Help to verify update to FreeNAS solution home office.

[syhaunguyen]

Hi Everyone this is my first post on the forums, I have done a lot of reading before decided to update my home office.

I know Freenas a few weeks ago and see how good it is. Very flexible to extend hard drivers data safe event hardware dies,... I would like to use FreeNAS for my home office to save all the data there. Our data is very important, it's projects we do for our customer( confidential, must save local network)

My Situation:
We are using the Windows server 2016 environment. I run a hardware design team services in there. I also use this windows server to share the folder with our team in the local network and over the internet via PPTP VPN(PPTP run in my Asus router). So I can not move away from Microsoft. But I want to use FreeNAS!

My solution:

I have a good deal for R620 and T720XD here, but I am going with R620 to reduce noise in my small department.

Dell R620 - 8 x 2.5" variant
CPU: Intel Xeon E5 2670 20M Cache, 2.60 GHz 8 core 16th
Memory: 4 x Samsung 16 GB DDR3-1600 ECC Memory = Total 64GB, i can update later
Storage: SSD for OS install and HDD for storage, any suggestion for 2.5" hard driver? It seems not too much choice.
Power Supply: 2x 750W standard from dell

There are 8 Hard driver can insert to the backplane then my plan is:
- Use Dell PERC H710M and run RAID 1 to install Windows server and Freenas on Hyper-V, two HDD left in SAS-A, I am going to use for backup and cachecade.
- Disconnect the SAS-B connector then use SFF-8087 to SFF-8087 to connect 4 HDD in the backplane to LSI SAS 9211-8i and create a RAIDZ-2.

Image below to explain my ideas, sorry my english is not good. I try to read a lot from the forum to update my own business system.

hope you guys got my idea, I have some question please help if any.
1. Use FreeNAS as storage to share file, folder. Is it OK to run it on Hyper-V? I do not need the highest performance of FreeNas but need its stable, reliability.
2. My idea to separate HDD backplane is OK?

If NO. I will be going to build new base metal to run FreeNAS. BUT it takes money and more noise in my department.

I am not an IT guy, but I really love to build home servers, home networks. Putting data into the safest space is my goal. So please help the best solution for me if you have any better idea to live with windows environment :)

Thank you.

 

[artlessknave]

is there a problem you are trying to solve by bringing freenas into this mix? trying to virtualize adds a complexity that, from what I can see here, may not accomplish much.
that said, the biggest problem I can see is if hyper-V can do PCI passthrough and if hyperV will run freebsd; if it can, it looks like your plan is pretty well thought out, though your total storage space is going to be fairly limited. I know of no reason the backplane split wouldnt work other than if it was a single expander, which it shouldnt be with SASA/B.
you write "T720XD " is an option but I think you mean "R720XD "?
I don't think going 1u is exactly going to reduce noice, often the 40mm fans are WAY louder to make up for being so small, in addition to massively cramping your storage options. I would seriously consider the r720xd instead for drastically more flexibility.
of course, both the r620 and r720 would be even more ideal, but if you have cost/space/noise limitations, I think the r720 would be the best choice, unless of course it's drastically more expensive (like double the price)
(btw, your written English is quite understandable)

 

[syhaunguyen]

Thank @artlessknave for your comment.

I am going to buy R620 or R720XD and my plan to set it up like above, I asked sales, he said R720XD provide more noise so I decided to get R620. The price is not too different about 50 to $100 only.

I am going to check if Hyper V can do PCI passthrough or not, Could you please let me know the question if possible? If no, I will try to another plan.

Thank you,

 

[Tsaukpaetra]

It appears that Hyper-V passthrough is possible with caveats. You'll need to have a processor that supports the latest VT-d virtualization, and whatever device you pass through must become dedicated to the VM (i.e. you can't split half of the ports of the backplane between host and guest, it's all or nothing per PCI device).

Some information here: https://devblogs.microsoft.com/scri...er-v-vms-by-using-discrete-device-assignment/

Depending on what you do with your Server 2016, it might be sensible to flip the setup and put that in the VM instead. With the latest improvements coming in FreeNAS 11.3, I've put my primary Domain Controller as a VM in FreeNAS and everything works quite well, but if you're using more than 16 cores or have extra hardware in your Server 2016 perhaps that might not be the right direction.

 

[syhaunguyen]

Thank @Tsaukpaetra ,
It's too much knowledge from you.
The application we need in the Windows server runs base on the Firebird database and 6 core CPU is fine, I will try to test it on VM inside FreeNas. I think that is a better option.

One more question i would like to ask you guys. new server use dell perc H710 Mini. Is there any problem or risky in the future if I create a raid with one hard drive. is This step make FreeNAS can see the hard drivers? Then I can create Vdev from them.

 

[artlessknave]

It appears that Hyper-V passthrough is possible with caveats. You'll need to have a processor that supports the latest VT-d virtualization, and whatever device you pass through must become dedicated to the VM (i.e. you can't split half of the ports of the backplane between host and guest, it's all or nothing per PCI device).

in his original design he is splitting the backplane by using 2 entire controllers (h710m+9211-8i ), so I'm pretty sure this doesn't apply.

Hyper V can do PCI passthrough or not

I have never used hyper-V myself, so I just don't know the answer, however, it would be crazy of them not to since all the other hypervisors do to some level.

One more question i would like to ask you guys. new server use dell perc H710 Mini. Is there any problem or risky in the future if I create a raid with one hard drive. is This step make FreeNAS can see the hard drivers? Then I can create Vdev from them.

I not sure I fully understand the question, but you can't make a "Redundant Rrray of Inexpensive Disks" with only 1 disk, the whole concept of RAID requires 2 disks at the minimum. many controllers either have "jbod" or "raid0" modes, but most of the time these are bad ideas to mix with zfs; you do not want to run zfs on top of anything RAID - zfs is an all-in-one solution that replaces RAID controllers, file systems, volume managers, file verification programs, cache programs, etc, and requires direct access to the drives.

too many jbod and raid0 modes still add metadata and obfuscation to the disk that hide important things like disk health and SMART status that confuses zfs and is known to murder pools. if the h710 has IT firmware, you can flash it, but since you aren't yet sure of your design, just get the 9211, then you have both options to test with and decide your final build.

if you are using freenas as the host, unplug the h710 and use the 9211-8i for both backplane ports. you will have access to all 8 drives in freenas and can make whatever number of pools you want.

(note that the 9211 and I think the h710, are SAS2 only, so you will be unable to use speeds over 6gb/s, though this is realistically only a concern for if you were to upgade to SSDs)

 

[blanchet]

If you do no have a dedicated room for your DELL R620, your team will have to wear noise reduction headsets to work close the server for hours.
If you want to keep the server in the office, a DELL Tower server (for example the DELL T420 or DELL T620) is more suitable because they are quieter
(and they support 3.5" disks).

 

[artlessknave]

DELL Tower server

this is a valid point but may change the internals of the server enough that the stated plan doesn't work. I'm not familiar with the tower versions myself so could provide no insight, although the same general guidposts should still apply.

 

[syhaunguyen]

I was thinking about the tower server, new tower server is too expensive if I go with more core. 2nd market here not have too much choice for a tower. I saw some reviews R620 not too noise when It completes starting up.

SAS2 is enough . is it can be 3gbps? still higher than our network 1gbps :) So I am happy with that speed.
Our application can fit with a tower build, but I really like to go enterprise level so I will try with R620 hope everything will fine :)

Thank you guys for helping me here. I will show our build soon with FreeNAS.

 

[artlessknave]

1gbps

SAS2/SATAIII is 6Gb/s(~768MB/s), though most HDD's usually max around 1Gb/s (~128MB/s) due to platter physical limitations. SAS 10k/15k RPM drives can be faster, but i don't think they reach the 6Gbp/s layer either. consumer SSD's are often 3000MB/s, which is double SAS3 12Gb/s (1500MB/s) and quadruple SATAIII, but even then for most things SAS2+SSD would be more than sufficient.

dell tower servers are generally more specialized and I don't think they are as common, but they are still enterprise level, they are just not rackmount.

 

[Tsaukpaetra]

Is there any problem or risky in the future if I create a raid with one hard drive

I'm going to assume you mean "create a hardware RAID and expose it to FreeNAS as a single disk".

If so, this would obviate the most important feature of a a NAS, and especially one such as FreeNAS: taking care of your data.

FreeNAS prefers to talk to your drives as closely as possible, so if you're hiding them with hardware into a virtual disk it can't properly monitor or manage them. There should be some tutorials and guides around that will explain more in depth, but the more raw of a connection FreeNAS has to your drives the better.

As mentioned above, you'll want to give FreeNAS as much control over your drives as possible, and then create your RAID in FreeNAS. You'll have better performance and more flexibility in the long run.

 

[Jessep]

over the internet via PPTP VPN(PPTP run in my Asus router).

Before I read the rest please rethink this choice. PPTP isn't secure. Here is a PDF to explain I found from a quick search.
https://www.giac.org/paper/gcih/337/microsoft-pptp-vpn-vulnerabilities-exploits-action/103605

 

[artlessknave]

PPTP isn't secure.

er. I don't really use VPN's at the router level, but from my understanding, it doesn't matter if PPTP is secure, that's what the VPN is for...isn't it?
also, from what I understand, most people using PPTP are using it because they have no better option available to them, not because they want to.

 

[Tsaukpaetra]

it doesn't matter if PPTP is secure, that's what the VPN is for

PPTP is the transport behind the VPN (unless you're saying you're using a VPN and from there PPTP-ing somewhere? That doesn't make sense to me though). Just because it's called "VPN" doesn't mean it's secure; all VPN means is that the computers connecting into it are connected to each other across a different connection (usually the Internet) such that they believe they are locally "next to" one another in the network.

In your case, it would probably be much more effective to set up a better VPN server (maybe your soon-to-be FreeNAS machine? ;)) and port-forward the necessary ports on your router to it. The fact that you have a Server 2016 machine and license demonstrates that money isn't the problem here, and IMO you should seek to upgrade ASAP. Some enlightening information available here.

from what I understand, most people using PPTP are using it because they have no better option available to them

This is very difficult to believe, not that I'm saying you're lying, but I think it's more a matter of education than unavailability. OpenVPN is available for all major computing devices and most everything else, many things support it out of the box with minimal configuration (once you know what you're doing or follow one of the numerous tutorials).

Simply put, if you have the resources to consider a server, you have the resources to consider a free software suite that will help actually protect you from intrusion.

 

[artlessknave]

not that I'm saying you're lying

that seems...unnecessary to even include, as a simple google search shows that the problem is with my understanding, which I already indicated was questionable. Hanlon's razor is applicable here...

anyroad, I'm conflating pptp and ppoe and ppp because they are all listed in pfsense on the WAN interface, so i was thinking that pptp does something similar to what ppp and dhcp do, and then thinking that pptp vpn meant running a VPN over pptp, rather than pptp BEING the vpn, which is all very wrong and so on this topic i can be safely ignored.

a google search of pptp shows that it is, as you say, hot garbage and should never be used.

 

[Tsaukpaetra]

that seems...unnecessary to even include

Some people quickly go on the defensive as soon as I point out dangerous assumptions so I wanted to be safe as possible.

because they are all listed in pfsense on the WAN interface,

Yeah, way to many Ps on things, it's very easy to get lost in the weeds with how many layers there are to networking, and it's made all the worse when adding in a virtual networking set of layers on top of it.
I misplaced my cheat-sheet infographic of all the terms that helps put things into place or I'd link it here.

 

[syhaunguyen]

Thanks for your sugestion,
I choiced PPTP because it's eaasy to instal and connect from Windows client. My router also have OpenVPN build-in. more easyer for me to control and manage, Free nas have Open VPN but I am not an IT guide, less skill in commnad. So i will going to use VPN in router.

 

[Tsaukpaetra]

Free nas have Open VPN

You know, I haven't tried the OpenVPN plugin yet, but simply using the one-click install indicates that it doesn't have a GUI part to manage certs or anything, so you do have a point there.

:thinking: Wonder who's the creator of that plugin and if there are any web UI interfaces that could be incorporated... But that's neither here nore there with regards to suitability of FreeNAS and Windows Server colocating.

 

[syhaunguyen]

My R620 just received last night. Still waiting for BHA card and able ship from ebay.

The noise is fine, i change speed to static speed by command the speed enough to keep temp aroud 40 to 50oC. but just 32Gb ram available, i need order more
Power consumption is quite good, i am impress with dual xeon E5 2670 TDP 115W
ideal mode is 70W

 

[syhaunguyen]

Hi eveyone,

I tried to install windows server 2016 as a VM in FreeNAS 11.3 RC1
I saw some guys on youtube, he can install windows variant there. but I got a problem, VM can start but not responding, get stopped until I restart. I can not sent Ctrl+Alt+Delete from UI, also can not use remote desktop to log in the VM.

Does this 11.3 problem or another version also have this isssue?