Purpose
This article describes one way that you may choose to set up an NFS server to operate with Forcefield to provide NFS file sharing for backups, reports, file transfer, etc.
Software for serving NFS
There are many NFS serving applications out there, and some operating systems have NFS sharing built in, however you may find some do not work with Forcefield.
An example of a working application is haneWIN NFS. This software can be tested with a 30 day trial license, and then a license can be purchased inexpensively from the author. However, note that Aritech are not in any way affiliated with haneWIN, and not responsible for any issues that occur due to it's use. Please ensure you also do your own research as to the appropriateness of the software for the site and IT requirements.
The current website for HaneWIN NFS can be found using a Google search.
haneWIN NFS settings to work with Forcefield
The settings shown below are an example of settings that are confirmed working with Forcefield.
- In this example, there is a local folder called "NFSShare" on the C: drive of this computer, with full read/write permissions.
- In this example, we have also called the share "mynfs"
Example settings:
Forcefield NFS settings to work with the above example
Firstly, under "Databases > Computer Equipment > TCP/IP Hosts", create a record pointing to the IP Address of the host computer that is serving the NFS Share, as shown below, and then press the Save button. In the below example I used 10.0.0.100, however use the address of your host PC here.
Then, under "Databases > Computer Equipment > Storage > NFS Storage", create a record for the NFS share, using that host that we just created, as shown below.
Now when you press the Save button, you will be asked if Forcefield should attempt the NFS connection now. Choose Yes to test the connection (ensure you have your NFS server running, and appropriate Firewall rules set first though - see Appendix A below for information on Firewall rules needed, as otherwise this may not succeed).
You should now see the share successfully mounted, as follows:
You now have NFS sharing successfully configured.
IF IT FAILED: If it failed, check Appendix A, to ensure you have your Windows Firewall successfully configured to allow NFS sharing.
Accessing the NFS share
Now that you have created the share, you can select it as the location for backups, or reports, and it will automatically be mounted as needed.
However if you wish to manually mount it to view or access files on the share, you may then go to "Admin > Mount Storage" and select the share you created, and choose "Mount" to mount it. You should then see "Mounted as" be updated with the path of the share, for example:
At this point, the share is now accessible. Note though that if you close this window, the share will no longer be mounted. It is only mounted for manual access (for example browsing for files via a shell, etc) while this window is open.
However, this does not affect operations such as backups or reports, they will still automatically mount the share when needed.
Appendix A - How to allow NFS sharing through Windows Firewall:
This Appendix contains instructions as an example of how you may create rules to allow NFS serving through Windows Firewall, so that a Forcefield Node can access it.
This example could be referred to when software, such as haneWIN NFS, or other NFS serving software, is being used from a Windows computer to serve an NFS share to Forcefield.
IMPORTANT: This appendix contains an example only, and for all Firewall settings, you should always consult with a site's IT Team, and implement in a way that is approved by them. Aritech is not responsible for any issues caused by implementing anything described in this guide. This guide is an example only for the purpose of showing what ports would need to be permitted, and how that can be achieved.
Example instructions for creating a working firewall exception rule to allow NFS sharing:
Below we create two rules, one to allow Port 2049 via TCP, and one to allow Port 111 via UDP.
1. In Windows, go to the Start menu's Search box, and type in "Windows Defender Firewall with Advanced Security" (note that it must be the "with Advanced Security" version, and not just "Windows Defender Firewall).
2. Select "Inbound Rules", and in the "Actions" window on the right, choose "New Rule..."
3. For the "Rule Type" select "Port" as shown below, and press Next.
4. Firstly we will create the TCP rule for port 2049. For the "Protocols and Ports" selection, select "TCP", and for the "Specified local port" enter 2049 as shown below, and then press Next.
5. For the "Action" select "Allow the connection", as shown below, and then press Next.
6. For the "Profile" select the network Profile that matches the current Local Area Network connection that the Forcefield system is also on - or you can also simply select them all, as shown below, and then click Next.
7. Name your rule something useful to you that you will understand if coming back to it in the future, as shown below, and then click Next.
8. You will now see your new Inbound Rule. Right click on this rule, and select "Properties", as shown below:
9. Now go to the "Scope" tab, and under "Remote IP address", select "Add..." to add the IP address of your Forcefield node. If you have multiple nodes, press the "Add..." button again after the first one, to add a second entry. Then choose "OK".
10. Now we need to create the UDP rule for port 111. Go back to the "Actions" tab on the right, and select "New Rule..." again, as shown below.
11. Once again, as described in Step 3, for the "Rule Type" select "Port" as shown below, and press Next.
12. Now since we are creating a UDP rule for port 111. For the "Protocols and Ports" selection, select "UDP", and for the "Specified local port" enter 111 as shown below, and then press Next.
13. For the "Action" select "Allow the connection", and then press Next.
14. For the "Profile" select the network Profile that matches the current Local Area Network connection that the Forcefield system is also on - or you can also simply select them all, and then click Next.
15. Name your rule something useful to you that you will understand if coming back to it in the future, as shown below, and then click Next.
16. You will now see your new Inbound Rule for port 111. Right click on this rule, and select "Properties", as shown below:
17. Now go to the "Scope" tab, and under "Remote IP address", select "Add..." to add the IP address of your Forcefield node. If you have multiple nodes, press the "Add..." button again after the first one, to add a second entry. Then choose "OK".
18. You should now have 2 completed rules as shown below. You can now exit this program, and the Firewall should be ready for NFS to work when Forcefield attempts to mount the connection.
For further assistance, please contact your usual support channels.