The Network section of the administrative GUI contains the following components for viewing and configuring the FreeNAS® system’s network settings:
Each of these is described in more detail in this section.
Network ‣ Global Configuration, shown in Figure 7.1a, allows you to set non-interface specific network settings.
Figure 7.1a: Global Configuration
Table 7.1a summarizes the settings that can be configured using the Global Configuration tab. The hostname and domain will be pre-filled for you, as seen in Figure 7.1a, but can be changed to meet the local network’s requirements.
Table 7.1a: Global Configuration Settings
|Hostname||string||system host name|
|Domain||string||system domain name|
|IPv4 Default Gateway||IP address||typically not set (see NOTE below)|
|IPv6 Default Gateway||IP address||typically not set (see NOTE below)|
|Nameserver 1||IP address||primary DNS server (typically in Windows domain)|
|Nameserver 2||IP address||secondary DNS server|
|Nameserver 3||IP address||tertiary DNS server|
|HTTP Proxy||string||enter the proxy information for the network in the format http://my.proxy.server:3128 or http://user@password:my.proxy.server:3128|
|Enable netwait feature||checkbox||if enabled, network services will not be started at boot time until the interface is able to ping the addresses listed in “Netwait IP list”|
|Netwait IP list||string||if “Enable netwait feature” is checked, list of IP addresses to ping; otherwise, ping the default gateway|
|Host name database||string||used to add one entry per line which will be appended to /etc/hosts; use the format IP_address space hostname where multiple hostnames can be used if separated by a space|
If you will be using Active Directory, set the IP address of the realm’s DNS server in the “Nameserver 1” field.
If your network does not have a DNS server or NFS, SSH, or FTP users are receiving “reverse DNS” or timeout errors, add an entry for the IP address of the FreeNAS® system in the “Host name database” field.
in many cases, a FreeNAS® configuration does not include default gateway information as a way to make it more difficult for a remote attacker to communicate with the server. While this is a reasonable precaution, such a configuration does not restrict inbound traffic from sources within the local network. However, omitting a default gateway will prevent the FreeNAS® system from communicating with DNS servers, time servers, and mail servers that are located outside of the local network. In this case, it is recommended to add Static Routes in order to reach external DNS, NTP, and mail servers which are configured with static IP addresses. If you add a gateway to the Internet, make sure that the FreeNAS® system is protected by a properly configured firewall.
Network ‣ Interfaces is used to view which interfaces have been manually configured, to add a manually configured interface, and to edit an interface’s manual configuration.
typically the interface used to access the FreeNAS® administrative GUI is configured by DHCP. This interface will not appear in this screen, even though it is already dynamically configured and in use.
Figure 7.2a shows the screen that opens when you click Interfaces ‣ Add Interface. Table 7.2a summarizes the configuration options when you add an interface or edit an already configured interface. Note that if any changes to this screen require a network restart, the screen will turn red when you click the “OK” button and a pop-up message will remind you that network connectivity to the FreeNAS® system will be interrupted while the changes are applied. Click “Yes” to proceed with the network restart or “No” to cancel the operation.
Figure 7.2a: Adding or Editing an Interface
Table 7.2a: Interface Configuration Settings
|NIC||drop-down menu||select the FreeBSD device name; will be a read-only field when editing an interface|
|Interface Name||string||description of interface|
|DHCP||checkbox||requires static IPv4 or IPv6 configuration if unchecked; note that only one interface can be configured for DHCP|
|IPv4 Address||IP address||set if “DHCP” unchecked|
|IPv4 Netmask||drop-down menu||set if “DHCP” unchecked|
|Auto configure IPv6||checkbox||only one interface can be configured for this option; requires manual configuration if unchecked and wish to use IPv6|
|IPv6 Address||IPv6 address||must be unique on network|
|IPv6 Prefix Length||drop-down menu||match the prefix used on network|
|Options||string||additional parameters from ifconfig(8), separate multiple parameters with a space; for example: mtu 9000 will increase the MTU for interfaces that support jumbo frames|
This screen also allows you to configure an IP alias for the interface, which allows the interface to be configured with multiple IP addresses. If you wish to set multiple aliases, click the “Add extra alias” link for each alias you wish to configure. To delete an alias, highlight the interface in the tree to access its “Edit” screen. Be sure to check the “Delete” checkbox associated with the alias. If you instead click the “Delete” button at the bottom of this screen, you will delete the whole interface, not just the alias.
When configuring multiple interfaces, they can not be members of the same subnet. Check the subnet mask if you receive an error when setting the IP addresses on multiple interfaces.
When configuring an interface for both IPv4 and IPv6, this screen will not let you set both addresses as primary. In other words, you will get an error if you fill in both the “IPv4 address” and “IPv6 address” fields. Instead, set one of these address fields and create an alias for the other address.
Beginning with version 9.2.1, FreeNAS® provides a graphical screen for configuring an IPMI interface. This screen will only appear if the system hardware includes a Baseboard Management Controller (BMC).
IPMI provides side-band management should the system become unavailable through the graphical administrative interface. This allows for a few vital functions, such as checking the log, accessing the BIOS setup, and powering on the system without requiring physical access to the system. IPMI can also be used to allow another person remote access to the system in order to assist with a configuration or troubleshooting issue. Before configuring IPMI, ensure that the management interface is physically connected to the network. Depending upon the hardware, the IPMI device may share the primary Ethernet interface or it may be a dedicated IPMI interface.
it is recommended to first ensure that the IPMI has been patched against the Remote Management Vulnerability before enabling IPMI. This article provides more information about the vulnerability and how to fix it.
IPMI can be configured from Network ‣ IPMI. This IPMI configuration screen, shown in Figure 7.3a, provides a shortcut to the most basic IPMI configuration. If you are already comfortable using the BMC’s utilities, they can be used instead. Table 7.3a summarizes the options when configuring IPMI using the FreeNAS® GUI.
Figure 7.3a: IPMI Configuration
Table 7.3a: IPMI Options
|Channel||drop-down menu||select the channel to use|
|Password||string||input the password used to connect to the IPMI interface from a web browser|
|DHCP||checkbox||if left unchecked, the following three fields must be set|
|IPv4 Address||string||IP address used to connect to the IPMI web GUI|
|IPv4 Netmask||drop-down menu||subnet mask associated with the IP address|
|IPv4 Default Gateway||string||default gateway associated with the IP address|
Once configured, you can access the IPMI interface using a web browser and the IP address you specified in the configuration. The management interface will prompt for a username and the password that you configured. Refer to the documentation for the IPMI device to determine the default administrative username.
Once you have logged into the management interface, you can change the default administrative username as well as create additional users. The appearance of the utility and the functions that are available within the IPMI management utility will vary depending upon the hardware.
Network ‣ Network Summary allows you to quickly view the addressing information of every configured interface. For each interface name, the configured IPv4 and IPv6 address(es), DNS server(s), and default gateway will be displayed.
By default, no static routes are defined on the FreeNAS® system. Should you need a static route to reach portions of your network, add the route using Network ‣ Static Routes ‣ Add Static Route, shown in Figure 7.6a.
Figure 7.6a: Adding a Static Route
The available options are summarized in Table 7.6a.
Table 7.6a: Static Route Options
|Destination network||integer||use the format A.B.C.D/E where E is the CIDR mask|
|Gateway||integer||input the IP address of the gateway|
If you add any static routes, they will show in “View Static Routes”. Click a route’s entry to access its “Edit” and “Delete” buttons.
FreeNAS® uses FreeBSD’s vlan(4) interface to demultiplex frames with IEEE 802.1q tags. This allows nodes on different VLANs to communicate through a layer 3 switch or router. A vlan interface must be assigned a parent interface and a numeric VLAN tag. A single parent can be assigned to multiple vlan interfaces provided they have different tags.
VLAN tagging is the only 802.1q feature that is implemented. Additionally, not all Ethernet interfaces support full VLAN processing–see the HARDWARE section of vlan(4) for details.
If you click Network ‣ VLANs ‣ Add VLAN, you will see the screen shown in Figure 7.7a.
Figure 7.7a: Adding a VLAN
Table 7.7a summarizes the configurable fields.
Table 7.7a: Adding a VLAN
|Virtual Interface||string||use the format vlanX where X is a number representing the vlan interface|
|Parent Interface||drop-down menu||usually an Ethernet card connected to a properly configured switch port; note that newly created Link Aggregations will not appear in the drop-down until the system is rebooted|
|VLAN Tag||integer||should match a numeric tag set up in the switched network|
The parent interface of a vlan has to be up, but it can have an IP address or it can be unconfigured, depending upon the requirements of the VLAN configuration. This makes it difficult for the GUI to do the right thing without trampling the configuration. To remedy this, after adding the VLAN, go to Network ‣ Interfaces ‣ Add Interface. Select the parent interface from the “NIC” drop-down menu and in the “Options” field, type up. This will bring up the parent interface. If an IP address is required, it can be configured using the rest of the options in the “Add Interface” screen.