Cobia SMB and NFSv4 Compatibility Profile

[RandomPrecision]

Per the Cobia 23.10 Release Announcement, it says:

SMB and NFSv4 Compatibility:
Sharing the same datasets via SMB and NFS requires the two protocols to have compatible ACLs, permissions, and locks. These capabilities have gradually been added to SCALE, and with this version, the final piece of a common locking mechanism with NFSv4 has been added. This is a selectable profile within SMB sharing and can be enabled if desired.

Is there any more info/detailed documentation on this new feature?

If I'm interpreting it correctly, it sounds like something that would be suitable for my use-case: I have home directories on my TrueNAS system, and I need to access my home directory on both Linux and Windows. I could of course use SMB/CIFS for both platforms, but I've been trying to use NFS for Linux and SMB for Windows. It mostly works, but there are some quirks, and I've never felt confident that I actually configured everything ideally.

But poking around in the TrueNAS GUI, I don't see anything obvious that talks about the SMB + NFSv4 compatibility mentioned in the release announcement.

 

[Kris Moore]

Per the Cobia 23.10 Release Announcement, it says:


Is there any more info/detailed documentation on this new feature?

Yep, right here:

Multiprotocol Shares

Provides instructions on setting up SMB and NFSv4 mixed-mode shares.

www.truenas.com

If I'm interpreting it correctly, it sounds like something that would be suitable for my use-case: I have home directories on my TrueNAS system, and I need to access my home directory on both Linux and Windows. I could of course use SMB/CIFS for both platforms, but I've been trying to use NFS for Linux and SMB for Windows. It mostly works, but there are some quirks, and I've never felt confident that I actually configured everything ideally.

But poking around in the TrueNAS GUI, I don't see anything obvious that talks about the SMB + NFSv4 compatibility mentioned in the release announcement.

That is exactly what it is for, when you want to run SMB/NFSv4 to share-out the same dataset between different clients. Give those docs a read and let us know if you run into any troubles!

 

[RandomPrecision]

Yep, right here:

Multiprotocol Shares

Provides instructions on setting up SMB and NFSv4 mixed-mode shares.

www.truenas.com

Great, thank you!

A few follow-up questions:

• Is it a hard requirement to join the TrueNAS server to an Active Directory domain? Or is that just a best practice suggestion?
• Similarly, is it a hard requirement for NFS to be secured with Kerberos?
• If I create a new dataset, indeed I do see the "Share Type" parameter (which "Multiprotocol" as an option); however, this option does not show for existing datasets. Is there any way to apply this setting to existing datasets? Or do I have to create a new dataset, and copy the data from the old dataset?

Thanks!

 

[anodos]

Great, thank you!

A few follow-up questions:

• Is it a hard requirement to join the TrueNAS server to an Active Directory domain? Or is that just a best practice suggestion?
• Similarly, is it a hard requirement for NFS to be secured with Kerberos?
• If I create a new dataset, indeed I do see the "Share Type" parameter (which "Multiprotocol" as an option); however, this option does not show for existing datasets. Is there any way to apply this setting to existing datasets? Or do I have to create a new dataset, and copy the data from the old dataset?

Thanks!

> Similarly, is it a hard requirement for NFS to be secured with Kerberos?
Only if you care about security for the data. Kerberos ensures authentication and authorization (identity).
Allowing random NFS clients access to your data without robust authentication or authorization is not a great idea. No kerberos can be fine if you are using other security mechanisms to restrict which clients can access the NAS (very environment-dependent).

> Is there any way to apply this setting to existing datasets?
This is just a preset some of settings are create-time only (like forcing case-sensitive). It sets NFSv4 acltype with PASSTHROUGH aclmode, and a default ACL.

Doing these things will address some, but not all issues users may have when doing concurrent multiprotocol access. Onus, as always, is on the system administrator to understand details of protocols and applications accessing data and make appropriate design decisions for network storage.