|
FreeBSD General Other questions regarding FreeBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
Advice needed: File server for VPN - samba, NFS?
Hi all
I've recently set up a nice FreeBSD 7 box as a small company fileserver. Runs samba, OpenVPN, pf, encrypted drives and little else. It simply exposes a dir as a mapped drive for two windows XP clients - myself and my colleague. When the clients are on the same physical LAN it works beautifully. BUT, over the OpenVPN link it's unusably slow. And I do mean unusable. I've tried the various samba TCP tunings, but have concluded from various sources that SMB is just not suited to a modest WAN connection, due in part to it's "extreme chattiness". So I seek advice. Are there alternatives that are a) better suited for WAN use, and b) accessible to windows clients? I only know of NFS but have never used it. Any thoughts or suggestions? /sim |
|
||||
Ok, this might sound weird, but, it works for me, when i need to exchange files...
Why not to use scp or for win boxes winscp? http://winscp.net/eng/index.php EDIT: you'll need to enable ssh on box to be able to use this Last edited by graudeejs; 20th October 2008 at 06:35 PM. |
|
|||
You can reduce the chattiness of the SMB protocol by configuring Samba as a WINS server. Check out the wins support and wins server entries of the smb.conf man page and the referral to. But this assumes/requires that you have different subnets.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump |
|
||||
NFS will work with Windows clients, but requires software that can either be costly or bloated to come by for free/semi-free.
I've generally found SSHFS to be the best solution among BSD and Linux based systems, you might take a look at using SCP and see if it suits you're requirements for the VPN end.
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
Thanks for the tips chaps.
[Win]SCP: I already use this a lot for web server maintenance. It hadn't really occurred to me to use it in this instance as I was keen to have something as seemless as possible with the usual Windows UI (i.e. mapped drive under My Computer). More for my colleague's sake rather than my own Having said that, WinSCP isn't that alien for the lay user I guess, so maybe it's a contender. SSHFS looks interesting, as with SCP I'll need to see if it passes the same 'non-techie user' criteria. Sounds like NFS might be problematic... As a first step I'll look into the WINS stuff though. Never messed with the more sordid details of windows networking before - wish me luck! Thanks again, sim |
|
|||
NFS over SSH is certainly one way to go. WinSCP with encryption is also an option.
|
|
|||
Back again....
This project has taken a bit of a back seat due to other more pressing tasks, but another possibility came to mind. Could one set up Apache and WebDAV (over the OpenVPN), and thus make use of windows' support for web folders? Sounds like a good option? Reasonably easy to set up? (I'm used to setting up apache from ports etc). Better performance than SMB over WAN connections? Thoughts? /s |
|
|||
Follow-up
Tried the Apache/DAV option over OpenVPN - not bad. Pros: o Reasonable integration with windows explorer in XP ("Web folders") o Fast responsive navigation of file tree o Good download speed (significantly better than the pipe capacity - must be thanks to compression on the VPN) Cons: o *Extremely* slow upload speed, yet this should be faster than the d/l. Must be a problem somewhere - hopefully fixable o Not able to open files from the web folder directly. Maybe this is hackable in XP..? So all in all, a promising start. I hope to write up my entire process (FreeBSD config, GELI enc partition, pf config, OpenVPN, Apache/DAV config etc) when I get a chance (and before I forget.. ) /sim |
|
|||
Thanks for the tip mdh. Yes the disk is encrypted, as is the VPN of course, but no SSL. There's also the VPN compression too. I will check the CPU usage, although I'd be quite alarmed if it was choking under the onslaught of a half meg ADSL line (2.8GHz Xeon, circa 2006)
Unfortunately this is a side project so will have to wait till the weekend to look again. /sim PS I didn't realise crypto cards were so cheap these days. I'm quite tempted, just for funnies! |
|
|||
Couldn't be bothered to wait till the w/e...
Have just tried removing OpenVPN from the equation, reverting to plain old vanilla webdav over port 80. The upload problem disappears, with the speed being as good as I would expect from the decrepit ADSL line (40KB/s). More importantly, the uploads continue to completion, whereas over the VPN they would suddenly get extremely slow (<3KB/s) after approx 200K and would eventually crap out, rarely getting beyond 500KB. Small files were fine, and transfers in the other direction (server -> client) were great. So I suppose I have to start troubleshooting OpenVPN. Any ideas, I've never used it before now... I have a faily basic setup - TAP-Win32, tun device, UDP. Could try disabling the VPN compression I suppose*. Any VPN gurus out there? Cheers /s *ETA: Problem is not due to compression on VPN - just checked. Last edited by sim; 4th November 2008 at 06:49 PM. |
|
|||
FIXED!
After much googling and trawling: Code:
#openvpn.conf ... ... link-mtu 1456 mssfix 1412 |
Tags |
freebsd, nfs, openvpn, samba, smb |
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
laptop buy - some advice needed | gosha | OpenBSD General | 11 | 5th July 2009 02:34 PM |
Samba Server on FreeBSD 6.1 | MiniStrange | FreeBSD General | 1 | 8th August 2008 02:57 PM |
searching for a SP/PDA like device, advice needed | TerryP | Off-Topic | 5 | 26th July 2008 03:54 AM |
Remote Access to File Server | Oko | OpenBSD Security | 7 | 23rd June 2008 05:17 PM |
Convertin A Ubuntu ssh/ Samba server to NetBSd | FloridaBSD | FreeBSD General | 6 | 24th May 2008 09:35 AM |