Tag Archives: NAS

D-Link: The worst NAS – DNS-series

Posted by on May 2, 2009 4 comments

There is a saying “You get what you pay for”. Among many of the gadgets I have bought, there is no other product than a D-Link where this wouldn’t apply more.

I came across a cheap D-LINK DNS-313 network storage and thought I can at least put some of my SATA-drives to use.

The DNS-313 must be the worst device I have ever come across. Although the slot-loading case is a nice feature, everything else is just plain nasty:

After about 2 days of trying to convince the device to accept any hard-drive (theoretically I should be able to go up to 1 terabyte), I was not able to get this device installed. I have tried every version of firmware, tried to install via local LAN, through a switch, through a router. I then partitioned the device the same way the installation program does it and created the boot-images. In all occasions I was unsuccessful as the device kept on hanging or stopped responding.

The DNS-313 is in my opinion one of the most unreliable devices and considering that D-Link wants you to put your precious data on this piece of junk, I strongly urge everyone to steer clear of the D-Link DNS-series (the multi-bay devices are no different).

If you want to get a real NAS, then rather go with a Synology or a QNAP.



VN:F [1.9.13_1145]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.13_1145]
Rating: 0 (from 0 votes)

The favorite posts in 30 days

Posted by on December 7, 2008 No comments

It’s quite amazing to watch this blog grow. Of the monthly 50,000 – 60,000 hits, between 1000-2000 hits a day originate from browsers. A further 200-300 hits a day originate via RSS-readers.

I pulled some stats and was amazed about the most popular articles in the last 30 days:

  1. OSX Time Machine backup to Synology DS107+: The all-time-favorite – many OS X users don’t want to buy a TimeCapsule just to do their backups. In this article I show you how to use your NAS or Linux server and achieve the same thing without splurging out on new hardware.
  2. The Friday Picture: Jailbait: SEX SELLS! This post receives the highest referral and search count from Google.
  3. ADSL: Significance of SNR and attenuation: If you are getting ADSL, you better make sure to understand what affects the quality of your line. This can mean the difference between 4mbps vs 512kbps.
  4. Yamaha YSP-4000 – surround sound bar: This must be my favourite gadget of 2008. A wireless 5.1 surround system which 42 speakers. Beats all cheap and even some midrange sounds-systems and works perfect with my PS3 and watching DVD’s / BluRay.
  5. NAS: Create your own caching proxy: Especially with the absurd bandwidth-costs in South Africa, you certainly want to avoid wasting it. The caching-proxy will at least ensure that you don’t burn your bandwidth-cap unnecessary by visiting the same websites.
VN:F [1.9.13_1145]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.13_1145]
Rating: 0 (from 0 votes)

Western Digital: You and your Green drives suck!

Posted by on December 4, 2008 10 comments

Attention NAS users: Before you make the same mistake as I and trust the false advertising of Western Digital and their “green drives” think twice!!!

I was led to believe that the WD Caviar® Green™ WD10EACS is the perfect drive to install into my single-bay NAS. If you are not a storage specialist, you will not know that there is a huge difference between enterprise- or server-class harddrives and regular consumers drives.

The WD is a consumer drive which is recommended by many NAS-suppliers (and by WD itself) as the perfect drive for single- and multi-bay storage devices. I was amazed by the 1TB storage and out of sheer ignorance failed to understand what the term “load-cycle-count” means as I usually am only familiar with a mean-time-between-failure term of hours of operations. I further (wrongly) trusted that with a 3-year-warranty, this must be a reliable drive. ALL WRONG!!!

Some facts and why you should not purchase any of those drives:
- The load-cycle-count describes the number of times the drives heads park. The WD’s reliability/data-integrity is only guaranteed up to a load-cycle count of 300,000.
- Western Digital stated that the drive is only supported on Windows and Mac and not “designed” for Linux – WTF?

The above does not sound tragic enough? Well, all NAS’s run a version of Linux – problem number 1. Second, the majority of users are reporting an hourly increase of 50-100 load-cycle-counts. Thats between 1200-2400 per day which will with that type of usage reach 300,000 within 6 months. There are workarounds, where you keep the drive busy all the time or reduce the spin-down time – in my opinion the wrong approach as the drives are not designed to be in long-term operation.

In my scenario I purchased the drive 20th July 2008 and as of today I set at 348,000 LCC. Within a short 4 months without any heavy usage in the NAS I am out of warranty and face the risk of data loss – THANKS WESTERN DIGITAL – YOU COST ME R 2,000.00 (and your “3-year-limited-warranty” does not cover this either!!!!

VN:F [1.9.13_1145]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.13_1145]
Rating: 0 (from 0 votes)

NAS: Create your own caching proxy

Posted by on September 19, 2008 16 comments

There you are, with that 1TB NAS and you surf mostly the same websites and in the process waste plenty of time waiting on downloads. So why not install your own Squid-proxy server on your NAS?

With the Synology and the pre-requisite of having ipkg installed – this takes no more than 10 minutes.

Update (2008-12-22): I have adjusted the Squid-configuration to block websites for unlisted IP-addresses. If you don’t require this (and want your kids to download several gigs of You Tube-videos) then delete the lines acl nonblockedip, acl blocksites and http_access deny blocksites.

In my example, my NAS IP is 172.16.0.97 and my IP range on my LAN is 172.16.0.0 – adjust this accordingly below:

  1. Install squid: ipkg install squid
  2. Adjust Squid’s config-file located in /opt/etc/squid/squid.conf:

     ## SQUID CONFIG cache_mgr [email protected] ## Those are the ports the proxy is going to listen to http_port 172.16.0.97:3128 http_port 172.16.0.97:8080 # TAG: visible_hostname # The host-name of the proxy-server. Can really be anything visible_hostname MuffinStationProxy # DISK CACHE OPTIONS # ----------------------------------------------------------------------------- # Disk-cache options. Just adjust the cache-siz (in my case 20GB) cache_replacement_policy lru cache_dir ufs /opt/var/squid/cache/ 20000 16 256 minimum_object_size 0 KB maximum_object_size 2097152 KB maximum_object_size_in_memory 1024 KB # MEMORY CACHE OPTIONS # ----------------------------------------------------------------------------- # TAG: cache_mem (bytes) cache_mem 8 MB memory_replacement_policy lru # ACCESS CONTROLS # ----------------------------------------------------------------------------- acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl our_networks src 172.16.0.0/24 172.16.1.0/24 acl to_localhost dst 127.0.0.0/8 acl nonblockedip src 172.16.0.3 172.16.0.5 # childblocks acl blocksites dstdomain "/opt/etc/squid/restricted-sites.squid" #Block childblocked sites http_access deny blocksites !nonblockedip all http_access allow manager localhost http_access allow manager our_networks http_access deny manager # Allow all clients from my network http_access allow our_networks # And finally deny all other access to this proxy http_access deny all #Allow ICP queries from everyone icp_access allow all # LOG-FILES # ----------------------------------------------------------------------------- access_log /opt/var/squid/logs/access.log squid #cache_log none #cache_log /opt/var/squid/logs/cache.log #cache_access_log none #cache_access_log /opt/var/squid/logs/access.log #cache_store_log none #cache_store_log /opt/var/squid/logs/store.log # OPTIONS FOR TUNING THE CACHE # ----------------------------------------------------------------------------- # TAG: cache # A list of ACL elements which, if matched, cause the request to # not be satisfied from the cache and the reply to not be cached. # In other words, use this to force certain objects to never be cached. # # You must use the word 'DENY' to indicate the ACL names which should # NOT be cached. # # Default is to allow all to be cached #We recommend you to use the following two lines. acl QUERY urlpath_regex cgi-bin \? cache deny QUERY refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 refresh_pattern \.gif 1440 50% 40320 reload-into-ims refresh_pattern \.jpg 1440 50% 40320 reload-into-ims refresh_pattern \.tif 4320 50% 43200 refresh_pattern \.png 1440 50% 40320 reload-into-ims refresh_pattern \.jpeg 1440 50% 40320 reload-into-ims refresh_pattern ^http://*.google.*/.* 720 100% 4320 # refresh patterns to enable caching of MS windows update refresh_pattern windowsupdate\.microsoft\.com/.*\.(cab|exe|psf) 4320 100% 120960 reload-into-ims refresh_pattern update\.microsoft\.com/.*\.(cab|exe|psf) 4320 100% 120960 reload-into-ims refresh_pattern office\.microsoft\.com/.*\.(cab|exe|psf) 4320 100% 120960 refresh_pattern windowsupdate\.com/.*\.(cab|exe|psf) 4320 100% 120960 reload-into-ims refresh_pattern download\.microsoft\.com/.*\.(cab|exe|psf) 4320 100% 120960 reload-into-ims refresh_pattern microsoft\.com 4320 100% 10080 pipeline_prefetch on # Apache mod_gzip and mod_deflate known to be broken so don't trust # Apache to signal ETag correctly on such responses acl apache rep_header Server ^Apache broken_vary_encoding allow apache # Leave coredumps in the first cache dir coredump_dir /opt/var/squid/cache # Disable cachemgr password cachemgr_passwd none all

     

  3. Take note from my above config, that I chose a cache-size of 20(!) GB (cache_dir).
  4. Validate your Squid configuration with squid -k parse
  5. Create the Squid cache-directories with squid -z
  6. Start Squid manually to check for errors: squid -NCd1
  7. Create a symbolic link so that Squid starts automatically: ln -s /opt/etc/init.d/S80squid /usr/syno/etc/rc.d/
  8. Once you restart the NAS, Squid should be started automatically (log files are in /opt/var/squid/logs)

Dummy error: Happened to me – if Squid starts and you don’t notice any improvements in browsing speed, make sure that you have your browser’s proxy settings adjusted :oops:

IMPORTANT: As I have the caching server within a DMZ/Firewall, security-concerns are secondary. All users having access to the LAN and fall within the IP-range will automatically have access to the caching-proxy. The implementation of Squid was for improving the browsing/web-experience (speed has improved by almost 200% and average bandwidth consumption dropped by 30%).
Continue reading “NAS: Create your own caching proxy” »

VN:F [1.9.13_1145]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.13_1145]
Rating: 0 (from 0 votes)

NAS: Boot your router….

Posted by on August 20, 2008 No comments

Having the Synology DiskStation hooked up to the UPS I have avoided any sudden problems when Eskom decides to load-shed again. Over the last few days I did notice (especially since now my iBurst modem and WLAN-access point is on 24×7) that leaving the iBurst modem on for too long seems to deteriorate throughput.

Neither the iBurst modem nor the Belkin access-point have remote management functions, and so I devised the following script to give my router the boot (resulting in the modem being disconnected and reconnected after the rooter boots).

How does it work: I wrote a small script which logs onto the routers management interface and then issues a restart command. This can be easily achieved with the post-method in wget. The script itself runs periodically on the NAS via a cronjob.

This mechanism will work for any router which has a browser-interface via HTTP. I created the script below after HTTP-sniffing the post-requests:

#!/bin/ash DT=`date +%b\ %d\ %T` echo $DT ROUTER: Restarting router >>/var/log/crond.log wget http://172.16.0.1/setup.cgi --post-data="pws=&itsbutton1=Submit&todo=login&this_file=login.html&next_file=ut_reset.html&language=en&message=&passwd=[BASE64-encoded-string]" wget http://172.16.0.1/setup.cgi --post-data="reboot=Restart Router&todo=reboot&this_file=ut_reset.html&next_file=reset_ok.html&message=" echo $DT ROUTER: Restarted >>/var/log/crond.log

 

In the above I use wget to submit the post request and have sniffed the http-login and reset request via HTTP Scoop – a sweet little HTTP protocol sniffer for Mac OSX.

Now you just need to automate this on your NAS via a cronjob:

MuffinStation> cat /etc/crontab

#minute hour mday month wday who command 0 2 1/5 * ? root sh /volume1/webapps/restartrouter.sh

 

The above will restart the router at 2am every five days starting with the 1st of the month (which is great, as by the first my cap is normally gone – smile).

VN:F [1.9.13_1145]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.13_1145]
Rating: 0 (from 0 votes)

NAS: Synology new beta available

Posted by on August 14, 2008 No comments

Synology is really rocking and have just released the latest beta. I suggest that you sign-up before the beta closes – I did my upgrade last night and everything is working good. Amongst the enhancements (I was looking forward to the hibernation fix for my Western Digital Green-HD):

  • RAID 6 Support: RAID 6 volume type cuts off the risk of volume failure and provides extra data protection.
  • NFS Support: With built-in NFS option, admin can quickly enable NFS and set up privileges on the UI by a few checks only.
  • Virtual Host: Hosting multiple websites on one single server for a more efficient and economical purpose; both IP-based and name-based virtual hosting are supported.
  • Batch Users Creating: By importing the user list, admin can now efficiently create a number of user accounts on a batch basis.
  • HDD S.M.A.R.T.: The S.M.A.R.T. information and S.M.A.R.T. test are available on the management UI for admin to monitor, detect, and report the hard disks status, in a way to alert possible HDD failures. (Not supported on DS-101j)
  • Enhanced Local Backup: Enables multiple scheduled Local Backup tasks with the assistance of Local Backup wizard, the backup destination can be either the external HDD or the shared folders on the internal HDD. From now on, the external attached HDD (EXT3 or FAT format) can be used as storage and backup disk simultaneously.
  • Enhanced FTP Server: The advanced privilege of “write-only” is supported. In addition, limiting the maximum connections from each individual IP provides better bandwidth management together with the bandwidth restriction option. UTF-8 filename support which better handles multilingual characters is also optional.
  • New Download Station 2: Other than BitTorrent/FTP/HTTP download, new download channels eMule and NZB are now supported by the Download Station 2. In addition, partial files download from BitTorrent is also allowed. Download Station 2 is now separated from the management UI and stands on an individual webpage.
  • Enhanced File Station: Admin can designate his/her own File Station with a different port as well as customize webpage banner, so that users will login the File Station independent from the NAS server management UI. The advanced privilege of “write-only” is also supported.
  • Enhanced Audio Station: No USB speakers are required for playing music stored on the server anymore. The new streaming mode streams .mp3 audio files to the client PC(1) and delivers by built-in speakers. A built-in playlist “Random100″ will randomly choose and play 100 songs each time it is selected. (Not supported on DS-101j)
  • Enhanced Photo Station 3: Admin can now customize Photo Station 3 background and theme in his/her own fashion, and sort photos and albums according to personal preference in the Settings area. Language setting is also modifiable based on his/her choice. The media RSS feed is now supported. Moreover, users can now enjoy the Photo Station 3 with PicLens dazzling full screen 3-dimensional photo slideshow(2).
  • Enhanced Windows ADS Compatibility: Better handles the Windows domains especially for those with a large number of domain users. Windows Server 2008 is also supported now. (Not supported on DS107e, DS108j, DS-106e, DS-106j, and DS-101j)
  • Enhanced Mac OS Usability: Synology NAS servers will be automatically found by Bonjour protocol, including Finder and Safari browser (Bookmarks > Bonjour).
  • Enhanced iTunes Server: m4a and m4p file formats are correctly indexed on iTunes server with tags information.
  • Enhanced Hibernation: Improved hibernation mechanism is introduced particularly to solve the problem of Western Digital Green Power series HDDs’ not sleeping while in hibernation.
  • Enhanced Concurrent Connection Capability: The maximum concurrent connection number is now expanded to 256. (Available on DS508, RS408, and RS408-RP)
  • Perl Support: Perl 5.8.6 is formally included in Synology Disk Station Manager 2.0. (Not supported on DS-101j)
VN:F [1.9.13_1145]
Rating: 0.0/10 (0 votes cast)
VN:F [1.9.13_1145]
Rating: 0 (from 0 votes)

NAS: Enable SCP and password-less SSH login

Posted by on July 26, 2008 7 comments

DISCLAIMER: I am not going to educate about the risk of doing this with your root userid. This works for me, as I am behind a secure network. Once you have followed the instructions below, you will be able to logon to your NAS through SSH without using a password (as SSH will use your unique public key). You will also be able to use SCP (with the benefit of compression) from/to your NAS.

The necessary steps to give your NAS SCP – part I: Enable login via public key certificates:

  • On NAS: If you have a recent firmware (.640), then just enable SSH on the diskstation.
  • On NAS: Edit the file /etc/ssh/sshd_config and uncomment/insert the following line (#2) to enable public key authentication:

    #RSAAuthentication yes PubkeyAuthentication yes AuthorizedKeysFile .ssh/authorized_keys

     

  • On NAS: If you are super-paranoid, you can disable password-login (doing this can potentially lock you out if you stuff up your public key):

    # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no #PermitEmptyPasswords no

     

  • On client: On you host computer (not the diskstation) open a terminal and run the following command:
    $ ssh-keygen -t rsa

    Generating public/private rsa key pair. Enter file in which to save the key (/home/magicdude/.ssh/id_rsa): Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in id_rsa Your public key has been saved in id_rsa.pub The key fingerprint is: XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX magicdude@mymac

     

  • On NAS: You need to create a directory with a file containing the the authorized keys of clients being able to connect:

    # cd /root mkdir .ssh touch .ssh/authorized_keys vi .ssh/authorized_keys

     

  • On NAS: Paste the content of your id_rsa.pub-file from your Host-computer (the one you want to connect from) into the authorized_keys file.
  • On NAS: Change the file permissions of the authorized-key file:

    chmod 700 .ssh chmod 644 .ssh/authorized_keys

     

After rebooting, you should be able to login without password via ssh root@mynasip — if not, sorry for you, you did not follow the instructions properly.

Next part is to enable SCP. This requires you to have the bootstrap on the NAS installed and you need to have basic knowledge of IPKG:

  • Use ipkg download zlib to download zlib
  • untar via tar -xzvf zlib*.tar
  • untar the data file tar -zxvf data.tar.gz
  • You require two libraries for SCP compression to work. Use the following command to copy them: cp ./opt/lib/libz* /lib
  • Now you need to get openssh which contains the scp exectuable. Download via ipkg download openssh
  • untar via tar -xzvf openssh*.tar
  • untar the data file tar -zxvf data.tar.gz
  • Copy the scp-binary: cp ./opt/bin/scp /bin

You are done. You should now be able to do a simple scp filename root@mynaspIP:/nasfolder without a password prompt.

VN:F [1.9.13_1145]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.13_1145]
Rating: +1 (from 1 vote)

OS X: Time Machine backup to Synology DS107+

Posted by on July 15, 2008 67 comments

I finally got the single-bay, 1TB NAS:

It took a few hours to “make” OS X TimeMachine to accept the NAS and perform backups – the steps below will outline what is necessary.

Update 2009-05-14: With 10.5.7 Apple seems to have broken the sparse-band-size, resulting in the current sparsebundle to be unmountable. Apple has reduced the band-sizes of sparse-bundles to 128MB. You can convert your existing sparsebundle via the following command: hdiutil convert -format UDSB -imagekey sparse-band-size=262144 -o new.sparsebundle old.sparsebundle

Update 2009-02-11: I have received a number of reports that large sparse-bundles (in excess of 250 gigabytes) fail to backup properly. User joar on the Synology forum has the explanation for this: “Those sparsebundle images that Time Machine uses work like this: They basically consist of a few files and one folder with all the payload files (called “bands”) in it. If the images are created automatically by Time Machine, the size of each “band” file is set to 8MB. If your backup is > 300GB you can do the math. Remember what I wrote? One folder with all the bands.

To solve this problem instead of creating 8MB bands we will create 128MB bands (262144 times 512 bytes). You are able to convert your existing sparse-bundles via (change the max-size from 70GB to whatever suits you):
hdiutil convert -format UDSB -tgtimagekey sparse-band-size=262144 -tgtimagekey size=70g -o tempfilename.sparsebundle machinename_macid.sparsebundle

I tried the conversion of the above and it took extremely long – I eventually wiped my old backups and started from fresh. You will notice as part of this exercise that your original sparse-bundle image will be larger (in my case increasing the band-size increased the initial sparsebundle from 80MB to 1.5 gigabytes)

The installation was straight forward, but you should consider a number of steps:
Continue reading “OS X: Time Machine backup to Synology DS107+” »

VN:F [1.9.13_1145]
Rating: 10.0/10 (1 vote cast)
VN:F [1.9.13_1145]
Rating: +1 (from 1 vote)