FreeNAS\u2122 8.0.3 Guide Page 1 of 164
\nFreeNAS\u2122 8.0.3 Guide Page 2 of 164
\nFreeNAS\u2122 is \u00a9 2011, 2012 iXsystems
\nFreeNAS\u2122 is a trademark of iXsystems
\nFreeBSD is a registered trademark of the FreeBSD Foundation
\nCover art by Jenny Rosenberg
\nFreeNAS\u2122 8.0.3 Guide Page 3 of 164
\nTable of Contents
\nSection 1: Introduction and Installation
\n1 Introduction……………………………………………………………………………………………………………………….8
\n1.1 Hardware Requirements……………………………………………………………………………………………….9
\n1.1.1 Architecture………………………………………………………………………………………………………….9
\n1.1.2 RAM…………………………………………………………………………………………………………………..9
\n1.1.3 Compact or USB Flash………………………………………………………………………………………..10
\n1.1.4 Storage Disks and Controllers………………………………………………………………………………10
\n1.1.5 Network Interfaces………………………………………………………………………………………………11
\n1.1.6 RAID Overview………………………………………………………………………………………………….11
\n1.1.7 ZFS Overview…………………………………………………………………………………………………….13
\n1.2 What’s New ………………………………………………………………………………………………………………14
\n1.3 Features…………………………………………………………………………………………………………………….15
\n1.4 Known Issues…………………………………………………………………………………………………………….16
\n1.5 Roadmap for 8.2………………………………………………………………………………………………………..16
\n2 Installing FreeNAS\u2122………………………………………………………………………………………………………..17
\n2.1 Getting FreeNAS\u2122……………………………………………………………………………………………………18
\n2.2 Installing from CDROM……………………………………………………………………………………………..19
\n2.3 Installing from the Image…………………………………………………………………………………………….21
\n2.3.1 Using xzcat and dd on a FreeBSD or Linux System………………………………………………..21
\n2.3.2 Using Keka and dd on an OS X System…………………………………………………………………22
\n2.3.3 Using physdiskwrite on Windows…………………………………………………………………………22
\n2.4 Initial Setup……………………………………………………………………………………………………………….23
\n2.5 Upgrading FreeNAS\u2122……………………………………………………………………………………………….25
\n2.5.1 Using the ISO……………………………………………………………………………………………………..26
\n2.5.2 From the GUI …………………………………………………………………………………………………….28
\n2.5.2.1If Something Goes Wrong . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
\nSection 2: Using the Graphical Interface
\n3 Account Configuration………………………………………………………………………………………………………30
\n3.1 My Account………………………………………………………………………………………………………………31
\n3.2 Groups……………………………………………………………………………………………………………………..32
\n3.3 Users………………………………………………………………………………………………………………………..34
\n4 System Configuration………………………………………………………………………………………………………..36
\n4.1 Reporting………………………………………………………………………………………………………………….37
\n4.2 Settings…………………………………………………………………………………………………………………….37
\n4.2.1 General Tab………………………………………………………………………………………………………..38
\n4.2.2 Advanced Tab…………………………………………………………………………………………………….39
\n4.2.3 Email Tab…………………………………………………………………………………………………………..41
\n4.2.4 SSL Tab……………………………………………………………………………………………………………..42
\n4.3 System Information……………………………………………………………………………………………………43
\n4.4 Cron Jobs………………………………………………………………………………………………………………….44
\nFreeNAS\u2122 8.0.3 Guide Page 4 of 164
\n4.5 Loaders…………………………………………………………………………………………………………………….45
\n4.5.1 Recovering From Incorrect Loaders………………………………………………………………………47
\n4.6 Rsync Tasks………………………………………………………………………………………………………………48
\n4.6.1 Creating an Rsync Task………………………………………………………………………………………..48
\n4.6.2 Configuring Rsync Between Two FreeNAS\u2122 Systems……………………………………………50
\n4.7 S.M.A.R.T. Tests………………………………………………………………………………………………………..51
\n4.8 Sysctls………………………………………………………………………………………………………………………53
\n5 Network Configuration………………………………………………………………………………………………………54
\n5.1 Global Configuration………………………………………………………………………………………………….54
\n5.2 Network Summary……………………………………………………………………………………………………..55
\n5.3 Interfaces…………………………………………………………………………………………………………………..56
\n5.4 Link Aggregations……………………………………………………………………………………………………..57
\n5.5 Static Routes……………………………………………………………………………………………………………..61
\n5.6 VLANs……………………………………………………………………………………………………………………..61
\n6 Storage Configuration……………………………………………………………………………………………………….62
\n6.1 Periodic Snapshot Tasks……………………………………………………………………………………………..62
\n6.2 Replication Tasks……………………………………………………………………………………………………….65
\n6.2.1 Configuring SSH Key Based Authentication…………………………………………………………..66
\n6.2.2 Creating the Replication Task……………………………………………………………………………….68
\n6.2.3 Testing Replication……………………………………………………………………………………………..69
\n6.2.4 Troubleshooting………………………………………………………………………………………………….70
\n6.3 Volumes……………………………………………………………………………………………………………………71
\n6.3.1 Auto Importing Volumes………………………………………………………………………………………71
\n6.3.2 Importing Volumes………………………………………………………………………………………………72
\n6.3.3 Creating Volumes………………………………………………………………………………………………..73
\n6.3.4 Adding to an Existing Volume………………………………………………………………………………75
\n6.3.5 Creating ZFS Datasets…………………………………………………………………………………………75
\n6.3.6 Creating a zvol……………………………………………………………………………………………………77
\n6.3.7 Setting Permissions……………………………………………………………………………………………..78
\n6.3.8 Viewing Volumes………………………………………………………………………………………………..79
\n6.3.9 Replacing a Failed Drive……………………………………………………………………………………..82
\n6.3.10 Hot Swapping a ZFS Failed Drive……………………………………………………………………….84
\n7 Sharing Configuration……………………………………………………………………………………………………….84
\n7.1 AFP Shares………………………………………………………………………………………………………………..85
\n7.1.1 Creating AFP Shares……………………………………………………………………………………………85
\n7.1.2 Connecting to AFP Shares As Guest………………………………………………………………………87
\n7.1.3 Using Time Machine……………………………………………………………………………………………90
\n7.2 CIFS Shares………………………………………………………………………………………………………………91
\n7.2.1 Creating CIFS Shares…………………………………………………………………………………………..92
\n7.2.2 Configuring Anonymous Access……………………………………………………………………………93
\n7.2.3 Configuring Local User Access…………………………………………………………………………….98
\n7.3 NFS Shares……………………………………………………………………………………………………………..102
\n7.3.1 Creating NFS Shares………………………………………………………………………………………….102
\n7.3.2 Sample NFS Share Configuration………………………………………………………………………..103
\n7.3.3 Connecting to the NFS Share………………………………………………………………………………104
\n7.3.3.1From BSD or Linux Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
\n7.3.3.2From Microsoft Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104
\nFreeNAS\u2122 8.0.3 Guide Page 5 of 164
\n7.3.3.3From Mac OS X Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
\n7.3.4 Troubleshooting………………………………………………………………………………………………..106
\n8 Services Configuration…………………………………………………………………………………………………….107
\n8.1 Control Services……………………………………………………………………………………………………….107
\n8.2 AFP………………………………………………………………………………………………………………………..108
\n8.3 Active Directory……………………………………………………………………………………………………….109
\n8.3.1 Troubleshooting Tips………………………………………………………………………………………….112
\n8.4 CIFS……………………………………………………………………………………………………………………….112
\n8.4.1 Troubleshooting Tips………………………………………………………………………………………….115
\n8.5 Dynamic DNS………………………………………………………………………………………………………….115
\n8.6 FTP………………………………………………………………………………………………………………………..117
\n8.6.1 Anonymous FTP……………………………………………………………………………………………….119
\n8.6.2 Specified User Access in chroot………………………………………………………………………….120
\n8.6.3 Encrypting FTP…………………………………………………………………………………………………123
\n8.6.4 Troubleshooting………………………………………………………………………………………………..123
\n8.7 LDAP……………………………………………………………………………………………………………………..124
\n8.8 NFS………………………………………………………………………………………………………………………..125
\n8.9 S.M.A.R.T………………………………………………………………………………………………………………126
\n8.10 SNMP…………………………………………………………………………………………………………………..127
\n8.11 SSH………………………………………………………………………………………………………………………128
\n8.11.1 Chrooting SFTP users ……………………………………………………………………………………..130
\n8.11.2 Troubleshooting SSH Connections…………………………………………………………………….134
\n8.12 TFTP…………………………………………………………………………………………………………………….134
\n8.13 UPS………………………………………………………………………………………………………………………135
\n8.14 iSCSI…………………………………………………………………………………………………………………….136
\n8.14.1 Target Global Configuration……………………………………………………………………………..137
\n8.14.2 Authorized Accesses………………………………………………………………………………………..140
\n8.14.3 Device Extents………………………………………………………………………………………………..141
\n8.14.4 Extents……………………………………………………………………………………………………………143
\n8.14.5 Initiators…………………………………………………………………………………………………………143
\n8.14.6 Portals……………………………………………………………………………………………………………145
\n8.14.7 Targets……………………………………………………………………………………………………………145
\n8.14.8 Target\/Extents………………………………………………………………………………………………..147
\n8.14.9 Connecting to iSCSI Share……………………………………………………………………………….147
\n8.15 Rsync……………………………………………………………………………………………………………………148
\n8.15.1 Rsync Modules………………………………………………………………………………………………..148
\n9 Additional Options………………………………………………………………………………………………………….150
\n9.1 Display System Processes………………………………………………………………………………………….150
\n9.2 Reboot…………………………………………………………………………………………………………………….150
\n9.3 Shutdown………………………………………………………………………………………………………………..151
\n9.4 Log Out…………………………………………………………………………………………………………………..151
\n9.5 Help……………………………………………………………………………………………………………………….152
\n9.6 Alert……………………………………………………………………………………………………………………….152
\nFreeNAS\u2122 8.0.3 Guide Page 6 of 164
\nSection 3: Getting Help
\n10 FreeNAS\u2122 Support Resources……………………………………………………………………………………….152
\n10.1 Website and Social Media………………………………………………………………………………………..153
\n10.2 Trac Database…………………………………………………………………………………………………………153
\n10.3 IRC……………………………………………………………………………………………………………………….153
\n10.4 Mailing Lists………………………………………………………………………………………………………….154
\n10.5 Forums………………………………………………………………………………………………………………….154
\n10.6 Instructional Videos………………………………………………………………………………………………..156
\n10.7 Professional Support……………………………………………………………………………………………….156
\n10.8 FAQs…………………………………………………………………………………………………………………….156
\n10.8.1 Can a RAID-Z array be expanded? For example, if I start off with a 8x2TB RAID-Z2
\narray can I add more drives to it in the future? ……………………………………………………………..156
\n10.8.2 Is there a command to force FreeBSD to scan for new disks? I’m trying to add some
\ndisks to my array using the hot-swappable bays and a 3ware SATA card. The drives go in fine
\nand light up, but the operating system can’t see them. ……………………………………………………157
\n10.8.3 If my hardware\/motherboard dies, can I rebuild with new\/different hardware and still
\nimport\/read the data from my disks? What about my datasets?……………………………………….157
\n10.8.4 How do I replace a bad drive?…………………………………………………………………………..157
\n10.8.5 Can I share files from my external USB drive?……………………………………………………158
\n10.8.6 Can I mount my MAC formatted drive?……………………………………………………………..158
\n10.8.7 How do I get to the command line \/CLI\/shell?…………………………………………………….158
\n10.8.8 Does FreeNAS support 4k sector drives? How do I check if it is configured?…………158
\n10.8.9 My network transfer speeds are very slow, what is wrong?…………………………………..158
\n10.8.10 Why do changes I make at the command line to config files or settings disappear after
\na reboot?…………………………………………………………………………………………………………………..159
\nSection 4: Contributing to FreeNAS\u2122
\n11 How to Get Involved……………………………………………………………………………………………………..159
\n11.1 Assist with Localization ………………………………………………………………………………………….159
\n11.2 Submit Bug Reports………………………………………………………………………………………………..161
\n11.3 Test Upcoming Versions………………………………………………………………………………………….163
\n11.3.1 Upcoming Version 8.2………………………………………………………………………………………163
\n11.3.2 Testing a Nightly Snapshot……………………………………………………………………………….163
\n11.3.3 Rolling Your Own Testing Snapshot…………………………………………………………………..163
\nFreeNAS\u2122 8.0.3 Guide Page 7 of 164
\nSection 1: Introduction and Installation
\nPreface
\nWritten by users of the FreeNAS\u2122 network-attached storage operating system.
\nVersion 8.0.3
\nPublished January 17, 2012
\nCopyright \u00a9 2011, 2012 iXsystems.
\nThis Guide covers the installation and use of FreeNAS\u2122 8.0.3. If you are running a version of
\nFreeNAS\u2122 8.x that is earlier than FreeNAS\u2122 8.0.3, it is strongly recommended that you upgrade to or
\ninstall FreeNAS\u2122 8.0.3. This version fixes many bugs from previous 8.x versions and several features
\nmentioned in this Guide were not available or did not work as documented in earlier versions of
\nFreeNAS\u2122 8.x.
\nThe FreeNAS\u2122 Users Guide is a work in progress and relies on the contributions of many individuals.
\nIf you are interested in helping us to improve the Guide, visit doc.freenas.org and create a wiki login
\naccount. If you use IRC Freenode, you are welcome to join the #freenas channel where you will find
\nother FreeNAS\u2122 users.
\nThe FreeNAS\u2122 Users Guide is freely available for sharing and redistribution under the terms of the
\nCreative Commons Attribution License. This means that you have permission to copy, distribute,
\ntranslate, and adapt the work as long as you attribute iXsystems as the original source of the Guide.
\nFreeNAS\u2122 is a trademark of iXsystems.
\nFreeBSD and the FreeBSD logo are registered trademarks of the FreeBSD Foundation.
\nTypographic Conventions
\nThe FreeNAS\u2122 8.0.3 Guide uses the following typographic conventions:
\nbold text: represents a command written at the command line. In usage examples, the font is changed
\nto Courier 10 with any command output displayed in unbolded text.
\nitalic text: used to represent device names or file name paths.
\nbold italic text: used to emphasize an important point.
\n1 Introduction
\nFreeNAS\u2122 is an embedded open source network-attached storage (NAS) system based on FreeBSD
\nand released under a BSD license. A NAS provides an operating system that has been optimized for file
\nstorage and sharing.
\nThe FreeNAS\u2122 Project was originally founded by Olivier Cochard-Labb\u00e9 in 2005 and was based on
\nm0n0wall, an embedded firewall based on FreeBSD. It was PHP based, easy-to-use, and had lots of
\nfeatures. In December of 2009, Olivier announced that the .7 branch would be placed in maintenanceonly
\nmode as he no longer had time to devote to further FreeNAS\u2122 development. Volker Theile, a
\nFreeNAS\u2122 developer who also develops on Debian in his day job, decided to start the
\nOpenMediaVault project, which would be a rewrite of FreeNAS\u2122 based on Debian Linux and released
\nFreeNAS\u2122 8.0.3 Guide Page 8 of 164
\nunder the terms of the GpLv3 license. Many FreeNAS\u2122 users were not pleased about the change of
\nlicense and the loss of kernel-based ZFS support due to GPL incompatibilities with the CDDL license.
\niXsystems, a provider of FreeBSD-based hardware solutions and professional support, took the
\ninitiative to continue the development of a BSD licensed FreeNAS\u2122 solution based on FreeBSD. They
\ntook the opportunity to analyze the positives (lots of cool features) and negatives (monolithic,
\neverything-but-the-kitchen-sink design that was difficult to maintain and support). It was decided that
\nthe next version would be rewritten from scratch using a modular design that would support plugins.
\nThis would allow FreeNAS\u2122 to have a small footprint that was easy to support while allowing users to
\njust install the plugins for the features they desired. It would have the added benefit of allowing users to
\ncreate and contribute plugins for niche features, allowing its usage cases to grow with users’ needs.
\nWork on the new design began in 2010 and the initial redesigned version, FreeNAS\u2122 8.0, was released
\non May 2, 2011. Working with the community to fix the bugs and add the features needed within the
\ncore portion of the NAS resulted in FreeNAS\u2122 8.0.1 which was released on September 30, 2011.
\nFreeNAS\u2122 8.0.2 was released on October 13, 2011 and provided additional bug fixes. FreeNAS\u2122
\n8.0.3 was released on January 3, 2012. This latest release provides full NAS functionality suited for
\nboth home use and production environments. It does not contain all of the features provided by
\nFreeNAS .7–the upcoming 8.2 release and its plugin architecture will allow the creation of plugins so
\nthat missing features can be installed by the users that require them.
\n1.1 Hardware Requirements
\nSince FreeNAS\u2122 8.0.3 is based on FreeBSD 8.2, it supports the same hardware found in the amd64
\nand i386 sections of the FreeBSD 8.2 Hardware Compatibility List .
\nActual hardware requirements will vary depending upon what you are using your FreeNAS\u2122 system
\nfor. This section provides some guidelines to get you started. You should also skim through the
\nFreeNAS\u2122 Hardware Forum for performance tips from other FreeNAS\u2122 users. The Hardware Forum
\nis also an excellent place to post questions regarding your hardware setup or the hardware best suited to
\nmeet your requirements.
\n1.1.1 Architecture
\nWhile FreeNAS\u2122 is available for both 32-bit and 64-bit architectures, you should use 64-bit hardware
\nif you care about speed or performance. A 32-bit system can only address up to 4GB of RAM, making
\nit poorly suited to the RAM requirements of ZFS. If you only have access to a 32-bit system, consider
\nusing UFS instead of ZFS.
\n1.1.2 RAM
\nThe best way to get the most out of your FreeNAS\u2122 system is to install as much RAM as possible. If
\nyour RAM is limited, consider using UFS until you can afford better hardware. ZFS typically requires a
\nminimum of 6 GB of RAM in order to provide good performance; in practical terms (what you can
\nactually install), this means that the minimum is really 8 GB. The more RAM, the better the
\nperformance, and the Forums provide anecdotal evidence from users on how much performance is
\ngained by adding more RAM. For systems with large disk capacity (greater than 6 TB), a general rule
\nof thumb is 1GB of RAM for every 1TB of storage.
\nNOTE: by default, ZFS disables pre-fetching (caching) for systems containing less than 4 GB of
\nFreeNAS\u2122 8.0.3 Guide Page 9 of 164
\nusable RAM. Not using pre-fetching can really slow down performance. 4 GB of usable RAM is not
\nthe same thing as 4 GB of installed RAM as the operating system resides in RAM. This means that the
\npractical pre-fetching threshold is 6 GB, or 8 GB of installed RAM. You can still use ZFS with less
\nRAM, but performance will be effected.
\nIf you are installing FreeNAS\u2122 on a headless system, disable the shared memory settings for the video
\ncard in the BIOS.
\n1.1.3 Compact or USB Flash
\nThe FreeNAS\u2122 operating system is a running image that needs to be installed onto a USB or compact
\nflash device that is at least 2 GB in size. A list of compact flash drives known to work with FreeNAS\u2122
\ncan be found on the .7 wiki. If you don’t have compact flash, you can instead use a USB thumb drive
\nthat is dedicated to the running image and which stays inserted in the USB slot. While technically you
\ncan install FreeNAS\u2122 onto a hard drive, this is discouraged as you will lose the storage capacity of the
\ndrive. In other words, the operating system will take over the drive and will not allow you to store data
\non it, regardless of the size of the drive.
\nThe FreeNAS\u2122 installation will partition the operating system drive into two ~1GB partitions. One
\npartition holds the current operating system and the other partition is used when you upgrade. This
\nallows you to safely upgrade to a new image or to revert to an older image should you encounter
\nproblems.
\n1.1.4 Storage Disks and Controllers
\nThe Disk section of the FreeBSD Hardware List lists the supported disk controllers. In addition,
\nsupport for 3ware 6gbps RAID controllers has been added along with the CLI utility tw_cli for
\nmanaging 3ware RAID controllers.
\nFreeNAS\u2122 supports hot pluggable drives. Make sure that AHCI is enabled in the BIOS and that you
\nhave read Hot Swapping a ZFS Failed Drive before implementing this feature.
\nIf you have some money to spend and wish to optimize your disk subsystem, consider your read\/write
\nneeds, your budget, and your RAID requirements.
\nFor example, moving the the ZIL (ZFS Intent Log) to a dedicated SSD only helps performance if you
\nhave synchronous writes, like a database server. SSD cache devices only help if your working set is
\nlarger than system RAM, but small enough that a significant percentage of it will fit on the SSD.
\nIf you have steady, non-contiguous writes, use disks with low seek times. Examples are 10K or 15K
\nSAS drives which cost about $1\/GB. An example configuration would be six 15K SAS drives in a
\nRAID 10 which would yield 1.8 TB of usable space or eight 15K SAS drives in a RAID 10 which
\nwould yield 2.4 TB of usable space.
\n7200 RPM SATA disks are designed for single-user sequential I\/O and are not a good choice for multiuser
\nwrites.
\nIf you have the budget and high performance is a key requirement, consider a Fusion-I\/O card which is
\noptimized for massive random access. These cards are expensive and are suited for high end systems
\nthat demand performance. A Fusion-I\/O can be formatted with a filesystem and used as direct storage;
\nwhen used this way, it does not have the write issues typically associated with a flash device. A Fusion-
\nI\/O can also be used as a cache device when your ZFS dataset size is bigger than your RAM. Due to the
\nFreeNAS\u2122 8.0.3 Guide Page 10 of 164
\nincreased throughput, systems running these cards typically use multiple 10 GigE network interfaces.
\nIf you will be using ZFS, Disk Space Requirements for ZFS Storage Pools recommends a minimum of
\n16 GB of disk space. Due to the way that ZFS creates swap, you can not format less than 3GB of space
\nwith ZFS. However, on a drive that is below the minimum recommended size you lose a fair amount of
\nstorage space to swap: for example, on a 4 GB drive, 2GB will be reserved for swap.
\nIf you are new to ZFS and are purchasing hardware, read through ZFS Storage Pools
\nRecommendations first.
\n1.1.5 Network Interfaces
\nThe FreeBSD Ethernet section of the Hardware Notes indicates which interfaces are supported by each
\ndriver. While many interfaces are supported, FreeNAS\u2122 users have seen the best performance from
\nIntel and Chelsio interfaces, so consider these brands if you are purchasing a new interface.
\nAt a minimum you will want to use a GigE interface. While GigE interfaces and switches are
\naffordable for home use, it should be noted that modern disks can easily saturate 110 MB\/s. If you
\nrequire a higher network throughput, you can “bond” multiple GigE cards together using the LACP
\ntype of Link Aggregation. However, any switches will need to support LACP which means you will
\nneed a more expensive managed switch rather than a home user grade switch.
\nIf network performance is a requirement and you have some money to spend, use 10 GigE interfaces
\nand a managed switch. If you are purchasing a managed switch, consider one that supports LACP and
\njumbo frames as both can be used to increase network throughput.
\nNOTE: at this time the following are not supported: InfiniBand, FibreChannel over Ethernet, or
\nwireless interfaces.
\nIf network speed is a requirement, consider both your hardware and the type of shares that you create.
\nOn the same hardware, CIFS will be slower than FTP or NFS as Samba is single-threaded. If you will
\nbe using CIFS, use a fast CPU.
\n1.1.6 RAID Overview
\nData redundancy and speed are important considerations for any network attached storage system.
\nMost NAS systems use multiple disks to store data, meaning you should decide what type of RAID to
\nuse before installing FreeNAS\u2122. This section provides an overview of RAID types to assist you in
\ndeciding which type best suits your requirements.
\nRAID 0: uses data striping to store data across multiple disks. It provides zero fault tolerance, meaning
\nif one disk fails, all of the data on all of the disks is lost. The more disks in the RAID 0, the more likely
\nthe chance of a failure.
\nRAID 1: all data is mirrored onto two disks, creating a redundant copy should one disk fail. If the disks
\nare on separate controllers, this form of RAID is also called duplexing.
\nRAID 5: requires a minimum of 3 disks and can tolerate the loss of one disk without losing data. Disk
\nreads are fast but write speed can be reduced by as much as 50%. If a disk fails, it is marked as
\ndegraded but the system will continue to operate until the drive is replaced and the RAID is rebuilt.
\nHowever, should another disk fail before the RAID is rebuilt, all data will be lost. If your FreeNAS\u2122
\nsystem will be used for steady writes, RAID 5 is a poor choice due to the slow write speed.
\nFreeNAS\u2122 8.0.3 Guide Page 11 of 164
\nRAID 6: requires a minimum of 4 disks and can tolerate the loss of 2 disks without losing data.
\nBenefits from having many disks as performance, fault tolerance, and cost efficiency are all improved
\nrelatively with more disks. The larger the failed drive, the longer it takes to rebuild the array. Reads are
\nvery fast but writes are slower than a RAID 5.
\nRAID 10: requires a minimum of 4 disks and number of disks is always even as this type of RAID
\nmirrors striped sets. Offers faster writes than RAID 5. Can tolerate multiple disk loss without losing
\ndata, as long as both disks in a mirror are not lost.
\nRAID 60: requires a minimum of 8 disks. Combines RAID 0 striping with the distributed double parity
\nof RAID 6 by striping 2 4-disk RAID 6 arrays. RAID 60 rebuild times are half that of RAID 6.
\nRAIDZ1: ZFS software solution that is equivalent to RAID5. Its advantage over RAID 5 is that it
\navoids the write-hole and doesn’t require any special hardware, meaning it can be used on commodity
\ndisks. If your FreeNAS\u2122 system will be used for steady writes, RAIDZ is a poor choice due to the
\nslow write speed. Requires a minimum of 3 disks though 5 disks is recommended (over 3, 4, or 6
\ndisks). It should be noted that you cannot add additional drives to expand the size of a RAIDZ1 after
\nyou have created it. The only way to increase the size of a RAIDZ1 is to replace each drive with a
\nlarger drive one by one while allowing time for restriping between each drive swap out. However, you
\ncan combine two existing RAIDZ1’s to increase the size of a ZFS volume (pool).
\nRAIDZ2: double-parity ZFS software solution that is similar to RAID-6. Its advantage over RAID 5 is
\nthat it avoids the write-hole and doesn’t require any special hardware, meaning it can be used on
\ncommodity disks. Requires a minimum of 3 disks. RAIDZ2 allows you to lose 1 drive without any
\ndegradation as it basically becomes a RAIDZ1 until you replace the failed drive and restripe. At this
\ntime, RAIDZ2 on FreeBSD is slower than RAIDZ1.
\nNOTE: It isn’t recommended to mix ZFS RAID with hardware RAID. It is recommended that you
\nplace your hardware RAID controller in JBOD mode and let ZFS handle the RAID. According to
\nWikipedia: ZFS can not fully protect the user’s data when using a hardware RAID controller, as it is
\nnot able to perform the automatic self-healing unless it controls the redundancy of the disks and
\ndata. ZFS prefers direct, exclusive access to the disks, with nothing in between that interferes. If the
\nuser insists on using hardware-level RAID, the controller should be configured as JBOD mode (i.e.
\nturn off RAID-functionality) for ZFS to be able to guarantee data integrity. Note that hardware
\nRAID configured as JBOD may still detach disks that do not respond in time; and as such may
\nrequire TLER\/CCTL\/ERC-enabled disks to prevent drive dropouts. These limitations do not apply
\nwhen using a non-RAID controller, which is the preferred method of supplying disks to ZFS.
\nWhen comparing hardware RAID types conventional wisdom recommends the following in order of
\npreference: Raid6, Raid10, Raid5, then Raid0. If using ZFS, the recommended preference changes to
\nRAIDZ2. These forum posts are also worth reading:
\n\u2022 What is the Best RAIDZ Configuration
\n\u2022 Getting the Most out of ZFS Pools
\n\u2022 RAIDZ Configuration Requirements and Recommendations
\nNOTE: NO RAID SOLUTION PROVIDES A REPLACEMENT FOR A RELIABLE BACKUP
\nSTRATEGY. BAD STUFF CAN STILL HAPPEN AND YOU WILL BE GLAD THAT YOU
\nBACKED UP YOUR DATA WHEN IT DOES. See section 6.1 Periodic Snapshot Tasks and section
\n6.2 Replication Tasks if you would like to use ZFS snapshots and rsync as part of your backup strategy.
\nFreeNAS\u2122 8.0.3 Guide Page 12 of 164
\n1.1.7 ZFS Overview
\nWhile ZFS isn’t hardware (it is a filesystem), an overview is included in this section as the decision to
\nuse ZFS may impact on your hardware choices and whether or not to use hardware RAID.
\nIf you’re new to ZFS, the Wikipedia entry on ZFS provides an excellent starting point to learn about its
\nfeatures. These resources are also useful to bookmark and refer to as needed:
\n\u2022 ZFS Evil Tuning Guide
\n\u2022 FreeBSD ZFS Tuning Guide
\n\u2022 ZFS Best Practices Guide
\n\u2022 ZFS Administration Guide
\n\u2022 Becoming a ZFS Ninja (video)
\nZFS version numbers change as features are introduced and are incremental, meaning that a version
\nincludes all of the features introduced by previous versions. Table 1.1a summarizes various ZFS
\nversions, the features which were added by that ZFS version, and in which version of FreeNAS\u2122 that
\nZFS version was introduced. Recent versions of FreeNAS\u2122 .7.x use ZFS version 13 which is why you
\ncan’t downgrade a ZFS volume from FreeNAS\u2122 8.x to FreeNAS\u2122 .7.x. FreeNAS\u2122 8.0.3 uses ZFS
\nversion 15, meaning that it includes all of the features that were introduced between versions 13 to 15.
\nTable 1.1a: Summary of ZFS Versions
\nZFS Version Features Added FreeNAS\u2122 Version
\n10 cache devices .7.x
\n11 improved scrub performance .7.x
\n12 snapshot properties .7.x
\n13 snapused property .7.x
\n14 passthrough-x aclinherit property 8.0
\n15 user and group space accounting 8.0
\n16 STMF property support on roadmap
\n17 RAIDZ3 on roadmap
\n18 snapshot user holds on roadmap
\n19 log device removal on roadmap
\n20 compression using zle (zero-length encoding) on roadmap
\n21 deduplication on roadmap
\n22 received properties on roadmap
\n23 deferred update (slim ZIL) on roadmap
\n24 system attributes on roadmap
\n25 improved scrub stats on roadmap
\n26 improved snapshot deletion performance on roadmap
\n27 improved snapshot creation performance on roadmap
\nFreeNAS\u2122 8.0.3 Guide Page 13 of 164
\nZFS Version Features Added FreeNAS\u2122 Version
\n28 multiple vdev replacements on roadmap
\n30 encryption Oracle has not released as open source
\nZFS uses the ZIL (ZFS Intent Log) to manage writes. If you are using VMWare, the speed of the ZIL
\ndevice is essentially the write performance bottleneck when using NFS. In this scenario, iSCSI will
\nperform better than NFS. If you decide to create a dedicated cache device to speed up NFS writes, it
\ncan be half the size of system RAM as anything larger than that is unused capacity. Mirroring the ZIL
\ndevice won’t increase the speed, but it will help performance and reliability if one of the drives fails.
\n1.2 What’s New
\nThe FreeNAS\u2122 8 series represents an entire rewrite from the .7 series of FreeNAS\u2122. In other words,
\nFreeNAS\u2122 was rewritten from scratch and features were added as the new base stabilized. This means
\nthat not every feature in the .7 series was re-implemented and some features that are not available in
\nFreeNAS\u2122 .7 are available in FreeNAS\u2122 8.x. Notable differences between the two implementations
\nare as follows:
\n\u2022 versioning numbers have changed with the intent to have the version number reflect the base
\nversion of FreeBSD. FreeNAS\u2122 8.0.3 is based on FreeBSD 8.2; as the 8 branch of FreeNAS\u2122
\nbecomes feature complete, its version number will increment to 8.2.
\n\u2022 based on NanoBSD rather than m0n0wall
\n\u2022 design was changed from monolithic to modularized to allow for the creation of plugins so that
\nusers can install and configure only the modules they need
\n\u2022 GUI rewritten in Django to allow for future expansion
\n\u2022 new GUI is the default with the original GUI still available by entering the appname after the
\nFreeNAS\u2122 system’s URL (e.g. http:\/\/192.168.1.1\/services)
\n\u2022 improved management of ownership\/group\/permissions of volumes and datasets
\n\u2022 ZFS parameters per dataset, such as quotas, were added
\n\u2022 LSI 6 gbps HBAs are now supported
\n\u2022 migrated to rc.d init system
\n\u2022 ports updated to FreeBSD 8.2
\n\u2022 iSCSI support added
\n\u2022 support for 3ware 6bps RAID controllers has been added along with the CLI utility tw_cli for
\nmanaging 3ware RAID controllers
\n\u2022 added the ability to create periodic snapshot jobs, create one-time snapshots, clone snapshots
\nwhich can then be exported as shares like any other dataset, and rollback to a previous snapshot
\nFreeNAS\u2122 8.0.3 Guide Page 14 of 164
\n1.3 Features
\nNotable features in FreeNAS\u2122 8.0.3 include:
\n\u2022 supports AFP, CIFS, FTP, NFS, SSH (including SFTP), and TFTP as file sharing mechanisms
\n\u2022 supports exporting file or device extents via iSCSI
\n\u2022 supports Active Directory or LDAP for user authentication
\n\u2022 supports UFS2 based volumes, including gmirror, gstripe, and graid3
\n\u2022 supports ZFS as the primary filesystem, enabling many features not available in UFS2 such as
\nquotas, snapshots, compression, replication, and datasets for sharing subsets of volumes
\n\u2022 upgrade procedure takes advantage of NanoBSD by writing the operating system to an inactive
\npartition, allowing for an easy reversal of an undesirable upgrade
\n\u2022 automatic system notifications about LSI RAID controller events (requires email service to be
\nconfigured)
\n\u2022 Django-driven graphical user interface
\n\u2022 rsync configuration through the graphical interface
\n\u2022 cron management through the graphical interface
\n\u2022 menu localization
\n\u2022 the SCSI serial number can be set on a per target basis, fixing an issue where MMIO was seeing
\ndifferent FreeNAS\u2122 servers as the same device
\n\u2022 multiple IPs can now be specified per iSCSI portal
\n\u2022 ssh daemon now logs to \/var\/log\/auth.log
\n\u2022 CIFS now defaults to AIO enabled
\n\u2022 ZFS hot spare cutover helper application within GUI
\n\u2022 SMART monitoring in GUI
\n\u2022 UPS management in GUI
\n\u2022 USB 3.0 support
\n\u2022 ACLs and UNIX file system permissions work properly on both UFS and ZFS volumes
\n\u2022 periodic ZFS snapshots are now exported to CIFS shares and are visible in Windows as shadow
\ncopies
\n\u2022 read-only is enabled on creation of remote filesystem to prevent accidental writes to the replica
\nwhich would break replication
\n\u2022 added tmux, a BSD-licensed utility similar to GNU screen
\n\u2022 added dmidecode which can provide very useful hardware diagnostic information
\n\u2022 updated the version of Intel NIC drivers to handle Intel’s latest round of hardware
\nFreeNAS\u2122 8.0.3 Guide Page 15 of 164
\n\u2022 added support for Marvell MX2 SATA controllers, sold with some WD 3TB drives
\n\u2022 netatalk (AFP) is now compatible with OS X 10.7
\n1.4 Known Issues
\nBefore installing FreeNAS\u2122 you should be aware of the following known issues:
\n\u2022 UPGRADES FROM FreeNAS\u2122 0.7x ARE UNSUPPORTED. The system has no way to
\nimport configuration settings from 0.7x versions of FreeNAS\u2122, but the volume importer
\nshould be able to handle volumes created with FreeNAS\u2122 0.7x. Please note that zpool upgrade
\nis a one way street and upgraded volumes will not be usable with FreeNAS\u2122 0.7x.
\n\u2022 The ZFS upgrade procedure is non-reversible and must be run manually. Please do not upgrade
\nyour pools unless you are absolutely sure that you’ll never want to go back to other systems. For
\nclarity, zpool upgrade is a ONE-WAY street. There is no reversing it, and there is no way for a
\nsystem with an older version of ZFS to access pools that have been upgraded.
\n\u2022 The iSCSI target does not support a configuration reload meaning that changes to the
\nconfiguration restart the daemon.
\n\u2022 Disks with certain configurations can get probed by GEOM and become essentially unwritable
\nwithout manual intervention. For instance, if you use disks that previously had a gmirror on
\nthem, the system may pick that up and the disks will be unavailable until the existing gmirror is
\nstopped and destroyed.
\n\u2022 In a departure from FreeNAS\u2122 0.7x, the operating system drive can not be used as a
\ncomponent for a volume, nor can it be partitioned for sharing.
\n\u2022 Some Atom-based systems with Realtek GigE interfaces have network performance issues with
\nFreeBSD 8.2.
\n1.5 Roadmap for 8.2
\n8.2 is expected to be released by the end of the first quarter of 2012. Originally, this release was to be
\nnamed 8.1, but it was decided to change the upcoming release name to 8.2 to better reflect the FreeBSD
\nversion it is based upon.
\nTable 1.7 lists the features which are currently being worked on and should be implemented for the 8.2
\nrelease:
\nTable 1.7: 8.2 Features Roadmap
\nFeature Status Notes
\nmigration utility from .7 to 8.x
\nrsync over SSH committed
\nplugin system which will allow the
\ninstallation of additional applications
\nthrough the PBI system
\nin-progress
\nFreeNAS\u2122 8.0.3 Guide Page 16 of 164
\nFeature Status Notes
\nUPS client
\nWake on LAN support
\nsplit NTP server and options into several
\nfields in the GUI committed
\nSNMP connection to UPS
\ncommitted (and
\navailable to
\nsome degree via
\nnut in 8.0.3)
\ntransmission support committed GUI and plugin support still not enabled
\nuPnP\/DAAP\/DLNA support
\nfirefly support committed; GUI \/ plugin
\nsupport still not enabled
\nminidlna support committed; GUI \/ plugin
\nsupport still not enabled
\nThe following features will not make it into 8.2 and are being considered for a later version of
\nFreeNAS\u2122:
\n\u2022 encryption (with GELI?)
\n\u2022 automated mechanism for error reporting and user feedback
\n\u2022 more detailed system information
\n\u2022 network bandwidth reporting
\n\u2022 Unison
\n2 Installing FreeNAS\u2122
\nBefore installing, it is important to remember that the FreeNAS\u2122 operating system must be installed
\non a separate device from the drive(s) that will hold the storage data. In other words, if you only have
\none disk drive you will be able to use the FreeNAS\u2122 graphical interface but won’t be able to store any
\ndata, which after all, is the whole point of a NAS system. If you are a home user who is experimenting
\nwith FreeNAS\u2122, you can install FreeNAS\u2122 on an inexpensive USB thumb drive and use the
\ncomputer’s disk(s) for storage.
\nThis section describes how to:
\n\u2022 Getting FreeNAS\u2122
\n\u2022 Installing from CDROM
\n\u2022 Installing from the Image
\n\u2022 Initial Setup
\n\u2022 Upgrading FreeNAS\u2122
\nFreeNAS\u2122 8.0.3 Guide Page 17 of 164
\nIf you are installing FreeNAS\u2122 into a VirtualBox as a testing environment, you will need to configure
\nthe vbox interface for bridging in order to access the FreeNAS\u2122 GUI through a web browser. To do
\nthis in VirtualBox, go to Settings -> Network. In the Attached to drop-down menu select Bridged
\nAdapter and select the name of the physical interface from the Name drop-down menu. In the example
\nshown in Figure 2a, the Intel Pro\/1000 Ethernet card is attached to the network and has a device name
\nof re0.
\nFigure 2a: Configuring a Bridged Adapter in VirtualBox
\nYou will also need to create at least 2 virtual disks: the primary master should be at least 4 GB in size
\nto hold the operating system and swap and the other virtual disk(s) can be used as data storage.
\n2.1 Getting FreeNAS\u2122
\nFreeNAS\u2122 8.0.3 can be downloaded from the FreeNAS-8 Sourceforge page. FreeNAS\u2122 is available
\nfor 32-bit (x386) and 64-bit (x64) architectures. You should download the architecture type that
\nmatches your CPU’s capabilities..
\nThe download page contains the following types of files:
\nFreeNAS\u2122 8.0.3 Guide Page 18 of 164
\n\u2022 GUI_upgrade.xz: this is a compressed firmware upgrade image and requires a previous
\ninstallation of FreeNAS\u2122 8.x. If your intent is to upgrade FreeNAS\u2122, download the correct
\n.xz file for your architecture and see section 2.5 Upgrading FreeNAS\u2122.
\n\u2022 Full_Install.xz: this is a compressed image of the full image disk that needs to be written to a
\nUSB or compact flash device. Section 2.3 Installing from the Image describes how to use this
\nimage.
\n\u2022 .iso: this is a bootable image that can be written to CDROM. Installing from the CDROM is
\ndescribed in more detail in the next section.
\nThe download directory also contains a ReleaseNotes for that version of FreeNAS\u2122. This file contains
\nthe changes introduced by that release, any known issues, and the SHA256 checksums of the files in
\nthe download directory. The command you use to verify the checksum varies by operating system:
\n\u2022 on a BSD system use the command sha256 name_of_file
\n\u2022 on a Linux system use the command sha256sum name_of_file
\n\u2022 on a Mac system use the command shasum -a 256 name_of_file
\n\u2022 on a Windows system install a utility such as HashCalc or HashTab (which is also available for
\nMac)
\n2.2 Installing from CDROM
\nIf you prefer to install FreeNAS\u2122 using a menu-driven installer, download the ISO image that matches
\nthe architecture of the system you will install onto (32 or 64 bit) and burn it to a CDROM.
\nNOTE: the installer on the CDROM will recognize if a previous version of FreeNAS\u2122 8.x is already
\ninstalled, meaning the CDROM can also be used to upgrade FreeNAS\u2122. However, the installer can not
\nperform an upgrade from a FreeNAS\u2122 7.x system.
\nInsert the CDROM into the system and boot from it. Once the media has finished booting, you will be
\npresented with the console setup menu seen in Figure 2.2a.
\nNOTE: if the installer does not boot, check that the CD drive is listed first in the boot order in the
\nBIOS. Some motherboards may require you to connect the CD-ROM to SATA0 (the first connector) in
\norder to boot from CD-ROM. If it stalls during boot, check the SHA256 hash of your ISO against that
\nlisted in the README file; if the hash does not match, re-download the file. If the hash is correct, try
\nreburning the CD at a lower speed.
\nPress enter to select the default option of \u201c1 Install\/Upgrade to hard drive\/flash device, etc.\u201d. The next
\nmenu, seen in Figure 2.2b, will list all available drives, including any inserted USB thumb drives which
\nwill begin with “da”. In this example, the user is installing into VirtualBox and has created a 4GB
\nvirtual disk to hold the operating system.
\nUse your arrow keys to highlight the USB or compact flash device then tab to OK and press enter.
\nFreeNAS\u2122 will issue the warning seen in Figure 2.2c, reminding you not to install on a hard drive.
\nFreeNAS\u2122 8.0.3 Guide Page 19 of 164
\nFigure 2.2a: FreeNAS\u2122 Console Setup
\nFigure 2.2b: Selecting Which Drive to Install Into
\nFigure 2.2c: FreeNAS\u2122 Warning on Why You Should Install onto USB Flash Drive
\nPress enter and FreeNAS\u2122 will extract the running image from the ISO and transfer it to the device.
\nOnce the installation is complete, you should see the message in Figure 2.2d.
\nFreeNAS\u2122 8.0.3 Guide Page 20 of 164
\nFigure 2.2d: FreeNAS\u2122 Installation Complete
\nPress enter and you’ll return to the first menu, seen in Figure 2.2a. Highlight \u201c3 Reboot System\u201d and
\npress enter. Remove the CDROM. If you installed onto a USB thumb drive, leave the thumb drive
\ninserted. Make sure that the device you installed to is listed as the first boot entry in the BIOS so that
\nthe system will boot from it. FreeNAS\u2122 should now be able to boot into the Console setup menu
\ndescribed in section 2.4 Initial Setup .
\n2.3 Installing from the Image
\nIf your system does not have a CDROM or you prefer to manually write the running image, download
\nthe Full_Install.xz file. This file will need to be uncompressed and then written to a CF card or USB
\nthumbdrive that is 2GB or larger.
\nNOTE: any data currently saved on the flash device will be erased. If you are writing the image to a
\nCF card, make sure that it is MSDOS formatted.
\nDANGER! The dd command is very powerful and can destroy any existing data on the specified
\ndevice. Be very sure that you know the device name representing the USB thumb drive and make sure
\nyou do not typo the device name when using dd!
\n2.3.1 Using xzcat and dd on a FreeBSD or Linux System
\nOn a FreeBSD or Linux system, the xzcat and dd commands can be used to uncompress and write
\nthe .xz image to an inserted USB thumb drive or compact flash device. Example 2.3a demonstrates
\nwriting the image to the first USB device (\/dev\/da0) on a FreeBSD system. Substitute the filename of
\nyour ISO and the device name representing the device to write to on your system.
\nExample 2.3a: Writing the Full_Install Image to a USB Thumb Drive
\nxzcat FreeNAS-8.0.3-RELEASE-x64-Full_Install.xz | dd of=\/dev\/da0 bs=64k
\n0+244141 records in
\n0+244141 records out
\n2000000000 bytes transferred in 326.345666 secs (6128471 bytes\/sec)
\nWhen using the dd command:
\n\u2022 of= refers to the output file; in our case, the device name of the flash card or removable USB
\ndrive. You may have to increment the number in the name if it is not the first USB device. On
\nLinux, use \/dev\/sda to refer to the first USB device.
\n\u2022 bs= refers to the block size
\nFreeNAS\u2122 8.0.3 Guide Page 21 of 164
\n2.3.2 Using Keka and dd on an OS X System
\nOn an OS X system, you can download and install Keka to uncompress the image. In FINDER,
\nnavigate to the location where you saved the downloaded .xz file. Shift+Click (or right-click) on the .xz
\nfile and select ‘Open With Keka’. After a few minutes you’ll have a large file with the same name, but
\nno extension.
\nInsert the USB thumb drive and go to Launchpad -> Utilities -> Disk Utility. Unmount any mounted
\npartitions on the USB thumb drive. Check that the USB thumb drive has only one partition (if not you
\nwill get GPT partition table errors on boot). Use Disk Utility to setup one partition on the USB drive;
\n“free space” works fine.
\nNext, determine the device name of the inserted USB thumb drive. From TERMINAL, navigate to your
\nDesktop then type this command:
\ndiskutil – list
\nThis will show you what devices are available to the system. Locate your USB stick and record the
\npath. If you are not sure which path is the correct one for the USB stick, remove the device, run the
\ncommand again, and compare the difference. Once you are sure of the device name, navigate to the
\nDesktop from TERMINAL and use the dd command with the USB stick inserted. In Example 2.3b, the
\nUSB thumb drive is \/dev\/disk8. Substitute the name of your uncompressed file and the correct path to
\nyour USB thumb drive.
\nExample 2.3b: Using dd on an OS X System
\ndd if=FreeNAS-8.0.3-RELEASE-x64-Full_Install of=\/dev\/disk8 bs=64k
\nNOTE: If you get the error “Resource busy” when you run the dd command, go to Applications ->
\nUtilities -> Disk Utility, find your USB thumb drive, and click on its partitions to make sure all of them
\nare unmounted.
\nThe dd command will take some minutes to complete. Wait until you get a prompt back and a message
\nthat displays how long it took to write the image to the USB drive.
\nOnce you have a running image, make sure the boot order in the BIOS is set to boot from the device
\ncontaining the image and boot the system. It should boot into the Console setup menu described in
\nsection 2.4 Initial Setup.
\nNOTE: if the image does not boot, check the BIOS and change the USB emulation from
\nCD\/DVD\/floppy to hard drive. If it still will not boot, check to see if the card\/drive is UDMA
\ncompliant. Some users have also found that some cheap 2GB USB sticks don’t work as they are not
\nreally 2GB in size, but changing to a 4GB stick fixes the problem.
\n2.3.3 Using physdiskwrite on Windows
\nWindows users will need to download a utility that can uncompress xz files and a utility that can create
\na USB bootable image. A detailed how-to for using 7zip and physdiskwrite can be found in the forum
\npost How to write the embedded FreeNAS 8 image under Windows.
\nFreeNAS\u2122 8.0.3 Guide Page 22 of 164
\n2.4 Initial Setup
\nThe first time you reboot into FreeNAS\u2122, you will be presented with the Console Setup screen shown
\nin Figure 2.4a.
\nNOTE: if you receive a boot error, check your BIOS settings to make sure that the device you installed
\nFreeNAS\u2122 to is listed first in the boot order. Also check the settings for that device. For example, a
\nBIOS may require you to change from floppy emulation mode to hard disk mode. If your BIOS is too
\nold to support a USB boot device, see if a BIOS update is available. If you receive a “primary GPT is
\ncorrupt” error, you will need to use the dd command to remove both partition tables as described in this
\nforum post. You should then be able to reinstall FreeNAS\u2122 and successfully boot into the new
\ninstallation.
\nFreeNAS\u2122 will automatically try to connect to a DHCP server on any live interfaces. If it successfully
\nreceives an IP address, it will display what IP address can be used to access the graphical console. In
\nthe example seen in Figure 2.4a, the FreeNAS\u2122 system is accessible from http:\/\/10.0.2.15.
\nFigure 2.4a: FreeNAS\u2122 Console Setup Menu
\nIf your FreeNAS\u2122 server is not connected to a network with a DHCP server, you will need to
\nmanually configure the interface as seen in Example 2.4a. In this example, the FreeNAS\u2122 system has
\none network interface (em0).
\nFreeNAS\u2122 8.0.3 Guide Page 23 of 164
\nExample 2.4a: Manually Setting an IP Address from the Console Menu
\nEnter an option from 1-11: 1
\n1) em0
\nSelect an interface (q to quit): 1
\nDelete existing config? (y\/n) n
\nConfigure interface for DHCP? (y\/n) n
\nConfigure IPv4? (y\/n) y
\nInterface name: (press enter as can be blank)
\nSeveral input formats are supported
\nExample 1 CIDR Notation:
\n192.168.1.1\/24
\nExample 2 IP and Netmask separate:
\nIP: 192.168.1.1
\nNetmask: 255.255.255.0, or \/24 or 24
\nIPv4 Address: 192.168.1.108\/24
\nSaving interface configuration: Ok
\nConfigure IPv6? (y\/n) n
\nRestarting network: ok
\nYou may try the following URLs to access the web user interface:
\nhttp:\/\/192.168.1.108
\nFrom another system with a graphical web browser, input the IP address for your FreeNAS\u2122
\ninstallation. The administrative GUI, shown in Figure 2.4b should be displayed. If it does not appear,
\ncheck that your browser configuration does not have any proxy settings enabled. If it does, disable
\nthem and try again. Also, IE9 has known issues. If you can’t login using Internet Explorer, use Firefox
\ninstead.
\nNOTE: earlier versions of FreeNAS\u2122 8 required you to login using the default credentials of admin
\nfor the username and freenas for the password.
\nIf you click the flashing Alert icon in the upper right corner, it will alert you that you should
\nimmediately change the password for the admin user as currently no password is required to login. You
\ncan do so in Account -> My Account -> Change Password. Once you do so, the Alert icon will change
\nto a solid green.
\nFreeNAS\u2122 8.0.3 Guide Page 24 of 164
\nFigure 2.4b: FreeNAS\u2122 Graphical Configuration Menu
\n2.5 Upgrading FreeNAS\u2122
\nNOTE: Before performing an upgrade you must always backup your configuration file, system disk,
\nand all of your data.
\nUPGRADES FROM FreeNAS\u2122 0.7x ARE NOT SUPPORTED: the system has no way to import
\nconfiguration settings from 0.7 versions of FreeNAS\u2122, nor is there any sort of volume importer yet
\nthat will preserve data on existing volumes. Attempting to upgrade from 0.7 will result in the loss of
\nyour configuration and data.
\nThe image size was increased from 1GB to 2GB between 8.01-BETA2 and 8.0.1-BETA3. THIS
\nMEANS THAT A GUI UPGRADE FROM AN EARLIER 8.X VERSION TO AN 8.0.1-BETA3 OR
\nHIGHER VERSION WILL FAIL. However, a CD upgrade will succeed and will save all of your
\nconfiguration settings. If you are unable to perform a CD upgrade, you will need to: 1) backup your
\nFreeNAS\u2122 8.0.3 Guide Page 25 of 164
\nconfiguration using System -> Settings -> General -> Save Config; 2) perform a full install; and 3)
\nrestore your configuration using System -> Settings -> General -> Upload Config. The GUI upgrade
\ncan be used to upgrade a system from BETA3 to BETA4.
\nBeginning with FreeNAS\u2122 8.0, FreeNAS\u2122 supports two operating systems on the operating system
\ndevice: the current \u201crunning\u201d operating system and, if you have performed an upgrade, your previous
\nversion of the operating system. When you upgrade, FreeNAS\u2122 automatically backs up your
\nconfiguration and preserves the initial operating system. This means that it is easy to rollback to the
\nprevious version and its configuration should you experience a problem with the upgraded version. The
\nupgrade automatically configures the system to boot from the new operating system; a rollback
\nconfigures the system to boot from the previous operating system. Should you ever be unable to boot
\ninto a newly upgraded operating system, simply select F2 at the FREENAS\u2122 console when you see
\nthis screen at the very beginning of the boot process:
\nF1 FreeBSD
\nF2 FreeBSD
\nBoot: F1
\nThere are 2 ways to upgrade a FreeNAS\u2122 8.x system: from the ISO or from the xz file. Both methods
\nare described below.
\n2.5.1 Using the ISO
\nTo upgrade from the CDROM, download the latest version of the ISO image that matches the
\narchitecture of the system (32 or 64 bit) and burn it to a CDROM.
\nNOTE: the installer on the CDROM will recognize if a previous version of FreeNAS\u2122 8.x is already
\ninstalled, meaning the CDROM can also be used to upgrade FreeNAS\u2122. However, the installer can not
\nperform an upgrade from a FreeNAS\u2122 7.x system.
\nInsert the CDROM into the system and boot from it. Once the media has finished booting into the
\ninstallation menu, press enter to select the default option of “1 Install\/Upgrade to hard drive\/flash
\ndevice, etc.” As with a fresh install, the installer will present a screen showing all available drives (see
\nFigure 2.2b); select the drive FreeNAS\u2122 is installed into and press enter.
\nThe installer will recognize that an earlier version of FreeNAS\u2122 is installed on the drive and will
\npresent the message shown in Figure 2.5a.
\nIf you select NO at this screen, the installer will do a fresh install of the version on the CD rather than
\nupgrading the previous version. To upgrade, press enter to accept the default of Yes. Again, the
\ninstaller will remind you that the operating system should be installed on a thumb drive (seen in Figure
\n2.2c). Press enter to start the upgrade. Once the installer has finished unpacking the new image, you
\nwill see the menu shown in Figure 2.5b.
\nThe database file that is preserved and migrated contains your FreeNAS\u2122 configuration settings. Press
\nenter and FreeNAS\u2122 will indicate that the upgrade is complete and that you should reboot, as seen in
\nFigure 2.5c.
\nFreeNAS\u2122 8.0.3 Guide Page 26 of 164
\nFigure 2.5a: Upgrading a FreeNAS\u2122 Installation
\nFigure 2.5b: FreeNAS\u2122 will Preserve and Migrate Settings
\nFreeNAS\u2122 8.0.3 Guide Page 27 of 164
\nFigure 2.5c: Upgrade is Complete
\n2.5.2 From the GUI
\nBefore upgrading FreeNAS\u2122:
\n1. Download the *.GUI_upgrade.xz image file that matches your architecture; download this file
\nto the computer that you use to access the FreeNAS\u2122 system.
\n2. Download the ReleaseNotes for that version; towards the bottom you will find the SHA256
\nhash for the *.GUI_upgrade.xz image file.
\n3. Backup the FreeNAS\u2122 configuration in System -> Settings -> General -> Upload Config.
\n4. Warn all network users that the FreeNAS\u2122 shares will be unavailable during the upgrade; you
\nshould schedule the upgrade for a time that will least impact users.
\n5. Stop all services in Services -> Control Services.
\n6. Go to System -> Settings -> Advanced, check the box \u201cShow console messages in the footer
\n(Requires UI reload)\u201d, and refresh your browser. This way you can watch the progress of the
\nupgrade until the first reboot.
\nTo perform the upgrade, go to System -> Settings -> Advanced -> Firmware Update as shown in Figure
\n2.5d.
\nFreeNAS\u2122 8.0.3 Guide Page 28 of 164
\nFigure 2.5d: Upgrading FreeNAS\u2122 From the GUI
\nUse the drop-down menu to select a volume to temporarily place the firmware file during the upgrade,
\nthen click the Update button. You will be prompted to browse to the location of the downloaded .xz file
\nand to paste the SHA256 sum. The SHA256 sum in the ReleaseNotes will look similar to this:
\nFilename:
\nFreeNAS-8.0.3-RELEASE-x64-GUI_Upgrade.xz
\nSHA256 Hash:
\ncdcd02b2bc4cbd0b2bc92153ddc2f0f73780572f877789b21d6ef32135c7e3722b224
\nWhen finished, click the Apply Update button which will change to “please Wait…”. Behind the scenes,
\nthe following steps are occurring:
\n\u2022 the SHA256 hash is confirmed and an error will display if it does not match; if you get this
\nerror, double-check that you pasted the correct checksum and try pasting again
\n\u2022 the new image is uncompressed and written to the USB compact or flash drive; this can take 10
\nto 15 minutes so be patient
\n\u2022 once the new image is written, you will momentarily lose your connection as the FreeNAS\u2122
\nsystem will automatically reboot into the new version of the operating system
\n\u2022 FreeNAS\u2122 will actually reboot twice: once the new operating system loads the upgrade
\nprocess applies the new database schema and reboots again
\n\u2022 assuming all went well, the FreeNAS\u2122 system will receive the same IP from the DHCP server;
\nrefresh your browser after a moment to see if you access the system
\nFreeNAS\u2122 8.0.3 Guide Page 29 of 164
\n2.5.2.1 If Something Goes Wrong
\nIf the FreeNAS\u2122 system does not become available after the upgrade, you will need physical access to
\nthe system to find out what went wrong. From the console menu you can determine if it received an IP
\naddress and use option “1) Configure Network Interfaces” if it did not.
\nIf this does not fix the problem, go into option “9) Shell” and read the system log with this command:
\nmore \/var\/log\/messages
\nIf the problem is not obvious or you are unsure how to fix it, see section 10 FreeNAS Support
\nResources.
\nIf the system remains inaccessible and you wish to revert back to the previous installation, type reboot
\nfrom the shell or select “10) Reboot” from the console menu. Watch the boot screens and press F2
\nwhen you see this menu:
\nF1 FreeBSD
\nF2 FreeBSD
\nBoot: F1
\nSection 2: Using the Graphical Interface
\nThis section of the Guide describes all of the configuration screens available within the FreeNAS\u2122
\ngraphical administrative interface. The screens are listed in the order that they appear within the tree, or
\nthe left frame of the GUI.
\nNOTE: It is important to use the GUI (or the console) for all configuration changes. FreeNAS\u2122 uses a
\nconfiguration database to store its settings. While you can use the command line to modify your
\nconfiguration, changes made at the command line are not written to the configuration database. This
\nmeans that any changes made at the command line will not persist after a reboot and will be
\noverwritten by the values in the configuration database during an upgrade.
\n3 Account Configuration
\nThe account section of the GUI allows you to change the administrative password and manage users
\nand groups.
\nFreeNAS\u2122 supports users, groups, and permissions, allowing great flexibility in configuring which
\nusers have access to the data stored on FreeNAS.\u2122 Before you can assign permissions which will be
\nused by shares, you will need to do one of the following:
\n1. Create one guest account that all users will use. OR
\n2. Create a user account for every user in the network where the name of each account is the same
\nas a logon name used on a computer. For example, if a Windows system has a login name of
\nbobsmith, you should create a user account with the name bobsmith on FreeNAS\u2122. If your
\nintent is to assign groups of users different permissions to shares, you will need to also create
\ngroups and assign users to the groups. OR
\n3. If your network uses Active Directory to manage user accounts and permissions, enable the
\nActive Directory service.
\nFreeNAS\u2122 8.0.3 Guide Page 30 of 164
\nThis section describes how to manage the administrative account, users, and groups using the
\nFreeNAS\u2122 GUI.
\n3.1 My Account
\nBy default no password is required to access the FreeNAS\u2122 administrative interface using the built-in
\nadmin account. For security reasons, you should immediately change the default administrative account
\nname and set a password for that account. To change the administrative account name, go to Account ->
\nMy Account -> Change Admin User. This will open the screen shown in Figure 3.1a.
\nFigure 3.1a: Changing the FreeNAS\u2122 Administrative Account
\nReplace admin with the name of the account that will be used to login to the FreeNAS\u2122 system. The
\nFirst and Last name fields are optional. Click the Change Admin User to save your changes.
\nNOTE: in FreeNAS\u2122 the administrative account is not the same as the root user account. The
\nadministrative account is used to access the graphical administrative interface. This separation makes it
\npossible to disable root logins while maintaining the ability of logging into the graphical administrative
\ninterface.
\nTo change the password of the administrative account, click on Account -> My Account -> Change
\nPassword. This will open the screen shown in Figure 3.1b.
\nFreeNAS\u2122 8.0.3 Guide Page 31 of 164
\nFigure 3.1b: Setting the FreeNAS\u2122 Administrative Password
\nSince there is no default password, leave the old password field blank. Type in and confirm the
\npassword which will be used when accessing the graphical administrative interface. If you wish to
\nallow root logins using the same password, leave the “Change root password as well” box checked. If
\nyou wish to use a different root password, uncheck this box and set the root password in Account ->
\nUsers -> View All Users -> root -> Change Password.
\n3.2 Groups
\nThe Groups interface allows you to manage UNIX-style groups on the FreeNAS\u2122 system. Creating a
\nshare that will be accessed by some users but not others is a three step process:
\n1. Create a user account for each user in Account -> Users -> Add User.
\n2. Add the user accounts to a group that you create in Account -> Groups -> Add Group.
\n3. In Storage -> create a volume or ZFS dataset and assign permission to the group for that
\nvolume or dataset.
\nThis section describes step 2 or how to create the group and assign it user accounts. The next section
\nwill describe step 1 or how to create user accounts. Section 6.3 Volumes describes step 3 or how to
\ncreate volumes\/datasets and set their permissions.
\nIf you click Groups -> View All Groups, you will see a screen similar to Figure 3.2a.
\nFreeNAS\u2122 8.0.3 Guide Page 32 of 164
\nFigure 3.2a: FreeNAS\u2122 Groups Management
\nAll groups that came with the operating system will be listed and the screen will indicate if any
\nadditional groups have been defined by the administrator. Each group has an entry indicating the group
\nID and group name; click the group’s Members button to view and modify that group’s membership.
\nIf you click the Add New Group button, you will be prompted to enter the group’s name. The next
\navailable group ID will be suggested for you, though you can change it to another value. By
\nconvention, UNIX groups containing user accounts have an ID greater than 1000 and groups required
\nby a service have an ID equal to the default port number used by the service (e.g. the sshd group has an
\nID of 22).
\nOnce the group and users are created, assign the users as members to the group. In the example shown
\nin Figure 3.2b, a group called data1 has been created and a user account named user1 has also been
\ncreated. Click on View All Groups then the Members button for the group you wish to assign users to.
\nHighlight the user in the Member users list (which shows all user accounts on the system) and click the
\n>> to move that user to the right frame. Whatever user accounts appear in the right frame will be
\nmembers of that group.
\nFreeNAS\u2122 8.0.3 Guide Page 33 of 164
\nFigure 3.2b: Assigning a User as a Member of a Group
\n3.3 Users
\nIf you wish to set permissions on your volumes or datasets, you will need to create at least one user
\naccount and assign that user account the required permissions. If you also wish to create groups to
\nmanage permissions, you should create the user accounts first, then assign the accounts as members of
\nthe groups. This section demonstrates how to create a user account.
\nIf you click Account -> Users -> View All Users, you will see a listing of all of the user accounts that
\nwere created with the FreeNAS\u2122 system, as shown in Figure 3.3a:
\nFigure 3.3a: Managing User Accounts
\nFreeNAS\u2122 8.0.3 Guide Page 34 of 164
\nEach account entry indicates the user ID, account name, default group, home directory, default shell,
\nand offers buttons to change the user’s password, the user’s account settings, and email address. Every
\nuser account, except for the root user, that came with the FreeNAS\u2122 system is a system account. This
\nmeans that it is used by a service and should not be available for use as a login account. For this reason,
\nthe default shell is nologin(8). For security reasons (and to prevent breakage of system services) you
\nshould not modify the system accounts.
\nTIP: for security reasons, you should change the root password from the default value.
\nTo create a user account, click the Add New User button to open the screen shown in Figure 3.3b. Table
\n3.3a summarizes the options available in this screen.
\nFigure 3.3b: Adding a User Account
\nTable 3.3a: User Account Configuration
\nSetting Value Description
\nUser ID integer
\ncan accept default; by convention, user accounts have an ID greater than
\n1000 and system accounts have an ID equal to the default port number
\nused by the service
\nUsername string
\nmaximum 30 characters, can include numerals, can not include a space;
\ndue to a limitation in FreeBSD, usernames that exceed 17 characters are
\nunable to create cron jobs or be used in rsync tasks
\nFreeNAS\u2122 8.0.3 Guide Page 35 of 164
\nSetting Value Description
\nPrimary Group drop-down
\nmenu
\nif left empty this will create a group with the same name; don’t add to
\nwheel group unless you mean to give superuser access; don’t add to a
\nsystem group unless you are creating a system account required by that
\ngroup
\nHome Directory string needs to be changed to the name of an existing volume or dataset that the
\nuser will be assigned permission to access
\nShell drop-down
\nmenu
\nif creating a system account, choose nologin; if creating a user account,
\nselect shell of choice
\nFull Name string mandatory, may contain spaces
\nPassword string mandatory unless check box to disable logins
\nPassword
\nconfirmation string must match Password
\nDisable logins checkbox check this box for system accounts and for user accounts who aren’t
\nallowed to login to the FreeNAS\u2122 system
\nSSH Public Key string paste the user’s public key which can be used for SSH authentication (do
\nnot paste the private key!)
\nLock user checkbox a checked box prevents user from logging in until the account is unlocked
\n(box is unchecked)
\n4 System Configuration
\nThe System icon contains the following tabs:
\n\u2022 Reporting: provides reports and graphs monitoring the system’s CPU, disk capacity and other
\nmetrics.
\n\u2022 Settings: used to configure system wide settings such as timezone, email setup, HTTPS access
\nand firmware upgrades.
\n\u2022 System information: provides general FreeNAS\u2122 system information such as hostname,
\noperating system version, platform and uptime.
\n\u2022 CronJobs: provides a graphical front-end to crontab(5).
\n\u2022 Rsync Tasks: allows you to schedule rsync tasks.
\n\u2022 S.M.A.R.T. Tests: allows you to schedule which S.M.A.R.T. tests to run on a per-disk basis.
\nEach of these is described in more detail in this section.
\nFreeNAS\u2122 8.0.3 Guide Page 36 of 164
\n4.1 Reporting
\nIf you click the Reporting tab, several graphs will load as seen in the example in Figure 4.1a.
\nFigure 4.1a: Reporting Graphs Showing the Load on the System
\nThe graphs will display the current interface traffic (for each configured interface), CPU usage,
\nphysical memory utilization, system load, processes, swap utilization, and disk space (for each
\nconfigured volume). Reporting data is saved, allowing you to view and monitor usage trends hourly,
\ndaily, weekly, monthly, and yearly.
\n4.2 Settings
\nThe Settings tab, shown in Figure 4.2a, contains 4 tabs: General, Advanced, Email, and SSL.
\nFreeNAS\u2122 8.0.3 Guide Page 37 of 164
\nFigure 4.2a: General Tab of Settings
\n4.2.1 General Tab
\nTable 4.2a summarizes the settings that can be configured using the General tab:
\nTable 4.2a: General Tab’s Configuration Settings
\nSetting Value Description
\nProtocol drop-down
\nmenu protocol to use when connecting to the administrative GUI from a browser
\nWebGUI
\nAddress
\ndrop-down
\nmenu
\nchoose from a list of recent IP addresses for the one to use when accessing the
\nadministrative GUI; the built-in HTTP server will automatically bind to the
\nwildcard address of 0.0.0.0 (any address) if the configured address becomes
\nunavailable and issue an alert
\nWebGUI
\nPort integer allows you to configure a non-standard port for accessing the administrative
\nGUI
\nFreeNAS\u2122 8.0.3 Guide Page 38 of 164
\nSetting Value Description
\nLanguage drop-down
\nmenu
\nselect the localization from the drop-down menu; requires a browser reload;
\nyou can view the status of localization at pootle.freenas.org
\nTimezone drop-down
\nmenu select the timezone from the drop-down menu
\nNTP server string input the IP address or name of up to 3 NTP servers; options from ntp.conf(5)
\nsuch as \u201ciburst maxpoll 9\u201d can be included
\nSyslog
\nserver IP address allows you to send FreeNAS\u2122 logs to specified remote syslog server
\nIf you make any changes, click the Save button.
\nThis tab also contains the following three buttons:
\nFactory Restore: replaces current configuration with the factory default. This means that all of your
\ncustomizations will be erased, but can be handy if you mess up your system or wish to return a test
\nsystem to the original configuration.
\nSave Config: allows you to browse to location to make a backup copy of the current configuration in
\nthe format hostname-YYYYMMDDhhmmss.db. You should always do this before upgrading your
\nsystem.
\nUpload Config: allows you to browse to location of saved configuration file in order to restore that
\nconfiguration.
\nNOTE: If you intend to recreate volumes and restore the default configuration, delete the volumes first
\nin Storage -> Volumes.
\n4.2.2 Advanced Tab
\nThe Advanced tab, shown in Figure 4.2b, allows you to set some miscellaneous settings on the
\nFreeNAS\u2122 system. The configurable settings are summarized in Table 4.2b.
\nFreeNAS\u2122 8.0.3 Guide Page 39 of 164
\nFigure 4.2b: Advanced Tab
\nTable 4.2b: Advanced Tab’s Configuration Settings
\nSetting Value Description
\nEnable Console Menu checkbox unchecking this box removes the console menu
\nshown in Figure 2.4a
\nUse Serial Console checkbox do not check this box if your serial port is disabled
\nEnable screen saver checkbox enables\/disables the console screen saver (see ticket
\n566)
\nEnable powerd (Power
\nSaving Daemon) checkbox
\nused to spin down disks, see powerd(8); this forum
\npost demonstrates how to determine if a drive has
\nspun down
\nSwap size non-zero integer
\nrepresenting GB effects new disks only
\nShow console messages in
\nthe footer checkbox requires you to refresh browser; will display console
\nmessages in real time at bottom of browser
\nShow tracebacks in case of
\nfatal errors checkbox
\nenable this when troubleshooting to get more
\ndiagnostic information to display in a GUI error
\nmessage
\nMOTD banner string input the message you wish to be seen when user logs
\nin via SSH
\nIf you make any changes, click the Save button.
\nThis tab also contains the following buttons:
\nRebuild LDAP\/AD Cache: click if you add a user to AD who needs immediate access to FreeNAS\u2122;
\notherwise this occurs automatically once a day as a cron job.
\nFreeNAS\u2122 8.0.3 Guide Page 40 of 164
\nSave Debug: creates a text file of diagnostic information which includes the FreeNAS\u2122 version, the
\nstatus of all services and their settings, the contents of all *.conf files, the debug log, and hardware
\ninformation.
\nFirmware Update: used to Upgrade FreeNAS\u2122. See section 2.5.2 Upgrading FreeNAS\u2122 From the
\nGUI for details.
\nApply Service Pack: future versions of FreeNAS\u2122 will provide service packs to address bugs and
\nsecurity fixes.
\n4.2.3 Email Tab
\nThe Email tab, shown in Figure 4.2c, is used to configure the email settings on the FreeNAS\u2122 system.
\nTable 4.2c summarizes the settings that can be configured using the Email tab.
\nFigure 4.2c: Email Tab
\nTable 4.2c: Email Tab’s Configuration Settings
\nSetting Value Description
\nFrom email string
\nthe From email address to be used when sending email
\nnotifications; the To email address is sent to the root user
\naccount and you can set that email address by clicking the
\nChange E-mail button for the root account in Accounts -> Users
\n-> View All Users
\nOutgoing mail
\nserver string or IP address hostname or IP address of SMTP server
\nFreeNAS\u2122 8.0.3 Guide Page 41 of 164
\nSetting Value Description
\nPort to connect
\nto integer SMTP port number, typically 25, 465 (secure SMTP), or 587
\n(submission)
\nTLS\/SSL drop-down menu encryption type; choices are plain, SSL, or TLS
\nUse SMTP
\nAuthentication checkbox enables\/disables SMTP AUTH using PLAIN SASL
\nUsername string used to authenticate with SMTP server
\nPassword string used to authenticate with SMTP server
\nSend Test Mail button click to check that configured email settings are working; this
\nwill fail if you do not set the To email address first
\n4.2.4 SSL Tab
\nDuring installation, an unsigned RSA certificate and key are auto-generated for you. You can view
\nthese in System -> Settings -> SSL, as seen in Figure 4.2d. If you already have your own signed
\ncertificate that you wish to use for SSL\/TLS connections, replace the values in the SSL certificate field
\nwith a copy\/paste of your own key and certificate. The certificate can be used to secure the HTTP
\nconnection (enabled in the Settings -> General Tab) to the FreeNAS\u2122 system, as well as to secure FTP
\nconnections (described in section 8.6.4 Encrypting FTP). Table 4.2d summarizes the settings that can
\nbe configured using the SSL tab. This howto shows how to generate a certificate using OpenSSL and
\nprovides some examples for the values shown in Table 4.2d.
\nFigure 4.2d: SSL Tab
\nFreeNAS\u2122 8.0.3 Guide Page 42 of 164
\nTable 4.2d: SSL Tab’s Configuration Settings
\nSetting Value Description
\nOrganization string optional
\nOrganizational Unit string optional
\nEmail Address string optional
\nLocality string optional
\nState string optional
\nCountry string optional
\nCommon Name string optional
\nSSL Certificate string paste the RSA private key and
\ncertificate into the box
\n4.3 System Information
\nThe system information tab will display general information about the FreeNAS\u2122 system. The
\ninformation includes the hostname, underlying FreeBSD version, type of CPU (platform), the amount
\nof memory, the current system time, the system’s uptime, the current load average, and the FreeNAS\u2122
\nbuild version. An example is seen in Figure 4.3a:
\nFigure 4.3a: System Information Tab
\nFreeNAS\u2122 8.0.3 Guide Page 43 of 164
\n4.4 Cron Jobs
\ncron(8) is a daemon that runs a command or script on a regular schedule as a specified user. Typically,
\nthe user who wishes to schedule a task manually creates a crontab(5) using syntax that can be
\nperplexing to new Unix users. The FreeNAS\u2122 GUI makes it easy to schedule when you would like the
\ntask to occur.
\nNOTE: due to a limitation in FreeBSD, users with account names that exceed 17 characters are unable
\nto create cron jobs.
\nFigure 4.4a shows the screen that opens when you click System -> Cron Jobs -> Add Cron Job.
\nFigure 4.4a: Creating a Cron Job
\nTable 4.4a summarizes the configurable options when creating a cron job.
\nTable 4.4a: Cron Job Options
\nSetting Value Description
\nUser drop-down menu make sure the selected user has permission to run the specified
\ncommand or script
\nFreeNAS\u2122 8.0.3 Guide Page 44 of 164
\nSetting Value Description
\nCommand string the full path to the command or script to be run; if it is a script, test it at
\nthe command line first to make sure that it works as expected
\nDescription string optional
\nMinute slider or
\ncheckboxes
\nif use the slider, cron job occurs every N minutes; if use check boxes,
\ncron job occurs at the selected moments
\nHour slider or
\ncheckboxes
\nif use the slider, cron job occurs every N hours; if use check boxes,
\ncron job occurs at the selected hours
\nDay of
\nmonth
\nslider or
\ncheckboxes
\nif use the slider, cron job occurs every N days; if use check boxes, cron
\njob occurs on the selected days of the selected months
\nMonth slider or
\ncheckboxes
\nif use the slider, cron job occurs every N months; if use check boxes,
\ncron job occurs on the selected months
\nDay of week slider or
\ncheckboxes
\nif use the slider, cron job occurs every N days; if use check boxes, cron
\njob occurs on the selected days
\nEnabled checkbox uncheck if you would like to disable the cron job without deleting it
\n4.5 Loaders
\nWhen a FreeBSD-based system boots, loader.conf(5) is read to determine if any parameters should be
\npassed to the kernel or if any additional kernel modules (such as drivers) should be loaded. Since loader
\nvalues are specific to the kernel parameter or driver to be loaded, descriptions can be found in the man
\npage for the specified driver and in many sections of the FreeBSD Handbook.
\nBeginning with version 8.0.3, FreeNAS\u2122 provides a graphical interface for managing loader values.
\nThis advanced functionality is intended to make it easier to load additional kernel modules at boot time.
\nA typical usage would be to load a FreeBSD hardware driver that does not automatically load after a
\nFreeNAS\u2122 installation. The default FreeNAS\u2122 image does not load every possible hardware driver.
\nThis is a necessary evil as some drivers conflict with one another or cause stability issues, some are
\nrarely used, and some drivers just don’t belong on a standard NAS system. If you need a driver that is
\nnot automatically loaded, you need to add a loader.
\nDANGER: changing the value of a loader is an advanced feature that could adversely effect the ability
\nof the FreeNAS\u2122 system to successfully boot. It is very important that you do not have a typo when
\nadding a loader value as this could halt the boot process. Fixing this problem requires physical access
\nto the FreeNAS\u2122 system and knowledge of how to use the boot loader prompt as described in section
\n4.5.1 Recovering From Incorrect Loaders. This means that you should always test the impact of any
\nchanges on a test system first.
\nAdditionally, certain changes could make your system unsupportable by the FreeNAS\u2122 team and can
\nbreak assumptions made by the software. Some examples include:
\n\u2022 setting kernel tunables to arbitrarily low or high limits, e.g. kern.hz=1 or kern.hz=100000
\n\u2022 disabling or enabling certain features such as vfs.zfs.zil_disable=1
\n\u2022 overriding default loader values, unless directed to do so by an developer affiliated with the
\nFreeNAS\u2122 8.0.3 Guide Page 45 of 164
\nFreeNAS\u2122 project
\nTo add a loader value, go to System -> Loaders -> Add Loader, as seen in Figure 4.5a.
\nFigure 4.5a: Adding a Loader Value
\nTable 4.5a summarizes the options when adding a loader.
\nTable 4.5a: Adding a Loader
\nSetting Value Description
\nVariable string typically the name of the driver to load, as indicated by its man page
\nValue integer or
\nstring
\nvalue to associate with variable; typically this is set to YES to enable the
\ndriver specifed by the variable
\nComment string optional, but a useful reminder for the reason behind adding this loader
\nThe changes you make will not take effect until the system is rebooted as loader settings are only read
\nwhen the kernel is loaded at boot time. As long as the loader exists, your changes will persist at each
\nboot and across upgrades.
\nAny loaders that you add will be listed in System -> Loaders -> View Loaders. To change the value of a
\nloader, click its Edit button. To remove a loader, click its Delete button.
\nAt this time, the GUI does not display the loaderss that are pre-set in the installation image.
\nFreeNAS\u2122 8.0.3 ships with the following loaders set:
\nautoboot_delay=”2″
\nloader_logo=”freenas”
\nkern.cam.boot_delay=10000
\nfuse_load=”YES”
\ngeom_mirror_load=”YES”
\ngeom_stripe_load=”YES”
\ngeom_raid3_load=”YES”
\ngeom_gate_load=”YES”
\ndebug.debugger_on_panic=1
\nhw.hptrr.attach_generic=0
\nFreeNAS\u2122 8.0.3 Guide Page 46 of 164
\nYou should not add or edit the default loaders in the GUI as doing so will overwrite the default values
\nwhich may render the system unusable.
\n4.5.1 Recovering From Incorrect Loaders
\nIf a loader is preventing the system from booting, you will need physical access to the FreeNAS\u2122
\nsystem. Watch the boot messages and press the number 6 key to select “6. Escape to loader prompt”
\nwhen you see the FreeNAS\u2122 boot menu shown in Figure 4.5b.
\nFigure 4.5b: FreeNAS\u2122 Boot Menu
\nThe boot loader prompt provides a minimal set of commands described in loader(8). Once at the
\nprompt, use the unset command to disable a problematic value, the set command to modify the
\nproblematic value, or the unload command to prevent the problematic driver from loading.
\nExample 4.5a demonstrates several examples using these commands at the boot loader prompt. The
\nfirst command disables the current value associated with the kern.ipc.nmbclusters MIB and will fail
\nwith a “no such file or directory” error message if a current loader does not exist to set this value. The
\nsecond command disables ACPI. The third command instructs the system not to load the fuse driver.
\nWhen finished, type boot to continue the boot process.
\nExample 4.5a: Sample Commands at the Boot Loader Prompt
\nType ‘?’ for a list of commands, ‘help’ for more detailed help.
\nOK unset kern.ipc.nmbclusters
\nOK set hint.acpi.0.disabled=1
\nOK unload fuse
\nOK boot
\nAny changes made at the boot loader prompt only effect the current boot. This means that you need to
\nFreeNAS\u2122 8.0.3 Guide Page 47 of 164
\nedit or remove the problematic loader in System -> Loaders -> View Loaders to make your change
\npermanent and to prevent future boot errors.
\n4.6 Rsync Tasks
\nRsync is a utility that automatically copies specified data from one system to another over a network.
\nOnce the initial data is copied, rsync reduces the amount of data sent over the network by sending only
\nthe differences between the source and destination files. Rsync can be used for backups, mirroring data
\non multiple systems, or for copying files between systems.
\nTo configure rsync, you need to configure both ends of the connection:
\n\u2022 the rsync server: this system pulls (receives) the data. In the FreeNAS\u2122 GUI, the server is
\nconfigured in Services -> Rsync.
\n\u2022 the rsync client: this system pushes (sends) the data. In the FreeNAS\u2122 GUI, the client is
\nconfigured in System -> Rsync Tasks.
\nThis section summarizes the options when creating an Rsync Task. It then provides a configuration
\nexample for setting up rsync between two FreeNAS\u2122 systems.
\n4.6.1 Creating an Rsync Task
\nFigure 4.6a shows the screen that appears when you click System -> Rsync Tasks -> Add Rsync Task.
\nTable 4.6a summarizes the options that can be configured when creating an rsync task.
\nFigure 4.6a: Adding an Rsync Task
\nFreeNAS\u2122 8.0.3 Guide Page 48 of 164
\nTable 4.6a: Rsync Configuration Options
\nSetting Value Description
\nPath Browse button select the volume\/dataset\/directory that you wish to copy
\nRemote Host string IP address or hostname of the remote system that will store the copy
\nRemote Module
\nName string name must be defined in rsyncd.conf(5) of rsync server or in Rsync
\nModule of another FreeNAS\u2122 system
\nShort
\nDescription string optional
\nMinute slider or
\ncheckboxes
\nif use the slider, sync occurs every N minutes; if use check boxes,
\nsync occurs at the selected moments
\nHour slider or
\ncheckboxes
\nif use the slider, sync occurs every N hours; if use check boxes, sync
\noccurs at the selected hours
\nDay of month slider or
\ncheckboxes
\nif use the slider, sync occurs every N days; if use check boxes, sync
\noccurs on the selected days
\nMonth checkboxes task occurs on the selected months
\nDay of week checkboxes task occurs on the selected days of the week
\nUser drop-down
\nmenu
\nspecified user must have permission to write to the specified directory
\non the remote system; due to a limitation in FreeBSD, the user name
\ncan not exceed 17 characters
\nRecursive checkbox if checked, copy will include all subdirectories of the specified
\nvolume
\nTimes checkbox preserve modification times of files
\nCompress checkbox recommended on slow connections as reduces size of data to be
\ntransmitted
\nArchive checkbox
\nequivalent to -rlptgoD (recursive, copy symlinks as symlinks,
\npreserve permissions, preserve modification times, preserve group,
\npreserve owner (super-user only), and preserve device files (superuser
\nonly) and special files)
\nDelete checkbox delete extraneous files from destination directory
\nQuiet checkbox suppresses information messages from the remote server
\nPreserve
\npermissions checkbox preserves file permissions
\nPreserve
\nextended
\nattributes
\ncheckbox both systems must support extended attributes
\nExtra options string rsync(1) options not covered by the GUI
\nFreeNAS\u2122 8.0.3 Guide Page 49 of 164
\n4.6.2 Configuring Rsync Between Two FreeNAS\u2122 Systems
\nThis configuration example will configure rsync between the two following FreeNAS\u2122 systems:
\n\u2022 192.168.2.2 has existing data in \/mnt\/local\/images. It will be the rsync client, meaning that an
\nrsync task needs to be defined.
\n\u2022 192.168.2.6 has an existing volume named \/mnt\/remote. It will be the rsync server, meaning that
\nit will receive the contents of \/mnt\/local\/images. An rsync module needs to be defined on this
\nsystem and the rsyncd service needs to be started.
\nOn the client system (192.168.2.2), an rsync task is defined in System -> Rsync Tasks -> Add Rsync
\nTask as shown in Figure 4.6b. In this example:
\n\u2022 the Path points to \/usr\/local\/images, the directory to be copied
\n\u2022 the Remote Host points to 192.168.2.6, the IP address of the rsync server
\n\u2022 the Remote Module Name is backups; this will need to be defined on the rsync server
\n\u2022 the rsync is scheduled to occur every 15 minutes
\n\u2022 the User is set to root so it has permission to write anywhere
\n\u2022 the Preserve Permissions checkbox is checked so that the original permissions are not
\noverwritten by the root user
\nFigure 4.6b: Configuring the Rsync Client
\nFreeNAS\u2122 8.0.3 Guide Page 50 of 164
\nOn the server system (192.168.2.6), an rsync module is defined in Services -> Rsync Modules -> Add
\nRsync Module as shown in Figure 4.6c. In this example:
\n\u2022 the Module Name is backups; this needs to match the setting on the rsync client
\n\u2022 the Path is \/mnt\/remote; a directory called images will be created to hold the contents of
\n\/usr\/local\/images
\n\u2022 the User is set to root so it has permission to write anywhere
\n\u2022 Hosts allow is set to 192.168.2.2, the IP address of the rsync client
\nDescriptions of the configurable options can be found in section 8.15.2 Rsync Modules.
\nTo finish the configuration, start the rsync service on the server in Services -> Control Services.
\nFigure 4.6c: Configuring the Rsync Server
\n4.7 S.M.A.R.T. Tests
\nS.M.A.R.T. (Self-Monitoring, Analysis and Reporting Technology) is a monitoring system for
\ncomputer hard disk drives to detect and report on various indicators of reliability. When a failure is
\nanticipated by S.M.A.R.T., the drive should be replaced. Most modern ATA, IDE and SCSI-3 hard
\ndrives support S.M.A.R.T.–refer to your drive’s documentation if you are unsure.
\nFigure 4.7a shows the configuration screen that appears when you click System -> S.M.A.R.T. Tests ->
\nFreeNAS\u2122 8.0.3 Guide Page 51 of 164
\nAdd S.M.A.R.T. Test. You should create a test for each drive that you wish to monitor. After creating
\nyour tests, check the configuration in Services -> S.M.A.R.T, then click the slider to ON for the
\nS.M.A.R.T service in Services -> Control Services.
\nNOTE: the S.M.A.R.T service will not start if you have not created any volumes.
\nFigure 4.7a: Adding a S.M.A.R.T Test
\nTable 4.7a summarizes the configurable options when creating a S.M.A.R.T test.
\nTable 4.7a: S.M.A.R.T Test Options
\nSetting Value Description
\nDisk drop-down menu select disk to monitor
\nType drop-down menu select type of list to run; see smartctl(8) for a description of each
\ntype of test
\nShort
\ndescription string optional
\nHour slider or
\ncheckboxes
\nif use the slider, test occurs every N hours; if use check boxes, test
\noccurs at the selected hours
\nDay of month slider or
\ncheckboxes
\nif use the slider, test occurs every N days; if use check boxes, test
\noccurs on the selected days
\nMonth checkboxes select the months when you wish the test to occur
\nFreeNAS\u2122 8.0.3 Guide Page 52 of 164
\nSetting Value Description
\nDay of week checkboxes select the days of the week when you wish the test to occur
\n4.8 Sysctls
\nsysctl(8) is an interface that is used to make changes to the underlying FreeBSD kernel running on a
\nFreeNAS\u2122 system. It can be used to tune the system in order to meet the specific needs of a network.
\nOver five hundred system variables can be set using sysctl(8). Each variable is known as a MIB as it is
\ncomprised of a dotted set of components. Since these MIBs are specific to the kernel feature that is
\nbeing tuned, descriptions can be found in many FreeBSD man pages (e.g. sysctl(3), tcp(4) and
\ntuning(7)) and in many sections of the FreeBSD Handbook.
\nDANGER: changing the value of a sysctl MIB is an advanced feature that immediately effects the
\nkernel of the FreeNAS\u2122 system. Do not change a MIB on a production system unless you understand
\nthe caveats associated with that change. A badly configured MIB could cause the system to become
\nunbootable, unreachable via the network, or can cause the system to panic under load. Certain changes
\nmay make your system unsupportable by the FreeNAS\u2122 team and can break assumptions made by the
\nsoftware. This means that you should always test the impact of any changes on a test system first.
\nBeginning with version 8.0.3, FreeNAS\u2122 provides a graphical interface for managing sysctl MIBs. To
\nadd a sysctl, go to System -> Sysctls -> Add Sysctl, shown in Figure 4.8a.
\nFigure 4.8a: Adding a Sysctl
\nTable 4.8a summarizes the options when adding a sysctl.
\nTable 4.8a: Adding a Sysctl
\nSetting Value Description
\nVariable string must be in dotted format e.g. kern.ipc.shmmax
\nValue integer or
\nstring
\nvalue to associate with MIB; do not make this up, refer to the suggested
\nvalues in a man page, FreeBSD Handbook page, or tutorial
\nComment string optional, but a useful reminder for the reason behind using this MIB\/value
\nFreeNAS\u2122 8.0.3 Guide Page 53 of 164
\nAs soon as you add or edit a sysctl, the running kernel will change that variable to the value you
\nspecify. As long as the sysctl exists, that value will persist across reboots and upgrades.
\nAny MIBs that you add will be listed in System -> Sysctls -> View Sysctls. To change the value of a
\nMIB, click its Edit button. To remove a MIB, click its Delete button.
\nAt this time, the GUI does not display the sysctl MIBs that are pre-set in the installation image.
\nFreeNAS\u2122 8.0.3 ships with the following MIBs set:
\ndebug.debugger_on_panic=0
\nkern.metadelay=3
\nkern.dirdelay=4
\nkern.filedelay=5
\nkern.coredump=0
\nYou should not add the default MIBs as sysctls as doing so will overwrite the default values which may
\nrender the system unusable.
\n5 Network Configuration
\nThe Network section of the administrative GUI contains the following components for viewing and
\nconfiguring the FreeNAS\u2122 system’s network settings:
\n\u2022 Global Configuration
\n\u2022 Network Summary
\n\u2022 Interfaces
\n\u2022 Link Aggregations
\n\u2022 Static Routes
\n\u2022 VLANs
\nEach of these is described in more detail below.
\n5.1 Global Configuration
\nThe global configuration tab, shown in Figure 5.1a, allows you to set non-interface specific network
\nsettings.
\nTable 5.1a summarizes the settings that can be configured using the Global Configuration tab. The
\nhostname and domain will be pre-filled for you, as seen in Figure 5.1a, but can be changed to meet the
\nlocal network’s requirements. The other settings are optional and can reduce the security of the
\nFreeNAS\u2122 system (by making it Internet accessible) if it is not properly protected by a firewall.
\nFreeNAS\u2122 8.0.3 Guide Page 54 of 164
\nFigure 5.1a: Sample Global Configuration
\nTable 5.1a: Global Configuration Settings
\nSetting Value Description
\nHostname string system host name
\nDomain string system domain name
\nIPv4 Default Gateway IP address typically not set to prevent NAS from being accessible from the
\nInternet
\nIPv6 Default Gateway IP address Typically not set
\nNameserver 1 IP address primary DNS server (typically in Windows domain)
\nNameserver 2 IP address secondary DNS server
\nNameserver 3 IP address tertiary DNS server
\n5.2 Network Summary
\nThe Network Summary tab allows you to quickly view the addressing information of every configured
\ninterface. It will show the interface name, IP address, DNS server(s), and default gateway.
\nFreeNAS\u2122 8.0.3 Guide Page 55 of 164
\n5.3 Interfaces
\nThe interfaces tab allows you to view which interfaces have been configured, to add an interface to
\nconfigure, and to edit an interface’s current configuration. Figure 5.3a shows the screen that opens
\nwhen you click Interfaces -> Add Interface.
\nTable 5.3a summarizes the configuration options when you Add an interface or Edit an already
\nconfigured interface.
\nFigure 5.3a: Editing an Interfaces Configuration
\nTable 5.3a: Interface Configuration Settings
\nSetting Value Description
\nNIC drop-down menu select the FreeBSD device name; will be read-only field when edit
\nan interface
\nInterface Name string description of interface
\nDHCP checkbox requires manual IPv4 or IPv6 configuration if unchecked
\nIPv4 Address IP address set if DHCP unchecked
\nIPv4 Netmask drop-down menu set if DHCP unchecked
\nAuto configure
\nIPv6 checkbox if checked, use rtsol(8) to configure the interface; requires manual
\nconfiguration if unchecked and wish to use IPv6
\nFreeNAS\u2122 8.0.3 Guide Page 56 of 164
\nSetting Value Description
\nIPv6 Address IPv6 address must be unique on network
\nIPv6 Prefix
\nLength drop-down menu match the prefix used on network
\nOptions string
\nadditional parameters from ifconfig(8), one per line; for example:
\nmtu 9000 will increase the MTU for interfaces that support jumbo
\nframes
\nThis screen also allows you to configure an alias for the interface. If you wish to set multiple aliases,
\nclick the “Add extra alias” link for each alias you wish to configure.
\n5.4 Link Aggregations
\nFreeNAS\u2122 uses FreeBSD’s lagg(4) interface to provide link aggregation and link failover. The lagg
\ninterface allows aggregation of multiple network interfaces into a single virtual lagg interface,
\nproviding fault-tolerance and high-speed multi-link throughput. The aggregation protocols supported
\nby lagg determine which ports are used for outgoing traffic and whether a specific port accepts
\nincoming traffic. Lagg’s interface link state is used to validate if the port is active or not.
\nAggregation works best on switches supporting LACP, which distributes traffic bi-directionally while
\nresponding to failure of individual links. FreeNAS\u2122 also supports active\/passive failover between
\npairs of links.
\nImportant notice regarding aggregation performance: the LACP, FEC and load-balance modes
\nselect the output interface using a hash that includes the Ethernet source and destination address,
\nVLAN tag (if available), IP source and destination address, and flow label (IPv6 only). The benefit can
\nonly be observed when multiple clients are transfering files from your NAS. The flow entering into
\nyour NAS depends on the Ethernet switch load-balance algorithm.
\nNOTE: LACP and other forms of link aggregation generally do not work well with virtualization
\nsolutions. In a virtualized environment, consider the use of iSCSI MPIO through the creation of an
\niSCSI Portal as demonstrated in section 8.14.6. This allows an iSCSI initiator to recognize multiple
\nlinks to a target, utilizing them for increased bandwidth or redundancy. This how-to contains
\ninstructions for configuring MPIO on ESXi.
\nThe lagg driver currently supports the following aggregation protocols:
\nFailover: the default protocol. Sends traffic only through the active port. If the master port becomes
\nunavailable, the next active port is used. The first interface added is the master port; any interfaces
\nadded after that are used as failover devices. By default, received traffic is only accepted when received
\nthrough the active port. This constraint can be relaxed by setting the net.link.lagg.failover_rx_all
\nsysctl(8) variable to a nonzero value, which is useful for certain bridged network setups.
\nFEC: supports Cisco EtherChannel. This is a static setup and does not negotiate aggregation with the
\npeer or exchange frames to monitor the link.
\nFreeNAS\u2122 8.0.3 Guide Page 57 of 164
\nLACP: supports the IEEE 802.3ad Link Aggregation Control Protocol (LACP) and the Marker
\nProtocol. LACP will negotiate a set of aggregable links with the peer into one or more link aggregated
\ngroups (LAG). Each LAG is composed of ports of the same speed, set to full-duplex operation. The
\ntraffic will be balanced across the ports in the LAG with the greatest total speed; in most cases there
\nwill only be one LAG which contains all ports. In the event of changes in physical connectivity, link
\naggregation will quickly converge to a new configuration. LACP must be configured on the switch as
\nwell.
\nLoad Balance: balances outgoing traffic across the active ports based on hashed protocol header
\ninformation and accepts incoming traffic from any active port. This is a static setup and does not
\nnegotiate aggregation with the peer or exchange frames to monitor the link. The hash includes the
\nEthernet source and destination address, VLAN tag (if available), and IP source and destination
\naddress.
\nRound Robin: distributes outgoing traffic using a round-robin scheduler through all active ports and
\naccepts incoming traffic from any active port.
\nNone: this protocol is intended to do nothing: it disables any traffic without disabling the lagg interface
\nitself.
\nNOTE: The FreeNAS\u2122 system must be rebooted after configuring the lagg device, which requires
\nconsole access to the FreeNAS\u2122 system. TCP access will be lost during reboot. The interfaces used in
\nthe lagg device should not be configured before creating the lagg device.
\nFigure 5.4a shows the configuration options when adding a lagg interface.
\nFigure 5.4a: Creating a lagg Interface
\nNOTE: if interfaces are installed but do not appear in the Physical NICs in the LAGG list, check that a
\nFreeBSD driver for the interface exists here.
\nFreeNAS\u2122 8.0.3 Guide Page 58 of 164
\nSelect the desired aggregation protocol, highlight the interface(s) to associate with the lagg device, and
\nclick the OK button.
\nOnce the lagg device has been created, it will appear in View All Link Aggregations. Click its Edit
\nInterface button to open the screen shown in Figure 5.4b.
\nFigure 5.4b: Edit lagg Interface
\nTable 5.4a describes the options in this screen:
\nTable 5.4a: Configurable Options for a lagg Interface
\nSetting Value Description
\nNIC string read-only as automatically assigned next available numeric ID
\nInterface Name string by default same as device (NIC) name, can be changed to a more
\ndescriptive value
\nDHCP checkbox check if the lagg device gets its IP address info from DHCP server
\nIPv4 Address string mandatory if DHCP is left unchecked
\nIPv4 Netmask drop-down
\nmenu mandatory if DHCP is left unchecked
\nAuto configure
\nIPv6 checkbox check only if DHCP server available to provide IPv6 address info
\nIPv6 Address string optional
\nFreeNAS\u2122 8.0.3 Guide Page 59 of 164
\nSetting Value Description
\nIPv6 Prefix
\nLength
\ndrop-down
\nmenu required if input IPv6 address
\nOptions string additional ifconfig(8) options
\nThis screen also allows you to configure an alias for the lagg interface. If you wish to set multiple
\naliases, click the “Add extra alias” link for each alias you wish to configure.
\nIf you click a lagg device’s Edit Members button, then the Edit button under the Action column, you
\nwill see the screen shown in Figure 5.4c. This screen allows you to configure the individual physical
\n(parent) interface that you specified. The configurable options are summarized in Table 4.4b.
\nFigure 5.4c: Editing a Member Interface
\nTable 5.4b: Configuring a Member Interface
\nSetting Value Description
\nLAGG Interface group drop-down menu select the member interface to configure
\nLAGG Priority Number integer order of selected interface within the lagg
\nPhysical NIC drop-down menu physical interface of the selected member
\nOptions string additional parameters from ifconfig(8)
\nNOTE: you can set options such as the MTU (to enable jumbo frames) at either the lagg level or the
\nindividual parent interface level. You do not have to set the option at both levels as each level will
\nautomatically inherit its options from the other. However, it makes sense to set it at the lagg level
\n(Figure 5.4b) as each interface member will inherit from the lagg. If you set it at the interface level
\n(Figure 5.4c), you will have to repeat for each interface within the lagg. It is important to not set
\ndiffering options at the lagg and the interface level as this will confuse the lagg device. Also, do not set
\njumbo frames if the attached switch does not support jumbo frames.
\nFreeNAS\u2122 8.0.3 Guide Page 60 of 164
\n5.5 Static Routes
\nFor security reasons, no static routes are defined on the FreeNAS\u2122 system. Should you need a static
\nroute to reach portions of your network, you can add and view all static routes using Network -> Static
\nRoutes. If you click “Add Static Route” you will see the screen shown in Figure 5.5a.
\nFigure 5.5a: Adding a Static Route
\nThe destination network and gateway fields are mandatory; the description field is optional.
\nIf you add any static routes, they will show in \u201cView All Static Routes\u201d. Each route will have an action
\nof Edit or Delete.
\n5.6 VLANs
\nFreeNAS\u2122 uses FreeBSD’s vlan(4) interface to demultiplex frames with IEEE 802.1q tags. This
\nallows nodes on different VLANs to communicate through a layer 3 switch or router. A vlan interface
\nmust be assigned a parent interface and a numeric VLAN tag. A single parent can be assigned to
\nmultiple vlan interfaces provided they have different tags. If you click Network -> VLANs -> Add
\nVLAN, you will see the screen shown in Figure 5.6a.
\nNOTE: VLAN tagging is the only 802.1Q feature that is implemented. Additionally, not all Ethernet
\ninterfaces support full VLAN processing\u2013see the HARDWARE section of vlan(4) for details.
\nFreeNAS\u2122 8.0.3 Guide Page 61 of 164
\nFigure 5.6a: Adding a VLAN
\nTable 5.6a describes the various fields.
\nTable 5.6a: Adding a VLAN
\nSetting Value Description
\nVirtual
\nInterface string Use the format vlanX where X is a number representing the
\nvlan interface
\nParent Interface select from drop-down
\nmenu
\nusually an Ethernet card connected to a properly configured
\nswitch port
\nVLAN Tag integer should match a numeric tag set up in the switched network
\nDescription string optional
\n.
\n6 Storage Configuration
\nThe Storage section of the graphical interface allows you to configure the following:
\n\u2022 Periodic Snapshot Tasks
\n\u2022 Replication Tasks
\n\u2022 Volumes
\nThese configurations are described in more detail in this section.
\n6.1 Periodic Snapshot Tasks
\nFreeNAS\u2122 ZFS volumes support snapshots, a read-only version of a ZFS volume or dataset at a given
\npoint in time. Snapshots can be created quickly and, if little data changes, new snapshots take up very
\nlittle space. For example, a snapshot where no files have changed takes 0MB of storage, but if you
\nchange a 10GB file it will keep a copy of both the old and the new 10GB version. Snapshots provide a
\nclever way of keeping a history of files, should you need to recover an older copy or even a deleted file.
\nFreeNAS\u2122 8.0.3 Guide Page 62 of 164
\nFor this reason, many administrators take snapshots often (e.g. every 15 minutes), store them for a
\nperiod of time (e.g. for a month), and store them on another system (e.g. using Replication Tasks). Such
\na strategy allows the administrator to roll the system back to a specific time or, if there is a catastrophic
\nloss, an off-site snapshot can restore the system up to the last snapshot interval (e.g. within 15 minutes
\nof the data loss). Snapshots can be cloned or rolled back, but the files on the snapshot cannot be
\naccessed independently.
\nBefore you can create a snapshot, you need to have an existing ZFS volume. How to do this is
\ndescribed in section 6.3.3 Creating Volumes.
\nTo create a ZFS snapshot, click Storage -> Periodic Snapshot Tasks -> Add Periodic Snapshot which
\nwill open the screen shown in Figure 6.1a.
\nFigure 6.1a: Creating a ZFS Periodic Snapshot
\nTable 6.1a summarizes the fields in this screen:
\nTable 6.1a: Options When Creating a Periodic Snapshot
\nSetting Value Description
\nMount
\nPoint drop-down menu select the mount point of an existing ZFS volume or dataset
\nRecursive checkbox
\nrecursive snapshots are created as one atomic operation
\nacross descendent file systems, meaning that the snapshot
\ndata is taken at one consistent time
\nFreeNAS\u2122 8.0.3 Guide Page 63 of 164
\nSetting Value Description
\nLifetime integer and drop-down menu how long to keep the snapshot
\nBegin drop-down menu time of first snapshot
\nEnd drop-down menu time of last snapshot
\nInterval drop-down menu how often to take snapshot between Begin and End times
\nWeekday checkboxes which days of the week to take snapshots
\nOnce you click the OK button, a snapshot will be taken and this task will be repeated according to your
\nsettings. If you click ZFS Snapshots, you will see a listing of available snapshots as seen in the example
\nin Figure 6.1b:
\nFigure 6.1b: Viewing Available Snapshots
\nThe most recent snapshot will be listed last and will have 3 icons instead of 2. The icons associated
\nwith a snapshot allow you to:
\nClone Snapshot: will prompt you for the name of the clone. The clone will be a writable copy of the
\nsnapshot and can only be created on the same ZFS volume. Clones do not inherit the properties of the
\nparent dataset, but rather inherit the properties based on where the clone is created in the ZFS pool.
\nBecause a clone initially shares all its disk space with the original snapshot, its used property is initially
\nzero. As changes are made to the clone, it uses more space.
\nDestroy Snapshot: a pop-up message will ask you to confirm this action. Note that clones must be
\ndestroyed before the parent snapshot can be destroyed.
\nRollback Snapshot: a pop-up message will ask if you are sure that you want to rollback to this
\nsnapshot state. If you click Yes, any files that have changed since the snapshot was taken will be
\nreverted back to their state at the time of the snapshot.
\nNOTE: rollback is a potentially dangerous operation and will cause any configured replication tasks to
\nfail as the replication system uses the existing snapshot when doing an incremental backup. If you do
\nneed to restore the data within a snapshot, the recommended steps are:
\nFreeNAS\u2122 8.0.3 Guide Page 64 of 164
\n1. Clone the desired snapshot.
\n2. Share the clone with the share type or service running on the FreeNAS\u2122 system.
\n3. Once users have recovered the needed data, destroy the clone.
\nThis approach will never destroy any on-disk data and has no impact on replication.
\nAlternatively, periodic snapshots will appear as shadow copies in newer versions of Windows Explorer.
\nUsers can access the files in the shadow copy using Explorer without requiring any interaction with the
\nFreeNAS\u2122 graphical administrative interface.
\n6.2 Replication Tasks
\nFreeNAS\u2122 supports the secure replication of ZFS snapshots to another remote FreeNAS\u2122 system (or
\nany other system running the same version of ZFS and a listening SSH server). This allows you to
\ncreate an off-site backup of the storage data.
\nThis section demonstrates how to setup SSH replication between two FreeNAS\u2122 systems. We will use
\nthe terms LOCAL (to represent the system that will send the snapshots) and REMOTE (to represent the
\nsystem to receive the snapshots). In this example, LOCAL has an IP address of 192.168.2.4 and
\nREMOTE has an IP address of 192.168.2.2. An overview is seen in Figure 6.2a.
\nFigure 6.2a: Overview of Configuration Example
\nFreeNAS\u2122 8.0.3 Guide Page 65 of 164
\nIn order to replicate ZFS snapshots you will need the following:
\n\u2022 a ZFS volume created on both LOCAL and REMOTE (see section 6.3.3 Creating Volumes for
\ninstructions on how to do this)
\n\u2022 a periodic snapshot task must be created on LOCAL (see section 6.1 Periodic Snapshot Tasks
\nfor instructions on how to do this)
\n\u2022 both systems configured for SSH key based authentication
\n6.2.1 Configuring SSH Key Based Authentication
\nIn order to setup SSH key based authentication, you will need to temporarily use SSH password based
\nauthentication so that you can copy the SSH key information to the required locations. The
\nconfiguration steps are as follows:
\n1. If you haven’t already, create on LOCAL a user account which will be used to ssh into LOCAL.
\nMake the user a member of the wheel group and set their home directory to the full path of the ZFS
\nvolume. In the example shown in Figure 6.2b, a user account named user1 has a home directory
\npointing to the ZFS volume named \/mnt\/data2. Create a similar user on REMOTE.
\n2. If you haven’t done so already, set the root password in Account -> Users -> View All Users on both
\nsystems.
\n3. Use an SSH client (e.g. the ssh command from a command prompt or PuTTY from a Windows
\nsystem) to login into LOCAL. In the example shown in Figure 6.2b, user1 is using the ssh command to
\nlogin to the LOCAL FreeNAS\u2122 system with an IP address of 192.168.2.4. Once logged in, copy the
\ncontents of \/data\/ssh\/replication.pub to a temporary file. This is the public key of LOCAL. To get the
\npublic key of REMOTE, issue the ssh-keyscan command with the IP address of REMOTE and add that
\npublic key as a separate line in your temporary file. In the example shown in Figure 6.2c, the REMOTE
\nIP address is 192.168.2.2.
\nNOTE: make sure that each key is pasted as one long line.
\nFreeNAS\u2122 8.0.3 Guide Page 66 of 164
\nFigure 6.2b: Create a User
\nFigure 6.2c: Copying the Replication Keys for LOCAL and REMOTE
\nFreeNAS\u2122 8.0.3 Guide Page 67 of 164
\n4. Now you will create an authorized_keys file on each system and paste the opposite system’s key to
\nthat file. In Example 6.2a, user1 is still logged into LOCAL. Once the REMOTE key is copied into
\nLOCAL’s authorized_keys, user1 logs into REMOTE as user2 and creates an authorized_keys file
\ncontaining the LOCAL key. When finished, the user types exit four times to leave both ssh sessions.
\nNOTE: when creating the authorized_keys file, make sure that the correct key is pasted as one long
\nline.
\nExample 6.2a: Creating the authorized_keys Files
\nmount -uw \/
\nmkdir \u2013p \/root\/.ssh\/
\nchmod 700 \/root\/.ssh
\nnano \/root\/.ssh\/authorized_keys
\n192.168.2.2 ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrF1\/MRk3I1wJm4708l
\nyugDmGd6JFeJonoeON3wCRVxmtUh7nKp1PXnagnbVFmq7aXIBs7Jd\/GdOWjousAIT9G3qcn\/tUf6A+AqcMk
\n4cl9BURDX6xMSotmAn4m6YuKQffACv86eIo69Xn7xVKVD8s8c7OKO\/XnstPrL0NPBmpfHa04P5NZoe2C06C
\nJKQCzKJGNJ\/pmlbE0CogVHf5AJT1NtEQkD78a7SqrQK30MlkIzjCVD3WvchWJp8hr3TCs5F1Tc1ay5EU2Zv
\nLwR8txaswuLyG33DKcE2SVRG5t+LD0S7wuvATTWrzSOQTpeZoiZDw7Qf3kkjpmt14UFnLsCjs9
\nssh user2@192.168.2.2
\nsu
\nmkdir \u2013p \/root\/.ssh\/
\nchmod 700 \/root\/.ssh
\nnano \/root\/.ssh\/authorized_keys
\nssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCwt6Fb1JthH6xPtmN5SzlqEjggZCH\/
\nwwWQsYKEHO\/vdwXLri8J+Pn\/oPMM3GlRRbYhB+vpnAxrTt1uiLREtenpQhSb56RIWyyZ6m1FrXs+QSaDKCp
\nM6+XRrQtLPd+VSoGDWsz6tK8mV7vpfk3X77w1Y0PZDZyOj1aZnEE447WtEtCAgYcaH3+4G6mWzoK8Rf7yXa
\nkNV+RO8Vu+40+H5qoqTAWk+rNIsZYcl8p7JiqxXLPGj6lPr5p9jqYsWqE23bwmpGrOZF1J9rd+hKv9jfxqW
\n86Am\/izWASYfy6qEIp4haYCo5oo09pqoOk17bDRNbPvFZ58aYadjvaap8YB5z0t Key for replication
\nexit
\nexit (exits superuser and then REMOTE)
\nexit
\nexit (exits superuser and then LOCAL)
\n6.2.2 Creating the Replication Task
\nYou are now ready to create a replication task. On LOCAL, click Storage -> Replication Tasks -> Add
\nReplication Task. In the example shown in Figure 6.2d, the LOCAL ZFS volume is \/mnt\/data2, the
\nREMOTE ZFS filesystem is data, and the REMOTE key has been pasted into the box. Note that for the
\nremote ZFS filesystem, \/mnt\/ is assumed and should not be included in the path.
\nFreeNAS\u2122 8.0.3 Guide Page 68 of 164
\nFigure 6.2d: Adding a Replication Task
\nTable 6.2a summarizes the options in the Add Replication Task screen.
\nTable 6.2a: Adding a Replication Task
\nSetting Value Description
\nMount Point drop-down
\nmenu the ZFS volume on LOCAL containing the snapshots to be replicated
\nRemote ZFS
\nfilesystem string the ZFS volume on REMOTE that will store the snapshots
\nRecursively
\nreplicate checkbox if checked will replicate child datasets and replace previous dataset
\non remote system
\nInitialize remote
\nside checkbox does a reset once operation which destroys the replication data on the
\nremote target and then reverts to normal operation
\nRemote
\nhostname string IP address or DNS name of remote system
\nRemote hostkey string mandatory; paste the public key of the remote system (this will be
\nthe second line in the temporary file you created above)
\n6.2.3 Testing Replication
\nIf you have followed all of the steps above and have LOCAL snapshots that are not replicating to
\nREMOTE, try deleting all snapshots on LOCAL except for the most recent one. In Storage -> Periodic
\nSnapshot Tasks -> View All Snapshot Tasks -> ZFS Snapshots check the box next to every snapshot
\nexcept for the last one (the one with 3 icons instead of 2), then click the global Destroy button at the
\nFreeNAS\u2122 8.0.3 Guide Page 69 of 164
\nbottom of the screen.
\nOnce you have only one snapshot, ssh into LOCAL and use the zfs send command. In the following
\nexample, the ZFS snapshot on LOCAL is on ZFS volume data2 and is named auto-20110922.1753-2h,
\nthe IP address of REMOTE is 192.168.2.2, and the ZFS volume on REMOTE is data. Note that the @
\nis used to separate the volume\/dataset name from the snapshot name.
\nzfs send data2@auto-20110922.1753-2h | ssh -i \/data\/ssh\/replication 192.168.2.2 \\
\nzfs receive data@auto-20110922.1753-2h
\nNOTE: if this command fails with the error “cannot receive new filesystem stream: destination has
\nsnapshots”, check the box “initialize remote side for once” in the replication task and try again. If the
\nzfs send command still fails, you will need to ssh into REMOTE and use the zfs destroy -R
\nvolume_name@snapshot_name command to delete the stuck snapshot.
\nYou can confirm that the replication was successful by going to Storage -> Periodic Snapshot Tasks ->
\nView All Periodic Snapshot Tasks -> ZFS Snapshots on REMOTE. Figure 6.2e shows the successful
\nreplication for our example:
\nFigure 6.2e: Viewing the Replicated Snapshot From REMOTE
\n6.2.4 Troubleshooting
\nIf replication is not working, check to see if SSH is working properly. ssh into LOCAL and try to ssh
\ninto REMOTE. Replace hostname_or_ip with the value for REMOTE:
\nssh -i \/data\/ssh\/replication hostname_or_ip
\nThis command should not ask for a password. If it asks for a password, key based authentication is not
\nworking. Check that the correct keys have been copied into the authorized_key files as described in
\nsection 6.2.1 Configuring SSH Key Based Authentication.
\nIf SSH is working correctly, check if the snapshot has replicated. ssh into REMOTE and run the
\ncommand:
\nzfs list -t snapshot
\nIt should list the snapshots replicated from LOCAL. If it does not, run the zfs send command as
\nFreeNAS\u2122 8.0.3 Guide Page 70 of 164
\ndemonstrated in section 6.2.3 Testing Replication.
\nAfter successfully transmitting the snapshot, recheck again after the time period between snapshots
\nlapses to see if the next snapshot successfully transmitted. If it is still not working, you can manually
\nsend an incremental backup of the last snapshot that is on both systems to the current one with this
\ncommand:
\nzfs send data2@auto-20110922.1753-2h | ssh -i \/data\/ssh\/replication 192.168.2.2 \\
\nzfs receive data@auto-20110922.1753-2h
\n6.3 Volumes
\nSince the storage disks are separate from the FreeNAS\u2122 operating system, you don’t actually have a
\nNAS (network-attached storage) system until you configure your disks into at least one volume.
\nFreeNAS\u2122 supports the creation of both UFS and ZFS volumes; however, ZFS volumes are
\nrecommended to get the most out of your FreeNAS\u2122 system. This section demonstrates how to
\nperform the following actions:
\n\u2022 If your disks are using an existing UFS or ZFS software RAID, see section 6.3.1 Auto
\nImporting Volumes.
\n\u2022 If your disks are already formatted with UFS, NTFS, MSDOS, or EXT2, see section 6.3.2
\nImporting Volumes.
\n\u2022 If you wish to format your disks into a UFS volume or ZFS pool, see section 6.3.3 Creating
\nVolumes.
\n\u2022 If you wish to grow the size of an existing ZFS pool, see section 6.3.4 Adding to an Existing
\nVolume.
\n\u2022 If you wish to divide an existing ZFS pool into datasets, see section 6.3.5 Creating ZFS
\nDatasets.
\n\u2022 If you wish to create a ZFS block device to use as an iSCSI device extent, see section 6.3.6
\nCreating a zvol.
\n\u2022 If you wish to control user\/group access to an existing UFS volume, ZFS pool, or ZFS dataset,
\nsee section 6.3.7 Setting Permissions .
\n6.3.1 Auto Importing Volumes
\nIf you click Storage -> Volumes -> Auto Import Volume, you can configure FreeNAS\u2122 to use an
\nexisting software UFS or ZFS RAID volume. Supported volumes are UFS GEOM stripes (RAID0),
\nUFS GEOM mirrors (RAID1), UFS GEOM RAID3, as well as existing ZFS pools. UFS RAID5 is not
\nsupported as it is an unmaintained summer of code project which was never integrated into FreeBSD.
\nNOTE: since .7 versions of FreeNAS\u2122 use an earlier version of ZFS, importing ZFS pools into
\nFreeNAS\u2122 8 is a one-way street. In other words, once you import a ZFS volume, you can not revert
\nback to a previous version of ZFS. FreeNAS\u2122 8.0.3 does not currently support deduplication,
\ncompatibility with Nexenta pools, or Linux fuse-zfs.
\nf you have an existing software RAID volume, you will be able to select it from the drop-down menu.
\nFreeNAS\u2122 8.0.3 Guide Page 71 of 164
\nIn the example shown in Figure 6.3a, the FreeNAS\u2122 system has an existing ZFS RAIDZ1 named
\nbackups. Once the volume is selected, click the “Import Volume” button.
\nFigure 6.3a: Importing an Existing RAID Volume
\nOnce the import is complete you may have to refresh your browser in order for it to appear in the View
\nAll Volumes list.
\nNOTE: FreeNAS\u2122 will not import a dirty volume. If your existing volume does not show in the dropdown
\nmenu, you will need to access the console in order to fsck the volume.
\n6.3.2 Importing Volumes
\nThe import volume screen is used to import disks with existing filesystems so that they can be
\nconfigured for use by FreeNAS\u2122. If you click Import Volume, you’ll see the screen shown in Figure
\n6.3b:
\nFigure 6.3b: Importing a Volume
\nInput a name for the volume, use the drop-down menu to select the volume that you wish to import,
\nand select the type of filesystem on the disk. At this time, FreeNAS\u2122 supports the import of disks that
\nhave been formatted with UFS, NTFS, MSDOS, or EXT2.
\nBefore importing a disk, be aware of the following caveats:
\nFreeNAS\u2122 8.0.3 Guide Page 72 of 164
\n\u2022 FreeNAS\u2122 will not import a dirty filesystem. If a supported filesystem does not show in the
\ndrop-down menu, you will need to access the console in order to fsck the filesystem.
\n\u2022 earlier versions of FreeNAS\u2122 8 had a bug that prevented the successful import of NTFS drives.
\nDon’t try to import NTFS if you are running a version earlier than FreeNAS\u2122 8.0.1-RC1.
\n\u2022 due to the current GEOM implementation, FreeNAS\u2122 can not import dynamic NTFS volumes
\nat this time. A future version of FreeBSD may address this issue.
\n6.3.3 Creating Volumes
\nIf you have unformatted disks or wish to overwrite the filesystem (and data) on your disks, use the
\nCreate Volume screen to format the desired disks as a UFS volume or a ZFS pool.
\nIf you click on Storage -> Volumes -> Create Volume, you will see a screen similar to the example
\nshown in Figure 6.3c.
\nFigure 6.3c: Creating a ZFS Volume
\nThe options that are available in this screen differ depending upon the filesystem that is selected and
\nthe number of disks available:
\n\u2022 if you select one disk, you can only choose to format with UFS or ZFS
\n\u2022 if you select two disks, you can create a UFS or ZFS mirror or stripe
\n\u2022 if you select three disks, you can create a UFS or ZFS stripe, a UFS RAID3, or a ZFS RAIDZ1
\n\u2022 if you select four disks, you can create a UFS or ZFS mirror or stripe, or a ZFS RAIDZ1 or
\nRAIDZ2
\nTable 6.3a summarizes the configuration options of this screen.
\nFreeNAS\u2122 8.0.3 Guide Page 73 of 164
\nTable 6.3a: Options When Creating a ZFS Volume
\nSetting Value Description
\nVolume
\nname string
\nup to 9 alphanumeric characters. If an existing volume name is
\nspecified, the volume being created will be added to the existing
\nvolume as a stripe. This allows for complex volumes such as RAID 10,
\nRAIDZ+0, and RAIDZ2+0. The top level group is implicitly a stripe
\nand there is no provision to build a mirror of mirrors, a RAIDZ of
\nmirrors, or a mirror of RAIDZs.
\nMember
\ndisks checkboxes select desired number of disks from list of available disks
\nFilesystem
\ntype button select either UFS or ZFS
\nForce 4096
\nbytes sector
\nsize
\ncheckbox
\nthe system will automatically create the volume with 4K sectors if the
\nunderlying disk is using Advanced Format. Checking this option creates
\n4K sector size (instead of 512 bytes) regardless of the underlying
\nhardware.
\nZFS extra select for each
\nmember disk
\nonly available when select ZFS. Choose from: None, Log, Cache,
\nSpare. See note below for descriptions of each option.
\nThe Add Volume button warns that creating a volume destroys all existing data on selected disk(s).
\nThe ZFS extra options can be used to increase performance. They are as follows:
\nNone: selected disk(s) will be used for storing data.
\nLog: selected disk will be dedicated for storing the ZIL (ZFS Intent Log). See the Separate Log
\nDevices section of the ZFS Best Practices Guide for size recommendations. When two or more log
\ndevices are specified, FreeNAS\u2122 will mirror them as suggested by the ZFS Best Practices Guide. This
\nis a prevention measure because losing the ZIL could lead to disastrous results such as making the
\nentire pool inaccessible.
\nPutting the ZIL on high speed devices can also improve performance for certain workloads, especially
\nthose requiring synchronous writes such as NFS clients connecting to FreeNAS\u2122 running on VMWare
\nESXi. In such cases, a dedicated ZIL will make a big difference in performance. Applications that do
\nnot do a lot of synchronous writes are less likely to benefit from having dedicated ZIL devices. For
\nVMWare, if a high speed ZIL device is not an option, using iSCSI instead of NFS is a workaround to
\nachieve better performance.
\nCache: selected disk will be dedicated to L2ARC on-disk cache. Typically, one would select a fast
\ndisk, such as an SSD. See the Separate Cache Devices section of the ZFS Best Practices Guide for size
\nrecommendations. Losing an L2ARC device has no implications at all, other than read access can slow
\ndown.
\nSpare: will create a hot spare that is only used when another disk fails. Hot spares speed up healing in
\nthe face of hardware failures and are critical for high mean time to data loss (MTTDL) environments.
\nOne or two spares for a 40-disk pool is a commonly used configuration. Use this option with caution as
\nthere is a known bug in the current FreeBSD implementation.
\nFreeNAS\u2122 8.0.3 Guide Page 74 of 164
\nThe volume creation screen allows for advanced scenarios:
\n\u2022 to create a mirror (RAID 1): check the 2 disks to go into the mirror from the list of available
\ndisks
\n\u2022 to create a striped mirror (RAID 10): create 2 mirrors with the same volume name
\n\u2022 to add an SSD as hybrid storage: check the box for the device, select ZFS, and choose Cache
\nfor that device in the ZFS Extra section
\n\u2022 to add a cache drive which will help read performance when the working set is smaller than
\nthe cache drive, but larger than the size of RAM available to the system: check the box for the
\ndevice, select ZFS, and choose Cache for that device in the ZFS Extra section
\nAn overview of the various RAID levels can be found in section 1 . 1 .6 RAID Overview .
\n6.3.4 Adding to an Existing Volume
\nZFS supports the addition of virtual devices (vdevs) to an existing volume (ZFS pool). A RAIDZ1 is an
\nexample of a vdev. Once a vdev is created, you can not add more drives to that vdev. However, if you
\nhave an existing RAIDZ1, you can stripe it with a new RAIDZ1 (and its disks). This will increase the
\noverall size of the pool.
\nTo combine two vdevs in the graphical administrative interface, go to Storage -> Volumes -> Create
\nVolume. In the Volume Name section, input the same name as an existing vdev, select the disk(s) that
\nyou wish to add, the type of RAID (which has to be the same as the existing one), choose ZFS as the
\nfilesystem, and click Add Volume.
\n6.3.5 Creating ZFS Datasets
\nAn existing ZFS volume can be divided into datasets. This allows you to create a share per dataset,
\nallowing for more granularity on which users have access to which data. A dataset is similar to a folder
\nin that you can set permissions; it is also similar to a filesystem in that you can set quotas and
\ncompression.
\nNOTE: if your goal is to share an entire ZFS volume, you don’t have to create datasets. If you wish to
\ndivide up a ZFS volume’s data into different shares, create a dataset for each share.
\nIf you click Volumes -> Create ZFS Dataset, you will see the screen shown in Figure 6.3d. Note that
\nthis menu option is not available until after you have created a ZFS volume.
\nTable 6.3b summarizes the options available when creating a ZFS dataset.
\nFreeNAS\u2122 8.0.3 Guide Page 75 of 164
\nFigure 6.3d: Creating a ZFS Dataset
\nTable 6.3b: ZFS Dataset Options
\nSetting Value Description
\nVolume drop-down
\nmenu select an existing ZFS volume
\nDataset Name string mandatory
\nCompression Level drop-down
\nmenu
\nchoose from: inherit, off, lzjb (optimized for performance while
\nproviding decent data compression), gzip level 6, gzip fastest (level
\n1), gzip maximum (level 9, best compression but slow); see NOTE
\nbelow
\nEnable atime inherit, on,
\nor off
\ncontrols whether the access time for files is updated when they are
\nread. Turning this property off avoids producing write traffic when
\nreading files and can result in significant performance gains, though
\nit might confuse mailers and other similar utilities.
\nQuota for dataset integer default of 0 is off; can specify M (megabyte), G (gigabyte), or T
\n(terabyte) as in 20G for 20 GB
\nQuota for dataset
\nand children integer default of 0 is off; can specify M (megabyte), G (gigabyte), or T
\n(terabyte) as in 20G for 20 GB
\nFreeNAS\u2122 8.0.3 Guide Page 76 of 164
\nSetting Value Description
\nReserved space for
\ndataset integer default of 0 is unlimited (besides hardware); can specify M
\n(megabyte), G (gigabyte), or T (terabyte) as in 20G for 20 GB
\nReserved space for
\ndataset and
\nchildren
\ninteger default of 0 is unlimited (besides hardware); can specify M
\n(megabyte), G (gigabyte), or T (terabyte) as in 20G for 20 GB
\nNOTE on compression: most media (e.g. .mp3, .mp4, .avi) is already compressed, meaning that you’ll
\nincrease CPU utilization for no gain if you store these files on a compressed dataset. However, if you
\nhave raw .wav rips of CDs or .vob rips of DVDs, you’ll see a performance gain using a compressed
\ndataset.
\n6.3.6 Creating a zvol
\nA zvol (ZFS volume) is a feature of ZFS that creates a device block over ZFS. This allows you to use a
\nzvol as an iSCSI device extent.
\nTo create a zvol, go to Storage -> Volumes -> Create ZFS Volume which will open the screen shown
\nin Figure 6.3e. Note that this menu option is not available until after you have created a ZFS volume.
\nFigure 6.3e: Creating a zvol
\nThe configuration options are described in Table 6.3c:
\nTable 6.3c: zvol Configuration Options
\nSetting Value Description
\nExisting Volume drop-down
\nmenu select existing ZFS pool to create the zvol from
\nZFS Volume
\nName string input a name for the zvol
\nSize integer specify size and value such as 10G
\nFreeNAS\u2122 8.0.3 Guide Page 77 of 164
\nSetting Value Description
\nCompression
\nLevel
\ndrop-down
\nmenu
\ninherit means it will use the same compression level as the existing
\nzpool used to create the zvol
\n6.3.7 Setting Permissions
\nSetting permissions is an important aspect of configuring a share so that FreeNAS\u2122 volumes are
\naccessible to the clients in your network. The graphical administrative interface is meant to set the
\ninitial permissions for a volume or dataset in order to make it available as a share. Once a share is
\navailable, the client operating system can be used to fine-tune the permissions of the files and
\ndirectories that are created by the client.
\nSection 7 Sharing contains configuration examples for several types of permission scenarios. This
\nsection provides an overview of the screen that is used to set those permissions.
\nOnce a volume or dataset is created, it will be listed by its mount point name in Storage -> View All
\nVolumes. If you click the Change Permissions icon for a specific volume\/dataset, you will see the
\nscreen shown in Figure 6.3f. Table 6.3d summarizes the options in this screen.
\nFigure 6.3f: Changing Permissions on a Volume or Dataset
\nFreeNAS\u2122 8.0.3 Guide Page 78 of 164
\nTable 6.3d: Options When Changing Permissions
\nSetting Value Description
\nOwner(user) drop-down
\nmenu
\nuser to have permission to the volume\/dataset; user must be created first if
\nit does not already exist
\nOwner(group) drop-down
\nmenu
\ngroup to have permission to the volume\/dataset; group must be created first
\nif it does not already exist and desired users need to be added as members
\nof the group
\nmode checkboxes check the desired permissions for user, group, and other
\nType of ACL bullet
\nselection
\nUnix and Windows ACLs are mutually exclusive, this means that you
\nmust select the correct type of ACL to match the share; see the NOTE
\nbelow for more details
\nrecursive checkbox
\nif checked, permissions will also apply to subdirectories of the volume or
\ndataset; if you edit the owner and\/or group at a later time, be sure to check
\nthis box so that the change is populated to all of the directories
\nNOTE regarding Type of ACL: when in doubt, or if you have a mix of operating systems in your
\nnetwork, always select Unix ACLs as all clients understand them. The only time there is a benefit to
\npicking Windows ACLs is when your network only contains Windows clients and you are configuring
\nCIFS shares. You will also want to use Windows ACLs if you are configuring the Active Directory
\nservice for a network that only contains Windows clients. Windows ACLs add a superset of
\npermissions that augment those provided by Unix ACLs. This means that only Windows clients
\nunderstand Windows ACLs. While Windows clients can understand Unix ACLs, they won’t benefit
\nfrom the extra permissions provided by Active Directory and Windows ACLs when Unix ACLs are
\nused.
\n6.3.8 Viewing Volumes
\nIf you click View All Volumes, you can view and further configure each volume and dataset, as seen in
\nthe example shown in Figure 6.3g.
\nThe five icons towards the top of the right frame allow you to: create another volume, create a ZFS
\ndataset, create a ZFS volume, import a volume, and auto import a volume.
\nThe seven icons associated with a ZFS volume entry allow you to:
\n\u2022 Export Volume: this button will perform an export or a delete, depending upon the choice you
\nmake in the screen that pops up when you click this button. The pop-up message, seen in Figure
\n6.3h, will show the current used space, provide the check box “Mark the disks as new (destroy
\ndata), prompt you to make sure that you want to do this, warn you if the volume has any
\nassociated shares and ask if you wish to delete them, and the browser will turn red to alert you
\nthat you are about to do something that will make the data inaccessible. If you do not check that
\nbox, the volume will be exported. This means that the data is not destroyed and the volume can
\nbe re-imported at a later time. If you will be moving a ZFS drive from one system to another,
\nyou should first export it. This operation flushes any unwritten data to disk, writes data to the
\ndisk indicating that the export was done, and removes all knowledge of the pool from the
\nsystem. If you do check that box, the volume and all of its data will be destroyed and the
\nFreeNAS\u2122 8.0.3 Guide Page 79 of 164
\nunderlying disks will be returned to their raw state.
\nFigure 6.3g: Viewing Volumes
\nFigure 6.3h: Exporting or Deleting a Volume
\n\u2022 Scrub Volume: the ZFS Best Practices Guide recommends that you should run a ZFS scrub on
\na regular basis to identify data integrity problems. If you have consumer-quality drives, consider
\na weekly scrubbing schedule. If you have datacenter-quality drives, consider a monthly
\nscrubbing schedule. You should also scrub a volume prior to replacing any of its drives.
\nFreeNAS\u2122 8.0.3 Guide Page 80 of 164
\n\u2022 Edit ZFS Options: allows you to edit the volume’s compression level, atime setting, dataset
\nquota, and reserved space for quota.
\n\u2022 Change Permissions: allows you to edit the volume’s user, group, Unix rwx permissions, and
\nto enable recursive permissions on the volume’s subdirectories.
\n\u2022 Create Snapshot: allows you to configure the snapshot’s name and whether or not it is
\nrecursive before manually creating a snapshot of the ZFS volume.
\n\u2022 View Disks: will display each disk’s numeric ID, FreeBSD device name, serial number, UUID,
\ndescription, transfer mode, HDD standby setting, advanced power management setting, acoustic
\nlevel, whether S.M.A.R.T is enabled, S.M.A.R.T extra options, and group membership. An Edit
\nbutton is included should you wish to modify any of these settings. A Replace button is included
\nshould the disk fail and ZFS needs to be made aware that the disk has been replaced.
\n\u2022 zpool status: will show the device name and status of each disk in the ZFS pool.
\nIf you click the View Disks icon \u2192 Edit, you’ll see the screen shown in Figure 6.3i.
\nFigure 6.3i: Editing a Volume’s Disk Options
\nFreeNAS\u2122 8.0.3 Guide Page 81 of 164
\nTable 6.3d summarizes the configurable options.
\nTable 6.3d: Editable Options for a Volume’s Disk
\nSetting Value Description
\nName string read-only value showing FreeBSD device name for disk
\nIdentifier string
\nread-only value showing the UUID of the disk (name
\nmay change with hot-swappable devices but the UUID
\ndoes not)
\nDescription string by default will show name of volume
\nTransfer Mode drop-down
\nmenu
\ndefault is auto, can also specify transfer mode used by
\nhardware
\nHDD Standby drop-down
\nmenu
\nindicates the time of inactivity (in minutes) before the
\ndrive enters standby mode in order to conserve energy;
\nthe default is always on
\nAdvanced Power
\nManagement
\ndrop-down
\nmenu
\ndefault is disabled, can select a power management
\nprofile from the menu
\nAcoustic Level drop-down
\nmenu
\ndefault is disabled, can be modified for disks that
\nunderstand AAM
\nEnable S.M.A.R.T checkbox on by default
\nS.M.A.R.T extra options string smartctl(8) options
\nGroup Membership drop-down
\nmenu the volume the disk is a member of
\n6.3.9 Replacing a Failed Drive
\nIf you are using any form of RAID, you should replace a failed drive as soon as possible to repair the
\ndegraded state of the RAID. Go to Storage -> Volumes -> View All Volumes. Click the View Disks
\nbutton of the associated volume which will list all of the disks within the volume. Locate the failed disk
\nand click its Replace button. Select an unused drive from the drop-down menu in the pop-up menu that
\nappears, then click the Replace disk button. In the example shown in Figure 6.3j, failed disk ada0 is
\nbeing replaced by disk ada3.
\nAs seen in the example shown in Figure 6.3k, once you click the Replace disk button, the failed disk
\nwill be placed at the bottom of the list and will now have a Detach button. Click Yes to confirm and the
\ndisk will be removed from the list of member disks.
\nFreeNAS\u2122 8.0.3 Guide Page 82 of 164
\nFigure 6.3j: Replacing a Failed Disk
\nFigure 6.3k: Detaching the Failed Disk
\nFreeNAS\u2122 8.0.3 Guide Page 83 of 164
\n6.3.10 Hot Swapping a ZFS Failed Drive
\nUntil the hot swapping improvements that became available in FreeBSD 9.0 are backported to
\nFreeNAS\u2122, ZFS will not automatically detach from the underlying GEOM provider. This means that
\ncare must be taken when hot swapping a drive. The following procedure is recommended:
\n\u2022 do NOT hot-pull the disk BEFORE making the operating system aware of your intent as this
\ncould cause more problems
\n\u2022 from the FreeNAS\u2122 console, use the swapctl -l command to determine the device name of the
\ndisk’s swap partition, then run swapoff <devicename> to disable that swap device
\n\u2022 from the FreeNAS\u2122 console, offline the disk to be removed using the command zpool offline
\n<poolname> <diskname>
\nAt this point, the disk can be hot-pulled from the system. Insert the new disk and recreate the same disk
\nlayout. Make sure that the size of the swap partition is the same as the rest of the disks in the pool.
\nThe following example creates a swap size of 2GB on disk da11:
\ngpart create -s gpt da11
\ngpart add -b 128 -s 4194304 -t freebsd-swap da11
\ngpart add -t freebsd-zfs da11
\nNext, issue the following commands to replace the disk, turn swap back on, and to detach from the
\npool:
\nzpool replace tank da11p2
\n\/etc\/rc.d\/swap1 start
\nzpool detach tank da11p2\/old
\n7 Sharing Configuration
\nOnce you have a volume, create at least one share so that the storage is accessible by the other
\ncomputers in your network. The type of share you create depends upon the operating system(s) running
\nin your network:
\nAFP Shares: the Apple File Protocol (AFP) type of share is the best choice if all of your computers run
\nMac OS X.
\nCIFS Shares: the Common Internet File System (CIFS) type of share is accessible by Windows, Mac
\nOS X, Linux, and BSD computers, but it is slower than an NFS share due to the single-threaded design
\nof Samba. If your network contains only Windows systems, this is a good choice. However, it is a poor
\nchoice if the CPU on the FreeNAS\u2122 system is limited; if your CPU is maxed out, you need to upgrade
\nthe CPU or consider another type of share.
\nNFS Shares: the Network File System (NFS) type of share is accessible by Mac OS X, Linux, BSD,
\nand the professional\/enterprise versions (not the home editions) of Windows. It is a good choice if there
\nare many different operating systems in your network. Depending upon the operating system, it may
\nrequire the installation or configuration of client software on the desktop.
\nIf you are looking for a solution that allows fast access from any operating system, consider
\nconfiguring the FTP service instead of a share and use a cross-platform FTP and file manager client
\napplication such as Filezilla.
\nFreeNAS\u2122 8.0.3 Guide Page 84 of 164
\nIf data security is a concern and your network’s users are familiar with SSH command line utilities or
\nWinSCP, consider configuring the SSH service instead of a share. It will be slower than unencrypted
\nFTP due to the overhead of encryption, but the data passing through the network will be encrypted.
\nNOTE: while the GUI will let you do it, it is a bad idea to share the same volume using multiple types
\nof access methods. Different types of shares and services use different file locking methods. For
\nexample, if the same volume is configured to use both NFS and FTP, NFS will lock a file for editing by
\nan NFS user, but a FTP user can simultaneously edit or delete that file. This will result in lost edits and
\nconfused users. Another example: if a volume is configured for both AFP and CIFS, Windows users
\nmay be confused by the extra filenames used by Mac files and delete the ones they don’t understand;
\nthis will corrupt the files on the AFP share. In other words, pick the one type of share or service that
\nmakes the most sense for the types of clients that will access that volume, and configure that volume
\nfor that one type of share or service.
\n7.1 AFP Shares
\nFreeNAS\u2122 uses AFP (Apple Filing Protocol) to share data with Apple systems. Configuring AFP
\nshares is a multi-step process that requires you to create users and groups, set volume\/dataset
\npermissions, create your AFP share(s), configure the AFP service in Services -> AFP, then enable the
\nAFP service in Services -> Control Services. This section shows the configuration screen for creating
\nthe AFP share and demonstrates how to connect from a Mac OS X client once the AFP service has
\nstarted.
\n7.1.1 Creating AFP Shares
\nIf you click Sharing -> AFP Shares \u2192 Add AFP Share, you will see the screen shown in Figure 7.1a.
\nTable 7.1a summarizes the available options when creating an AFP share.
\nFreeNAS\u2122 8.0.3 Guide Page 85 of 164
\nFigure 7.1a: Creating an AFP Share
\nTable 7.1a: AFP Share Configuration Options
\nSetting Value Description
\nName string
\nvolume name that will appear in the Mac computer’s \u201cconnect to
\nserver\u201d dialogue; limited to 27 characters and can not contain a
\nperiod
\nShare Comment string optional
\nPath browse button browse to the volume\/dataset to share
\nShare password string recommended; maximum of 8 characters
\nShare Character
\nSet string examples include UTF8 and ISO\u20138859-15
\nAllow List string comma delimited list of allowed users and\/or groups where
\ngroupname begins with a @
\nDeny List string comma delimited list of denied users and\/or groups where
\ngroupname begins with a @
\nRead-only Access string comma delimited list of users and\/or groups who only have read
\naccess where groupname begins with a @
\nFreeNAS\u2122 8.0.3 Guide Page 86 of 164
\nSetting Value Description
\nRead-write
\nAccess string comma delimited list of users and\/or groups who have read and write
\naccess where groupname begins with a @
\nDisk Discovery check box enable if there is no DNS record for the FreeNAS\u2122 system
\nDisk discovery
\nmode
\ndrop-down
\nmenu default or Time Machine (Apple’s backup utility)
\nDatabase Path string by default, the CNID databases used by AFP are located the root of
\nthe volume
\nCache CNID checkbox
\nif checked, AFP uses the ID information stored in AppleDouble
\nheader files to reduce database load; do not set this option if the
\nvolume is modified by non-AFP clients (e.g. NFS or CIFS)
\nTranslate CR\/LF checkbox
\nif enabled, AFP will automatically convert Macintosh line breaks into
\nUnix ones; some older programs store binary data files as type
\n“TEXT” when saving and switch the file type in a second step and
\nenabling this checkbox will break those files
\nWindows File
\nNames checkbox
\nforces filename restrictions imposed by older versions of Windows; it
\nis NOT recommended for volumes mainly used by Macs as it breaks
\nsome the ability of some applications to save files (e.g. OfficeX)
\nNo .AppleDouble checkbox
\nforces AFP to not create .AppleDouble directories when a non-Mac
\nclient saves a file; you can’t avoid the creation of .AppleDouble
\ndirectories when a Mac client writes so try to avoid this option
\nwhenever possible
\nZero Device
\nNumbers checkbox enable when the device number is not constant across a reboot
\nDisable File ID checkbox if enabled, AFP will not advertise createfileid, resolveid, and deleteid
\ncalls
\nDisable :hex
\nNames checkbox if this box is checked, AFP disables :hex translations for anything
\nexcept dot files; this option makes the \/ character illegal
\nProDOS checkbox if checked, provides compatibility with Apple II clients
\nNo Stat checkbox
\nif checked, AFP won’t stat the volume path when enumerating the
\nvolumes list; useful for automounting or volumes created by a
\npreexec script
\nAFP3 UNIX
\nPrivs checkbox do not enable if network contains Mac OS X 10.4 clients as they do
\nnot support this
\n7.1.2 Connecting to AFP Shares As Guest
\nAFP supports guest logins, meaning that all of your Mac OS X users can access the AFP share without
\nhaving to first create user accounts on the FreeNAS\u2122 system or a ZFS dataset for each user. In this
\nconfiguration example, the AFP share has been configured for guest access as follows:
\nFreeNAS\u2122 8.0.3 Guide Page 87 of 164
\n1. A ZFS volume named \/mnt\/data has its permissions set to the nobody user account and the
\nnobody group.
\n2. An AFP share with a Name of freenas has been created with a Path of \/mnt\/data, a Share
\nPassword has been set, the Allow List is set to nobody and Read-write Access has been set to
\nnobody. The Disk Discovery checkbox has been checked and the IP address of the FreeNAS\u2122
\nsystem is 192.168.2.2.
\n3. The Services -> AFP has been configured as follows: Server Name is freenas, the Guest Access
\ncheckbox is checked, nobody is selected in the Guest account drop-down menu, and the Local
\nAccess checkbox is unchecked.
\nOnce the AFP service has been started in Services -> Control Services, Mac OS X users can connect to
\nthe AFP share by clicking Go -> Connect to Server. In the example shown in Figure 7.1b, the user has
\ninput afp: followed by the IP address of the FreeNAS\u2122 system.
\nFigure 7.1b: Connect to Server Dialogue
\nClick the Connect button and a login box, seen in Figure 7.1c, will appear. Since a password has been
\nconfigured for this AFP share, the user must input the share password (i.e. not their own password).
\nOnce connected, Finder will automatically open. The name of the AFP share will be displayed in the
\nSHARED section in the left frame and the contents of the share will be displayed in the right frame. In
\nthe example shown in Figure 7.1d, \/mnt\/data has one folder named images. The user can now copy
\nfiles to and from the share.
\nTo disconnect from the volume, click the eject button in the Shared sidebar.
\nFreeNAS\u2122 8.0.3 Guide Page 88 of 164
\nFigure 7.1c: Authenticating to the AFP Share
\nFigure 7.1d: Viewing the Contents of the Share From a Mac System
\nFreeNAS\u2122 8.0.3 Guide Page 89 of 164
\n7.1.3 Using Time Machine
\nMac OS X includes Time Machine which can be used to schedule automatic backups. In this
\nconfiguration example, Time Machine will be configured to backup to an AFP share on a FreeNAS\u2122
\nsystem. To configure the AFP share on the FreeNAS\u2122 system:
\n1. A ZFS dataset named \/mnt\/data\/backup_user1 with a quota of 60G was created in Storage ->
\nCreate ZFS Dataset.
\n2. A user account was created as follows: Username of user1, Primary Group ID was left empty,
\nHome Directory of \/mnt\/data\/backup_user1, and the Full Name, E-mail, and Password fields
\nwere set. The Username and Password of the created account match the values on the Mac OS
\nX system.
\n3. An AFP share with a Name of backup_user1 has been created with a Path of
\n\/mnt\/data\/backup_user1, the Allow List is set to user1 and Read-write Access has been set to
\nuser1. The Disk Discovery checkbox has been checked, the Disk Discovery mode is set to Time
\nMachine and the IP address of the FreeNAS\u2122 system is 192.168.2.2.
\n4. Services -> AFP has been configured as follows: Server Name is freenas, the Guest Access
\ncheckbox is unchecked, and the Local Access checkbox is checked.
\n5. The AFP service has been started in Services -> Control Services.
\nTo configure Time Machine on the Mac OS X client, go to System Preferences -> Time Machine which
\nwill open the screen shown in Figure 7.1e. Click ON and a pop-up menu should show the FreeNAS\u2122
\nsystem as a backup option. In our example, it is listed as backup_user1 on “freenas”. Highlight the
\nentry representing the FreeNAS\u2122 system and click the Use Backup Disk button. A connection bar will
\nopen and will prompt you for the user account’s password–in this example, the password for the user1
\naccount.
\nTime Machine will create a full backup after waiting two minutes. It will then create a one hour
\nincremental backup for the next 24 hours, and then one backup each day, each week and each month.
\nSince the oldest backups are deleted when the ZFS dataset becomes full, make sure that the quota size
\nyou set is sufficient to hold the backups. Note that a default installation of Mac OS X is ~21GB in size.
\nIf you receive a “Time Machine could not complete the backup. The backup disk image could not be
\ncreated (error 45)” error when backing up to the FreeNAS\u2122 system, you will need to create a
\nsparsebundle image using these instructions.
\nFreeNAS\u2122 8.0.3 Guide Page 90 of 164
\nFigure 7.1e: Configuring Time Machine on Mac OS X Lion
\n7.2 CIFS Shares
\nFreeNAS\u2122 uses Samba to share volumes using Microsoft’s CIFS protocol. CIFS is built into the
\nWindows and Mac OS X operating systems and most Linux and BSD systems pre-install the Samba
\nclient (which provides CIFS). If your distro did not, check your distro’s software repository to install
\nthe Samba client.
\nConfiguring CIFS shares is a multi-step process that requires you to set permissions, create CIFS
\nshare(s), configure the CIFS service in Services -> CIFS, then enable the CIFS service in Services ->
\nControl Services. If your Windows network has a Windows server running Active Directory, you will
\nalso need to configure the Active Directory service in Services -> Active Directory. Depending upon
\nyour authentication requirements, you may also need to create users and groups. This section will
\ndemonstrate some common configuration scenarios:
\n\u2022 If you would like an overview of the configurable parameters, see section 7.2.1 Creating CIFS
\nShares.
\n\u2022 If you would like an example of how to configure access that does not require authentication,
\nsee section 7.2.2 Configuring Anonymous Access .
\n\u2022 If you would like each user to authenticate before accessing the share, see section 7.2.3
\nFreeNAS\u2122 8.0.3 Guide Page 91 of 164
\nConfiguring Local User Access.
\n\u2022 If you are having problems accessing your CIFS share, see Troubleshooting Tips.
\n7.2.1 Creating CIFS Shares
\nFigure 7.2a shows the configuration screen that appears when you click Sharing -> CIFS Shares -> Add
\nCIFS Share. Table 7.2a summarizes the options when creating a CIFS share. The values you use will
\nvary by configuration example.
\nIf you wish some files on a shared volume to be hidden and inaccessible to users, put a veto files= line
\nin the Auxiliary Parameters field. The syntax for this line and some examples can be found here.
\nIf you have created multiple CIFS shares that contain symbolic links pointing to each other, add the
\nfollowing lines to Auxiliary Parameters so that CIFS clients can follow the links:
\nunix extensions = no
\nfollow symlinks = yes
\nwide links = yes
\nFigure 7.2a: Adding a CIFS Share
\nFreeNAS\u2122 8.0.3 Guide Page 92 of 164
\nTable 7.2a: Options for a CIFS Share
\nSetting Value Description
\nName string mandatory; name of share e.g. Movies
\nComment string optional
\nPath browse button select volume\/dataset to share
\nExport Read Only checkbox prohibits write access to the share
\nBrowsable to
\nNetwork Clients checkbox enables Windows clients to browse the shared directory using
\nWindows Explorer
\nOwner Group checkbox if left unchecked, the owner’s group is taken from the logged in
\nuser of the share
\nInherit
\nPermissions checkbox if checked, permissions on new files and directories are inherited
\nfrom parent directory
\nExport Recycle
\nBin checkbox deleted files are moved to a recycle directory instead of being
\ndeleted
\nShow Hidden Files checkbox will display hidden files
\nGuest Account drop-down
\nmenu account to use for guest access
\nAllow Guest
\nAccess checkbox guest user will not be required to login in order to access the share
\nOnly Allow Guest
\nAccess checkbox forces guest access
\nHosts Allow string comma, space, or tab delimited list of allowed hostnames or IP
\naddresses
\nHosts Deny string
\ncomma, space, or tab delimited list of denied hostnames or IP
\naddresses; allowed hosts take precedence so can use ALL here and
\nspecify allowed hosts in Hosts Allow
\nAuxiliary
\nParameters string add additional smb.conf parameters not covered by other option
\nfields
\n7.2.2 Configuring Anonymous Access
\nIf you would like to share a volume with all of the users in your network without requiring them to
\ninput a password, you can configure anonymous CIFS sharing. The following steps are needed for this
\ntype of configuration:
\n1. Create a volume in Storage -> Volumes -> Create Volume.
\n2. Create a guest user account in Account -> Users -> Add User. In the screen shown in Figure 7.2b,
\ninput the username of guest, input the name of the volume you created as the home directory (in this
\nexample, \/mnt\/shared), input a description in the full name (in this example, cifs anon access), check
\nthe disable logins box, and click OK to create the account.
\nFreeNAS\u2122 8.0.3 Guide Page 93 of 164
\nFigure 7.2b: Creating a Guest Account for Anonymous Access
\n3. Associate the guest account with the volume in Storage -> Volumes. Click the volume’s name then
\nChange Permissions. In the screen shown in Figure 7.2c, select guest as the owner(user) and
\nowner(group), check the permissions that are appropriate to your network, and check the set
\npermissions recursively box. If non-Windows systems will be accessing the CIFS share, leave the type
\nof permissions as Unix. Only change the type of permissions to Windows if the share is only accessed
\nby Windows systems.
\n4. Create a CIFS share in Sharing -> CIFS Shares -> Add CIFS Share. In the screen shown in Figure
\n7.2d, input a name for the share (in this example, windows), input a comment (in this example, anon
\naccess), browse to the path of the volume (in this example, \/mnt\/shared), select guest as the guest
\naccount, check the boxes Allow Guest Access and Only Allow Guest Access, input the network address
\n(in this example 192.168.2.0\/24 will only allow hosts in the address range from 192.168.2.1 to
\n192.168.2.254), and click OK to create the share. If you have specific hosts on your network that you
\nwould like to exclude, you can add them in the hosts deny section. You can add a specific IP address
\n(e.g. 192.168.2.7), one address per line, or specific subnets (for example, 192.168.2.32\/27).
\n5. Configure the CIFS service in Services -> CIFS. In the screen shown in Figure 7.2e, select
\nAnonymous as the authentication model, select guest as the guest account, check the boxes Allow
\nAnonymous Access, Only Allow Anonymous Access, Allow Empty Password, and Enable Home
\nDirectories, browse to the volume name under home directories, and click OK.
\nFreeNAS\u2122 8.0.3 Guide Page 94 of 164
\nFigure 7.2c: Associating the Guest Account with the Volume
\nFigure 7.2d: Creating the CIFS Share
\nFreeNAS\u2122 8.0.3 Guide Page 95 of 164
\n6. Start the CIFS service in Services -> Control Services. Click the click the red OFF button next to
\nCIFS. After a second or so, it will change to a blue ON , indicating that the service has been enabled.
\n7. Test the connection. To test from a Windows system, open Explorer, click on Network and you
\nshould see an icon named FREENAS. Since anonymous access has been configured, you should not be
\nprompted for a username or password in order to see the share. An example is seen in Figure 7.2f.
\nIf you click on the FREENAS icon, you can view the CIFS share that you created in step 4.
\nTo prevent Windows Explorer from hanging when accessing the share, map the share as a network
\ndrive. To do this, right-click the share and select “Map network drive…” as seen in Figure 7.2g.
\nFigure 7.2e: Configuring CIFS Service for Anonymous Access
\nFreeNAS\u2122 8.0.3 Guide Page 96 of 164
\nFigure 7.2f: Accessing the CIFS Share from a Windows Computer
\nFigure 7.2g: Mapping the Share as a Network Drive
\nFreeNAS\u2122 8.0.3 Guide Page 97 of 164
\nChoose a drive letter from the drop-down menu and click the Finish button as shown in Figure 7.2h.
\nFigure 7.2h: Selecting the Network Drive Letter
\n7.2.3 Configuring Local User Access
\nIf you would like each user to authenticate before accessing the CIFS share, you need to configure local
\nuser access as follows:
\n1. Create a user account for each user in Account -> Users -> Add User that matches their username
\nand password on the client system. In the screen shown in Figure 7.2i, the Username is user1 and the
\nHome Directory points to the ZFS volume \/mnt\/test1. When setting the username and password, use
\nvalues that match existing user accounts that will be accessing the CIFS share; for example, use the
\nexisting Windows login names and passwords. Repeat this process to create a user account for every
\nuser that will need access to the CIFS share.
\nFreeNAS\u2122 8.0.3 Guide Page 98 of 164
\nFigure 7.2i: Creating a User Account
\n2. Create a group in Account -> Groups -> Add Group. Once the group is created, click its Members
\nbutton and add the user accounts that you created in step 1. In the example shown in Figure 7.2j, the
\nuser accounts user1 and user2 are being added to the group windows.
\n3. Give the group permission to the volume in Storage -> View All Volumes. In the example shown
\nin Figure 7.2k, the \/mnt\/test1 volume is set to the user nobody, the group windows, and the write
\ncheckbox for Group has been checked as it is off by default. Make sure that you set the permissions on
\nthe volume that is the home directory for the users that you added to the group.
\n4. Create a CIFS share in Sharing -> CIFS Shares -> Add CIFS Share. In the example shown in
\nFigure 7.2l, the Name of the share is backups the Path points to the ZFS volume \/mnt\/test1 and the
\nBrowsable to Network Clients box is checked.
\nNOTE: be careful about unchecking the Browsable to Network Clients box. When this box is checked
\n(the default), other users will see the names of every share that exists using Windows Explorer, but they
\nwill receive a permissions denied error message if they try to access someone else’s share. If this box is
\nunchecked, even the owner of the share won’t see it or be able to create a drive mapping for the share in
\nWindows Explorer. They can still access the share from the command line, so this option may be
\ndesirable in networks where security is a concern and where users are comfortable using the command
\nline.
\nFreeNAS\u2122 8.0.3 Guide Page 99 of 164
\nFigure 7.2j: Create a Group
\nFigure 7.2k: Give the Group Permissions to the Volume
\nFreeNAS\u2122 8.0.3 Guide Page 100 of 164
\nFigure 7.2l: Creating the CIFS Share
\n5. Configure the CIFS service in Services -> CIFS as follows:
\n\u2022 to ensure that the user is prompted to authenticate, select Local User as the Authentication
\nModel
\n\u2022 change the Workgroup name to that being used on the Windows network; unless it has been
\nchanged by the administrator, the default workgroup name is WORKGROUP
\n6. Start the CIFS service in Services -> Control Services. Click the click the red OFF button next to
\nCIFS. After a second or so, it will change to a blue ON , indicating that the service has been enabled.
\nNOTE: if you make changes in any of these steps after starting the CIFS service, you should restart the
\nCIFS service to make sure that the changes are applied.
\n7. Test the connection. To test from a Windows system, open Explorer, and click on Network. For this
\nconfiguration example, a system named FREENAS should appear with a share named backups. If you
\nclick on backups, a Windows Security pop-up screen will prompt for the user’s username and password.
\nOnce authenticated the user can copy data to and from the CIFS share.
\nNOTE: since the share is group writable, any authenticated user can change the data in the share. If
\nyou wish to setup shares where a group of users have access to some folders but only individuals have
\naccess to other folders (where all these folders reside on the same volume), you will need to create
\nthese directories and set their permissions at the console. Instructions for doing so can be found at the
\nforum post Set Permission to allow users to share a common folder & have private personal folder.
\nFreeNAS\u2122 8.0.3 Guide Page 101 of 164
\n7.3 NFS Shares
\nFreeNAS\u2122 supports the Network File System (NFS) for sharing volumes over a network. Once the
\nNFS share is configured, clients use the mount command to mount the share. Once mounted, the share
\nappears as just another directory on the client system. Some Linux distros require the installation of
\nadditional software in order to mount an NFS share. Windows systems may need to first enable
\nServices for NFS.
\nNOTE: Services for NFS is only available in the Ultimate or Enterprise editions of Windows.
\nConfiguring NFS is a multi-step process that requires you to create NFS share(s), configure NFS in
\nServices -> NFS, then start NFS in Services -> Control Panel. It does not require you to create users or
\ngroups as NFS uses IP addresses to determine which systems are allowed to access the NFS share.
\n7.3.1 Creating NFS Shares
\nIf you click Sharing -> NFS Shares \u2192 Add NFS Share you’ll see the screen shown in Figure 7.3a.
\nTable 7.3a summarizes the options in this screen.
\nFigure 7.3a: Creating an NFS Share
\nFreeNAS\u2122 8.0.3 Guide Page 102 of 164
\nTable 7.3a: NFS Share Options
\nSetting Value Description
\nComment string optional
\nPath browse button select volume\/dataset to share
\nAuthorized
\nnetwork string
\ncomma delimited list of allowed IP addresses and\/or network
\naddresses in the form 1.2.3.0\/24 where the number after the slash is
\na CIDR mask; if you need to input network addresses with different
\nCIDR masks, create multiple shares pointing to the same
\nvolume\/dataset, one for each mask
\nAll directories checkbox allows the client to mount at any point within the volume’s file
\nsystem
\nRead only checkbox prohibits writing to the volume
\nQuiet checkbox
\ninhibits some syslog diagnostics which can be useful to avoid
\nannoying error messages for known possible problems; see
\nexports(5) for examples
\nMaproot User drop-down menu
\nif left at N\/A, the root user will not be able to modify files on the
\nNFS share; if a user is selected, the root user is limited to that user’s
\npermissions
\nMaproot Group drop-down menu if specified, the root user will also be limited to that group’s
\npermissions (in addition to the maproot user)
\nMapall User drop-down menu the specified user (and their permissions) is used by all clients
\nMapall Group drop-down menu the specified group (and its permissions) is used by all clients
\nNOTE: the Maproot and Mapall options are exclusive, meaning you can only use one or the other–the
\nGUI will not let you use both. If you only wish to restrict the root user’s permissions, set the Maproot
\noption. If you wish to restrict the permissions of all users, set the Mapall option.
\n7.3.2 Sample NFS Share Configuration
\nBy default the Mapall options shown in Figure 7.3a show as N\/A. This means that when a user
\nconnects to the NFS share, they connect with the permissions associated with their user account. This is
\na security risk if a user is able to connect as root as they will have root access to the share.
\nA better scenario is to do the following:
\n1. Create a user account that is specifically used for NFS access in Account -> Users -> Add User.
\nAlternately, use the built-in nobody account.
\n2. In the volume that is being shared, change the owner and group to the NFS user account and set
\nthe permissions according to your specifications.
\n3. Select the NFS user and its associated group in the Mapall User and Mapall Group drop-down
\nmenus for the share in Sharing -> NFS Shares.
\nWith this configuration, it does not matter what user account is used to connect to the NFS share, as it
\nwill be mapped to your NFS user account and will only have the permissions associated with that
\nFreeNAS\u2122 8.0.3 Guide Page 103 of 164
\naccount. For example, even if the root user is able to connect, it will not have root access to the share.
\n7.3.3 Connecting to the NFS Share
\nIn the following examples, the NFS share has been configured as follows:
\n1. A ZFS volume named \/mnt\/data has its permissions set to the nobody user account and the
\nnobody group.
\n2. A NFS share has been created with a Path of \/mnt\/data, an Authorized Network of
\n192.168.2.0\/24, and the MapAll User and MapAll Group of nobody. The All Directories
\ncheckbox has been checked and the IP address of the FreeNAS\u2122 system is 192.168.2.2.
\n7.3.3.1 From BSD or Linux Clients
\nTo make this share accessible on a BSD or a Linux system, run the following command as the
\nsuperuser (or with sudo) from the client system (repeat for each client that needs access to the NFS
\nshare):
\nmount 192.168.2.2:\/mnt\/data \/mnt
\nThis command should return the superuser to the command prompt without any error messages,
\nindicating that the share was successfully mounted. Users on the client system can now copy files to
\nand from \/mnt and all files will be owned by nobody:nobody. Any changes to \/mnt will be saved to the
\nFreeNAS\u2122 system’s \/mnt\/data ZFS volume. Should you wish to make any changes to the NFS share’s
\nsettings or wish to make the share inaccessible, unmount the share first as the superuser:
\numount \/mnt
\n7.3.3.2 From Microsoft Clients
\nEnterprise versions of Windows systems can connect to NFS shares using Services for NFS.
\nConnecting to NFS shares is often faster than connecting to CIFS shares due to the single-threaded
\nlimitation of Samba. Instructions for connecting from an Enterprise version of Windows 7 can be found
\nat Mount Linux NFS Share on Windows 7.
\nIf your Windows client is running a Home Edition of Windows 7, Nekodrive provides an open source
\ngraphical NFS client. To use this client, you will need to install:
\n\u2022 7zip to extract the .z files
\n\u2022 NFSClient and NFSLibrary from the Nekodrive download page; once downloaded, extract these
\nfiles using 7zip
\n\u2022 .NET Framework 4.0
\nRun the NFSClient executable to start the GUI client. In the example shown in Figure 7.3b, the user
\nhas connected to the example \/mnt\/data share of the FreeNAS\u2122 system at 192.168.2.2.
\nFreeNAS\u2122 8.0.3 Guide Page 104 of 164
\nFigure 7.3b: Using the Nekodrive NFSClient from Windows 7 Home Edition
\n7.3.3.3 From Mac OS X Clients
\nTo mount the NFS volume from a Mac OS X client, click on Go -> Connect to Server. In the Server
\nAddress field, input nfs:\/\/ followed by the IP address of the FreeNAS\u2122 system and the name of the
\nvolume\/dataset being shared by NFS. The example shown in Figure 7.3c continues with our example of
\n192.168.2.2:\/mnt\/data. Once connected, Finder will automatically open. The IP address of the
\nFreeNAS\u2122 system will be displayed in the SHARED section in the left frame and the contents of the
\nshare will be displayed in the right frame. In the example shown in Figure 7.3d, \/mnt\/data has one
\nfolder named images. The user can now copy files to and from the share.
\nFreeNAS\u2122 8.0.3 Guide Page 105 of 164
\nFigure 7.3c: Mounting the NFS Share from Mac OS X
\nFigure 7.3d: Viewing the NFS Share in Finder
\n7.3.4 Troubleshooting
\nSome NFS clients do not support the NLM (Network Lock Manager) protocol used by NFS. You will
\nknow that this is the case if the client receives an error that all or part of the file may be locked when a
\nfile transfer is attempted. To resolve this error, use the option -o nolock when running the mount
\nFreeNAS\u2122 8.0.3 Guide Page 106 of 164
\ncommand on the client in order to allow write access to the NFS share.
\nIf you receive an error about a “time out giving up” when trying to mount the share from a Linux
\nsystem, make sure that the portmapper service is running on the Linux client and start it if it is not. If
\nportmapper is running and you still receive timeouts, force it to use TCP by including -o tcp in your
\nmount command.
\nIf you receive an error “RPC: Program not registered”, upgrade to the latest version of FreeNAS\u2122 and
\nrestart the NFS service after the upgrade in order to clear the NFS cache.
\n8 Services Configuration
\nThe Services section of the GUI allows you to configure, start, and stop the various services that ship
\nwith the FreeNAS\u2122 system. FreeNAS\u2122 supports the following services:
\n\u2022 AFP
\n\u2022 Active Directory
\n\u2022 CIFS
\n\u2022 Dynamic DNS
\n\u2022 FTP
\n\u2022 LDAP
\n\u2022 NFS
\n\u2022 S.M.A.R.T .
\n\u2022 SNMP
\n\u2022 SSH
\n\u2022 TFTP
\n\u2022 UPS
\n\u2022 iSCSI
\n\u2022 Rsync
\nThis section describes the configuration options for each of these services, as well as how to start a
\nFreeNAS\u2122 service.
\n8.1 Control Services
\nThe Control Services screen, shown in Figure 8.1a, allows you to quickly determine which services are
\ncurrently running, enable\/disable services, and configure services.
\nFreeNAS\u2122 8.0.3 Guide Page 107 of 164
\nFigure 8.1a: Control Services
\nTo enable\/disable a service, click its on\/off icon.
\nTo configure a service, click the wrench icon associated with the service. The configuration options for
\neach service are described in the rest of this section.
\nNOTE: if you are troubleshooting a service, go to System -> Settings -> Advanced and check the box
\n\u201cShow console messages in the footer (Requires UI reload)\u201d. Once you refresh your browser, the
\nconsole messages will show at the bottom of the screen. If you click on the console, it will pop-up as a
\nscrolled window, allowing you to scroll through the output and to copy\/paste messages. Watch these
\nmessages for errors when you stop and start the problematic service.
\n8.2 AFP
\nThe Apple Filing Protocol (AFP) is a network protocol that offers file services for Mac computers.
\nBefore configuring this service, you should first create your AFP Shares in Sharing -> AFP Shares ->
\nAdd AFP Share. After configuring this service, go to Services -> Control Panel to start the service.
\nFreeNAS\u2122 8.0.3 Guide Page 108 of 164
\nEnabling this service will open the following ports on the FreeNAS\u2122 system:
\n* TCP 548 (afpd)
\n* TCP 4799 (cnid_metadata)
\n* UDP 5353 and a random UDP port (avahi)
\nFigure 8.2a shows the configuration options which are described in Table 8.2a:
\nFigure 8.2a: AFP Configuration
\nTable 8.2a: AFP Configuration Options
\nSetting Value Description
\nServer Name string server name that will appear to Mac clients; by default it is
\nfreenas
\nGuest Access checkbox if checked, clients will not be prompted to authenticate before
\naccessing the AFP share
\nGuest Account drop-down menu select account to use for guest access
\nLocal Access checkbox restricts access to local network only
\nMax Connections integer maximum number of simultaneous connections
\n8.3 Active Directory
\nActive Directory (AD) is a service for sharing resources in a Windows network. It requires a
\nconfigured system that is running at least Windows Server 2000. If you wish to share your FreeNAS\u2122
\nCIFS shares with Windows systems in a network that does not have a Windows server running AD,
\nenable and configure CIFS instead. If your network does have a Windows server running AD,
\nconfigure both the Active Directory service and the CIFS service on the FreeNAS\u2122 system so that
\nFreeNAS\u2122 8.0.3 Guide Page 109 of 164
\nusers can authenticate to the Windows server and be authorized to access the CIFS shares on the
\nFreeNAS\u2122 system.
\nNOTE: many changes and improvements have been made to Active Directory support since the release
\nof FreeNAS\u2122 8.0.1. If you are not running FreeNAS\u2122 8.0.3-RELEASE, you should upgrade before
\nattempting Active Directory integration.
\nBefore configuring AD, make sure that you can resolve the Active Directory domain controller from
\nthe FreeNAS\u2122 system by pinging its domain name. In order to do so, you may have to first set the
\nnetwork’s DNS servers and default gateway from Network -> Global Configuration on the FreeNAS\u2122
\nsystem.
\nActive Directory relies on Kerberos, which is a very time sensitive protocol. This means that the time
\non both the FreeNAS\u2122 system and the Active Directory Domain Controller can not be out of sync by
\nmore than a few minutes. The best way to ensure that the same time is running on both systems is to
\nconfigure both systems to:
\n\u2022 use the same NTP server (set in System -> Settings -> General on the FreeNAS\u2122 system)
\n\u2022 have the same timezone
\n\u2022 be set to either localtime or universal time at the BIOS level
\nOnce you have configured the CIFS and Active Directory services, remember to start them in Services
\n-> Control Services. It may take a few minutes for the Active Directory information to be populated to
\nthe FreeNAS\u2122 system. Once populated, the AD users and groups will be available in the drop-down
\nmenus of the permissions screen of a volume\/dataset.
\nNOTE: your FreeNAS\u2122 system may not show up in Active Directory until you add a DNS record for
\nthe FreeNAS\u2122 system on the Windows server.
\nFigure 8.3a shows the Active Directory Configuration screen and Table 8.3a describes the configurable
\noptions.
\nFreeNAS\u2122 8.0.3 Guide Page 110 of 164
\nFigure 8.3a: Configuring Active Directory
\nTable 8.3a: Active Directory Configuration Options
\nSetting Value Description
\nDomain Controller
\nName string IP address or hostname of Windows PDC
\nDomain Name string name of Windows server’s DNS realm
\nHost Name string hostname of FreeNAS\u2122 system
\nWorkgroup Name string name of Windows server’s workgroup (for older Microsoft
\nclients)
\nAdministrator Name string name of the Active Directory Administrator account
\nAdministrator Password string password for the Active Directory Administrator account
\nYou can verify which Active Directory users and groups have been imported to the FreeNAS\u2122 system
\nat the FreeNAS\u2122 command line:
\nwbinfo -u (to view users)
\nwbinfo -g(to view groups)
\nIf no users or groups are listed in the output of those commands, these commands will provide more
\ntroubleshooting information:
\ngetent passwd
\nFreeNAS\u2122 8.0.3 Guide Page 111 of 164
\ngetent group
\n8.3.1 Troubleshooting Tips
\nIf you are running AD in a 2003\/2008 mixed domain, see this forum post for instructions on how to
\nprevent the secure channel key from becoming corrupted.
\nIn some large domains, caching user data appears to stall the FreeNAS\u2122 GUI or fails to populate the
\nuser cache on the PDC. If this occurs in a multi-tiered forest, specify allow trusted domains = no in the
\nauxiliary parameters field of Sharing -> CIFS Shares.
\nThe LDAP code uses DNS to determine the location of the domain controllers and global catalog
\nservers in the network. Use the host -t srv _ldap._tcp.domainname.com command to determine the
\nnetwork’s SRV records and, if necessary, change the weight and\/or priority of the SRV record to reflect
\nthe fastest server. More information about SRV records can be found in the Technet article How DNS
\nSupport for Active Directory Works.
\nIf the cache becomes out of sync due to an AD server being taken off and back online, resync the cache
\nusing System -> Settings -> Advanced -> Rebuild LDAP\/AD Cache.
\n8.4 CIFS
\nThe Common Internet File System (CIFS) is a network protocol that offers file services for (typically)
\nWindows computers. FreeNAS\u2122 uses Samba to provide CIFS capability without the need for a
\nWindows server in the network. UNIX-like systems that provide a CIFS client can also connect to
\nCIFS shares. Before configuring this service, you should first create your CIFS Shares in Sharing ->
\nCIFS Shares -> Add CIFS Share. After configuring this service, go to Services -> Control Panel to start
\nthe service.
\nNOTE: after starting the CIFS service, it may take several minutes for the master browser election to
\noccur and for the FreeNAS\u2122 system to become available in Windows Explorer.
\nStarting this service will open the following ports on the FreeNAS\u2122 system:
\n\u2022 TCP 139 (smbd)
\n\u2022 TCP 445 (smbd)
\n\u2022 UDP 137 (nmbd)
\n\u2022 UDP 138 (nmbd)
\nFigure 8.4a shows the configuration options which are described in Table 8.4a. This configuration
\nscreen is really a front-end to smb.conf.
\nFreeNAS\u2122 8.0.3 Guide Page 112 of 164
\nFigure 8.4a: Configuring CIFS
\nTable 8.4a: CIFS Configuration Options
\nSetting Value Description
\nAuthentication
\nModel
\ndrop-down
\nmenu
\nanonymous or local user; if select local user, user accounts must
\nexist on FreeNAS\u2122 system and should match the
\nusername\/password of Windows accounts needing access to the
\nshare as the user will be required to authenticate before accessing
\nthe share
\nNetBIOS Name string must be lowercase and should be same as hostname
\nWorkgroup string must match Windows workgroup name; default is WORKGROUP
\nDescription string optional
\nDOS Charset drop-down
\nmenu
\nthe character set Samba uses when communicating with DOS and
\nWindows 9x\/Me clients; default is CP437
\nUNIX Charset drop-down
\nmenu
\ndefault is UTF-8, which is fine for most systems and covers all
\ncharacters in all languages
\nLog Level drop-down
\nmenu choices are minimum, normal, full, or debug
\nFreeNAS\u2122 8.0.3 Guide Page 113 of 164
\nSetting Value Description
\nLocal Master checkbox
\ndetermines whether or not the FreeNAS\u2122 system participates in a
\nbrowser election; should be disabled when network contains an AD
\nor LDAP server and is not necessary if Windows Vista\/7 machines
\nare present
\nTime Server checkbox determines whether or not the FreeNAS\u2122 system advertises itself
\nas a time server to Windows clients
\nGuest Account drop-down
\nmenu account to be used for guest access
\nAllow guest access checkbox if checked, the guest account is not prompted to authenticate in
\norder to access the CIFS share
\nOnly allow guest
\naccess checkbox if checked, all access is through the guest account and subject to its
\npermissions
\nFile mask integer overrides default file creation mask of 0666 which creates files
\nwith read and write access for everybody
\nDirectory mask integer overrides default directory creation mask of 0777 which grants
\ndirectory read, write and execute access for everybody
\nLarge RW support checkbox
\ndetermines whether or not the FreeNAS\u2122 system supports 64k
\nstreaming read\/write requests introduced with Windows 2000 and
\nwhich can improve performance by 10% with Windows 2000
\nclients
\nSend files with
\nsendfile(2) checkbox newer Windows versions support the more efficient sendfile system
\ncall which makes Samba faster
\nEA Support checkbox enables extended attributes
\nSupport DOS File
\nAttributes checkbox allows a user who has write access to a file to modify the
\npermissions, even if not the owner of the file
\nAllow Empty
\nPassword checkbox
\nif checked, users can just press enter when prompted for a
\npassword; requires that the username\/password be the same for the
\nFreeNAS\u2122 user account and the Windows user account
\nAuxiliary
\nparameters string smb.conf options not covered elsewhere in this screen; see the
\nSamba Guide for additional settings
\nEnable home
\ndirectories checkbox if checked, a folder with the same name as the user account will be
\ncreated for each user
\nEnable home
\ndirectories browsing checkbox users can browse (but not write to) other users’ home directories
\nHome directories browse
\nbutton select volume\/dataset where the home directories will be created
\nEnable AIO checkbox
\nenables asynchronous I\/O in FreeNAS\u2122 versions 8.0.3-RELEASE
\nand higher; if CIFS seems slow, try disabling this setting and\/or
\ntweaking the minimum AIO read and write sizes
\nMinimum AIO read integer if set to non-zero value, Samba will read from file asynchronously
\nFreeNAS\u2122 8.0.3 Guide Page 114 of 164
\nSetting Value Description
\nsize when size of request is bigger than this value in bytes
\nMinimum AIO write
\nsize integer if set to non-zero value, Samba will write from file asynchronously
\nwhen size of request is bigger than this value in bytes
\nZeroconf share
\ndiscovery checkbox enable if Mac clients will be connecting to the CIFS share
\nNOTE: beginning with FreeNAS\u2122 versions 8.0.3-RELEASE, changes to CIFS settings and CIFS
\nshares take effect immediately. For previous versions, changes will not take effect until you manually
\nstop and start the CIFS service.
\n8.4.1 Troubleshooting Tips
\nCompared to other networking protocols, CIFS is not fast. Enabling the following checkboxes may
\nhelp to increase network throughput: “Large RW support”, “Send files with sendfile(2)”, and “Enable
\nAIO”. Adjusting the AIO minimum and maximum size settings to better fit your networking
\ninfrastructure may improve or degrade performance.
\nSamba’s “write cache” parameter has been reported to improve write performance in some
\nconfigurations and can be added to the Auxiliary Parameters field. Use an integer value which is a
\nmultiple of _SC_PAGESIZE (typically 4096) to avoid memory fragmentation. This will increase
\nSamba’s memory requirements and should not be used on systems with limited RAM.
\nIf you wish to increase network performance, read the Samba section on socket options. It indicates
\nwhich options are available and recommends that you experiment to see which are supported by your
\nclients and improve your network’s performance.
\nWindows automatically caches file sharing information. If you make changes to a CIFS share or to the
\npermissions of a volume\/dataset being shared by CIFS and are no longer able to access the share, try
\nlogging out and back into the Windows system.
\nWhere possible, avoid using a mix of case in filenames as this may cause confusion for Windows users.
\nRepresenting and resolving filenames with Samba explains this in more detail.
\n8.5 Dynamic DNS
\nDynamic DNS (DDNS) is useful if your FreeNAS\u2122 system is connected to an ISP that periodically
\nchanges the IP address of the system. With dynamic DNS, the system can automatically associate its
\ncurrent IP address with a domain name, allowing you to access the FreeNAS\u2122 system even if the IP
\naddress changes. DDNS requires you to register with a DDNS service such as DynDNS.
\nFigure 8.5a shows the DDNS configuration screen and Table 8.5a summarizes the configuration
\noptions. The values you need to input will be given to you by the DDNS provider. After configuring
\nDDNS, don’t forget to start the DDNS service in Services -> Control Services.
\nFreeNAS\u2122 8.0.3 Guide Page 115 of 164
\nFigure 8.5a: Configuring DDNS
\nTable 8.5a: DDNS Configuration Options
\nSetting Value Description
\nProvider drop-down
\nmenu several providers are supported
\nDomain name string fully qualified domain name (e.g. yourname.dyndns.org)
\nUsername string username to logon to the provider and update the record
\nPassword string password used to logon to the provider and update the record
\nUpdate period integer in milliseconds; be careful with this setting as the provider may block
\nyou for abuse if this setting occurs more often than the IP changes
\nForced update
\nperiod integer
\nin seconds so be careful with this setting as the provider may block you
\nfor abuse; issues a DDNS update request even when the address has not
\nchanged, so that the service provider knows that the account is still
\nactive
\nAuxiliary
\nparameters string additional parameters passed to the provider during record update
\nFreeNAS\u2122 8.0.3 Guide Page 116 of 164
\n8.6 FTP
\nFreeNAS\u2122 allows you to configure the proftpd FTP server so that users can browse and download data
\nusing their web browser or FTP client software. The advantage of FTP is that easy-to-use crossplatform
\nutilities are available to manage uploads to and downloads from the FreeNAS\u2122 system. The
\ndisadvantage of FTP is that it is considered to be an insecure protocol, meaning that it should not be
\nused to transfer sensitive files. If you are concerned about sensitive data, see section 8.6.4 Encrypting
\nFTP.
\nIn order for FTP to work, you will need to set appropriate permissions on the storage volume, and
\ndepending upon your configuration needs, you may also need to create users and groups. This section
\nincludes configuration examples demonstrating some common scenarios.
\nFigure 8.6a shows the configuration screen for the FTP service:
\nFigure 8.6a: Configuring FTP
\nTable 8.6a summarizes the available options when configuring the FTP server:
\nTable 8.6a: FTP Configuration Options
\nSetting Value Description
\nPort integer port to use for connection requests
\nClients integer maximum number of simultaneous clients
\nFreeNAS\u2122 8.0.3 Guide Page 117 of 164
\nSetting Value Description
\nConnections integer maximum number of connections per IP address where 0
\nmeans unlimited
\nLogin Attempts integer maximum number of attempts before client is
\ndisconnected; ; increase this if users are prone to typos
\nTimeout integer maximum client idle time in seconds before client is
\ndisconnected
\nAllow Root Login checkbox discouraged as increases security risk
\nAllow Anonymous Login checkbox allows anyone to browse the data
\nPath browse button root directory of FTP server; must point to the
\nvolume\/dataset or connections will fail
\nAllow Local User Login checkbox required if anonymous is disabled
\nBanner string message users see when access FTP server, if left empty
\nit will show the version of FTP
\nFile Permission checkboxes sets umask for newly created files
\nDirectory Permission checkboxes sets umask for newly created directories
\nEnable FXP checkbox discouraged as vulnerable to FTP bounce attacks
\nAllow Transfer Resumption checkbox if transfer is interrupted, server will resume transfer at
\nlast known point
\nAlways Chroot checkbox forces users to stay in their home directory (always true
\nfor anonymous)
\nRequire IDENT
\nAuthentication checkbox will result in timeouts if identd is not running on the
\nclient
\nRequire Reverse DNS for IP checkbox will result in timeouts if there isn’t a DNS record for the
\nclient’s hostname
\nMasquerade address string IP address or hostname; use if FTP clients can not
\nconnect through a NAT device
\nMinimum passive port integer to be used by clients in PASV mode, default of 0 means
\nany port above 1023
\nMaximum passive port integer to be used by clients in PASV mode, default of 0 means
\nany port above 1023
\nLocal user upload
\nbandwidth integer in KB\/s, default of 0 means unlimited
\nLocal user download
\nbandwidth integer in KB\/s, default of 0 means unlimited
\nAnonymous user upload
\nbandwidth integer in KB\/s, default of 0 means unlimited
\nAnonymous user download
\nbandwidth integer in KB\/s, default of 0 means unlimited
\nEnable SSL\/TLS checkbox enables encrypted connections; you will need to
\nFreeNAS\u2122 8.0.3 Guide Page 118 of 164
\nSetting Value Description
\nconfigure the certificate in System -> Settings \u2192 SSL
\nAuxiliary parameters string include proftpd(8) parameters not covered elsewhere in
\nthis screen
\nThe following example demonstrates the auxiliary parameters that will prevent all users from
\nperforming the FTP DELETE command:
\n<Limit DELE>
\nDenyAll
\n<\/Limit>
\n8.6.1 Anonymous FTP
\nAnonymous FTP may be appropriate for a small network where the FreeNAS\u2122 system is not
\naccessible from the Internet and everyone in your internal network needs easy access to the stored data.
\nAnonymous FTP does not require you to create a user account for every user. In addition, passwords
\nare not required so you don’t have to manage changed passwords on the FreeNAS\u2122 system.
\nTo configure anonymous FTP:
\n1. Give the built-in ftp user account permissions to the volume\/dataset in Storage -> Volume -> View
\nAll Volumes. Click the Change Permissions button for the volume\/dataset that you wish to share using
\nFTP. In the screen shown in Figure 8.6b, select the ftp user in the drop-down menu for Owner(user),
\nselect the ftp group for Owner(group), review that the permissions are appropriate for your network,
\nkeep the type of ACL as Unix, check the box Set permission recursively, and click the Change button.
\nNOTE: for FTP, the type of client does not matter when it comes to the type of ACL. This means that
\nyou always use Unix ACLs, even if Windows clients will be accessing FreeNAS\u2122 via FTP.
\n2. Configure anonymous FTP in Services -> FTP. In the screen shown in Figure 8.6a:
\n\u2022 check the box Allow Anonymous Login
\n\u2022 change the path to the name of the volume\/dataset
\n3. Start the FTP service in Control Services. Click the red OFF button next to FTP. After a second or
\nso, it will change to a blue ON , indicating that the service has been enabled.
\n4. Test the connection from a client using a utility such as Filezilla. In the example shown in Figure
\n8.6c, the IP address of the FreeNAS\u2122 server is 192.168.1.113, the Username is anonymous, and the
\nPassword is the email address of the user.
\nFreeNAS\u2122 8.0.3 Guide Page 119 of 164
\nFigure 8.6b: Assign ftp User Account Permissions to the Volume
\nFigure 8.6c: Connecting Using Filezilla
\n8.6.2 Specified User Access in chroot
\nIf you require your users to authenticate before accessing the data on the FreeNAS\u2122 system, you will
\nneed to create a user account for each user. If you create a ZFS dataset for each user, you can chroot
\neach user so that they are limited to the contents of their own home directory and you can also restrict
\nthe size of that home directory using a ZFS quota. To configure this scenario:
\n1. Create a ZFS dataset for each user in Storage -> Create ZFS Dataset. In the example shown in
\nFigure 8.6d, a ZFS dataset named user1 has been created with a ZFS quota of 20GB. In later steps, we
\nwill create a user named user1 to associate with the dataset. Repeat this process to create a dataset for
\nFreeNAS\u2122 8.0.3 Guide Page 120 of 164
\nevery user that will need access to the FTP service.
\nFigure 8.6d: Create a ZFS Dataset with a Quota
\n2. Create a user account for each user in Account -> Users -> Add User. In the screen shown in
\nFigure 8.6e, input a Username for the user (in this example, user1), change the Home Directory to the
\nname of an existing dataset (in our example, the dataset named \/mnt\/test1\/user1), input a description
\nunder Full Name, input the user’s email address, input and confirm the user’s password, and click the
\nOK button. Repeat this process to create a user account for every user that will need access to the FTP
\nservice, making sure to assign each user their own dataset.
\n3. Set the permissions for each dataset in Storage -> Volume -> View All Volumes. This is how you
\nassociate a user account with a dataset and set the desired permissions for that user. Click the Change
\nPermissions button for a dataset that you specified as the Home Directory when you created a user
\naccount. In the screen shown in Figure 8.6f, select the user in the drop-down menu for Owner(user) and
\nOwner(group) (in this example, user1), keep the type of ACL as Unix, review the read and write
\npermissions to see if they are appropriate to that user, check the box Set permission recursively, and
\nclick the Change button.
\nNOTE: for FTP, the type of client does not matter when it comes to the type of ACL. This means that
\nyou always use Unix ACLs, even if Windows clients will be accessing FreeNAS\u2122 via FTP.
\nFreeNAS\u2122 8.0.3 Guide Page 121 of 164
\nFigure 8.6e: Creating a User Account
\nFigure 8.6f: Setting the Dataset’s Permissions
\nFreeNAS\u2122 8.0.3 Guide Page 122 of 164
\n4. Configure FTP in Services -> FTP. In the screen shown in Figure 8.6a:
\n\u2022 make sure the boxes for Allow Anonymous Login and Allow Root Login are unchecked
\n\u2022 check the box Allow Local User Login
\n\u2022 check the box Always Chroot
\n5. Start the FTP service in Control Services. Click the red OFF button next to FTP. After a second or
\nso, it will change to a blue ON , indicating that the service has been enabled.
\n6. Test the connection from a client using a utility such as Filezilla. This time in the example shown
\nin Figure 8.6d, use the IP address of the FreeNAS\u2122 system, the Username of a user that has been
\nassociated with a dataset, and the Password for that user.
\n8.6.3 Encrypting FTP
\nDuring installation, an RSA certificate and key are auto-generated for you. You can view these or
\ncut\/paste your own signed certificate and key in System -> Settings -> SSL. To configure any FTP
\nscenario to use encrypted connections:
\n1. Enable SSL\/TLS in Services -> FTP. Check the box Enable SSL\/TLS. Once you press OK, proftpd
\nwill automatically restart and be configured to use the certificate stored in the SSL tab.
\n2. Specify secure FTP when accessing the FreeNAS\u2122 system. For example, in Filezilla input
\nftps:\/\/IP_address (for an implicit connection) or ftpes:\/\/IP_address (for an explicit connection) as the
\nHost when connecting. The first time you connect, you should be presented with the certificate of the
\nFreeNAS\u2122 system. Click OK to accept the certificate and negotiate an encrypted connection.
\n8.6.4 Troubleshooting
\nA very common issue is that proftpd won’t start if it can’t resolve the system’s hostname to an IP via
\nDNS. To see if the FTP service is running, go to the console shell (or a command prompt in an SSH
\nsession) and issue the command:
\nsockstat -4p 21
\nIf there is nothing listening on port 21, proftpd isn’t running. To see the error message that occurs when
\nFreeNAS\u2122 tries to start the FTP service, go to System -> Settings -> Advanced and check the box
\n“Show console messages in the footer (Requires UI reload)”. Refresh your browser and the console
\nmessages should display at the bottom of your screen.
\nNext, go to Services -> Control Services and switch the FTP service off then back on in the GUI. Watch
\nthe console messages for errors.
\nIf the error refers to DNS, either create an entry in your local DNS server with the FreeNAS\u2122 system’s
\nhostname and IP address, or make an entry containing that information in \/etc\/hosts on the FreeNAS\u2122
\nserver.
\nFreeNAS\u2122 8.0.3 Guide Page 123 of 164
\n8.7 LDAP
\nFreeNAS\u2122 includes an OpenLDAP client for accessing information from an LDAP server. An LDAP
\nserver provides directory services for finding network resources such as users and their associated
\npermissions. Examples of LDAP servers include Microsoft Server (2000 and newer), Mac OS X
\nServer, Novell eDirectory, and OpenLDAP running on a BSD or Linux system. If an LDAP server is
\nrunning on your network, you should configure the FreeNAS\u2122 LDAP service so that the network’s
\nusers can authenticate to the LDAP server and thus be provided authorized access to the data stored on
\nthe FreeNAS\u2122 system.
\nFigure 8.7a shows the LDAP Configuration screen that is seen when you click Services -> LDAP.
\nFigure 8.7a: Configuring LDAP
\nTable 8.7a summarizes the available configuration options:
\nTable 8.7a: LDAP Configuration Options
\nSetting Value Description
\nHostname hostname or IP
\naddress of LDAP server
\nBase DN integer top level of the LDAP directory tree to be used when searching for
\nresources
\nFreeNAS\u2122 8.0.3 Guide Page 124 of 164
\nSetting Value Description
\nAllow
\nAnonymous
\nBinding
\ncheckbox instructs LDAP server to not provide authentication and to allow
\nread\/write access to any client
\nRoot bind DN string
\nused to bind with the LDAP server for administrative write access
\nto the LDAP directory to change some attributes of an LDAP entry,
\nsuch as a user’s password
\nRoot bind
\npassword string used for administrative write access on the LDAP server
\nPassword
\nEncryption
\ndrop-down
\nmenu
\nselect a type supported by the LDAP server, choices are: clear
\n(unencrypted), crypt, md5, nds, racf, ad, exop
\nUser Suffix string optional, can be added to name when user account added to LDAP
\ndirectory (e.g. dept. or company name)
\nGroup Suffix string optional, can be added to name when group added to LDAP
\ndirectory (e.g. dept. or company name)
\nPassword Suffix string optional, can be added to password when password added to LDAP
\ndirectory
\nMachine Suffix optional can be added to name when system added to LDAP directory (e.g.
\nserver, accounting)
\nEncryption Mode drop-down
\nmenu choices are Off, SSL, or TLS
\nSelf signed
\ncertificate string
\nused to verify the certificate of the LDAP server if SSL
\nconnections are used; paste the output of the command openssl
\ns_client -connect server:port -showcerts
\nAuxiliary
\nParameters string Ldap.conf(5) options, one per line, not covered by other options in
\nthis screen
\nNOTE: FreeNAS\u2122 automatically appends the root DN. This means that you should not include the
\nscope and root DN when inputting the user, group, password, and machine suffixes.
\n8.8 NFS
\nNetwork File System (NFS) is a protocol for sharing files on a network. Before configuring this
\nservice, you should first create your NFS Shares in Sharing -> NFS Shares -> Add NFS Share. After
\nconfiguring this service, go to Services -> Control Panel to start the service.
\nStarting this service will open the following ports on the FreeNAS\u2122 system:
\n\u2022 TCP and UDP 111 (rpcbind)
\n\u2022 TCP 2049 (nfsd)
\nAdditionally, mountd and rpcbind will each bind to a randomly available UDP port. Figure 8.8a shows
\nthe configuration screen and Table 8.8a summarizes the configuration options for the NFS service.
\nFreeNAS\u2122 8.0.3 Guide Page 125 of 164
\nFigure 8.8a: Configuring NFS
\nTable 8.8a: NFS Configuration Options
\nSetting Value Description
\nNumber of servers integer
\ncan not exceed number of CPUs (run sysctl -n kern.smp.cpus at the
\nFreeNAS\u2122 console shell to determine the maximum number for that
\nsystem)
\nAsynchronous mode checkbox speeds up data access but may result in corruption if a transfer is
\ninterrupted
\n8.9 S.M.A.R.T
\nFreeNAS\u2122 uses the smartd(8) service to monitor disk S.M.A.R.T. data for signs of problems. To fully
\nconfigure S.M.A.R.T. you need to:
\n\u2022 configure when to run the S.M.A.R.T tests in System -> S.M.A.R.T Tests -> Add S.M.A.R.T.
\nTest
\n\u2022 enable S.M.A.R.T. for each disk member of a volume in Volumes -> View All Volumes
\n\u2022 check the configuration of the S.M.A.R.T service in Services -> S.M.A.R.T.
\n\u2022 start the S.M.A.R.T. service in Services -> Control Services
\nFigure 8.9a shows the configuration screen that appears when you click Services -> S.M.A.R.T.
\nNOTE: smartd will wake up at every Check Interval you configure in Figure 8.9a. It will check the
\ntimes you configured in your tests (described in Figure 4.6a) to see if any tests should be run. Since the
\nsmallest time increment for a test is an hour (60 minutes), it usually does not make sense to set a check
\ninterval value higher than 60 minutes. For example, if you set the check interval for 120 minutes and
\nthe smart test to every hour, the test will only be run every 2 hours since the daemon only wakes up
\nevery 2 hours.
\nTable 8.9a summarizes the options in the S.M.A.R.T Configuration screen.
\nFreeNAS\u2122 8.0.3 Guide Page 126 of 164
\nFigure 8.9a: S.M.A.R.T Configuration Options
\nTable 8.9a: S.M.A.R.T Configuration Options
\nSetting Value Description
\nCheck interval integer in minutes, how often to wake up smartd to check to see if any
\ntests have been configured to run
\nPower mode drop-down menu can override that the configured test is not performed depending
\nupon the power mode; choices are: never, sleep, standby, or idle
\nDifference integer in degrees
\nCelsius
\ndefault of 0 disables this check, otherwise reports if the
\ntemperature of a driver has changed by N degrees Celsius since
\nlast report
\nInformal integer in degrees
\nCelsius
\ndefault of 0 disables this check, otherwise will message with a log
\nlevel of LOG_INFO if the temperature is higher than N degrees
\nCelsius
\nCritical integer in degrees
\nCelsius
\ndefault of 0 disables this check, otherwise will message with a log
\nlevel of LOG_CRIT and send an email if the temperature is
\nhigher than N degrees Celsius
\nEmail to report string email address of person to receive S.M.A.R.T alert; separate
\nmultiple email recipients with a comma and no space
\n8.10 SNMP
\nSNMP (Simple Network Management Protocol) is a protocol used to monitor network-attached devices
\nfor conditions that warrant administrative attention. FreeNAS\u2122 can be configured as a bsnmpd(8)
\nserver where bsnmp is FreeBSD’s simple and extensible SNMP daemon. If you enable SNMP, the
\nfollowing port will be enabled on the FreeNAS\u2122 system:
\nFreeNAS\u2122 8.0.3 Guide Page 127 of 164
\n\u2022 UDP 161 (bsnmpd listens here for SNMP requests)
\nFigure 8.10a shows the SNMP configuration screen and Table 8.10a summarizes the configuration
\noptions:
\nFigure 8.10a: Configuring SNMP
\nTable 8.10a: SNMP Configuration Options
\nSetting Value Description
\nLocation string optional description of FreeNAS\u2122 system’s location
\nContact string optional e.g. email address of FreeNAS\u2122 administrator
\nCommunity string password used on the SNMP network, default is public and should
\nbe changed for security reasons
\nSend SNMP Traps checkbox a trap is an event notification message
\nAuxiliary Parameters string additional bsnmpd(8) options not covered in this screen, one per line
\n8.11 SSH
\nSecure Shell (SSH) allows for files to be transferred securely over an encrypted network. If you
\nconfigure your FreeNAS\u2122 system as an SSH server, the users in your network will need to use SSH
\nclient software in order to transfer files using SSH. You will also need to create a user account for every
\nuser requiring SSH access in Account -> Users -> Add User. When creating your users, set their home
\ndirectory to the volume\/dataset that you wish them to have access to. This section shows the
\nFreeNAS\u2122 SSH configuration options, demonstrates an example configuration that restricts users to
\ntheir home directory, and provides some troubleshooting tips.
\nFreeNAS\u2122 8.0.3 Guide Page 128 of 164
\nFigure 8.11a shows the Services -> SSH configuration screen and Table 8.11a summarizes the
\nconfiguration options:
\nFigure 8.11a: SSH Configuration
\nTable 8.11a: SSH Configuration Options
\nSetting Value Description
\nTCP Port integer port to open for SSH connection requests, 22 by default
\nLogin as Root with
\npassword checkbox for security reasons, root logins are discouraged and disabled by
\ndefault
\nAllow Password
\nAuthentication checkbox
\nif unchecked, only accepts key based authentication which is more
\nsecure but requires additional setup on both the SSH client and
\nserver
\nAllow TCP Port
\nForwarding checkbox allows users to bypass firewall restrictions using SSH’s port
\nforwarding feature
\nCompress
\nConnections checkbox may reduce latency over slow networks
\nHost Private Key string allows you to paste a specific host key as the default key is changed
\nwith every installation
\nExtra Options string additional sshd_config(5) options not covered in this screen, one per
\nline
\nFreeNAS\u2122 8.0.3 Guide Page 129 of 164
\nA few sshd_config(5) options that are useful to input in the Extra Options field include:
\n\u2022 ClientAliveInterval: increase this number if ssh connections tend to drop
\n\u2022 ClientMaxStartup: defaults to 10; increase if you have more users
\n8.11.1 Chrooting SFTP users
\nBy default when you configure SSH, users can use the ssh command to login to the FreeNAS\u2122 system
\nand the scp and sftp commands to transfer files. While these commands will default to the user’s home
\ndirectory, users are able to navigate outside of their home directory which can pose a security risk. SSH
\nsupports using a chroot to confine users to only the sftp command and to be limited to the contents of
\ntheir own home directory. To configure this scenario on FreeNAS\u2122, perform the following steps.
\n1. Create a ZFS dataset for each user requiring sftp access in Storage -> Create ZFS Dataset. In the
\nexample shown in Figure 8.11b, a ZFS dataset named user1 has been created on volume \/mnt\/test1 with
\na ZFS quota of 20GB. In the next step, we will create a user named user1 to associate with this dataset.
\nRepeat this process to create a dataset for every user that will need access to the SSH service.
\nFigure 8.11b: Create a ZFS Dataset with a Quota
\n2. Create a user account for each user in Account -> Users -> Add User. In the screen shown in Figure
\n8.11c, input a Username for the user (in this example, user1), change the Home Directory to the name
\nof an existing dataset (in our example, the dataset named \/mnt\/test1\/user1), input a description under
\nFull Name, input the user’s email address, input and confirm the user’s password, and click the OK
\nFreeNAS\u2122 8.0.3 Guide Page 130 of 164
\nbutton. Repeat this process to create a user account for every user that will need access to the SSH
\nservice.
\nFigure 8.11c: Creating a User Account
\n3. Set permissions in Storage -> Volume -> View All Volumes. SSH chroot is very specific in what
\npermissions it allows (see the ChrootDirectory keyword in sshd_config(5) for details). Your
\nconfiguration will not work if the permissions on the datasets used by SSH chroot users differ from
\nthose shown in Figure 8.11d.
\nFigure 8.11d: Permissions Required by SSH Chroot
\nFreeNAS\u2122 8.0.3 Guide Page 131 of 164
\n4. Create a home directory within each dataset. Due to the permissions required by SSH chroot, the
\nuser will not have permissions to write to the root of their dataset. Since your intention is to limit them
\nto the contents of their home directory, you can manually create a home directory for the user within
\ntheir dataset. To do so, you will need to access the FreeNAS\u2122 system’s shell using the instructions in
\nsection 10 . 8 . 7 FAQ: How do I get to the Command Line \/ CLI \/ shell .
\nOnce you have access to the FreeNAS\u2122 console, create a home directory for each user within their
\nown dataset and change the ownership of the directory to the user. Example 8.11a demonstrates the
\ncommands used to create a home directory called user1 for the user account user1 on dataset
\n\/mnt\/test1\/user1:
\nExample 8.11a: Creating a User’s Home Directory
\nmkdir \/mnt\/test1\/user1\/user1
\nchown user1:user1 \/mnt\/test1\/user1\/user1
\n5. Configure SSH in Services -> SSH. Add these lines to the Extra Options section as shown in Figure
\n8.11e.
\nFigure 8.11e: Configure SSH for chroot
\n6. Start the SSH service in Control Services. Click the red OFF button next to SSH. After a second or
\nso, it will change to a blue ON , indicating that the service has been enabled.
\n7. Test the connection from a client using a utility such as WinSCP. In the example shown in Figure
\n8.11f, user1 is connecting to a FreeNAS\u2122 server with an IP address of 192.168.2.9.
\nOnce connected, the user can see the files on their Windows system in the left frame and the files on
\nthe FreeNAS\u2122 system in the right frame, as shown in Figure 8.11g.
\nFreeNAS\u2122 8.0.3 Guide Page 132 of 164
\nFigure 8.11f: Connecting to the SSH chroot from WinSCP
\nFigure 8.11g: Using WinSCP Within a chroot
\nFreeNAS\u2122 8.0.3 Guide Page 133 of 164
\nNotice that the directory structure on the FreeNAS\u2122 system starts at <root>. If the user clicks on
\n<root>, they can not navigate to a higher folder. If the user tries to copy a file from the Windows
\nsystem to <root>, the operation will fail. However, if the user clicks on their home folder (in this
\nexample, user1), they will enter that folder and can copy files to\/from the Windows system within that
\nfolder.
\n8.11.2 Troubleshooting SSH Connections
\nIf you add any Extra Options in the SSH configuration screen, be aware that the keywords listed in
\nsshd_config(5) are case sensitive. This means that your configuration will fail to do what you intended
\nif you don’t match the upper and lowercase letters of the keyword.
\nWhen configuring SSH, you should always test your configuration as an SSH user account to ensure
\nthat the user is limited to what you have configured and does have permission to do what you want
\nthem to do. If the user account is experiencing problems, the SSH error messages are usually pretty
\nspecific to what the problem is. You will need to access the console to read these messages with the
\nfollowing command:
\ntail -f \/var\/log\/messages
\n8.12 TFTP
\nTrivial File Transfer Protocol (TFTP) is a light-weight version of FTP usually used to transfer
\nconfiguration or boot files between machines, such as routers, in a local environment. TFTP is
\nextremely limited, providing no authentication, and is rarely used interactively by a user. If you enable
\nTFTP on your FreeNAS\u2122 server, it will open UDP port 69. An example where this is useful is when
\nyou wish to store all of the images and configuration files for your network’s devices on the
\nFreeNAS\u2122 system. Figure 8.12a shows the TFTP configuration screen and Table 8.12a summarizes
\nthe available options:
\nFigure 8.12a: TFTP Configuration
\nFreeNAS\u2122 8.0.3 Guide Page 134 of 164
\nTable 8.12a: TFTP Configuration Options
\nSetting Value Description
\nDirectory string most devices expect a path of \/tftpboot
\nAllow New
\nFiles checkbox enable if network devices need to send files to the FreeNAS\u2122 system
\n(e.g. backup their config)
\nPort integer port to listen for TFTP requests, 69 by default
\nUsername drop-down
\nmenu account used for tftp requests
\nUmask integer umask for newly created files, default is 022
\nExtra options string additional tftpd(8) options not shown in this screen, one per line
\n8.13 UPS
\nFreeNAS\u2122 uses NUT (Network UPS Tools) to provide UPS support.
\nFigure 8.13a shows the UPS configuration screen:
\nFigure 8.13a: UPS Configuration Screen
\nFreeNAS\u2122 8.0.3 Guide Page 135 of 164
\nTable 8.13a summarizes the options in the UPS Configuration screen.
\nTable 8.13a: UPS Configuration Options
\nSetting Value Description
\nIdentifier string input a descriptive name, default is ups
\nDriver drop-down
\nmenu
\nsupported UPS devices are listed at
\nhttp:\/\/www.networkupstools.org\/stable-hcl.html
\nPort drop-down
\nmenu
\nlist of available serial (e.g. \/dev\/cuau#) or USB ports (e.g.
\n\/dev\/ugen.X.X) UPS is plugged into (see NOTE below)
\nAuxiliary Parameters string additional options from ups.conf(5)
\nDescription string optional
\nShutdown mode drop-down
\nmenu
\nchoices are UPS goes on battery and UPS reaches low
\nbattery
\nShutdown timer integer in seconds
\nUPS Master User Password string default is fixmepass
\nExtra users string see upsd.users(5) for examples
\nRemote monitor checkbox defaults to listen to everything and uses the user
\n“upsmon” and password “fixmepass”
\nSend Email Status Updates checkbox if checked, configure the To email
\nTo email email address if Send Email box checked, email address of person to
\nreceive update
\nEmail subject string if send Email Box checked, subject of email updates
\nNOTE: for USB devices, the easiest way to determine the correct device name is to enable console
\nlogging in System -> Settings -> Advanced -> check the box for “Show console messages”. Refresh
\nyour browser and plug in the USB device. The messages will give the name of the \/dev\/ugenX.X
\ndevice; replace the X’s in your configuration with the actual numbers that show on the console.
\n8.14 iSCSI
\niSCSI is a protocol standard that allows the consolidation of storage data. iSCSI allows FreeNAS\u2122 to
\nact like a storage area network (SAN) over an existing Ethernet network. Specifically, it exports disk
\ndevices over an Ethernet network that iSCSI clients (called initiators) can attach to and mount.
\nTraditional SANs operate over fibre channel networks which require a fibre channel infrastructure such
\nas fibre channel HBAs, fibre channel switches, and discreet cabling. iSCSI can be used over an existing
\nEthernet network, although dedicated networks can be built for iSCSI traffic in an effort to boost
\nperformance. iSCSI also provides an advantage in an environment that uses Windows shell programs;
\nthese programs tend to filter \u201cNetwork Location\u201d but iSCSI mounts are not filtered.
\nBefore configuring iSCSI on your FreeNAS\u2122 device, you should be familiar with the following iSCSI
\nterminology:
\nFreeNAS\u2122 8.0.3 Guide Page 136 of 164
\nCHAP: a protocol used for authenticating initiators (clients) by a target (server). CHAP uses a shared
\nsecret and three-way authentication to determine if a system is authorized to access the storage device
\nand to periodically confirm that the session has not been hijacked by another system.
\nMutual CHAP: a superset of CHAP. The target authenticates the initiator as in CHAP, and additionally
\nthe initiator uses CHAP to authenticate the target.
\nInitiator: the remote system (client) which has authorized access to the storage data on the FreeNAS\u2122
\nsystem.
\nTarget: a storage resource on the FreeNAS\u2122 system (server).
\nExtent: the storage unit to be shared. It can either be a file or a device.
\nIn order to configure iSCSI, you need to:
\n\u2022 review the Target Global Configuration parameters
\n\u2022 decide if you will use CHAP or mutual CHAP for authentication; if so, create an authorized
\naccess
\n\u2022 create either a device extent or a file extent
\n\u2022 determine which hosts are allowed to connect using iSCSI and create an initiator
\n\u2022 determine if you need to create a portal (only required when the FreeNAS\u2122 system has
\nmultiple IP addresses or network interfaces that will be used for iSCSI connections
\n\u2022 create a target
\n\u2022 associate a target with an extent
\n\u2022 start the iSCSI service in Services -> Control Services
\nNOTE: FreeNAS\u2122 uses istgt to provide iSCSI. At this time, istgt does not support SIGHUP-style
\nconfiguration reloading, meaning that FreeNAS\u2122 has to restart istgt to make configuration changes
\ntake effect. This means that any changes to existing iSCSI shares will cause any client that happens to
\nbe writing at the time to be thrown into read-only mode. Future versions of istgt will fix this known
\nissue. Many iSCSI initiators handle the iSCSI service dropping off fairly gracefully. VMware ESXi
\npauses its VMs while it tries to reconnect, offering a fairly large grace period where things will recover
\nautomatically.
\n8.14.1 Target Global Configuration
\nThe Target Global Configuration screen, shown in Figures 8.14a, contains settings that apply to all
\niSCSI shares. Table 8.14a summarizes the settings that can be configured in the Target Global
\nConfiguration screen. The integer values in the table are used to tune network performance; most of
\nthese values are described in RFC 3720. LUC (Logical Unit Controller) is an API provided by istgt to
\ncontrol removable media by providing functions to list targets, un\/load a media to a unit, change media
\nfile, or reset a LUN.
\nFreeNAS\u2122 8.0.3 Guide Page 137 of 164
\nFigure 8.14a: iSCSI Target Global Configuration Variables
\nTable 8.14a: Target Global Configuration Settings
\nSetting Value Description
\nBase Name string see the \u201cConstructing iSCSI names using the iqn. format\u201d
\nsection of RFC 3721 for details.
\nDiscovery Auth
\nMethod
\ndrop-down
\nmenu
\nChoices are: None, Auto, CHAP, or Mutual CHAP. Configures
\nthe authentication level required by the target for discovery of
\nvalid devices. None will allow anonymous discovery. CHAP and
\nMutual CHAP require authentication. Auto lets the initiator
\ndecide the authentication scheme.
\nDiscovery Auth
\nGroup
\ndrop-down
\nmenu
\nRequired if Discovery Auth Method is set to CHAP or Mutual
\nCHAP, optional if Discovery Auth Method is set to Auto, and not
\nneeded if Discovery Auth Method is set to None. In the latter two
\ncases the config generated in the [Global] section of istgt.conf
\nwill be DiscoveryAuthGroup None, otherwise it will be a number
\nlike DiscoveryAuthGroup 1.
\nI\/O Timeout
\ninteger
\nrepresenting
\nseconds
\nSets the limit on how long an I\/O can be outstanding before an
\nerror condition is returned. Possible values range from 0 -300
\nwith a default value of 30.
\nNOPIN Interval
\ninteger
\nrepresenting
\nseconds
\nHow often target sends a NOP-IN packet to keep a discovered
\nsession alive. Possible values range from 0 -300 with a default
\nvalue of 20.
\nFreeNAS\u2122 8.0.3 Guide Page 138 of 164
\nSetting Value Description
\nMax. Sessions integer
\nAll connections between an iSCSI initiator portal and a target
\nportal are associated with a specific session. This option limits
\nthe number of sessions the target will create\/accept. Possible
\nvalues range from 1 – 64 with a default value of 16.
\nMax. Connections integer
\nRefers to the number of connections a single initiator can make
\nwith respect to a single target. Possible values range from 1 – 64
\nwith a default value of 8.
\nMax. pre-send R2T integer Possible values range from 1 – 255 with a default value of 32.
\nMaxOutstandingR2T integer
\nDuring writes, the target pulls data from the initiator by sending
\nR2T (ready to receive) packets. This option sets the maximum
\nnumber of R2Ts the target can have outstanding for a single
\niSCSI command. Larger values should yield performance
\nincreases until MaxOutstandingR2T exceeds the size of the
\nlargest Write I\/O divided by MaxBurstLength. Possible values
\nrange from 1 – 255 with a default value of 16.
\nFirst burst length integer
\nThe maximum amount in bytes of unsolicited data an iSCSI
\ninitiator may send to the target during the execution of a single
\nSCSI command. Possible values range from 1 – 2^32 with a
\ndefault value of 65536.
\nMax burst length integer
\nMaximum write size in bytes the target is willing to receive per
\nburst of packets (i.e. between R2Ts). Possible values range from
\n1 – 2^32 with a default value of 262144.
\nMax receive data
\nsegment length integer In bytes. Possible values range from 1 – 2^32 with a default value
\nof 262144.
\nDefaultTime2Wait integer
\nThe minimum time in seconds to wait before attempting a logout
\nor an active task reassignment after an unexpected connection
\ntermination or reset. Possible values range from 1 – 300 with a
\ndefault value of 2.
\nDefaultTime2Retain integer
\nThe maximum time in seconds after Time2Wait before which an
\nactive task reassignment is still possible after an unexpected
\nconnection termination or reset. Possible values range from 1 –
\n300 with a default value of 60.
\nEnable LUC checkbox Only works with removable media. If checked, the rest of the
\nfields are required.
\nController IP address IP address Must be an IP address that is assigned to an interface or the
\ndaemon won’t start. Generally set to 127.0.0.1.
\nController TCP port integer Possible values range from 1024-65535 with a default value of
\n3261.
\nController
\nAuthorized netmask subnet mask Typically set to 255.0.0.0.
\nController Auth drop-down Choices are None, Auto, CHAP, or mutual CHAP.
\nFreeNAS\u2122 8.0.3 Guide Page 139 of 164
\nSetting Value Description
\nMethod menu
\nController Auth
\nGroup
\ndrop-down
\nmenu
\nRequired if Controller Auth Method is set to CHAP or Mutual
\nCHAP, optional if Controller Auth Method is set to Auto, and not
\nneeded if Controller Auth Method is set to None. In the latter two
\ncases the config generated in the [Global] section of istgt.conf
\nwill be ControllerAuthGroup None, otherwise it will be a number
\nlike ControllerAuthGroup 1. If you wish to use authenticated
\ndiscover the users must be configured prior to this step.
\n8.14.2 Authorized Accesses
\nIf you will be using CHAP or mutual CHAP to provide authentication, you must create an authorized
\naccess. Go to Services \u2192 ISCSI \u2192 Authorized Accesses \u2192 Add Authorized Access which will open
\nthe screen seen in Figure 8.14b.
\nNOTE: CHAP does not work with GlobalSAN initiators on Mac OS X.
\nFigure 8.14b: Adding Authorized Access for iSCSI
\nTable 8.14b summarizes the settings that can be configured when adding an authorized access:
\nFreeNAS\u2122 8.0.3 Guide Page 140 of 164
\nTable 8.14b: Authorized Access Configuration Settings
\nSetting Value Description
\nGroup ID integer
\nThe Group ID is used to build the authentication groups used by the iSCSI target
\nsoftware, allowing different groups to be configured with different authentication
\nprofiles. For instance, all users with a Group ID of 1 will be members of \u201cGroup 1\u201d
\nand will inherit the authentication profile associated with that group.
\nUser string
\nName of user account that will be created on the FreeNAS\u2122 device in order to
\nCHAP authenticate with the user on the remote system. Many initiators default to
\nusing the initiator name as the user.
\nSecret string Needs to be confirmed. Password to be associated with the created user account.
\nPeer User string If this is entered it will cause the user to be a Mutual CHAP user. In most cases it
\nwill need to be the same as the User.
\nInitiator
\nSecret string Needs to be confirmed. The mutual secret password. Must be different than the
\nSecret. This is required if the Peer User field is set.
\nAs users are added, they will be listed under Authorized Accesses. In the example shown in Figure
\n8.14c, three users (test1, test2, and test3) have been configured and there are two groups created, with
\ngroup 1 consisting of a single CHAP user and group 2 consisting of a mutual CHAP user and a CHAP
\nuser.
\nFigure 8.14c: Viewing Authorized iSCSI Users
\n8.14.3 Device Extents
\nThe next step is to configure the share. In iSCSI terminology, you don’t share a volume; instead you
\nshare either a device extent or a file extent:
\nFreeNAS\u2122 8.0.3 Guide Page 141 of 164
\nDevice extent: allows an unformatted disk, a zvol, or an existing HAST device to be exported via
\niSCSI. The advantage of a device extent is that it is faster than a file extent. The disadvantage is that the
\nentire volume is exported. If you only want to share a portion of a volume using iSCSI, either create a
\nzvol (if it is a ZFS volume) or use a file extent. You can create a zvol by clicking Storage -> Create
\nZFS Volume.
\nFile extent: allows you to export a portion of a volume. When creating a file extent, you can specify
\neither a non-existing file name or an existing ZFS dataset. The advantage of file extents is that you can
\ncreate multiple exports per volume. The disadvantage is that they are slower than device extents.
\nTo add a device extent, go to Services \u2192 ISCSI \u2192 Device Extents \u2192 Add Device Extent. In the
\nexample shown in Figure 8.14d, a device extent is being created using a raw (unformatted) disk.
\nFigure 8.14d: Adding an iSCSI Device Extent
\nTable 8.14c summarizes the settings that can be configured when creating a device extent:
\nTable 8.14c: Device Extent Configuration Settings
\nSetting Value Description
\nExtent Name string required
\nComment string optional
\nDisk device drop-down menu select the unformatted disk, previously created zvol, or existing
\nHAST device
\nFreeNAS\u2122 8.0.3 Guide Page 142 of 164
\n8.14.4 Extents
\nTo add a file extent, go to Services \u2192 ISCSI \u2192 Extents \u2192 Add Extent. In the example shown in Figure
\n8.14e, a file extent named data with a maximum size of 20 GB will be created on the ZFS dataset
\n\/mnt\/tank\/iscsi. Note that the file extent creation will fail if you do not append the name of the file to be
\ncreated to the volume\/dataset name.
\nFigure 8.14e: Adding an iSCSI File Extent
\nTable 8.14d summarizes the settings that can be configured when creating an File Extent:
\nTable 8.14d: File Extent Configuration Settings
\nSetting Value Description
\nExtent Name string name of file extent, can not be an existing file within the dataset
\nPath to the
\nextent
\nbrowse
\nbutton browse to the path where the file will be created or to an existing dataset
\nExtent size integer if the size is specified as 0 then the actual file size will be used and the
\nfile must be created manually in the CLI
\nComment string optional
\n8.14.5 Initiators
\nThe next step is to configure authorized initiators, or the systems which are allowed to connect to the
\nstored data. Going to Services \u2192 ISCSI \u2192 Initiators \u2192 Add Initiator will bring up the screen shown in
\nFigure 8.14f. Table 8.14e summarizes the settings that can be configured when adding an initiator.
\nNOTE: at this time, the FreeNAS\u2122 system itself can not be configured as an initiator.
\nFreeNAS\u2122 8.0.3 Guide Page 143 of 164
\nFigure 8.14f: Adding an iSCSI Initiator
\nTable 8.14e: Initiator Configuration Settings
\nSetting Value Description
\nInitiators string can use ALL keyword or a list of initiator hostnames separated by commas
\nwith no space
\nAuthorized
\nnetwork string can use ALL keyword or a network address with CIDR mask such as
\n192.168.2.0\/24
\nComment string optional description
\nIn the example shown in Figure 8.14g, two groups have been created. Group 1 allows connections from
\nany initiator on any network; Group 2 only allows connections from any initiator on the 10.10.1.0\/24
\nnetwork.
\nFigure 8.14g: Sample iSCSI Initiator Configuration
\nFreeNAS\u2122 8.0.3 Guide Page 144 of 164
\n8.14.6 Portals
\nA portal allows FreeNAS\u2122 systems with multiple IP addresses or interfaces to provide services on
\ndifferent interfaces or subnets. Going to Services \u2192 ISCSI \u2192 Portals \u2192 Add Portal will bring up the
\nscreen shown in Figure 8.14h:
\nFigure 8.14h: Adding an iSCSI Portal
\nIn this example, 0.0.0.0:3260 is a wildcard that will cause the system to bind to every IP address and
\ninterface. This allows you to use multi-path I\/O (MPIO).
\nTable 8.12f summarizes the settings that can be configured when adding a portal:
\nTable 8.14f: Portal Configuration Settings
\nSetting Value Description
\nPortal string interface or subnet IP address followed by a colon and the TCP port used by
\niSCSI (3260 by default)
\nComment string optional description
\n8.14.7 Targets
\nNext you should add a Target using Services \u2192 ISCSI \u2192 Targets \u2192 Add Target, as shown in Figure
\n8.14i. A target combines a portal ID, allowed initiator ID, and an authentication method.
\nTable 8.14g summarizes the settings that can be configured when creating a Target.
\nNOTE: multiple computers can not connect to the same iSCSI target as iSCSI acts like a physical disk
\nrather than a share. If you need to support multiple clients to the same data, use CIFS or NFS instead of
\niSCSI or create multiple iSCSI targets (one per client).
\nFreeNAS\u2122 8.0.3 Guide Page 145 of 164
\nFigure 8.14i: Adding an iSCSI Target
\nTable 8.14g: Target Settings
\nSetting Value Description
\nTarget Name string required value; base name will be appended
\nautomatically if it does not start with iqn
\nTarget Alias string optional user-friendly name
\nSerial string unique ID for target to allow for multiple LUNs; the
\ndefault is generated from the system’s MAC address
\nType drop-down menu type of device: choices are disk, DVD, tape, or pass
\n(choose pass in a virtual environment)
\nTarget Flags drop-down menu choices are read-write or read-only
\nPortal Group ID drop-down menu leave empty or select number of existing portal to use
\nInitiator Group ID drop-down menu select which existing initiator group has access to the
\ntarget
\nAuth Method drop-down menu choices are None, Auto, CHAP, or mutual CHAP
\nAuthentication Group
\nnumber drop-down menu none or integer representing number of existing
\nauthorized access
\nQueue Depth integer see this post for an explanation of the math involved
\nFreeNAS\u2122 8.0.3 Guide Page 146 of 164
\nSetting Value Description
\nLogical Block Size integer
\nshould only be changed if you need to emulate a physical
\ndisk’s size or you need to increase the block size to allow
\nfor larger filesystems on operating systems limited by
\nblock count
\n8.14.8 Target\/Extents
\nThe last step is associating extents to targets within Services \u2192 ISCSI \u2192 Target\/Extents \u2192 Add
\nTarget\/Extent. This screen is shown in Figure 8.14j. Use the drop-down menus to select the desired
\ntarget and extent.
\nFigure 8.14j: Associating iSCSI Targets\/Extents
\nTable 8.14h summarizes the settings that can be configured when associating targets and extents:
\nTable 8.14h: Target\/Extents Configuration Settings
\nSetting Value Description
\nTarget drop-down menu select the pre-created target
\nExtent drop-down menu select the pre-created extent
\nIt is best practice to associate extents to targets in a 1:1 manner, although the software will allow
\nmultiple extents to be associated to a target.
\nOnce iSCSI has been configured, click the Services -> Control Services icon. Click the iSCSI button to
\nchange it from Off to On and thus start the iSCSI service.
\n8.14.9 Connecting to iSCSI Share
\nIn order to access the data on the iSCSI share, clients will need to use iSCSI initiator software.
\nAn iSCSI Initiator client is pre-installed with Windows 7. A detailed how-to for this client can be found
\nhere.
\nMac OS X does not include an initiator. This how-to demonstrates how to use globalSAN, a free and
\neasy-to-use Mac initiator.
\nBSD systems provide command line initiators: iscontrol(8) comes with FreeBSD, iscsi-initiator(8)
\nFreeNAS\u2122 8.0.3 Guide Page 147 of 164
\ncomes with NetBSD, and iscsid(8) comes with OpenBSD.
\nSome Linux distros provide the command line utility iscsiadm from Open-iSCSI. Google to see if a
\npackage exists for your distribution should the command not exist on your Linux system.
\nInstructions for connecting from a VMware ESXi Server can be found at How to configure FreeNAS 8
\nfor iSCSI and connect to ESX(i). Note that the requirements for booting vSphere 4.x off iSCSI differ
\nbetween ESX and ESXi. ESX requires a hardware iSCSI adapter while ESXi requires specific iSCSI
\nboot firmware support. The magic is on the booting host side, meaning that there is no difference to the
\nFreeNAS\u2122 configuration. See the iSCSI SAN Configuration Guide for details.
\n8.15 Rsync
\nThe Rsync section of Services is used to configure an rsync server. See section 4 . 6 Rsync Tasks for
\ninstructions on how to configure an rsync client and an example of configuring both ends of an rsync
\nconnection.
\nThis section describes the configurable options for the rsyncd service and rsync modules.
\nFigure 8.15a shows the rsyncd configuration screen which is accessed from Services -> Rsync ->
\nConfigure Rsyncd.
\nFigure 8.15a: Rsyncd Configuration
\nTable 8.15a summarizes the options that can be configured for the rsync daemon:
\nTable 8.15a: Rsync Configuration Options
\nSetting Value Description
\nTCP Port integer port for rsyncd to listen on, default is 873
\nAuxiliary parameters string additional parameters from rsync(1)
\n8.15.1 Rsync Modules
\nFigure 8.15b shows the configuration screen that appears when you click Services -> Rsync -> Rsync
\nModules -> Add Rsync Module.
\nFreeNAS\u2122 8.0.3 Guide Page 148 of 164
\nFigure 8.15b: Adding an Rsync Module
\nTable 8.15b summarizes the options that can be configured when creating a rsync module:
\nTable 8.15b: Rsync Module Configuration Options
\nSetting Value Description
\nModule name string mandatory; also needs to be configured on rsync client
\nComment string mandatory
\nPath browse button of volume\/dataset to hold received data
\nAccess Mode drop-down
\nmenu choices are read and write, read-only, or write-only
\nMaximum
\nconnections integer 0 is unlimited
\nUser drop-down
\nmenu
\nselect user that file transfers to and from that module should
\ntake place as
\nGroup drop-down
\nmenu
\nselect group that file transfers to and from that module should
\ntake place as
\nHosts allow string see rsyncd.conf(5) for allowed formats
\nHosts deny string see rsyncd.conf(5) for allowed formats
\nAuxiliary parameters string additional parameters from rsyncd.conf(5)
\nFreeNAS\u2122 8.0.3 Guide Page 149 of 164
\nNOTE: one of the things that isn’t apparent from the documentation for some versions of
\nrsyncd.conf(5) is that * is an alias for all.
\n9 Additional Options
\nThis section covers the remaining miscellaneous options available from the FreeNAS\u2122 web interface.
\n9.1 Display System Processes
\nIf you click Display System Processes, a screen will open showing the output of top(1). An example is
\nshown in Figure 9.1a.
\nFigure 9.1a: System Processes Running on FreeNAS\u2122
\nThe display will automatically refresh itself. Simply click the X in the upper right corner to close the
\ndisplay when you are finished. Note that the display is read-only, meaning that you won’t be able to
\nissue a kill command within it.
\n9.2 Reboot
\nIf you click Reboot, you will receive the warning message shown in Figure 9.2a.
\nFreeNAS\u2122 8.0.3 Guide Page 150 of 164
\nFigure 9.2a: Reboot Warning Message
\nClick the Cancel button if you wish to cancel the reboot request. Otherwise, click the Reboot button to
\nreboot the system. Rebooting the system will disconnect all clients, including the web administration
\nGUI. The URL in your web browser will change to add \/system\/reboot\/ to the end of the IP address.
\nWait a few minutes for the system to boot, then use your browser’s back button to return to the
\nFreeNAS\u2122 system’s IP address. If all went well, you should receive the GUI login menu. However, if
\nsomething went wrong, you will need physical access to the FreeNAS\u2122 system’s monitor and
\nkeyboard so that you can determine what problem is preventing the system from resuming normal
\noperation.
\n9.3 Shutdown
\nIf you click Shutdown, you will receive the warning message shown in Figure 9.3a and your browser
\ncolour will change to red to indicate that you have selected an option that will negatively impact users
\nof the FreeNAS\u2122 system.
\nFigure 9.3a: Shutdown Warning Message
\nClick the Cancel button if you wish to cancel the shutdown request. Otherwise, click the Shutdown
\nbutton to reboot the system. Shutting down the system will disconnect all clients, including the web
\nadministration GUI, and will power off the FreeNAS\u2122 system. You will need physical access to the
\nFreeNAS\u2122 system in order to turn it back on.
\n9.4 Log Out
\nTo log out of the FreeNAS\u2122 GUI, simply click the Log Out button in the upper right corner. You will
\nimmediately be logged out. An informational message will indicate that you are logged out and will
\nprovide a hyperlink which you can click on to log back in.
\nFreeNAS\u2122 8.0.3 Guide Page 151 of 164
\n9.5 Help
\nThe Help button in the upper right corner provides hyperlinks to the various FreeNAS\u2122 resources,
\nincluding: forums, mailing lists, IRC channel, bug tracker, and this documentation. Each of these
\nresources is discussed in more detail in the next section.
\nIt also displays the currently installed FreeNAS\u2122 version.
\n9.6 Alert
\nFreeNAS\u2122 provides an alert system to provide a visual warning of any conditions that require
\nadministrative attention. The Alert button in the far right corner will flash red when there is an
\noutstanding alert. For example, the first time you access the administrative GUI, the alert button will be
\nflashing. If you click the icon, you will see the screen shown in Figure 9.6a:
\nFigure 9.6a: Example Alert Message
\nBehind the scenes, an alert script checks for various alert conditions, such as volume status, and writes
\nthese to \/var\/tmp\/alert. A javascript retrieves the current alert status every 5 minutes and will change
\nthe solid green alert icon (if there are no current alert conditions) to flashing red (if a new alert is
\ndetected).
\nSection 3: Getting Help
\n10 FreeNAS\u2122 Support Resources
\nFreeNAS\u2122 has a large installation base and an active user community. This means that many usage
\nquestions have already been answered and the details are available on the Internet. If you get stuck
\nusing FreeNAS\u2122, spend a few moments searching the Internet for the word FreeNAS\u2122 with some
\nkey words that describe your error message or the function that you are trying to implement.
\nFreeNAS\u2122 8.0 was released in May of 2011 while the original version of FreeNAS\u2122 (now at
\nversion .7) has been around since 2005. Accordingly, much of the of information available on the
\nInternet was written for FreeNAS\u2122 .7.x and may or may not apply to FreeNAS\u2122 8.x.
\nThe rest of this section discusses the additional resources available to FreeNAS\u2122 8.x users:
\n\u2022 Website and Social Media
\n\u2022 Trac Database
\n\u2022 IRC
\n\u2022 Mailing Lists
\nFreeNAS\u2122 8.0.3 Guide Page 152 of 164
\n\u2022 Forums
\n\u2022 Instructional Videos
\n\u2022 Professional Support
\n\u2022 FAQs
\n10.1 Website and Social Media
\nThe FreeNAS\u2122 website contains links to all of the available documentation, support, and social media
\nresources. Major announcements are also posted to the main page.
\nUsers are welcome to network on the FreeNAS\u2122 social media sites:
\n\u2022 LinkedIn
\n\u2022 Google+
\n\u2022 Facebook
\nA twitter feed is also available.
\n10.2 Trac Database
\nFreeNAS\u2122 8 uses a trac database where you can view existing support tickets to see if your issue has
\nalready been reported or create new tickets for unreported issues. You do not need to create a login
\naccount in order to view existing tickets, but you will need to use the Register link if you wish to create
\na ticket. See section 11.2 Submit Bug Reports if you wish to create a support ticket.
\n10.3 IRC
\nIf you wish to ask a question in \u201creal time\u201d, you can try the #freenas channel on IRC Freenode.
\nDepending upon the time of day (and your time zone), a FreeNAS\u2122 developer or other FreeNAS\u2122
\nusers may be available to assist you. If you don’t get an answer right away, remain on the channel as
\nother users tend to read the channel history in order to answer questions as they are able to.
\nIf you don’t have an IRC chat client, you can use the FreeNAS\u2122 browser-based client.
\nTo get the most out of the IRC channel, keep the following points in mind:
\n\u2022 don’t ask “can anyone help me?”; instead, just ask your question. If someone knows the answer,
\nthey will try to assist you.
\n\u2022 don’t ask a question and then leave. Users who know the answer can’t help you if you disappear.
\n\u2022 don’t take it personally if no one answers or demand that someone answers your question.
\nMaybe no one who knows the answer is available, maybe your question is really hard, or maybe
\nit is a question that has already been answered many times in the other support resources. Try
\nasking again in a few hours or research the other resources to see if you’ve missed anything.
\n\u2022 Don’t post error messages in the channel as the IRC software will probably kick you out.
\nInstead, use a pasting service such as pastebin and refer to the URL on channel. If you prefer to
\npaste an image of your error, you can upload it to a temporary screenshot hosting service such
\nFreeNAS\u2122 8.0.3 Guide Page 153 of 164
\nas Upload Screenshot and post the URL to your uploaded image.
\n10.4 Mailing Lists
\nSeveral FreeNAS\u2122 mailing lists are available which allow users and developers to ask and answer
\nquestions related to the topic of the mailing list. To post an email to a list, you will need to subscribe to
\nit first. Each mailing list is archived, allowing you to browse for information by date, thread name, or
\nauthor.
\nThe following mailing lists are available:
\n\u2022 freenas-announce : This is a low-volume, read-only list where major milestones, such as new
\nreleases, are announced.
\n\u2022 freenas-commit : This is a read-only list. As code changes in the FreeNAS\u2122 repository, the
\ncommit message is automatically sent to this list.
\n\u2022 freenas-devel : FreeNAS\u2122 developers are subscribed to this list. Technical questions about the
\ncurrent FreeNAS\u2122 release can be posted here.
\n\u2022 freenas-docs : This list is for discussion regarding FreeNAS\u2122 documentation.
\n\u2022 freenas-testing : FreeNAS\u2122 developers are subscribed to this list. Technical questions about the
\nupcoming FreeNAS\u2122 release and feedback on testing snapshots can be posted here.
\n\u2022 freenas-translations : This list is for discussion regarding FreeNAS\u2122 localization and translating
\nFreeNAS\u2122 documentation.
\nArchives of the mailing lists are available from Gmane which allows you to read the archives in
\nvarious formats (blog style, news reader style) and to subscribe to RSS feeds for the lists.
\n10.5 Forums
\nAnother information source for FreeNAS\u2122 is the Forums. Forums contain user-contributed tips and
\nguides which have been categorized, making it an ideal resource if you wish to learn more about a
\ncertain aspect of FreeNAS\u2122. A searchbar is included should you wish to search by keyword;
\nalternately, you can click a category to browse through the threads that exist for that topic.
\nThe following categories are available under Help and Support:
\n\u2022 FreeNAS\u2122 4 N00bs : post here if you are new to FreeNAS\u2122 and are unsure which category
\nbest matches your question.
\n\u2022 Feature Requests : for the discussion of upcoming features and to request features not listed on
\nthe Roadmap.
\n\u2022 Bug Reporting : do you think you have found a bug in FreeNAS\u2122 and want to discuss it before
\ncreating a support ticket?
\n\u2022 Hardware : for the discussion of hardware and tips for getting the most out of your hardware.
\n\u2022 User Authentication : LDAP and Active Directory.
\n\u2022 Sharing : AFP, CIFS, NFS, and iSCSI.
\nFreeNAS\u2122 8.0.3 Guide Page 154 of 164
\n\u2022 Storage : replication, snapshots, volumes, and ZFS.
\n\u2022 Networking : networking hardware, performance, link aggregation, VLANs, DDNS, FTP,
\nSNMP, SSH, and TFTP.
\n\u2022 Installation : installing help or advice before performing the installation.
\nThe following categories are available under Development:
\n\u2022 FreeNAS\u2122 : general development discussion.
\n\u2022 nanobsd : the embedded operating system FreeNAS\u2122 is based upon.
\n\u2022 Django : the web framework used by the FreeNAS\u2122 graphical administrative interface.
\n\u2022 Dojo Toolkit : the javascript toolkit used to create widgets and handle client side processing.
\nThe following categories are available under How-To Guides:
\n\u2022 Hacking : undocumented tricks for getting the most out of your FreeNAS\u2122 system.
\n\u2022 Installation : specific installation scenarios (hardware and\/or software).
\n\u2022 Configuration : specific configuration scenarios (e.g. software or client configuration).
\n\u2022 Hardware : instructions for setting up specific hardware.
\nThe following categories are available under Community Forum:
\n\u2022 Off-topic : want to discuss something of interest to FreeNAS\u2122 users but which is not
\nnecessarily related to FreeNAS\u2122? This is your place.
\n\u2022 Resources : blogs, reviews, and other sources of FreeNAS\u2122 information not listed at
\nfreenas.org.
\n\u2022 Introductions : FreeNAS\u2122 Community meet ‘n greet – introduce yourself and let us know who
\nwe are chatting with.
\nThe following language-specific categories are available under International, allowing FreeNAS\u2122
\nusers to interact with each other in their native language:
\n\u2022 German – Deutsch
\n\u2022 French – Francais
\n\u2022 Italian – Italiano
\n\u2022 Spanish – Espanol
\nIf you wish to ask a question on the forum, you will need to click the Register link to create an account
\nand login using that account. When asking a question on the forum, it is important that you:
\n\u2022 first check to see if the question has already been asked. If you find a similar question, don’t
\ncreate a new thread. Instead use the “Reply to Thread” button to add your comments to the
\nexisting thread.
\n\u2022 review the available categories to see which one is most closely related to your question. Click
\non that category and use the “Post New Thread” button to open the editor. After typing your post
\nand before you click the “Submit New Thread” button, make sure the “Subscribe to this thread
\nFreeNAS\u2122 8.0.3 Guide Page 155 of 164
\nand notify me of changes” box is checked. That way you will be notified whenever anyone
\nanswers your question.
\n10.6 Instructional Videos
\nA series of instructional videos is being created for FreeNAS\u2122 8.x. The videos that are available so far
\nare:
\n\u2022 How to Install FreeNAS\u2122 8
\n\u2022 FreeNAS\u2122 System Configuration Overview
\n\u2022 FreeNAS\u2122 8: Volumes Overview
\n\u2022 FreeNAS\u2122 8: Shares Overview
\n\u2022 FreeNAS\u2122: Network Configuration Overview
\n\u2022 FreeNAS\u2122: Active Directory
\n\u2022 FreeNAS\u2122 8: iSCSI In-depth
\n\u2022 FreeNAS\u2122 8: All in One
\n\u2022 FreeNAS\u2122 8: LAGG and VLAN
\nThe Too Smart Guys show also has a series of videos:
\n\u2022 Building a FreeNAS 8 Box – Part 1 Hardware
\n\u2022 FreeNAS 8 – Build and Install
\n\u2022 FreeNAS 8 EP3 Configuration
\n10.7 Professional Support
\nIn addition to the freely available community resources, iXsystems offers professional support
\npackages. iXsystems’ development team works hard to improve new and current versions of
\nFreeNAS\u2122, providing them with the insight to provide expert FreeNAS\u2122 support and consultation
\nservices. Their Professional Services team can also configure your FreeNAS\u2122 hardware and software
\nto deliver the highest levels of performance, stability, and security. See the FreeNAS\u2122 Professional
\nSupport page to request a quote.
\n10.8 FAQs
\nThis section contains some of the questions which are asked most often on the FreeNAS\u2122 IRC
\nchannel. Additional FAQs can be found in this forum post.
\n10.8.1 Can a RAID-Z array be expanded? For example, if I start off with a 8x2TB RAID-Z2
\narray can I add more drives to it in the future?
\nA. You can add drives to a volume, but not to a RAIDZ group. For example, if your volume is a 3 drive
\nRAIDZ, you can add another 3 drive RAIDZ in the future, giving you a RAIDZ+0. But you can’t
\nchange it to a 4 drive RAIDZ. This a limitation\/feature of ZFS.
\nFreeNAS\u2122 8.0.3 Guide Page 156 of 164
\n10.8.2 Is there a command to force FreeBSD to scan for new disks? I’m trying to add some
\ndisks to my array using the hot-swappable bays and a 3ware SATA card. The drives go
\nin fine and light up, but the operating system can’t see them.
\nA. Use the command:
\ntw_cli \/c0 rescan
\nThen you use the drives to create units and export them to the operating system. When finished, run
\ncamcontrol rescan all and they will show up in the GUI.
\n10.8.3 If my hardware\/motherboard dies, can I rebuild with new\/different hardware and still
\nimport\/read the data from my disks? What about my datasets?
\nA. Yes, as long as you aren’t using hardware RAID and let ZFS handle the RAID, A dataset is basically
\na folder\/directory that lives on your volume with your other files, but which has a separate mount point,
\nsuch as \/mnt\/your-pool\/dataset_1.
\n10.8.4 How do I replace a bad drive?
\nA. It is recommended that you first upgrade to latest version of 8.0 . 3 to make sure that your system is
\nnot effected by previously known bugs. You will also need access to the FreeNAS\u2122 system to replace
\nthe hard drive and to run some commands from the FreeNAS\u2122 console.
\nIf you are replacing a disk that is a member of a RAIDZ1 or RAIDZ2:
\n1. Determine the device name and UUID of the disk that needs to be replaced in Storage ->
\nVolumes -> View all Volumes -> View Disks icon for effected volume.
\n2. Shut down the system, pull out the failed drive, and replace it with a new disk of the same size
\nor larger into the same port.
\n3. Power-on the system. At this point the RAIDZ will be in a DEGRADED state and the disk will
\nbe listed as Unavailable.
\n4. From the command line type zpool replace tank ada7 where tank represents the pool name
\nand ada7 represents the device name.
\n5. The pool will begin re-silvering. This can take a long time (many hours); be patient and let it
\nfinish. You can check the status of the resilvering with zpool status -v. Once the resilvering
\nfinishes, zpool status -v will still say DEGRADED.
\n6. Type the command zpool detach tank \/dev\/ada7\/old, replacing tank and ada7 with your pool
\nname and device name. Check the status again and the DEGRADED and \/dev\/ada7\/old should
\nbe gone and the pool state should be ONLINE.
\n7. Type the command zpool export tank. This will prepare the specified pool for an auto-import
\nof the disk.
\n8. From the GUI go to: Storage -> Volumes -> Auto Import. Your disk should now show in the
\ndrop-down menu.
\n9. Should the disk not appear in the drop-down menu, make sure that you are running the latest
\nversion of FreeNAS\u2122 upgrade if you are not. If you are running the latest FreeNAS\u2122, try
\nFreeNAS\u2122 8.0.3 Guide Page 157 of 164
\nbacking up your configuration from System -> Settings -> Config -> Save Config. Then, reset
\nthe configuration to the factory defaults using the Factory Restore button, and try the autoimport
\nagain. Once your disk is imported, you can return to your saved configuration using the
\nUpload Config button.
\n10.8.5 Can I share files from my external USB drive?
\nA. No, at this time the GUI does not support this. This should be fixed in a later version.
\n10.8.6 Can I mount my MAC formatted drive?
\nA. No, at this time FreeNAS\u2122 and FreeBSD do not support mounting HFS\/HFS+ filesystems.
\n10.8.7 How do I get to the command line \/CLI\/shell?
\nA. There are 2 ways: from the console (the screen you see when you boot), and using SSH.
\nTo use the console, you will need access to the keyboard connected to FreeNAS\u2122. Select option “9)
\nShell” from the menu shown in Figure 2.4a in section 2.4 Initial Setup. To return to the console menu
\nfrom the shell, type exit.
\nTo access the FreeNAS\u2122 system using SSH, you will need to enable the SSH service in Control
\nServices. You will also need a client program to make the connection. When connecting, use the IP
\naddress of the FreeNAS\u2122 system and the username admin. If you need to gain root privileges during
\nthe session type su.
\n10.8.8 Does FreeNAS support 4k sector drives? How do I check if it is configured?
\nA. Yes. FreeNAS detects and uses 4K sectors automatically.
\nFrom the command line, type these command to check if you have 512 or 4k sectors configured:
\nzpool set cachefile=\/data\/zfs\/zpool.cache tank (change tank to your pool
\nname)
\nzdb -U \/data\/zfs\/zpool.cache | grep ashift
\nIf the answer = 9, you have 512 byte sectors. If the answer = 12, you have 4k byte sectors.
\nAny hard drive produced after January 1, 2011 should be a 4K Advanced Format drive, though some
\ndrives retain backwards compatibility by performing 512 byte emulation. FreeNAS\u2122 always uses 4K
\nsector for ZFS if the underlying hard drive is advanced format in order to get maximum performance.
\nFor UFS, the format always uses 4K sectors.
\nWhen you create your volumes, you can optionally check the box to “Force 4096 bytes sector size”.
\nThis will not improve performance on 512-byte sector hard drives but could be helpful in a RAIDZ that
\nalso contains advanced format drives.
\n10.8.9 My network transfer speeds are very slow, what is wrong?
\nA. You need to determine whether the bottleneck is your LAN, your disks\/array\/controller, not enough
\nRAM, your CPU load, a misconfiguration, the type of share in use, or that some tuning is required.
\nFreeNAS\u2122 8.0.3 Guide Page 158 of 164
\n\u2022 if you’re using a 10-100Mb\/s wired router\/switch you should get somewhere around 11-12MB\/s
\n\u2022 if you’re transferring across the Internet, your speed will only be as fast as your slowest link
\n\u2022 if you’re using a Gig interface, check that it is properly enabled on both the switch and the
\nFreeNAS\u2122 system. To check the FreeNAS\u2122 system, run this command at the console:
\nifconfig -a grep media
\nIf it is not showing at 1000Mb\/s, add the following line to the Options field of the interface’s settings:
\nmedia 1000baseTX mediaopt full-duplex
\n10.8.10 Why do changes I make at the command line to config files or settings disappear after a
\nreboot?
\nA. FreeNAS\u2122is booted from a compressed filesystem and the configuration that is stored in a database
\nis loaded into RAM. Any changes made at the command line do not get added to the configuration
\ndatabase. While you can make changes persist using the tips in this forum post, those changes won’t
\nsurvive an upgrade and it is not recommended to manually add command line edits to the database.
\nInstead, if the functionality you desire is not possible through the GUI, go to support.freenas.org and
\nsearch to see if a feature request to add that functionality already exists. If there is no existing ticket,
\ncreate a ticket describing the needed functionality.
\nSection 4: Contributing to FreeNAS\u2122
\n11 How to Get Involved
\nAs an open source community, FreeNAS\u2122 relies on the input and expertise of its users to help improve
\nFreeNAS\u2122. When you take some time to assist the community, your contributions benefit everyone
\nwho uses FreeNAS\u2122.
\nThis section describes some areas of participation to get you started. It is by no means an exhaustive
\nlist. If you have an idea that you think would benefit the FreeNAS\u2122 community, bring it up on one of
\nthe resources mentioned in section 10 FreeNAS\u2122 Support Resources .
\nThis section demonstrates how you can:
\n\u2022 Assist with Localization
\n\u2022 Submit Bug Reports
\n\u2022 Test Upcoming Versions
\n11.1 Assist with Localization
\nFreeNAS\u2122 uses Pootle, an open source application, for managing the localization of the menu screens
\nused by the FreeNAS\u2122 graphical administrative interface. Pootle makes it easy to find out the
\nlocalization status of your native language and to translate the text for any menus that have not been
\nlocalized yet. By providing a web editor and commenting system, Pootle allows translators to spend
\ntheir time making and reviewing translations rather than learning how to use a translation submission
\nFreeNAS\u2122 8.0.3 Guide Page 159 of 164
\ntool.
\nTo see the status of a localization, open up the FreeNAS\u2122 Translation System in your browser, as seen
\nin Figure 11.1a:
\nFigure 11.1a: FreeNAS\u2122 Localization System
\nThe localizations FreeNAS\u2122 users have requested are listed alphabetically on the left. If your language
\nis missing and you would like to help in its translation, send an email to the translations mailing list so
\nit can be added.
\nThe green bar in the Overall Completion column indicates the percentage of FreeNAS\u2122 menus that
\nhave been localized. If a language is not at 100%, it means that the menus that currently aren’t
\ntranslated will appear in English instead of in that language.
\nIf you wish to help localize your language, you should first join the translations mailing list and
\nintroduce yourself and which language(s) you can assist with. This will allow you to meet other
\nvolunteers as well as keep abreast of any notices or updates that may effect the translations. You will
\nalso need to click on the Register link in order to create a Pootle login account.
\nThe first time you log into the FreeNAS\u2122 Pootle interface, you’ll be prompted to select your language
\nso that you can access that language’s translation whenever you login. Alternately, you can click the
\nHome link to see the status of all of the languages. To work on a translation, click the link for the
\nlanguage -> click the FreeNAS\u2122 link for the project -> click the link for LC_MESSAGES -> and click
\nthe link for django.po. Every text line available in the GUI menu screens has been assigned a string
\nnumber. If you click the number, an editor will open where you can translate the text. In the example
\nshown in Figure 11.1b, a user has selected string number 46 in the German translation; the other strings
\nin the screenshot have already been translated:
\nFreeNAS\u2122 8.0.3 Guide Page 160 of 164
\nFigure 11.1b: Using the Pootle Interface to Edit a Translation String
\nSimply type in the translated text and click the Submit button to save your change.
\n11.2 Submit Bug Reports
\nFreeNAS\u2122 uses Trac, an open source bug reporting system, to manage bug reports and feature
\nrequests submitted by users. You can search for existing bugs and submit a bug report at
\nsupport.freenas.org.
\nIf you find a bug while using FreeNAS\u2122 or if you would like to request a feature in an upcoming
\nversion, take the time to research your bug\/feature first, before submitting your bug report. This is so
\nthat you don’t end up duplicating an existing report and to ensure that your report contains the
\ninformation that the developers need in order to implement the fix or the feature.
\nBefore submitting a bug report, perform the following steps:
\n\u2022 determine if you are running the latest version of FreeNAS\u2122 8.x. FreeNAS\u2122 developers tend
\nto fix bugs rapidly and new features are being implemented as 8.x matures. If you are not
\nrunning the latest version, it is quite likely that the bug has already been fixed or the missing
\nfeature has been implemented. If this is the case, your best course of action is to backup your
\ndata and configuration and perform an upgrade to the latest version. Note that FreeNAS\u2122 will
\nstabilize at version 8.2 and that the most recent version may be labelled as a beta or an RC; it
\nwill still be considered more stable than the release before it.
\n\u2022 if you are running the latest version, use the search feature at support.freenas.org to see if a
\nsimilar report\/request already exists. If one does, do not create another ticket. Instead, add a
\ncomment to the existing ticket if you have additional information to add.
\nIf a similar report does not already exist, keep the following points in mind when you create your bug
\nreport or feature request:
\nFreeNAS\u2122 8.0.3 Guide Page 161 of 164
\n\u2022 you will need to register for an account, confirm you registration email address, and be logged
\nin before you can create a new ticket.
\n\u2022 in the Summary section shown in Figure 11.2a, include descriptive keywords that describe your
\nproblem or feature request. This is useful for other users who search for a similar problem. You
\ncan also include a comma separated list of keywords in the Keywords section.
\n\u2022 in the Description section, describe the problem, how to recreate it, and include the text of any
\nerror messages. If you are requesting a feature, describe the benefit provided by the feature and,
\nif applicable, provide examples of other products that use that feature or the URL of the
\nhomepage for the software. If you would like to include a screenshot of your configuration or
\nerror, check the “I have files to attach to this ticket” box.
\n\u2022 under Type, select defect if it is a bug report or enhancement if it is a feature request.
\n\u2022 for bug reports, be sure to select the version of FreeNAS\u2122 that you are using.
\n\u2022 press the Preview button to read through your ticket before submitting it. Make sure it includes
\nall of the information that someone else would need to understand your problem or request.
\nOnce you are satisfied with your ticket, click the Create Ticket button to submit it.
\n\u2022 if you get stuck in how to fill out a field in the ticket, the TracTickets link at the bottom of the
\nticket creation page has several examples.
\nFigure 11.2a: Creating a New Ticket
\nFreeNAS\u2122 8.0.3 Guide Page 162 of 164
\n11.3 Test Upcoming Versions
\n11.3.1 Upcoming Version 8.2
\nA release date has not been set yet for 8.2, though it is expected to be released by the end of Q1, 2012.
\nPrior to 8.2 release, there will be a beta period where testing snapshots will be announced on the
\nFreeNAS\u2122 website, blog, and social media sites every week or so. This beta period is meant to
\nprovide users an opportunity to test the upcoming release and to provide feedback on bugs and errors
\nso that they can be fixed prior to release. Feedback can be sent to the Freenas-testing mailing list.
\n11.3.2 Testing a Nightly Snapshot
\nChanges to FreeNAS\u2122 occur daily as developers address the bugs and enhancement requests reported
\nby FreeNAS\u2122 users. A testing version that incorporates these changes is automatically built daily and
\nis available for download as a nightly release.
\nIf you wish to install or upgrade to the testing version of FreeNAS\u2122 (i.e. the version that addresses all
\nfixed bugs up to today’s date) or you need to upgrade to a version that incorporates a fix you are
\nwaiting for, you can download the latest nightly version.
\nNOTE: it is possible that a recently implemented change will not work as expected or will break
\nsomething else. If you experience this, take the time to add a comment to the applicable support ticket
\nso that the developers can address the problem.
\nDANGER! upgrading from a nightly snapshot to an RC or a RELEASE is not supported! . Be wary of
\ninstalling a nightly in a production environment and be sure to backup your configuration before
\nattempting a full install of a later RC or RELEASE.
\nNightly builds are available as ISO, GUI upgrade, or Full install images. If you are upgrading to a
\nnightly from an earlier version of FreeNAS\u2122 8.x, see the section on Upgrading FreeNAS\u2122 for
\ninstructions on how to upgrade.
\n11.3.3 Rolling Your Own Testing Snapshot
\nUsers who wish to test 8.2 prior to the testing period can download the latest source from the svn
\nrepository and generate their own ISO for testing purposes.
\nNOTE: 8.2 is currently in alpha phase and some of its new features are still broken or not fully
\nimplemented. Expect to find bugs. Do not use in a production environment! It is recommended that you
\nread the README first so that you are aware of any gotchas and currently known limitations.
\nIf you wish to build your own testing snapshot, you will need to install FreeBSD 8.2 in a virtual
\nenvironment or on a test system. If you are using a virtual environment, a 64-bit system with at least 4
\nGB of RAM is recommended. Download the FreeBSD version (i386 or amd64) that matches the
\narchitecture that you wish to build and when prompted to choose your distribution set during the
\ninstallation, select the Minimal install option.
\nAfter booting into the newly installed FreeBSD system, become the superuser and run the following
\ncommands. First, install the software you’ll need and refresh your path so it is aware of the new
\nbinaries:
\nFreeNAS\u2122 8.0.3 Guide Page 163 of 164
\npkg_add -r subversion
\npkg_add -r nano
\npkg_add -r cdrtools
\nrehash
\nYou’re now ready to download FreeNAS\u2122 source:
\ncd \/usr\/local
\nsvn co https:\/\/freenas.svn.sourceforge.net\/svnroot\/freenas\/trunk
\ncd trunk
\nsetenv FREEBSD_CVSUP_HOST cvsup10.freebsd.org
\nIf you wish to install extra software in your snapshot, you will need to increase the size of the
\nNanoBSD image by editing freenas-common. The size of the image should be double the space that it
\nneeds as the image will be formatted with two same-size partitions. This is to allow for upgrades as one
\npartition contains the new running image and the other partition contains a copy of the backup image.
\nWhen editing freenas-common, search for this line:
\nFlashDevice generic 1g
\nand edit it to the size you’ll need. Make sure that you have a memory stick that can hold the specified
\nsize. You’re now ready to build the image:
\nsh build\/do_build.sh
\nsh build\/create_iso.sh
\nOnce these commands complete, you will have an image in obj.yyyy\/FreeNAS\u2014VVVV-XXXXyyyy.
\nfull.xz where:
\n\u2022 VVVV is the release branch version
\n\u2022 XXXX is the svn revision from the FreeNAS\u2122 repo
\n\u2022 yyyy is either i386 or amd64 depending on your platform and what was provided via
\n$FREENAS_ARCH on the command line or in an environment setting
\nThis is a compressed raw disk image which needs to be decompressed and converted to your favorite
\nvirtual machine container format before use. There will also be a CD image called obj.yyy\/FreeNASVVVV-
\nXXXX-yyyy.full.iso that you can burn to disk and use to install or upgrade FreeNAS\u2122.
\nPlease see the README file for common workflows and tips.
\nFreeNAS\u2122 8.0.3 Guide Page 164 of 164<\/p>\n","protected":false},"excerpt":{"rendered":"
FreeNAS\u2122 8.0.3 Guide Page 1 of 164 FreeNAS\u2122 8.0.3 Guide Page 2 of 164 FreeNAS\u2122 is \u00a9 2011, 2012 iXsystems FreeNAS\u2122 is a trademark of iXsystems FreeBSD is a registered trademark of the FreeBSD Foundation Cover art by Jenny Rosenberg FreeNAS\u2122 8.0.3 Guide Page 3 of 164 Table of Contents Section 1: Introduction and Installation<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[1,127],"tags":[145,31,144],"class_list":["post-298","post","type-post","status-publish","format-standard","hentry","category-viazap","category-sistemas-de-armazenamento","tag-armazenamento","tag-cluster","tag-storge"],"_links":{"self":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/298","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=298"}],"version-history":[{"count":6,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/298\/revisions"}],"predecessor-version":[{"id":4364,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=\/wp\/v2\/posts\/298\/revisions\/4364"}],"wp:attachment":[{"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=298"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=298"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.clusterweb.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=298"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}