I’m on latest NS version, trying to use the backup-data package with a Windows 2016 server as a CIFS repository (actually, it’s a Microsoft free Hyper-V 2016 server).
The backup-data.log says: 2018-02-17 01:00:10 - ERROR - Error while mounting 192.168.168.5:Backup : mount error(112): Host is down Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) 2018-02-17 01:00:10 - ERROR - Event pre-backup-data failed - 1
Searching the “Host is down” error, I found this thread
Indeed the missing option seems to be “-o vers=2.0”, since SMB1 has been disabled on this server due its to recent vulnerabilities.
Is there an option to enable it in the server manager or on command line ?
Thank you!
Davide.
It works!
But I’m a bit afraid that my change will be overwritten by next packages updates.
Would be nice to be able to set CIFS compatibility level in the web gui.
We should probably add a new prop named something like SMBProtocolVersion.
The default should be v1 but the user must be able to choose v2 directly from the web interface.
I don’t like it.
Even if I fear some regressions, I think that we should try to mount using the best protocol and try to fall back to earlier versions if the mount fails.
From mount.cifs manual we can try in order: 3.0 2.1 2.0 1.0
Hide complexity is useful for not-skilled people. There’s already a specific distro which is called for human beings.
Or there’s another software for servers, homebased at Redmon.
Therefore, IMO, a toggle is preferrable.
NS users are sysadmins, so I would expect that anyone at least knows that there are different SMB/CIFS protocol versions.
My preference would go to a GUI-toggle, with latest or at least 2.0 being the default - and maybe an “insecure” warning next to the SMBv1 choice (helps spreading the awareness).
vers=arg
The default since v4.13.5 is for the client and server to negotiate the highest possible version greater than or equal to 2.1. In kernels prior to v4.13, the default was 1.0. For kernels
between v4.13 and v4.13.5 the default is 3.0.
That way, you could keep the "simple" aproach because you'd have to only configure the general settings, and put the tryal of versions as default method. When one wants to go advanced, click the third link, and have the option to specify version manually, and disturbing no one I'd say. I'm not a sys admin, so my points of view might slightly differ, since in my case ns is just a plain old gateway, but at least one i feel comfortable using :slight_smile:
So, I’m not sure what fix 5687 is, I had set my backup destination NAS to v3 after I had the cifs mount error on a production network after upgrading to 7.6 and I’m fine with NS using smb3, I would prefer it didn’t downgrade to v2 or 2.1 and I’m not clear enough on the code change to be sure exactly what this fix does. I don’t see where the requirement is to use the highest available protocol. I’m not using cockpit yet either.