EEVblog Electronics Community Forum

Products => Computers => Networking & Wireless => Topic started by: Simon on September 11, 2019, 06:55:44 am

Title: looking for a NAS box
Post by: Simon on September 11, 2019, 06:55:44 am
I'm looking for a NAS box to act as my main storage to access at home and outside. Any suggestions?

Alternatively I have my own VPS but cPanel webdisk is a joke and owncloud requires a dedicated server so is a no-no.
Title: Re: looking for a NAS box
Post by: amspire on September 11, 2019, 07:32:17 am
I am a big fan of the dedicated NAS boxes. I am currently using the Netgear RN10200 (which unfortunately is no longer available). If you can find used RN10200's on ebay, they are great as they use BTRFS for the disk and they are basically a Debian computer system. They tend to be very reliable. I have a second NAS running as a virtual machine on a PC I run at home, but the Netgear NAS boxes run at a fraction of the power. The RN10200 use about 17 watts.

Don't touch the older versions of Netgear NAS's that do not run Netgear ReadyNAS 6.x. You want to look for numbers like RN102 (for a 2 disk mirrored NAS) or RN10200, RN104(4 drive), RN212, RN312, RN412, RN414, etc. Numbers like that. The ads sometimes have the extra 00 on the end and sometimes not.

There are lots of other good brands. Synergy are superb, but last time I looked, the budget models were a different OS and I would not use them. I think the good Synergy models can run BTRFS.

The other big brands I am sure are also excellent.

You want a NAS that has a file system with a genuine snapshot ability, and redundancy in the drives. BTRFS allows you to scrub the drives regularly that basically checks every bit of data on all the physical drives is correct. I have had BTRFS NAS's save a client from cryptoviruses a few times now. When I set up NAS boxes for companies as a backup, I turn off windows networking and use rsync for all the synching from workstations and servers. Rsync does run well on Windows and it is completely free - you just have to know how to pinch it along with the few DLL's it needs from a cygwin installation to get the latest rsync in a portable form.
 
Raid has been the main weakness of BTRFS, and Netgear uses the venerable Linux mdadm RAID system instead and runs BTRFS on top effectively as a single disk drive. This arrangement seems to be rock solid.

One NAS is not a backup. Ideally you want the NAS contents synched to an offline location - like the cloud, relative's house, etc. I use rsync to provide the synching. Quite often, I am synching terabytes of data over a humble ADSL line.

Richard.
Title: Re: looking for a NAS box
Post by: Simon on September 11, 2019, 07:37:35 am
Western digital have a nice looking one that does not have great reviews. I nearly bought it thinking surely they know what they are doing but lots of reviews say they bought it as an automatic upgrade to a previous well known model and have been disappointed which is why I am edgy about what to buy.

Currently, I carry around an encrypted hard drive but it's becoming too much of a nuisance.
Title: Re: looking for a NAS box
Post by: borjam on September 11, 2019, 07:38:53 am
I have two HP Microserver Gen 8 servers and they are great.

I run FreeNAS on one of them and FreeBSD on the other one. Moreover, if you need more CPU muscle compatible low power Xeons are cheap now.
Title: Re: looking for a NAS box
Post by: legacy on September 11, 2019, 08:58:31 am
You want a NAS that has a file system with a genuine snapshot ability, and redundancy in the drives. BTRFS allows you to scrub the drives regularly that basically checks every bit of data on all the physical drives is correct. I have had BTRFS NAS's save a client from cryptoviruses a few times now.

For a similar problem, I have created a utility that gets the SHA256 hash of each file in the volume when you archive a file into a snapshot, and then it randomly checks if the calculated SHA256 hash matches the archived one. This stuff uses a b+tree algorithm as a database engine, and process up to 8 files in parallel. So you know if a file has got corrupted or modified.

Snapshots passing the check also go burned into MO, DVDram, and DLT tapes.

This stuff works on ext3 filesystem, and the reason is ... we have an older kernel 2.6.39, we cannot upgrade the kernel, so we cannot use btrfs because it was not stable on kernel 2.6

What do you think?

p.s. from which kernel version have you started trusting btrfs?
Title: Re: looking for a NAS box
Post by: legacy on September 11, 2019, 08:59:16 am
FreeBSD

ZFS on FreeBSD can be an option.
Title: Re: looking for a NAS box
Post by: borjam on September 11, 2019, 09:07:29 am
FreeBSD

ZFS on FreeBSD can be an option.
That's what I use. You have real snapshots, you can even do incremental replication, etc.

And FreeNAS is a user friendly FreeBSD with plugins such as Samba and of course ZFS.

The only downside of ZFS is, there is no free lunch. It's recommended to have 16 GB of memory. But with four disks in a RAIDZ2 configuration you can survive the simultaneous death of two disks.
Title: Re: looking for a NAS box
Post by: tszaboo on September 11, 2019, 09:16:46 am
I've been looking at NAS boxes, and all of them seems quite expensive. It costs around 100 EUR to place a HDD on the network.
Instead I ended up buying a refurbished Supermicro server. I can move all my HDDs into them, and it can live comfortably on the other end of the house, where I dont hear it. 12 HDD bays and as much computing power as I want.
And yes, it uses more power than the NAS box, but it also does more.
Title: Re: looking for a NAS box
Post by: amspire on September 11, 2019, 09:18:34 am
p.s. from which kernel version have you started trusting btrfs?
Not sure. For years, Netgear ReadyNAS was running a BTRFS version 0.26 from memory. Never had a problem with 4 different NAS boxes running in businesses. As I said, Netgear do not use RAID mode on BTRFS which was where a lot of the problems were.

My NAS virtual machine is running on Arch Linux kernel version 5.2.9 on a Proxmox virtual machine host using kernel 2.6.32. Runs great.
Title: Re: looking for a NAS box
Post by: borjam on September 11, 2019, 09:24:38 am
I've been looking at NAS boxes, and all of them seems quite expensive. It costs around 100 EUR to place a HDD on the network.
Instead I ended up buying a refurbished Supermicro server. I can move all my HDDs into them, and it can live comfortably on the other end of the house, where I dont hear it. 12 HDD bays and as much computing power as I want.
And yes, it uses more power than the NAS box, but it also does more.
Of course you can use refurbished servers, but be careful with power consumption.

HP's Microservers are really reasonable.
Title: Re: looking for a NAS box
Post by: amspire on September 11, 2019, 09:28:26 am
I've been looking at NAS boxes, and all of them seems quite expensive. It costs around 100 EUR to place a HDD on the network.
Instead I ended up buying a refurbished Supermicro server. I can move all my HDDs into them, and it can live comfortably on the other end of the house, where I dont hear it. 12 HDD bays and as much computing power as I want.
And yes, it uses more power than the NAS box, but it also does more.
If you only run a NAS box occasionally, power consumption doesn't matter.

If it is running 24/7, it does matter. If you are living in a country where power is 30c/KWH and you are using a PC box consuming 100W, then that is $262 a year just for the electricity. A NAS appliance using 15W costs $40 a year. The good NAS appliances usually run for about 10 years, and even if it costs $600, it can be cheaper then the NAS server built on an old PC motherboard. In this example, it is $2620 power costs for the old PC motherboard vs $400 for the NAS appliance.
Title: Re: looking for a NAS box
Post by: legacy on September 11, 2019, 09:30:54 am
kernel 2.6.32

Before kernel 4.*, Btrfs was "defined" experimental, which means "rolling" in terms of implementation details. I have never investigated the warning disclaimer written here and there on the kernel source.

I am asking because I need to make a decision: if to invest a lot of time and effort in the purpose of resurrecting the support for PPC4xx boards in order to have a modern Linux Kernel so I can use Btrfs without the fear of not being able to "use" the pool of hard-drives with another machine (in case of hardware failure with PPC4xx) due to the different implementation of Btrfs.
Title: Re: looking for a NAS box
Post by: borjam on September 11, 2019, 11:09:37 am
If it is running 24/7, it does matter. If you are living in a country where power is 30c/KWH and you are using a PC box consuming 100W, then that is $262 a year just for the electricity. A NAS appliance using 15W costs $40 a year. The good NAS appliances usually run for about 10 years, and even if it costs $600, it can be cheaper then the NAS server built on an old PC motherboard. In this example, it is $2620 power costs for the old PC motherboard vs $400 for the NAS appliance.
Indeed. My HP MicroServer Gen8 servers are consuming about 55 W. I replaced the CPUs with Xeons (E3-1260L) and if you run processor heavy tasks power consumption can climb to 80W 90 W. But in a home NAS you won't run CPU intensive stuff. I was running an ElasticSearch cluster and other behemoths on them. With the stock CPU they would need about 40 W if I remember well.

They have 16 GB of memory, four WD Red 3 TB disks and a SSD for some transaction acceleration.

A recommendation: avoid 7200 rpm disks.
Title: Re: looking for a NAS box
Post by: amspire on September 11, 2019, 11:10:22 am
kernel 2.6.32

Before kernel 4.*, Btrfs was "defined" experimental, which means "rolling" in terms of implementation details. I have never investigated the warning disclaimer written here and there on the kernel source.

I am asking because I need to make a decision: if to invest a lot of time and effort in the purpose of resurrecting the support for PPC4xx boards in order to have a modern Linux Kernel so I can use Btrfs without the fear of not being able to "use" the pool of hard-drives with another machine (in case of hardware failure with PPC4xx) due to the different implementation of Btrfs.
I have not followed BTRFS that closely, so I cannot comment for sure. My understanding was they used the term experimental in case a massive problem was found that required a change to the architecture, but that they were going to absolutely everything possible to avoid this occurring. I have never seen a compatibility problem, and so I suspect they never did loose compatibility, but I may be wrong.  Definitely, if you are using it on 2.6, do not use BTRFS RAID. Use mdadm to make a raid volume and place a single BTRFS drive on that volume.
Title: Re: looking for a NAS box
Post by: borjam on September 11, 2019, 11:12:37 am
I have not followed BTRFS that closely, so I cannot comment for sure. My understanding was they used the term experimental in case a massive problem was found that required a change to the architecture, but that they were going to absolutely everything possible to avoid this occurring. I have never seen a compatibility problem, and so I suspect they never did loose compatibility, but I may be wrong.  Definitely, if you are using it on 2.6, do not use BTRFS RAID. Use mdadm to make a raid volume and place a single BTRFS drive on that volume.
For such an application I really prefer ZFS. It has all the required features without relying on additional volume managers and I have been using it since about 2007.

Now I have lots of servers running ZFS on 24 SSD drives and working like a charm.
Title: Re: looking for a NAS box
Post by: amspire on September 11, 2019, 11:23:08 am
Indeed. My HP MicroServer Gen8 servers are consuming about 55 W. I replaced the CPUs with Xeons (E3-1260L) and if you run processor heavy tasks power consumption can climb to 80W 90 W. But in a home NAS you won't run CPU intensive stuff. I was running an ElasticSearch cluster and other behemoths on them. With the stock CPU they would need about 40 W if I remember well.

They have 16 GB of memory, four WD Red 3 TB disks and a SSD for some transaction acceleration.

A recommendation: avoid 7200 rpm disks.
I have been using NAS systems mainly for archive use, but they are becoming full powered servers in their own right. For small companies, unless they absolutely have a have a Windows server, they can probably do everything the company needs on a NAS box with no licensing issues at all. No User CAL's. No Windows updates with the endless rebooting.

What do you think of FreeNAS? I last tried it when it was still a bit rough, but I gather it is pretty impressive now. Does the ZFS require a lot of RAM?
Title: Re: looking for a NAS box
Post by: borjam on September 11, 2019, 11:30:08 am
I have been using NAS systems mainly for archive use, but they are becoming full powered servers in their own right. For small companies, unless they absolutely have a have a Windows server, they can probably do everything the company needs on a NAS box with no licensing issues at all. No User CAL's. No Windows updates with the endless rebooting.

What do you think of FreeNAS? I last tried it when it was still a bit rough, but I gather it is pretty impressive now. Does the ZFS require a lot of RAM?
Depending on your usage, ZFS recommends 16 GB of memory.

FreeNAS is really good, even for people without experience. It's mostly a FreeBSD system, using ZFS, and with lots of user friendly stuff. I really recommend it.

Pity HP's MicroServers aren't so cheap now. I remember I got both of them for €200 each (to which I had to add memory, hard disks...). The current model, G10, doesn't allow upgrading the CPU. But if you are not into CPU intensive stuff it works like a charm.
Title: Re: looking for a NAS box
Post by: tszaboo on September 11, 2019, 12:27:26 pm
I've been looking at NAS boxes, and all of them seems quite expensive. It costs around 100 EUR to place a HDD on the network.
Instead I ended up buying a refurbished Supermicro server. I can move all my HDDs into them, and it can live comfortably on the other end of the house, where I dont hear it. 12 HDD bays and as much computing power as I want.
And yes, it uses more power than the NAS box, but it also does more.
If you only run a NAS box occasionally, power consumption doesn't matter.

If it is running 24/7, it does matter. If you are living in a country where power is 30c/KWH and you are using a PC box consuming 100W, then that is $262 a year just for the electricity. A NAS appliance using 15W costs $40 a year. The good NAS appliances usually run for about 10 years, and even if it costs $600, it can be cheaper then the NAS server built on an old PC motherboard. In this example, it is $2620 power costs for the old PC motherboard vs $400 for the NAS appliance.
A 12 bay NAS starts at 1700 EUR, I payed less than 500 for my server. So at 5 years, you might break even with the price. Of course you can argue, that you dont need 12 bays. I though that, bought a 2 bay NAS, became full. Replaced HDD, migrating data is PITA. And then of course you can buy a smaller server to start with. With 1x CPU, only 4 HDD space. A Dell R310 or a HP DL320 or similar. If you need more storage, extend it through SAS. A well built server with a reasonable CPU runs at 30-40W BTW.
I went with an overkill one, with 2x10 cores CPU and 128GB RAM, cause I am an unhinged crazy person, but you dont have to.
BTW, I still will pay less for the power to run it, than for my Internet.
Title: Re: looking for a NAS box
Post by: amspire on September 11, 2019, 12:42:05 pm
I went with an overkill one, with 2x10 cores CPU and 128GB RAM, cause I am an unhinged crazy person, but you dont have to.
It is only 256 times more RAM then my Netgear NAS box. I wonder how the 2x10 core CPUs compares to the mighty single core 1.2GHz Marvell ARM chip in my Netgear ReadyNAS?

Title: Re: looking for a NAS box
Post by: Simon on September 11, 2019, 01:08:40 pm
Look, I only want some online storage, not to run the internet ;)
Title: Re: looking for a NAS box
Post by: Simon on September 13, 2019, 05:16:56 pm
i am looking at this: https://www.amazon.co.uk/Synology-DS119j-Bay-Desktop-Enclosure/dp/B07KTCHKH1/ref=sr_1_18?keywords=nas&qid=1568393950&s=computers&sr=1-18&th=1 (https://www.amazon.co.uk/Synology-DS119j-Bay-Desktop-Enclosure/dp/B07KTCHKH1/ref=sr_1_18?keywords=nas&qid=1568393950&s=computers&sr=1-18&th=1)

Ntere is a 2 bay version but I am in two minds. I do not need/want Raid for speed or capacity, only backup. But what happens if the NAS box itself fails. So really it looks like for proper security I'd need 2 boxes to back each other up?
Title: Re: looking for a NAS box
Post by: capt bullshot on September 13, 2019, 05:46:05 pm
Just ordered a Synology box (DS118) and a new HDD, to replace my old Synology box and its HDD (call it preventive maintenance). When it arrives, I'll copy all the stuff from the old one to the new one, and stash the old one away (cold reserve and "long term backup").

To back up my data, I've got a simple scheme: Important stuff gets backed up from the various computers to the NAS, either on a regular schedule or on demand.
From there, I'm running a simple homebrew backup script on a regular schedule that transfers all the newly arrived stuff from the Synology NAS to an external USB HDD. The USB HDD is physically disconnected and kept in a different room than the NAS.

Since the NAS is running 24/7, one important criteria is low power consumption, the DS118 looks good here spec wise, don't want the fancier or RAID boxes, since these usually consume more power.

Edit: My experience with the Synology stuff: It just works and does the job, and if you like, you can install various fancy apps to it, the Media Server (DLNA / PnP) is quite useful.
Title: Re: looking for a NAS box
Post by: Simon on September 13, 2019, 06:48:05 pm
So you think i should be using one NAS to back up the other if i want data security?
Title: Re: looking for a NAS box
Post by: richnormand on September 13, 2019, 07:31:14 pm
I got an Asustor NAS (6 bays) around 2012 or so (cant remember) at about half the price of the better known names at the time. I guess they were making an effort to gain visibility.
Lots of applications and regular software updates. It has been "on" 24/7 since then on top of my bench.
No issues at all. You might want to look them up and see if they are competitive now.


Edit: running 6 WD red drives
Title: Re: looking for a NAS box
Post by: edavid on September 13, 2019, 07:34:06 pm
i am looking at this: https://www.amazon.co.uk/Synology-DS119j-Bay-Desktop-Enclosure/dp/B07KTCHKH1/ref=sr_1_18?keywords=nas&qid=1568393950&s=computers&sr=1-18&th=1 (https://www.amazon.co.uk/Synology-DS119j-Bay-Desktop-Enclosure/dp/B07KTCHKH1/ref=sr_1_18?keywords=nas&qid=1568393950&s=computers&sr=1-18&th=1)

Ntere is a 2 bay version but I am in two minds. I do not need/want Raid for speed or capacity, only backup. But what happens if the NAS box itself fails. So really it looks like for proper security I'd need 2 boxes to back each other up?

All the common NAS boxes run Linux and use normal Linux disk formats.

If the NAS box fails, you can take out the disk drives and connect them to a PC running Linux to access your data.

So, just having a RAID 1 NAS will protect you from most failures.
Title: Re: looking for a NAS box
Post by: Simon on September 13, 2019, 08:17:50 pm
Except if i encryp the hard drives.
Title: Re: looking for a NAS box
Post by: tszaboo on September 13, 2019, 08:38:30 pm
i am looking at this: https://www.amazon.co.uk/Synology-DS119j-Bay-Desktop-Enclosure/dp/B07KTCHKH1/ref=sr_1_18?keywords=nas&qid=1568393950&s=computers&sr=1-18&th=1 (https://www.amazon.co.uk/Synology-DS119j-Bay-Desktop-Enclosure/dp/B07KTCHKH1/ref=sr_1_18?keywords=nas&qid=1568393950&s=computers&sr=1-18&th=1)

Ntere is a 2 bay version but I am in two minds. I do not need/want Raid for speed or capacity, only backup. But what happens if the NAS box itself fails. So really it looks like for proper security I'd need 2 boxes to back each other up?

All the common NAS boxes run Linux and use normal Linux disk formats.

If the NAS box fails, you can take out the disk drives and connect them to a PC running Linux to access your data.

So, just having a RAID 1 NAS will protect you from most failures.
Sorry to burst your bubble, but RAID (despite its name) isnt for redundancy, it is for availability. If the first is the goal, you want your data on something else, somewhere else. Nothing prevents the raid controller trashing the data, or accidental deleting all your stuff.
Title: Re: looking for a NAS box
Post by: Kjelt on September 13, 2019, 08:50:22 pm
Or build your own with some linux nas distro (never done it myself but some friends did) or what I would recommend buy a new Synology NAS.
I would not recommend the cheapest, because if you are used to it you will do more and more but start with the plus series, they have some more ram and cou power.
The DS2xx+ is a great starter also if you want outside access since it needs to be secure.
I have four Synologys at the moment 34TB total, only one is on all the time for my software repository, datasheets etc. My previous nas acts as backup, Synology has backup software that you can schedule or manually backup to another nas or backup your pc to the nas.
Couple of things to keep in mind if you connect it to the outside, read on security best practices, like delete the admin account (ofcourse after you made another account with a long difficult name admin) and best put it in a DMZ.
Title: Re: looking for a NAS box
Post by: Simon on September 13, 2019, 09:27:04 pm
My problem is that if i am going to have this thing in my house staring a burglar in the face I'd rather encrypt the contents. this means that if the NAS itself fails the drives are useless. Sounds like I need two singles.
Title: Re: looking for a NAS box
Post by: edavid on September 13, 2019, 10:01:08 pm
My problem is that if i am going to have this thing in my house staring a burglar in the face I'd rather encrypt the contents. this means that if the NAS itself fails the drives are useless. Sounds like I need two singles.

Nope, they use standard Linux encryption too (LUKS):

https://www.linux-howto.info/mount-qnap-encrypted-volume/ (https://www.linux-howto.info/mount-qnap-encrypted-volume/)
Title: Re: looking for a NAS box
Post by: Simon on September 13, 2019, 10:12:51 pm
Well i have bought the single bay. i will need to make seperate backups anyway in case of theft anyway so the second drive would only give me the convenience of instant-ish backups.
Title: Re: looking for a NAS box
Post by: Kjelt on September 13, 2019, 10:15:01 pm
Make sure the backup drive is a nice part bigger (1,5 or so) than the original, since it is nice to have dayly, weekly, monthly backup to revert to in some cases and although they only store the deltas it can add up.
Title: Re: looking for a NAS box
Post by: linux-works on September 14, 2019, 08:18:08 pm
I have 2 WD 4 bay nas boxes that I can recommend.  they've been pretty good the last year or so that I've had them.

one has a video card inside (chip) for transcoding.  I don't need that but you might.

the other is ARM based and good for i/o but not transcoding.

https://www.amazon.com/gp/product/B00TB8XMR0 (https://www.amazon.com/gp/product/B00TB8XMR0)
https://www.amazon.com/gp/product/B01GLRX6C4 (https://www.amazon.com/gp/product/B01GLRX6C4)

arm one is cheaper and fine for most people.

runs pure linux inside and you can ssh to it and do stuff if you need.  changes are not saved, though, as it boots fresh each time.

one feature that has no gui is 'root squash' for nfs; but if you ssh to the box, you can edit the config file and change it; again, until reboot time.

works great for nfs and smb.  web gui is fine.  reliability is fine.

neat features: lcd for ip address (and status), DUAL PSU ABILITY (!!) and dual ethernet ability.

dual psu is what sold me ;)
Title: Re: looking for a NAS box
Post by: edavid on September 14, 2019, 08:39:55 pm
I have 2 WD 4 bay nas boxes that I can recommend.  they've been pretty good the last year or so that I've had them.

[ WD My Cloud Expert and My Cloud Pro ]

runs pure linux inside and you can ssh to it and do stuff if you need.  changes are not saved, though, as it boots fresh each time.

changes are not saved, though, as it boots fresh each time

It's hardly "pure Linux", since WD has hacked it in an ugly way.

It's somewhat OT for this thread, but you can easily (?) overcome the booting issue:
1. Some config files are stored in flash in /usr/local/config, so you can just edit them there
2. Otherwise you can install Entware, and overwrite whatever you need to in /opt/etc/init.d/rc.unslung
Title: Re: looking for a NAS box
Post by: linux-works on September 14, 2019, 08:57:19 pm
all vendors 'hack' (customize) their linux.

I would have done things a bit differently but I didn't have to jump thru hoops to login and the filesystem was not hard to discover.  it was nothing like ubuntu or redhat or any of the others, but its highly customized and embed-oriented.

they could have done much worse.  and from the outside, it works pretty well with good speed, good feature set and md-raid is pretty much left as-is, so that's nice.
Title: Re: looking for a NAS box
Post by: techman-001 on September 14, 2019, 11:43:21 pm
I have two HP Microserver Gen 8 servers and they are great.

I run FreeNAS on one of them and FreeBSD on the other one. Moreover, if you need more CPU muscle compatible low power Xeons are cheap now.

I think this is the best possible NAS considering the low price of the HP Microservers and the bulletproof performance of free FreeBSD with ZFS raid.

This Intel i7 FreeBSD Workstation is about 5 years old, has 12TB of Hitachi hard disks and has never suffered data loss after ~50 power failures with no UPS.
Title: Re: looking for a NAS box
Post by: techman-001 on September 15, 2019, 12:31:44 am
p.s. from which kernel version have you started trusting btrfs?
Not sure. For years, Netgear ReadyNAS was running a BTRFS version 0.26 from memory. Never had a problem with 4 different NAS boxes running in businesses. As I said, Netgear do not use RAID mode on BTRFS which was where a lot of the problems were.

My NAS virtual machine is running on Arch Linux kernel version 5.2.9 on a Proxmox virtual machine host using kernel 2.6.32. Runs great.

It's good to see BTRFS progressing as Linux really does need a ZFS class file system, but as ZFS is CDDL licensed (which is not GPL compatible) it can't be used in Linux Distro releases only added post install which is easy for a filesystem (after installing the ZOL package), but not trivial in the case of bootable ZFS.

The latest (Sep19) https://btrfs.wiki.kernel.org/index.php/Main_Page  indicates that the "Online filesystem check" is still in development, is that correct, does it mean that it can't do a online "scrub' yet ?

A search for 'boot' on that page didn't find anything. I find bootable ZFS very convenient as one may have a "system" ZFS raidz1 (mirror), and a separate ZFS mirror for data.

So I imagine that a BTRFS system still has to boot from a EXTx partition which cannot have RAID protection at this time unless one wanted to use MDADM for the system drives?

Title: Re: looking for a NAS box
Post by: borjam on September 17, 2019, 01:30:13 pm
My problem is that if i am going to have this thing in my house staring a burglar in the face I'd rather encrypt the contents. this means that if the NAS itself fails the drives are useless. Sounds like I need two singles.
Another issue is, how do you dispose of a broken hard drive. Some can be recovered or at least would allow some of the data to be recovered. Serious encryption means you shouldn't worry about that either. Same thing if you return the drive to the manufacturer for warranty replacement.
Title: Re: looking for a NAS box
Post by: soldar on September 17, 2019, 02:48:31 pm
My problem is that if i am going to have this thing in my house staring a burglar in the face I'd rather encrypt the contents. this means that if the NAS itself fails the drives are useless. Sounds like I need two singles.

I have thought of setting up NAS at home although I never got around to it. One thing I was considering was locking up the NAS in some hard/safe box where it would be safe from casual burglars. As you do not need physical access often it works well. One consideration is heat dissipation but you could provide some small ducts.  It is really easy to do something like that although I can understand it might not be convenient for someone renting short term.  I have built in safe boxes in every place I have lived. I always used a not too expensive box but well hidden.

Regarding encryption, if you use Full Encryption Drives tied to a TPM module on the board then you can consider drive and board as a single unit and the drive will not work with another board. For this reason my backups go into a PGP virtual disk which is a file you can copy as much as you like and will always work provided you have the key. I always have my PGP keys safely stored separately from the computer in a memory card or a USB drive. Plug it in and everything works transparently.

You could even implement something similar by having the usb drive secured to a desk or wall and plugged in using a USB cable. If they take the box they unplug the USB cable and leave the keys behind.

There are other ways of keeping the encrypted data and the keys separate. Even using WIFI so the perps can't even follow a cable.
Title: Re: looking for a NAS box
Post by: Jeroen3 on September 17, 2019, 03:20:59 pm
Is you just want some easy storage. Definitely get a Synology. If you intend to use encrypted volumes, get a + model. Two bays is recommended, either for speed or availability.
Combine this with Synology C2 for versioned offsite backup. (encryption takes place on your nas)
Bonus feature is their Cloud Station, which is a self-hosted dropbox like experience that you can just put your entire user folder in for continuous backups.

If you want some storage, plus a whole range of other features to play with. Including virtual machines, and other things. Are ok with maintaining it yourself and stuff.
Definitely get the HPE Microserver of build a NAS yourself.

Disposing of broken hard drives is not hard. Just take the 10mm drill and poke a few holes in the drive.
Title: Re: looking for a NAS box
Post by: soldar on September 17, 2019, 03:28:26 pm
A hard disk using Full Disk Encryption does not need to be physically destroyed as it is irrecoverable without the key.
Title: Re: looking for a NAS box
Post by: legacy on September 17, 2019, 03:46:29 pm
Regarding encryption, if you use Full Encryption Drives tied to a TPM module on the board then you can consider drive and board as a single unit and the drive will not work with another board.

Is there any SATA electro-mechanical harddrive in 3.5" size with a build-in encryption engine that can fit inside a hot-swap bay?  :D

Title: Re: looking for a NAS box
Post by: soldar on September 17, 2019, 04:14:39 pm
Is there any SATA electro-mechanical harddrive in 3.5" size with a build-in encryption engine that can fit inside a hot-swap bay?  :D

AFAIK FDE disks are the same size as any other HDD. I have some in a couple laptops and they fit right in.

https://www.esecurityplanet.com/mobile-security/buyers-guide-to-full-disk-encryption.html (https://www.esecurityplanet.com/mobile-security/buyers-guide-to-full-disk-encryption.html)
https://www.seagate.com/as/en/support/kb/full-disk-encryption-faqs-presales-206011en (https://www.seagate.com/as/en/support/kb/full-disk-encryption-faqs-presales-206011en)
https://www.seagate.com/as/en/support/internal-hard-drives/laptop-hard-drives/momentus-laptop/ (https://www.seagate.com/as/en/support/internal-hard-drives/laptop-hard-drives/momentus-laptop/)
https://www.seagate.com/files/docs/pdf/datasheet/disc/ds_momentus_7200_fde.pdf (https://www.seagate.com/files/docs/pdf/datasheet/disc/ds_momentus_7200_fde.pdf)

Or am I missing something?
Title: Re: looking for a NAS box
Post by: Simon on September 17, 2019, 04:56:58 pm
I have a USB encrytion caddy that i have my current data on. I drag it around with me and it needs a password inputting to work. No performance impact and after 10 goes your are locked out forever and each caddy has it's own key so you can't keep putting the drive in another caddy.
Title: Re: looking for a NAS box
Post by: soldar on September 17, 2019, 05:09:41 pm
I have a USB encrytion caddy that i have my current data on. I drag it around with me and it needs a password inputting to work. No performance impact and after 10 goes your are locked out forever and each caddy has it's own key so you can't keep putting the drive in another caddy.

I use PGP Disk encryption. No need for caddy and you can make duplicates of the backup. Just keep the key elsewhere.

This works for data backups; it does not work for system disks where you want the OS encrypted because for that you would need pre-boot authentication (which FDE does provide).
Title: Re: looking for a NAS box
Post by: legacy on September 17, 2019, 05:14:25 pm
Or am I missing something?

(http://www.downthebunker.com/chunk_of/stuff/public/projects/cerberus/pic/1.png)

nope, with my friends we are on home-made Nas, which uses common sata hard-drives made in the late 2012, so FDE disks are new interesting feature for me. Never heard before. Thanks for the info.

(http://www.downthebunker.com/chunk_of/stuff/public/projects/cerberus/pic/bay-box.jpg)

They are super interesting especially because ... making software encryption is a bit complex for our hardware (possible, but .. it adds a second layer of things to do, test, and debug), and we need disks able to fit these two sata Bays.

FDE disks look perfect  :D
Title: Re: looking for a NAS box
Post by: Simon on September 17, 2019, 05:19:52 pm
Reminds me of my portable fibre glass PC case that included the monitor.
Title: Re: looking for a NAS box
Post by: legacy on September 17, 2019, 05:29:54 pm
That case was chosen only because it was the only one found that fits the three PowerPC nodes stacked one on the top of the other, and the mod was suitable because it only required us to cut-off a piece of plastic. We tried with aluminum cases, and we ended with a lot of problems, like how to cut the metal without catrastropic results :D
Title: Re: looking for a NAS box
Post by: soldar on September 17, 2019, 06:19:46 pm
Never heard before. Thanks for the info.

Around 2009 I bought on eBay several Dell laptops and they were probably from military or government surplus and came with all the security measures like TPM and some strange smartcard reader that I never really got it to work.

The HDD in the photo is only 7 mm thick and is fully encrypted.  When connected and running it is completely transparent to the OS but once powered down the password needs to be supplied by the MoBo pre-boot. The MoBo needs to support this feature but many do. I believe my HP Compaq Elite 8300 desktop box running Linux supports it.

If one day you want to get rid of the disk there is no need to erase it.
Title: Re: looking for a NAS box
Post by: legacy on September 17, 2019, 06:35:15 pm
The HDD in the photo is only 7 mm thick and is fully encrypted.  When connected and running it is completely transparent to the OS but once powered down the password needs to be supplied by the MoBo pre-boot. The MoBo needs to support this feature but many do.

Tomorrow I will investigate deeper  :D

I wonder if these hard drives use the SMART protocol for passing the passphrase to the encrypt engine, or if not, which is the mechanism to pass it.

The above machine in the picture is composed by four PowerPC nodes running u-boot as firmware and Linux as OS, so I have to know this detail in order to support FDEs.
Title: Re: looking for a NAS box
Post by: soldar on September 17, 2019, 07:02:33 pm
Ten years ago, when I got the laptops, I studied all this in depth but, sadly, I cannot remember most of it. At the time I got the impression this was a rapidly changing field so probably everything has changed a lot since them. Bear in mind that ten years ago these things were already surplus.

I remember something called Opal:
https://en.wikipedia.org/wiki/Opal_Storage_Specification (https://en.wikipedia.org/wiki/Opal_Storage_Specification)
https://en.wikipedia.org/wiki/Trusted_Computing_Group (https://en.wikipedia.org/wiki/Trusted_Computing_Group)
https://en.wikipedia.org/wiki/Trusted_Platform_Module (https://en.wikipedia.org/wiki/Trusted_Platform_Module)
https://support.lenovo.com/es/en/solutions/acc100187 (https://support.lenovo.com/es/en/solutions/acc100187)
https://www.pugetsystems.com/labs/articles (https://www.pugetsystems.com/labs/articles/Introduction-to-Self-Encrypting-Drives-SED-557/)
https://www.techspot.com/guides/869-self-encrypting-drives//Introduction-to-Self-Encrypting-Drives-SED-557/ (https://www.techspot.com/guides/869-self-encrypting-drives//Introduction-to-Self-Encrypting-Drives-SED-557/)

Maybe I should learn all about it all over again :)