Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 14 Jul 2004 11:08:20 -0500
From:      Dan Nelson <dnelson@allantgroup.com>
To:        Artem Koutchine <matrix@itlegion.ru>
Cc:        freebsd-questions@freebsd.org
Subject:   Re: Need a network file system with Windows client and freeBSD server
Message-ID:  <20040714160820.GA16366@dan.emsphone.com>
In-Reply-To: <004001c469b1$a74dacf0$0c00a8c0@artem>
References:  <004001c469b1$a74dacf0$0c00a8c0@artem>
next in thread | previous in thread | raw e-mail | index | archive | help 
In the last episode (Jul 14), Artem Koutchine said:
> I need sime kind of network file system which has a FreeBSD server
> and Windows clients (particulary Windows XP) and that FreeBSD file
> share must be mounted on Windows XP under a drive letter. Windows
> client is FAR FAR away and is behind nat. Traffic costs a lot, so
> that file system must not waste it for nothing. Of course, security
> is very important and security based on IP address is impossible,
> because client is behind nat.

For any of the solutions you describe, you will definitely want to set
up a VPN between the client and server, and if possible have it
compress the data.  Never allow raw filesystem access to the entire
Internet :)

> 1) Samba3                                                                       
>                                                                                 
> I think i could use it with user security (not share or maybe mixed)
> but i am not sure about making it open to internet and also i think
> it wastes bandwidth. Am i wrong?

It should be no more inefficient than any of the others, really. 
Theres a different amount of overhead for each protocol, but they're
all small compared to the actual data sent when doing a file copy, for
example.

> 4) NFS
> 
> Well, i like it very much because we use for freebsd file shareing
> since year 2000. Hoever, i could not find free NFS client for Windows
> (but, hell, i'll buy it) but what's worse i get figure out how to
> make authorizartion based on user/password and not on /etc/exports. I
> need something more secure. Also, am not sure about bandwidth usage.

Microsoft has a nice NFS client/server implementation in its free
Services for Unix product.  http://www.microsoft.com/windows/sfu/ . If
you use VPNs, you should be able to control the local IP number that
gets assigned to each VPN user, so you could use that to filter access
in /etc/exports (and use the -mapall flag to force specific userids for
each incoming IP).

-- 
	Dan Nelson
	dnelson@allantgroup.com

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040714160820.GA16366>