Commercial NAS Operating Systems - A Comprehensive Overview of Core Featuresby Ganesh T S on November 14, 2016 8:30 AM EST
Storage Management and Services
The basic function of a NAS unit is to aggregate disks and present a storage volume accessible over an IP network. In most cases, it is intended that the storage volume be resilient to failures in one or more member disks. Most COTS NAS units allow the storage volume to be expanded, either by replacing existing disks with disks of higher capacity, or, by adding disks to empty bays. Certain RAID configurations also allow for replacement of faulty disk(s) while maintaining data availability.
The storage can be made available over the network either as shared folders (accessible using protocols such as Samba or NFS) or, as a volume via iSCSI (support for SCSI storage commands over an IP network). Since storage management and the ways to access it over the network are some of the most important aspects of a NAS OS, it is helpful to see how various vendors stack up against each other.
The average consumer does not care about Samba, NFS, iSCSI or FTP, but, just requires the storage space in the NAS to be accessible on a computer or mobile device. The popularity of mobile operating systems and networked media players for content consumption presents a different challenge - a list of files and folders is not expected in that scenario. In such cases, traditional protocols such as Samba and NFS are not used. Instead, the NAS is expected to run a media server / support the uPnP protocol to provide access to the stored media files.
In order to understand the various options for exposing the storage in the NAS UI, users need to understand two concepts:
- Access Permissions
A NAS can run support various storage access protocols. These protocols are backed by 'services' running in the NAS OS. Each service is advertised as being available when a client tries to access the NAS over a particular port. As an example, a quick scan of the ports on an Asustor NAS delivers the following results (note that the default configuration may result in a different set of open ports).
This scan reveals the services currently running on the NAS (including the version of the program behind the service), many of which are associated with storage protocols or installed media servers.
Except for certain iSCSI configurations, the data accessed on a NAS always exists as a file or folder in the file system of the storage volume in it. The presence of an active service is not enough for an user to be able to access the internal storage through it. There are two possible filter levels - a file or folder might not be configured for access via the relevant storage protocol, or, the user might not have permissions to access the content.
Consumers aiming for a plug-and-play experience need to keep in mind that Windows PCs can mount and access content in Samba shares natively. Linux users should opt for NFS and/or Samba, while Apple users need to enable AFP in the list of services on the NAS. Business users and consumers who are tech-savvy might also want to enable iSCSI. Configuring iSCSI options requires some technical knowledge - an understanding of targets, initiators, LUNs, CHAP authentication, thin provisioning etc. Going into these technical aspects is beyond the scope of this article, but, a quick-start guide is available for interested readers.
We now proceed to see how different vendors address the aspects related to storage management and content sharing over the network. The vendors are covered here in alphabetical order. Readers interested in jumping ahead to their vendor of interest can use the links below:
The home screen of the Asustor web UI carries a 'Storage Manager' option by default. Activating it presents details of the currently configured volume (including the RAID level, member disks etc.).
The 'Management' option allows addition of disks to the volume, migration to a higher RAID level or replacement of the existing disks with larger ones. The 'Disk' tab presents details of all the disks currently in the NAS (independent of the configured volumes). 'Bad Block Scans' and 'S.M.A.R.T Checks' can be scheduled for the disks. The next tab of interest in the storage manager is 'iSCSI'. LUNs can be configured along with targets. Thin provisioning is supported. LUN snapshots can also be scheduled. As of the reviewed firmware version, only file-based LUNs are supported (i.e, configured LUNs actually exist as files in the volume).
The next task for any user is to create folders in the volume that can be accessed over the network. This is a bit buried in the current configuration, and reachable through the 'Access Control' option in the main screen.
This section allows users to add new shared folders. Available configuration options include the volume to place the folder in and the ability to enable a 'Recycle Bin' for the folder's contents. Interestingly, Asustor's ADM also allows encryption on a per-folder basis.
Access rights for the shared folders can also be configured during the creation phase. This includes access using anonymous FTP / WebDAV. There is also an option to enable Windows ACL. This option is useful if modifying the file permissions through Samba is desired. The traditional permissions model mandates that file permissions can be modified from the in-built File Explorer application only. The permissions can be edited at any point of time. An interesting point to note here is that if the NFS service is enabled, NFS privileges (that are based on the client address) can also be configured for the shared folders.
This brings us to the 'Services' topic, which dictates the ways in which clients can communicate with the NAS. The option is available in the main screen of the web UI by default.
The option lists all the available services on the left pane, with advanced configuration for each on the right. The available services include Samba, AFP, NFS, WebDAV, FTP, web server (Apache), database server (MariaDB), SSH / SFTP, rsync, TFTP and SNMP.
Asustor's ADM supports SMB 3.0. It also supports signing, but, doesn't support encryption. It is also possible to make the NAS join a Windows Active Directory domain. AFP support includes advertisement over Bonjour and support for Time Machine backups. The FTP service can be configured with limitations on the number of total as well as per-IP connections. The ports for passive FTP can also be configured, and transfer rates can be throttled, if necessary. WebDAV can be configured to accept anonymous connections. A web server can also be easily configured with the desired port numbers. A 'virtual host' feature enables hosting of multiple websites using the same NAS. MariaDB (a database server similar to MySQL) can also be enabled. The NAS can also be configured to act as a rsync server for backup jobs. The SNMP service allows the NAS to deliver its operational status to a network management system. A MIB file containing the details of the operational status can be downloaded from the SNMP service configuration page. This can be imported into a monitoring system.
Netgear's options for storage management, services and permissions for shared folders are spread out across the web UI differently compared to other vendors. Most of the storage management operations are performed in the System > Volumes section, except for the iSCSI-related options that have a separate main menu entry.
By default, the ReadyNAS volumes are created in X-RAID. But, users can opt to delete the volume and create multiple ones with Flex-RAID. The gallery below shows the various options available in the Volumes sub-section.
Note that most of these options require a basic understanding of how btrfs filesystems are managed. These include concepts such as defragmentation, scrubbing, and balancing. Volumes can also be destroyed. Manual volume creation allows for encryption, with the key being stored on a USB drive (and, optionally, e-mailed). Volume options include the ability to schedule the various btrfs maintenance tasks as well as disk testing.
Most home consumers don't bother with iSCSI, and Netgear has taken a good decision to isolate the related options away in a separate menu. After setting up the desired volumes, users generally move on to configure the shared folders. Home folders are created by default along with the volume. A single screen handles all the necessary options to configure a share - the name, decision to enable bit-rot protection (not recommended on ARM-based systems), compression, snapshot scheduling, quota for the share and the protocols over which access to the shared folder is available.
In the default state, shares are set to 'anonymous' permissions - that means anyone in the local network can read and write to the share. This is really helpful for users in a secure firewalled local network who don't want to bother with setting up multiple users and access credentials. iSCSI LUNs also appear in the 'Shares' section, but, we will deal with them separately.
It is possible to create explicit snapshots for each shared folder. The 'Settings' in the context menu allows enablement of bitrot protection, quota and other settings at a later point in time after creation. The access protocols can also be enabled similarly. Netgear presents a DFS option that enables aggregation of Samba shares from multiple NAS units over a single share. Permissions across different users and protocols can also be modified.
The iSCSI options are similar to those for shared folders. The first step is to create a LUN. Compression can be enabled only for thin ones.
Creation of a new group involves configuring the the 'target' details that an 'initiator' can use to mount the iSCSI volume. CHAP authentication and restrictions on the allowed initiators can be configured. Unassigned LUNs can then be assigned to the created group.
Multiple LUNs and groups can be created. Multiple LUNs can be assigned to the same group, so that the initiator can see multiple disks after connecting to the group target. The same initiator can connect to multiple targets on the ReadyNAS also, as shown in the above gallery.
The 'Services' section can be accessed from the main screen under System > Settings. The layout is such that the services can be toggled on or off from the same view.
The options for each service are configured at the time of enabling. For example, the workgroup name can be configured for SMB. Interestingly, Netgear supports SMB 3.0 for all connections. However, if advanced options are desired, Netgear requires installation of an additional package. This keeps the options in the services section relatively clean.
NFS options include the number of NFS threads and NFSv4 domain configuration. All aspects of the FTP service (ports, transfer rates limiting etc.) can also be configured. Media-centric service options include an 'iTunes Server' and a 'ReadyDLNA' digital media server (DMS). The uPnP service enables ReadyCLOUD to work on the LAN without having to go through the cloud. Basic web servers can also be configured in the HTTP / HTTPS service sections. A SNMP service and a MIB file are available for use with network management systems. Advanced users can use SSH to monitor and configure the NAS. An antivirus service is also available, based on the Cyren Commtouch engine. In the process list, this engine appears as 'ctscand'.
The 'Storage Manager' option can be found by navigating the 'Control Panel' > 'System Settings' > 'Storage Manager' route from the home screen in the QTS web UI.
The storage manager dashboard presents a large number of options because QNAP has one of the most comprehensive storage management suites in the COTS NAS market. These include storage pools, ability to act as an iSCSI initiator and cache acceleration using SSDs.
The Disks/VJBOD section presents details of the disks in the system (including S.M.A.R.T information). VJBOD is an interesting feature wherein iSCSI LUNs on a remote QNAP NAS can become part of a storage pool in the local NAS. The storage pools in the system are the equivalent of disk groups in the OS of some of the other vendors. Each storage pool is configured with a particular RAID type. Space can be reserved for snapshots when the pool is configured.
Volumes can be created to take up disks completely (static single volume), or be part of a storage pool. In the latter case, the size of the volume can be either thick or thin. A storage pool can have multiple volumes, but they are all of the same RAID type. QNAP provides the ability to control options such as bytes per inode when creating a volume. In the SSD caching options, users can set the desired cache algorithm (least-recently used (LRU) or first-in, first-out (FIFO)), and whether it is a read-only or read-write cache. The Snapshot option allows creation of backups of volumes as well as LUNs to remote QNAP NAS units.
QNAP also provides wizards for creation of iSCSI targets and LUNs. One of the interesting options is the ability to set clustering access so that a given iSCSI target can be accessed from multiple initiators. Otherwise, all standard settings such as CHAP authentication are available. The LUNs can either be image files in a volume, or space allocated from a storage pool. LUNs can be configured to report a 4KB sector size and/or a volatile write cache to the initiator. iSCSI LUNs can be backed up, and ones on a remote iSCSI target can also be mounted as virtual disks.
The next step for most users after creation of a volume is the setting up of shared folders. QNAP's options for shared folders are buried under 'Control Panel' > 'Privilege Settings' > 'Shared Folder' - it is often easier to use the searchlight in the main screen to get directly to it. The default 'Shared Folders' view presents the details of all the currently existing shared folders including the volume in which they are resident.
The reason for the 'Shared Folders' section being under the 'Privilege Settings' is evident when one tries to create a new shared folder. Options for new folders include the access permissions, whether the folder needs to be encrypted and guest access rights. The other standard options for Samba shares (such as hiding the network drive, oplocks and network recycle bin) are also available. Windows ACL can also be used when enabled under the Advanced Permissions. QNAP also supports a DFS implementation, terming it folder aggregation. It allows aggregating Samba shares from other units in the network into a portal folder in the NAS.
The permissions for shared folders can also be edited after creation. In particular, NFS access privileges for the shares can be set. IP restrictions can also be placed for Samba shares.
The discussion about NFS brings us to the 'Services' aspect. QNAP places this under 'Control Panel' > 'Network Services'.
Options under Samba (Microsoft networking) include the workgroup name. The NAS can either act as a standalone server (typical in home environments), or, an Active Directory domain member. The NAS can also act as a domain controller. AFP and NFS options are also available, though NFS v4 seems to be absent.
QNAP also supports FTP with extensive options to configure the service, as can be seen in the above gallery. Telnet and SSH are available. SNMP can also be enabled, and the MIB file for the network management system (NMS) can be downloaded from the NAS itself. The QNAP NAS also supports a uPnP discovery service and Bonjour.
Synology's main menu (accessible from the top left corner of the UI) has a 'Storage Manager' entry that takes us to the relevant pages offering up information regarding the disks in the system. In addition to viewing S.M.A.R.T information, disk tests can also be scheduled, and alerts can be configured for bad sectors and disk lifespan. The Storage Manager section also has the various options to configure storage volumes and iSCSI LUNs / targets.
Synology has the concept of disk groups that correspond to QNAP's storage pool - a set of disks that are put together in a RAID configuration. Synology presents an option to check for bad sectors during the creation of a disk group.
Volumes can be created either with disks that are not part of any disk group, or, on one of the available disk groups. The latter option allows for creation of multiple volumes. On recent x86 systems, Synology allows a volume to be formatted either in btrfs or ext4. Management options include data scrubbing and defragmentation for btrfs volumes. Volumes can also be expanded by adding hard disks or taking up unallocated disk space.
iSCSI LUNs can either be file-based or block-based. In the latter option, users can allocate a set of disks completely to the LUN (single LUN on RAID), or, choose the multiple LUNs on RAID option. The second option utilizes a disk group. iSCSI targets can be configured to support CHAP.
Options for the shared folders are available under 'Control Panel' > 'File Sharing' > 'Shared Folder'.
Shared folders created in btrfs volumes can have bit-rot protection (termed as 'advanced data integrity protection', and available under the advanced options). Options to enable file compression and a quota on the shared folder are also available.
Editing the created shared folder allows setting of permissions for various scenarios. If the NFS service is enabled, the allowed clients and privilege settings can also be configured for the share.
The configuration of various services is, in our opinion, one of the confusing aspects. Strangely, the best place to control various services seems to be under 'Control Panel' > 'System' > 'Info Center'.
The advance settings for the services, however, are spread out across the UI. For example, the 'File Services' are under 'Control Panel' > 'File Sharing' > 'File Services', while the Telnet / SSH and SNMP controls are elsewhere under 'Control Panel' > 'Applications' > 'Terminal & SNMP'. The Synology NAS units support WedDAV, but, the settings controlling them are not readily visible.
The Samba service can be configured with a workgroup name. Transfer logs can also be enabled for this service. Advanced settings include the maximum protocol (DSM supports SMB 3.0), and signing amongst a host of others that can be viewed in the above gallery. The AFP service has a couple of settings related to application of default UNIX permissions and resource release after a disconnect. NFS v4 is supported, and customized ports can be used for the NFS services, if needed. Read and write packet sizes can also be configured in the advanced settings. FTP, SFTP and TFTP all come with plenty of configuration options. rsync is also supported with speed limit configurations that can even be set on a schedule.
Advanced settings for SSH include the encryption algorithm used (specified as different levels in the UI, instead of the actual algorithm names). The MIB files for the SNMP are available for download from Synology's website.
The My Cloud OS is not as feature-rich as the offerings from vendors dedicated to NAS units. Therefore, getting to the storage section in the UI is as simple as scrolling through the top ribbon menu and getting to the 'Storage' option.
The view shows the health of the current volume, its RAID type, an option to control auto-rebuild after replacement of a missing or faulty disk, and an option to change the RAID mode (RAID migration and expansion).
The Disk Status section allows monitoring of the S.M.A.R.T. data for the disks in the NAS. Since the My Cloud OS is used on NAS units targeting home consumers as well as businesses, iSCSI support also exists.
Only file-based LUNs are supported, and a given target can only support one LUN (configuring the target in the UI includes the LUN configuration also). CHAP authentication is supported. The volume virtualization option allows the NAS to act as an initiator and map iSCSI targets from other network members as volumes in the My Cloud OS. This feature supports multiple LUNs from a single target, as can be seen in the above gallery.
Similar to the 'Storage' option, the 'Shares' option is also one of the main entries in the ribbon menu.
Adding new shares is as simple as clicking the folder with the plus sign below the folder list. The share profile can then be edited to set the permissions (Public, or, on a per-user basis).
Other aspects such as recycle bin support, oplocks, media server source etc. can also be configured. The share's access is only through Samba by default. But, it can also be opened to other protocols such as FTP, WebDAV and NFS.
Access to the configuration of various services is obtained by navigating through 'Settings' > 'Network'. In addition to the storage and access services, the My Cloud OS puts in network configuration into the mix in this section.
The FTP service can be configured with a host of options. Access to each folder over FTP has to be set explicitly in te shares page, as shown in the gallery below. NFS, WebDAV, SSH and SNMP are available.
Samba configuration options include the workgroup name. My Cloud OS supports SMB 3. It also supports share aggregation for a DFS implementation. Active Directory support also exists.
ZyXEL's web UI has the 'Storage Manager' as the first entry in the main screen. The overview section shows the current list of volumes and their status. The status of the member disks are under 'Internal Storage' > 'Hard Disk'.
ZyXEL adopts a disk group - volume approach for the storage, similar to Synology's terminology. The disk group is configured in a particular RAID type, and multiple volumes can be created in it.
iSCSI LUNs in the ZyXEL NAS units are file-based. There is support for thin provisioning as well as instant allocation, and write-back can be enabled to increase performance. Disabling it will report a volatile write cache to the initiator. CHAP is supported, but optional. However, the allowed initiator (IQN) can't be left blank, and no wildcard can be used. So, it is now possible to set up a target without knowing the details of the machine that will connect to the target and map the LUN.
Shared folders are found under 'Control Panel' > 'Privilege and Sharing'. The default view lists the shares and their paths, along with the status.
Adding a share involves setting the location (if there are multiple volumes in the system), and some basic Samba settings such as being hidden in the network and enabling a recycle bin for it. The second step is the setting of access rights for various users / groups in the system.
Shares can also be published to the media servers as well as the web. In the latter case, contents can be accessed over a web browser (read-only). NFS is interesting, as it is not available by default, but, requires an additional package to be installed, as shown in the services gallery. The downside is that it is not possible to have a folder shared over both Samba and NFS, unlike NAS units from the other vendors covered in this section.
Available services can be configured from 'Control Panel' > 'Service'. Options include the inbuilt 'Twonky Media Server', iTunes Server, FTP, WebDAV, Web Publishing (Apache), Print Server and Syslog Server.
The Telnet and SSH services can be configured in the 'Control Panel' > 'Network' > 'Terminal' section. Configuration options for the media server include the ability to select certain types of contents from each folder, as shown in the gallery below.
The FTP service is as configurable as any implementation we have seen from other vendors. WebDAV needs to be enabled for the mobile app to work. As mentioned earlier, NFS (as well as the TFTP service) need to be installed from the App Center.