 9CGM4""A24" N and c%ic) the %in) +or dIan'o. o. 4.er: te5t %ine a.ai%a=%e in the 2!I menu screens has =een assi'ned a strin' num=er. I+ :ou c%ic) the num=erD an editor wi%% o en where :ou can trans%ate the te5t. In the e5am %e shown in $i'ure 1*.1=D a user has se%ected strin' num=er &, in the 2erman trans%ationR the other strin's in the screenshot ha.e a%read: =een trans%atedK Figure 1".1(: Using t e Pootle Interface to 7dit a *ranslation String
"im %: t: e in the trans%ated te5t and c%ic) the "u=mit =utton to sa.e :our chan'e.
!sers who wish to create their own custom I"- +or testin' ur oses can down%oad and com i%e the %atest $reeNA"1 source +rom the 'ithu= re ositor:. In order to =ui%d :our own testin' sna shotD :ou wi%% need to insta%% $ree#"( 9.2 in a .irtua% en.ironment or on a test s:stem. I+ :ou are usin' a .irtua% en.ironmentD a ,&;=it s:stem with at %east & 2# o+ RAM is recommended. (own%oad and insta%% the $ree#"( .ersion Ai36, or amd,&B that matches the architecture that :ou wish to =ui%d. A+ter =ootin' into the new%: insta%%ed $ree#"( s:stemD =ecome the su eruser At: e su and enter the root user's asswordB and run the +o%%owin' commands. $irstD insta%% the so+tware :ou'%% need and re+resh :our ath so it is aware o+ the new =inariesK
pkg_add pkg_add pkg_add pkg_add rehash -r -r -r -r git-subversion cdrtools python27 pbi-manager
Chan'e to the director: where :ou wou%d %i)e to store the $reeNA"1 sourceD down%oad the sourceD then chan'e to the director: containin' the down%oaded sourceK
cd /usr/local git clone --depth 1 git://github.com/freenas/freenas.git cd freenas
Fou are now read: to =ui%d the ima'e usin' the instructions in this R4A(M4.
<hose commands insta%% the =inar: ac)a'es and add the new =inaries to the user's ath. I+ a ac)a'e is not a.ai%a=%eD com i%e the ort instead. Ne5tD down%oad a %oca% co : o+ the $reeNA"1 source code +rom 'ithu=. Run this command in the director: which wi%% store the %oca% co :K
cd /usr/local git clone --depth 1 git://github.com/freenas/freenas.git
<his wi%% create a su=director: ca%%ed freenas which contains the c%oned source. -nce the s:stem has a %oca% co :D it can =e u dated as needed =: runnin' this command within freenasK
git pull
>oint a we= =rowser to 2!sr2lo'al2freenas2do's2a*i2,$!ild2html2inde(.html to .iew the documentation. As seen in the e5am %e in $i'ure 1,.1aD the resources are %aid out in an order that is simi%ar to the tree menu o+ the $reeNA"1 2!I.
=ein' created. <he te5t in =%ac) shou%d remain as;is. A+ter sa.in' :our chan'esD run the scri t =: t: in' !+t on scri!tna3e.!+. I+ a%% 'oes we%%D the new user account wi%% a ear in Account N !sers N 3iew !sers in the $reeNA"1 2!I. Here is the e5am %e scri t with %ine num=ers. (o %ot inc%ude the %ine num=ers in :our scri t. InsteadD re+er to the %ine num=ers in the e5 %anation =e%ow.
1: import json 2: import requests 3: r = requests.post( 4: 'https://freenas.mydomain/api/v1.0/account/users/', 5: auth=('root', 'freenas'), 6: headers={'Content-Type': 'application/json'}, 7: verify=False, 8: data=json.dumps({ 9: 'bsdusr_uid': '1100', 10: 'bsdusr_username': 'myuser', 11: 'bsdusr_mode': '755', 12: 'bsdusr_creategroup': 'True', 13: 'bsdusr_password': '12345', 14: 'bsdusr_shell': '/usr/local/bin/bash', 15: 'bsdusr_full_name': 'Full Name', 16: 'bsdusr_email': 'name@provider.com', 17: }) 18: ) 19: print r.text
WhereK <ines 1>2: im ort the >:thon modu%es used to ma)e H<<> reEuests and hand%e data in C"-N +ormat. <ine $: re %ace freenas.mydomain with the MHostnameM .a%ue in ":stem N ":stem In+ormation. Note that :our scri t wi%% +ai% i+ the machine runnin' the scri t is not a=%e to reso%.e that hostname. I+ :ou are not usin' H<<>" to access the $reeNA"1 s:stemD chan'e htt*s to htt*. <ine ": re %ace freenas with the assword that :ou use to access the $reeNA"1 s:stem. <ine ): i+ :ou are usin' H<<>" and want to +orce .a%idation o+ the ""9 certi+icateD chan'e False to ?r!e. <ines 8>1%: sets the .a%ues +or the user =ein' created. <he M!sersM resourceD +ound in freenas2do's2a*i2,$!ild2html2reso!r'es2a''o!nt.htmlQ!sersD descri=es this resource in more detai%. <he a%%owed arameters are %isted in the MCson >arametersM section o+ that resource. "ince this resource creates a $ree#"( userD the .a%ues that :ou in ut must =e .a%id +or a $ree#"( user account. <a=%e 1,.2a summari8es the .a%id .a%ues. "ince this resource is usin' C"-ND the ossi=%e =oo%ean .a%ues are ?r!e or False. *a(le 1%.2a: ?alid IS6N Para3eters for Users 'reate 2esource IS6N Para3eter *+!e =sdusrGusername strin' 8escri!tion ma5imum 32 charactersD thou'h a ma5imum o+ 6 is recommended +or intero era=i%it:R can inc%ude numera%s =ut can not inc%ude a s ace ma: contain s aces and u ercase characters can inc%ude a mi5 o+ u er and %owercase %ettersD charactersD and Page 2)8 of 280
8escri!tion num=ers =: con.entionD user accounts ha.e an I( 'reater than 1000 with a =sdusrGuid inte'er ma5imum a%%owa=%e .a%ue o+ ,*D*3* i+ $sd!sr,'reategro!* is set to FalseD s eci+: the numeric I( o+ the =sdusrG'rou inte'er 'rou to create i+ set to ?r!eD a rimar: 'rou with the same numeric I( as $sd!sr,!id =sdusrGcreate'rou =oo%ean wi%% =e automatica%%: created =sdusrGmode strin' sets de+au%t numeric !NI7 ermissions o+ user's home director: =sdusrGshe%% strin' s eci+: +u%% ath to a !NI7 she%% that is insta%%ed on the s:stem =sdusrG asswordGd =oo%ean i+ set to ?r!eD user is not a%%owed to %o'in isa=%ed =sdusrG%oc)ed =oo%ean i+ set to ?r!eD user is not a%%owed to %o'in =sdusrGsudo =oo%ean i+ set to ?r!eD sudo is ena=%ed +or the user N6*7: when usin' =oo%ean .a%uesD C"-N returns raw %owercase .a%ues whereas >:thon uses u ercase .a%ues. <his means that :ou shou%d use ?r!e or False in :our >:thon scri ts e.en thou'h the e5am %e C"-N res onses in the A>I documentation are dis %a:ed as tr!e or false.
It then creates a Start!* c%ass which is started with the hostnameD usernameD and assword ro.ided =: the user .ia the command %ineK
class Startup(object): def __init__(self, hostname, user, secret): self._hostname = hostname self._user = user self._secret = secret self._ep = 'http://%s/api/v1.0' % hostname def request(self, resource, method='GET', data=None): if data is None: data = r = requests.request( method, '%s/%s/' % (self._ep, resource),
data=json.dumps(data), headers={'Content-Type': "application/json"}, auth=(self._user, self._secret), ) if r.ok: try: return r.json() except: return r.text raise ValueError(r)
A ,get,disks method is de+ined to 'et a%% the dis)s in the s:stem as a disk,name res onse. <he 'reate,*ool method wi%% then use this in+ormation to create a 0$" oo% named tank which wi%% =e created as a stri e. <he #ol!me,name and layo!t C"-N arameters are descri=ed in the "tora'e 3o%ume resource o+ the A>I documentation.
def _get_disks(self): disks = self.request('storage/disk') return [disk['disk_name'] for disk in disks] def create_pool(self): disks = self._get_disks() self.request('storage/volume', method='POST', data={ 'volume_name': 'tank', 'layout': [ {'vdevtype': 'stripe', 'disks': disks}, ], })
<he 'reate,'ifs,share method is used to share 2mnt2tank2<yShare with 'uest;on%: access ena=%ed. <he 'ifs,nameD 'ifs,*athD 'ifs,g!estonly C"-N arametersD as we%% as the other a%%owa=%e arametersD are descri=ed in the "harin' CI$" resource o+ the A>I documentation.
def create_cifs_share(self): self.request('sharing/cifs', method='POST', data={ 'cifs_name': 'My Test Share', 'cifs_path': '/mnt/tank/MyShare', 'cifs_guestonly': True })
$ina%%:D the ser#i'e,start method issues a command to ena=%e the CI$" ser.ice. <he sr#,ena$le C"-N arameter is descri=ed in the "er.ices "er.ices resource.
def service_start(self, name): self.request('services/services/%s' % name, method='PUT', data={ 'srv_enable': True, })