Turris MOX, RAID1, and the overall experience
I have set out to convert my Turris MOX, for which I have no good use right now, to a small NAS, preferably with SMB. Since I will be using the array remotely, I was also searching for a good option for that.
(This was written during December of 2022, but I have not been able to finish this. So some of the results are only from what I remember, but I wanted to share the general idea.)
Preparing an array
Eventually I resorted to buying a miniPCIe SATA card with 2 SATA slots. Buying that was a whole story of its own. Thankfully Turris supports Delock miniPCIe SATA cards so I bought that (this variant - https://www.mironet.cz/delock-minipcie-io-pcie-full-size-2-x-sata-6-gbs+dp214502/), but I had to buy from Amazon as I couldn’t find it in stock in the stores here in Czechia.
But then, whoah, the cables are penetrating the casing and don’t allow me to close it! I had to look really closely to buy SATA cables which had the right shape. Had I bought the version with the ports pointed upwards, I could have avoided this to an extent.
Nextcloud
Much to my disappointment, I am coping with the Turris MOX Classic with 512MB RAM. Nextcloud is not a good idea on that machine, because it is really RAM-hungry, although I must say that I was pleasantly surprised by the responsiveness. Also it uses an older NC version, which had more to do with the architecture of OpenWRT or Turris in general – but I don’t remember exactly what the issue was.
File sharing
SFTP (= SSH)
The crypto chip is completely useless for this one. 10 MB/s if you’re lucky.
HTTP
Here I was able to get download speeds around 50 MB/s with the integrated server.
Samba 4
This is the basic option, and Although quite simple to set up, it was not very fast, I believe I got maximum of 20 MB/s either way.
ksmbd
From what I remembered, OpenWRT was one of the early users of ksmbd, so I decided to give ksmbd a try. Ksmbd (kcifsd) is a kernel-space SMB server. Also quite simple to set up, sharing much of the configuration with Samba.
Download speeds were ranging from 30 to 65 MB/s, depending on the client used, which was impressive on this hardware. Upload speed was around 30-40 MB/s.
Summing it up, ksmbd was much faster on this particular hardware, and I have experienced no slowdown after enabling signing and encryption. I assume this is due to the cryptographic capabilities of Turris MOX’s CPU chip, which they also use for the VPN, if I recall correctly. Even though…….. just read the next chapter.
(Since I’ve written this, there have been a couple of serious security bugs discovered with ksmbd. So I only recommend running this in your trusted local network.)
VPN
OpenVPN + ksmbd
Thinking about the possible use, I thought: why not use OpenVPN for the access to my files?
I have used default settings from Foris OpenVPN interface. It works, but the speed was very poor and the bottleneck was clearly on the server side (MOX).
It would be nice to test whether I forgot to enable hardware encryption or anything… but probably not, the reported speeds by others are very smimilar.
WireGuard + ksmbd
It’s been a while, but this was much, much better. 70-90 Mbps was achieved from my symmetric connection at home (100/100 Mbps).
Addendum
My mPCIe SATA card broke shortly after the initial tests, and while I planned to do some more extensive research, I am currently unable. So there I end for now. :)