NAS, Raspberry or Synology.

[DiTBho]

I keep my NAS on a separate network which has no route to the internet.

This rarely happens, but I may need to wake up my NAS from the Internet to access some data that I don't have with me on my i-rev or USB stick.

Essentially, however, the network interface of my multi node NAS is a real router, and as such physically decouples the connection that goes from the ADL modem to the internet, from the connection that goes to the office machines.

So, when it is not needed, the internet connection is physically deactivated because the PHY part of the router has a disabled hw on its pin.

Paranoia, bu you can never have too much paranoia!

[Postal2]

on that serial cable for sure!

Funny. For mass-production surface test serial port is genius.

I keep my NAS on a separate network which has no route to the internet.

I have FTP routed to NAS.
You can see my FTP 24/7.

[Nominal Animal]

The network?  Why have only one?

I keep my NAS on a separate network which has no route to the internet.

I like to have a dedicated firewall box between my local networks and the internet.  This is the one I put all kinds of shenanigans on, to auto-block all IP traffic from port scanners and such.  Internally, I use separate wired networks for hard-wired media devices (for traffic priorization rather than security), another for internal control and sensitive or security stuff, and one for common devices split into a couple of VLANs.  I like my WiFi bridged to my guest network, with no IP access to the wireless routers themselves (but configuring OpenWRT thus without a local console is a bit tricky).

Complex?  No, not really.  I've found that splitting the functionality into separate devices gives me more options, and actually reduces the maintenance task due to each device has a simpler task, and thus simpler internal configuration.  (Except for me being me, and adding those shenanigans on top.)
Stuff like traffic shaping is much easier, when it is only about prioritizing traffic to/from the different LANs/VLANs, and not within one.

I do prefer having my wireless routers (for local network) having two separate physical connections: one for the normal network, bridged to the wireless 2.4 GHz and 5 GHz ones, and one control-only local one, so that the router itself exposes no TCP/IP or UDP/IP services on the normal network, only on the control-only wired interface.

In this scheme, there are two different networks and purposes I could add a NAS box to: for media, e-mails and files on the normal network, or for periodic backups et cetera on the control/sensitive/security network.  Similarly, I could add a local server (SBC) on either/both networks, home appliances, etc.

If you draw out the entire scheme, it isn't much more complicated than the typical "everything depends on this single expensive router/switch device" schemes.  You'll also notice that specific parts of the scheme can be separately powered in case of blackout: the RBM33G firewall/upstream connection draws only a few watts, and that is sufficient to give you wired upstream network connectivity even if the local mains is out.  Add another few watts of backup power to the wireless router, and now your tablets and other wireless devices work also.

I'm typically about 1 Mm away from the most important installation, too, so although I cannot afford expensive components, robustness is a must or it just won't work.  There, the main user is, uh, not very technical, having had her Fakebook account hijacked twice already; prime phishing target.

[Postal2]

The network?  Why have only one?

I keep my NAS on a separate network which has no route to the internet.

I like to have a dedicated firewall box between my local networks and the internet.

Only one internet connection? I have two: one direct and one adsl for backup. Also second connection used by vulnerable devices - completely other network. It's not too expensive.

Small detail - I have manually blocked all domains from which viruses can be downloaded (pastebin etc.). I saw some viruses cannot download their bodies, in real time.

[Nominal Animal]

Only one internet connection?

Right now I do have both wired ethernet (fiber to the premises, ethernet in the building) and LTE.  Mikrotik RBM33G does support two LTE modems simultaneously, so I'm actually already also prepared for dual LTE where no fiber or ADSL is available (it's very rural, north of Arctic Circle).
(Fiber installation costs are high due to the long distances involved, and the current existing networks have fine cables but horribly crappy underspecced routers.)

So no, not really "only" one.  Also, surely you can see how simple it would be for me to completely split guest to a separate network if needed, just not needed for now.

Small detail - I have manually blocked all domains from which viruses can be downloaded (pastebin etc.). I saw some viruses cannot download their bodies, in real time.

That'll help, but don't think for a moment you have blocked 'all domains from which viruses can be downloaded': only the most commonly used ones.

The effect is similar to that of my dynamic response to port scanning (which adds source IP addresses trying to connect to ports that are not open to a dynamically maintained drop list for 24 hours: all packets from IP addresses on that list are ignored before the userspace sees the traffic).  It is part of 'operational security', and reduces amount of garbage coming to the internal LAN, and may block automated bot attacks, but it alone is no security measure.
It is more analogous to a tall concrete wall or barrier, or putting barbed wire and glass shards on top of one.  A dedicated, targeted attack can avoid it easily; it's there just to stop the brainless zombies.

[Postal2]

only the most commonly used ones.

"Almanahe.B" was stopped by this technique.
And my router, very cheap:

[luiHS]

I'm going to try the solution with Raspberry, since I have an RPY4 that I don't use at all, I just have to buy an RJ45 cable and a USB-SATA cable, I also have the SSD disk, a 1TB one. If everything works well, I'll buy a 4TB drive and a case to mount it all. I also have ordered a Raspberry Pi 5 for other things but I could put it in the NAS as a replacement for the RPY4.

I have thought about buying one of these boxes that already includes everything except the power supply.
https://www.amazon.es/gp/product/B095WD7BTW/ref=ox_sc_act_title_1?smid=A2PBQMPS4N8CJ2&psc=1
https://www.amazon.es/gp/product/B07VXF2HJG/ref=ox_sc_act_title_2?smid=A2PBQMPS4N8CJ2&psc=1

What I saw is that cheap commercial NAS usually have a much less powerful processor and less RAM than a Raspberry Pi 4 or 5.

Any advice on free applications to organize and watch movies that I can install both on the Windows PC and on the Android mobile phone sharing the NAS between the two devices? Something that allows me to organize movies and TV series by theme, putting images of the cover and some information.

[Postal2]

Any advice on free applications to organize and watch movies

I suggest take a look to "Enigma2"-system for sat-tuners. Select via browser and watch in one click via "Videolan" (VLC). But for "films" you need 5GHz-lan on your "android mobile phone".

[Bicurico]

For Live TV, I fully recommend Enigma2 receivers.

You can download the playlist as an *.m3u8 file containing references to all channels in the desired channel list. This file can then be opened in VLC or any Android-based IPTV receiver.

This is how I distibute TV in my holiday house, due to the walls being to thick to pass new cables. I just do it over IP. The receivers are close to the respective antennas and further receivers or older iMac are used as players.

One cool feature of Enigma2 is that there is a plugin that allows to directly share a channel list from one receiver to another. Example: Receiver 1 is connected to a dish pointing to Astra 19.2E and receiver 2 is not connected to any antenna. The plugin imports the channel list from receiver 1 into receiver 2, allowing receiver 2 to watch any channel of receiver 1. For the user this is totally transparent. If receiver 1 has 4 tuners, you can have 4 independent remote users watching different channels.

For sharing movies, I would recommend putting the harddisk into a PC and run Serviio. It is basically free and allows any DLNA compatible device (most if not all modern TV's) to stream the content. It even does automatic transcoding when required and handles subtitles.

[Postal2]

I would recommend putting the harddisk into a PC and run Serviio.

Or right click on the file and select "send to device" (Windows 10). Submenu will show DLNA-receivers.

[Bicurico]

With Serviio, on the PC you have just a service running and on the TV you can browse the whole media library: by genre, actor, ..., or just the existing folder structure. This works for Audio, Video and Pictures. Very confortable.

Sending one file from Windows to a device is a different job (which has its use cases, of course): you control from the PC what you want to render on the TV.

[PlainName]

If you'd like Synology but aren't keen on their boxes, there is a clone: Xpenology

It came about because Synology used open source software so had to continue that license. I've run it up on a HP Microserver and it works very well indeed.

[luiHS]

Thanks for the information.
Well, what I was looking for is something like a media center that allows me to organize the movies and TV series that I will have stored on the NAS disk, so I can play them on both the PC and the mobile phone. Organizing the files by theme, with images of covers and some information about each movie.

I found PLEX, I don't know if this is what I'm looking for, I see that it can be installed both on the PC and on Android phones, and that it also allows you to watch streaming TV channels.

To watch streaming movies I currently use Amazon Prime and PLuto TV from my PC and Android phone. But now what I'm interested in is setting up a NAS in which I will store all the movies I have, approximately 1.5TB, to play them from both the PC and the mobile phone.

I already received the RJ45 cable and the USB-SATA cable to try to build a NAS with a Raspberry Pi 4 and a 1TB SSD. I will install the openmediavault software.

[JohanH]

A NAS hás to be on 24/7.

If you start switching it off when not needed, you will have to switch it on when suddenly needed and that comes with a waiting time.

Doesn't make sense to me.

My main computer is switched on 24/7 because I don't like to wait for it to boot and because I do access it remotely when away from home.

As such I ended up discarding dedicated NAS devices and just put the disks in my main computer. This saves energy as I only have one device switched on and is very functional, since Serviio and Samba fullfil all my needs, including user management.

I have an old Qnap NAS. I only use it for backup. It's scheduled to boot up once a week, stays up for a day (enough to run backup scripts and me to remember to copy something there). I also kept the NAS and workstation running 24/7 in the past. With today's electricity prices I can't afford it. A NAS doesn't make sense to me today with the storage available in desktop computers. For me only as a backup device. The desktop goes to suspend when I don't use it.

That said, RAID 1 or 5 is essential in a backup device, too (unless you have other parallel backups). I've lost a few disks. If the first disks were bought at the same time, there's a risk that they go bad at the same time, too. I had three disks go bad within a year a couple of years ago.

[DiTBho]

I had three disks go bad within a year a couple of years ago.

which brand and models?

[JohanH]

I had three disks go bad within a year a couple of years ago.

which brand and models?

I've had many other disks break over the years. I don't see a pattern with certain brands/models. Of spinning disks I've lately been using mostly Seagate. It's good to have spare disks to pop in when one fails.

The disks in the NAS had many hours (can't remember, but thousands). It was before I started to shut down the NAS, so it was on all the time. They were two Seagate Barracuda Desktop ST3000DM001 and one Seagate IronWolf NAS ST3000VN007. I replaced them with newer similar Seagate models.

I don't think there is a big difference between NAS and desktop disks. NAS disks are usually quieter with 5900 rpm or lower.

[Veteran68]

I found PLEX, I don't know if this is what I'm looking for, I see that it can be installed both on the PC and on Android phones, and that it also allows you to watch streaming TV channels.

I run Plex on a rackmount server with a 10Gbps network link to my QNAP NAS. I've used it as my home (and internet) media server for over a decade now. I bought a lifetime Plex Pass way back then, I don't believe they offer them anymore. It has evolved to do a lot more than when it started, including free TV streaming (which I don't use). I've used my iPhone & iPad to stream moves & TV shows from my collection while I was away. My son-in-law runs his own Plex server and we share them with each other, so he can access my library and I can access his.

[luiHS]

I run Plex on a rackmount server with a 10Gbps network link to my QNAP NAS. I've used it as my home (and internet) media server for over a decade now. I bought a lifetime Plex Pass way back then, I don't believe they offer them anymore. It has evolved to do a lot more than when it started, including free TV streaming (which I don't use). I've used my iPhone & iPad to stream moves & TV shows from my collection while I was away. My son-in-law runs his own Plex server and we share them with each other, so he can access my library and I can access his.

Thanks, I'll try PLEX. What is still not clear to me is if PLEX also needs to have OpenMediaVault installed, or both applications do the same and it is enough to install one of them.

Does anyone know what maximum disk size there is in 2.5 inches? I have seen them in 2 TB, but I would like to install 4 TB. I have seen 3.5-inch 4TB ones but they already require external power, so if there were 2.5-inch ones I would prefer them. The problem is that the boxes that I have seen to mount NAS with Raspberry are for 2.5-inch drives or M.2 SSDs, none for 3.5-inch drives, I would have to have it external with a USB cable and power supply for the drive.

[Veteran68]

Thanks, I'll try PLEX. What is still not clear to me is if PLEX also needs to have OpenMediaVault installed, or both applications do the same and it is enough to install one of them.

Plex is standalone, it does not require any other software.

Does anyone know what maximum disk size there is in 2.5 inches? I have seen them in 2 TB, but I would like to install 4 TB. I have seen 3.5-inch 4TB ones but they already require external power, so if there were 2.5-inch ones I would prefer them. The problem is that the boxes that I have seen to mount NAS with Raspberry are for 2.5-inch drives or M.2 SSDs, none for 3.5-inch drives, I would have to have it external with a USB cable and power supply for the drive.

2.5" SSDs come in capacities up to 30TB, maybe more. You'll pay a fortune for 30TB, of course, around $3500 USD. But 4TB is common and affordable, they cost $150-$200 USD. 8TB is $350-$400 USD. I've had a 4TB 2.5" Samsung SSD in my desktop for several years now. I've ordered a M.2 NVMe Gen4 to replace it.

If you still want a mechanical HDD, you can get 2.5" models up to around 5TB at a cost of around $100 or so.

[Postal2]

The problem is that the boxes that I have seen to mount NAS with Raspberry are for 2.5-inch drives or M.2 SSDs, none for 3.5-inch drives

Because it is a toy. For your short game. With huge time spent with it.
SSD will not hold data 3 years without power, 2.5'' HDD has bad mechanic and heads.

[PlainName]

SSD will not hold data 3 years without power

Got a source for that?

[Postal2]

Got a source for that?

My own experience. Controller SMI, DDR3 buffer, nand Toshiba. Was direct copy old harddrive. And now was needed direct copy to another SSD. In the middle of dumping appeared system error with disk reported about ECC-error. I rewrote my dumping prog (win32 diskimager fork) to skip, but place to skip was too big (sector by sector).

[Veteran68]

I'd say that's pretty anecdotal, sample size of 1.

I have many SSDs. Some have been in storage for several years. I've yet to pull one out and not be able to get data out of it without error.

In fact if memory serves I've had exactly one 2.5" SSD fail since I bought my first 60GB OCZ SSD in February 2010, so nearly 14 years ago. It's been unpowered for at least half that time now. You make me want to go dig it out and see if it has any errors.

There are any number of factors that could cause a failure of any electronic device in storage. Generally stating that SSDs don't hold data without power is a bit of a reach.

[DiTBho]

Generally stating that SSDs don't hold data without power is a bit of a reach.

His SSD was probably built with cheap flash, I started a topic here on this forum as my USB sticks were behaving this way.

Then I built a 16Mbyte storage device that uses NVRAM based on static-ram + battery, and it's not like we're going very far, as well as the "NVRAM cartridge disk" on my SHARP pocket calculator: different storing tecnology, flash vs static ram + battery, but the point is that if you don't feed those damned cells, yes in the datasheet it says 10 year data-retention, but after 3 years you only read 0x00 or 0xff, or, worse still, corrupted stuff.

So ....... it is not a bad idea to feed, refresh and check every year, and make it a habit, e.g. for the Christmas holidays.

[Postal2]

You make me want to go dig it out and see if it has any errors.

I wondered when disk stops on ECC-errors. I thought disk will give erroneous data with monkey face. I think not all controllers performs this way.

His SSD was probably built with cheap flash,

My mistake, nand is Samsung. I don't know, cheap or not, see photo.