Connecting Linux or UNIX system to Network attached storage device

by on May 20, 2006 · 8 comments· LAST UPDATED August 2, 2007

in , ,

Network attached storage (NAS) allows using TCP/IP network to backup files. This enables multiple servers in IDC to share the same storage for backup at once, which minimizes overhead by centrally managing hard disks. NAS is scalable, high performance network solution. The main advantage is more hard disk storage space added to a network that already utilizes servers without shutting them down for maintenance and upgrades.

Please note that NAS are not just common in IDC or offices but you can use it for file sharing and backup at home. You can purchase 200+GB NAS for less than $200 these days. Personally, I am using Maxtor ShareStorage 200GB Network Attached Storage at home. This is a step-by-step guide on connecting Linux or UNIX systems to SAN for backup or sharing files.

The protocol used with NAS is a file-based protocol such as NFS or Microsoft's Common Internet File System (CIFS). Both of them allow storing backups using UNIX and Linux servers or Windows 2003 server.

However many new Linux or UNIX sys admin find it difficult to use NAS backup. Here are quick handy tips most newbie will find useful.

(A) Use IP address of NAS. If you do not have properly configured SAMBA server it is difficult to resolve hostnames. IP address will save your time.

(B) If you are using IPTABLES or PF firewall then make sure the following UDP/TCP ports are open between your firewall and the NAS Backup Server:

  1. TCP 21 (ftp)
  2. TCP 20 (ftp-data)
  3. TCP/UDP 137 (NETBIOS Name Service aka netbios-ns)
  4. TCP/UDP 138 (NETBIOS Datagram Service aka netbios-dgm)
  5. TCP/UDP 139 (NETBIOS session service aka netbios-ssn )
  6. TCP/UDP 445 (Microsoft Naked CIFS aka microsoft-ds )


Sample network diagram

Following is sample network diagram for our setup:

+-------------+               +-------------+
|             |               |             |
|   N A S     |<=============>|   Linux/    |
|             |               |   UNIX      |
IP:202.54.20.111              IP:202.54.1.13

Iptables configuration

FTP outgoing client request using iptables (assuming that your server IP is 202.54.1.13 and NAS IP is 202.54.20.111). Append following iptables rules to your script:

iptables -A OUTPUT -p tcp -s 202.54.1.13 --sport 1024:65535 -d 202.54.20.111 --dport 21 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p tcp -s 202.54.20.111 --sport 21 -d 202.54.1.13 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp -s 202.54.1.13 --sport 1024:65535 -d 202.54.20.111 --dport 1024:65535 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p tcp -s 202.54.20.111 --sport 1024:65535 -d 202.54.1.13 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

NETBIOS/CIFS outgoing client request

Please add following rules to your iptables script:

iptables -A OUTPUT -p udp -s 202.54.1.13 --sport 137 -d 0/0 --dport 137 -j ACCEPT
iptables -A OUTPUT -p udp -s 202.54.1.13 --sport 138 -d 0/0 --dport 138 -j ACCEPT
iptables -A OUTPUT -p tcp -s 202.54.1.13 --sport 1024:65535 -d 202.54.20.111 --dport 139 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A INPUT -p udp -s 202.54.20.111 --sport 137 -d 202.54.1.13 --dport 137 -j ACCEPT
iptables -A INPUT -p udp -s 202.54.20.111 --sport 138 -d 202.54.1.13 --dport 138 -j ACCEPT
iptables -A INPUT -p tcp -s 202.54.20.111 --sport 139 -d 202.54.1.13 --dport 1024:65535 -m state --state ESTABLISHED -j ACCEPT

Please note that when configuring a firewall, the high order ports (1024-65535) are often used for outgoing connections and therefore should be permitted through the firewall. It is prudent to block incoming packets on the high order ports except for established connections. This is what you are doing in above FTP and CIFS client request.

How do I access NAS server using FTP?

You need to use Internet file transfer program (FTP) that comes with UNIX/Linux or windows. Most service provider will provide you:

  • NAS Server IP (e.g. 202.54.20.111 / nas.myserviceprovider.com)
  • NAS FTP Username (e.g. nixcraft)
  • NAS FTP Password (e.g. mySecret)

Let us assume you have file called mysqldump.tar.gz. You can put this file to NAS backup server using following ftp command:

$ ftp nas.myserviceprovider.com

OR

$ ftp 202.54.20.111

Output:

Username: nixcraft
Password: mySecret
ftp> bin
200 Type set to I.
ftp> prom
Interactive mode off.
ftp> put mysqldump.tar.gz
ftp> quit

How do I access NAS server using SAMBA client?

Make sure you have samba client installed. Use apt-get or up2date command to install SAMBA client.

a) Create a directory

# mkdir /backup

b) Mount remote NAS share (NOTE: you must type following command on a single line)

# mount -t smbfs -o username=nixcraft,password=mySecret //202.54.20.111/sharename /backup

OR

# smbmount -o username=nixcraft,password=mySecret //202.54.20.111/sharename /backup

You can skip password option for security reason (samba will prompt you for password).

c) Copy files using cp command:

# cp sitebackup.tar.gz /backup

d) You can use /backup directory to dump backup using mysql script or backup shell script.

A note for FreeBSD user

If you would like to access NAS server from FreeBSD use following command (NOTE: you must type following command on a single line):

# mkdir /backup
# mount_smbfs -I 202.54.20.111 //nixcraft@202.54.20.111/sharename /backup

Output:

Password:

Related previous articles

Updated for accuracy.

TwitterFacebookGoogle+PDF versionFound an error/typo on this page? Help us!

{ 8 comments… read them below or add one }

1 Anon May 21, 2006 at 3:27 am

Please stop telling people to use smbfs. It is depreciated (as it only supports up to 2GB files for example)

Use cifs instead (and forget smbmount as it used smbfs).

Reply

2 nixCraft May 21, 2006 at 6:21 am

Yes you can use that too. Remember before using CIFS you may need to patch kernel or recompile kernel. Once done you can insert cifs.ko module:

# modprob cifs

Sometime you may get an error that read as follows:
cifsd: page allocation failure. order:3

Instead of above command use following:
# modprobe cifs CIFSMaxBufSize=15000

And use following command to access NAS:
# mount -t cifs //NAS/share /backup -o rw,username=nixcraft,domain=mydomain,file_mode=0644,dir_mode=0755

Hope this helps :) Read man page mount.cifs for more info.

Reply

3 Felipe Alfaro Solana May 22, 2006 at 11:49 am

CIFS is well supported on 2.6 kernels and many modern distributions have support for it by default, so no kernel recompile is needed. Not only CIFS is newer and has support for 2GB, but also has enhanced features like STEGO session setup and Kerberos support.

Reply

4 djs May 23, 2006 at 2:04 am

forget mounting the cifs share. use tar/star and pipe it into smbclient! or if you don’t care about security, piping it into an ftp client is probably a little faster over the wire.

/djs

Reply

5 Maged May 24, 2006 at 1:20 am

If you recall well, you can get smbfs to support files larger than 2 GB by passing lfs (large file support) to its mount option.

Reply

6 rdk May 24, 2006 at 7:31 pm

Excellent information.

Regards,

rdk

Reply

7 Doug May 25, 2006 at 3:25 am

No mention of NFS?

Have we fallen so far?

Reply

8 nixCraft May 25, 2006 at 10:07 am

Doug,

It is already covered, see Access NAS server using NFS protocol under Linux or UNIX

There is a link at the bottom of article.

Reply

Leave a Comment

Tagged as: , , , , , , , , , , , ,

Previous post:

Next post: