Advice on setting up shares

[ThomasHall]

I just got myself a HP MicroServer Gen10 and have been experimenting with FreeNAS a bit in preparation for turning it into a NAS/file server for home use. Since this is the first time I've worked with network sharing at all, I could use some help with setting it all up.

My situation is as follows. I've got the FreeNAS box which will have 2x4TB mirrored disks and 1xSSD as scratch drive. I have a W10 desktop, a RPi that will be used as a smart-TV with openELEC or similar, and an Android phone. I also plan on using an Ubuntu server VM on FreeNAS.

The two must-haves here is that the desktop and the VM needs to have access to both the storage and the scratch drives. The VM will be running torrents occasionally, using the SSD for downloads and then moving them to the storage on completion. I may also be using the SSD for other temporary stuff, like unpacking files etc. For the desktop, I'm hoping to use it as a replacement for internal drives I currently use, and to give it access to both storage and scratch drives as if they were local drives.
The RPi and phone is of lesser importance, but I'd very much like for both of them to be able to access the store as well, and for the phone, from outside my network if possible (I have a public IP and can forward whatever ports are necessary).

My thinking is that I'll be using NFS for greater compatibility over different devices since I'm not sure how well SMB is supported on non-Windows and W10 now has a NFS client. I also hear it's a lot quicker. What I've done so far is basically install FreeNAS on the server and created a mirrored pool with 2 dataset ("store" and "VMs") on it. I've installed a clean Ubuntu server 16.04 (newer versions had issues) VM with a disk under the VMs dataset. I've also created an NFS share pointing to the store dataset and created a couple of text files on the share from the FreeNAS shell. I can mount the share in W10 on my computer, but trying to do anything with it just gives me the error that the files are locked. I haven't tried on the VM yet, nor on any other device.

So that's the background, which brings me to my questions:

1. Is this a workable setup in theory, i.e. can I do what I want based on what I described above?
2. Ideally I'd want certain devices on my network (i.e. desktop and RPi) to not have to authenticate when connecting to the share every time, while unknown devices and devices from outside the network would have to use a password. Can this be solved by using multiple shares pointing to the same store, with one being restricted by IPs and the other by password?
3. How should I set up permissions for the share for it to work? I realize this is a very broad question, but I simply don't have the experience with this kind of thing to be able to ask something more specific, and I'm somewhat confused in general by how the cross-platform permissions work. Allowing external devices to access the data is obviously the weak point in this, so worst-case scenario, I can drop that requirement and only allow known devices on my network access. I'll probably be back for more on this one as I go.

Like I said, I'm fairly new to all this, so any help is much appreciated.

 

[anodos]

My thinking is that I'll be using NFS for greater compatibility over different devices since I'm not sure how well SMB is supported on non-Windows and W10 now has a NFS client. I also hear it's a lot quicker.

SMB is very well-supported in Linux. In many ways it is quickly becoming the one filesharing protocol to rule them all.

 

[ThomasHall]

SMB is very well-supported in Linux. In many ways it is quickly becoming the one filesharing protocol to rule them all.

Okay, but how is SMB performance-wise? I often handle a lot of images, and from what I've read NFS handles many small files much better than SMB does, so I'm a bit worried it'll be a poor choice for my use-case. Ideally I'd want the performance as close as possible to my current solution where my desktop uses internal disks. Even if SMB works fine for Windows, does it perform well for other systems as well? I assume that mixing NFS/SMB on the same shares is not a good idea if multiple devices want to do things at the same time.

 

[anodos]

Okay, but how is SMB performance-wise? I often handle a lot of images, and from what I've read NFS handles many small files much better than SMB does, so I'm a bit worried it'll be a poor choice for my use-case.

How many is a lot? The problem that people see in SMB shares is an issue with directory listing performance for directories containing large numbers of files the exact number where it becomes an issue is hard to say maybe thousands or tens of thousands. There are some non-default choices you can make in 11.2 to significantly mitigate the issue (remove zfsacl and zfs_space from VFS objects for the share and replace with 'ixnas'). More complete mitigations will be default in 11.3.

Even if SMB works fine for Windows, does it perform well for other systems as well?

Assuming relatively modern Linux, yes. It probably performs on-par with Windows.

I assume that mixing NFS/SMB on the same shares is not a good idea if multiple devices want to do things at the same time.

I put some rudimentary auto-detection for mixed shares in 11.3. There most likely be decreased performance for SMB clients in this situation, but it should be somewhat safer. In 11.2 the default SMB shares have oplocks enabled and strict locking disabled. This is somewhat less than ideal for having a mixed-protocol dataset.

That said, if you run into performance issues in SMB, you can switch to using NFS instead. They're both file-based protocols. In 11.3 we're adding an ACL manager to make it simpler to strip out the SMB-related ACLs.

 

[ThomasHall]

How many is a lot? The problem that people see in SMB shares is an issue with directory listing performance for directories containing large numbers of files the exact number where it becomes an issue is hard to say maybe thousands or tens of thousands. There are some non-default choices you can make in 11.2 to significantly mitigate the issue (remove zfsacl and zfs_space from VFS objects for the share and replace with 'ixnas'). More complete mitigations will be default in 11.3.

It is in the ten-thousand range, though not necessarily all at once. We're talking digitalized family photos over the last 50 years here, and not just from immediate family either. Videos too, but those are fewer and less of a concern. I don't have an exact count because my parents (and others) for example have some of them, I have some, and there's overlap for many of them as well, but rough estimate maybe 30k total and probably not very well sorted. Getting things organized is part of the reason for this whole project to begin with, and unfortunately that involves a lot of manual inspection where I would very much like it if searching, sorting and loading of files to sort out duplicates and try to categorize them, maybe thousands at a time, is somewhat efficient. I suppose it doesn't have to squeeze out every drop of performance possible, but if there's a significant difference between different protocols, I'd rather pick the better one.

Assuming relatively modern Linux, yes. It probably performs on-par with Windows.

The clients involved will be W10 computers, android phone(s), an RPi running as a smart-TV (openELEC or similar), and either a FreeBSD jail (though that wouldn't use NFS/SMB I suppose) or a Ubuntu server VM on FreeNAS. The only ones I worry about performance with is W10 and the jail/VM, as large video files is apparently not an issue for SMB more than NFS for RPi and the phone is likely not going to be handling a lot of large files either way.

I'm a little concerned about the VM solution though, since I suspect you have to access the pool via NFS/SMB, but maybe there are optimizations built-in for that kind of scenario? I know ESXi has a lot of tricks and shortcuts for internal networking. The idea is to use it as a download/torrent client, so it'll write downloads to an SSD and then transfer it to the storage pool on completion. My test VM is running 16.04 since I couldn't get 17 to work (black screen on boot) and 18 is being... odd. When I first installed 18 everything worked fine, but then when I reinstalled it it refused to get past the EFI boot, either complaining that the disk was not EFI or just going straight to the shell, and none of the fixes I've read about worked (how am I supposed to boot into the OS and copy boot files if there's not even a boot file to load manually?).

A FreeBSD jail with direct access to the pool, which I assume it has if I understand how jails work correctly, might be better in that case, but, well, I don't really like FreeBSD and a lot of software packages seems to be way behind in the ports (for example, a torrent client I looked at was at 1.3 or something while the Ubuntu version was 2.x).

I put some rudimentary auto-detection for mixed shares in 11.3. There most likely be decreased performance for SMB clients in this situation, but it should be somewhat safer. In 11.2 the default SMB shares have oplocks enabled and strict locking disabled. This is somewhat less than ideal for having a mixed-protocol dataset.

Ah, well, I'd like to avoid it either way due to administrative overhead. I'm having enough trouble getting one to work without also using the other and the issues from having both at once.

That said, if you run into performance issues in SMB, you can switch to using NFS instead. They're both file-based protocols. In 11.3 we're adding an ACL manager to make it simpler to strip out the SMB-related ACLs.

Okay, I might give SMB a try then and see how it works out. I'll probably be back for help with setting permissions once I've experimented a bit and concluded I have no idea what I'm doing. ;)