Thank you for the reply.
mazilo wrote:Pseudorellia wrote:I've tested two different methods of file sharing, and found that NFS is up to 5 times faster than sshfs in some cases.
I sure will appreciate if you can kindly show the R/W throughput on your NFS storage.
Sure. It's not exactly comprehensive, but it gives the general idea. I created a 50 MB random file (with `dd if=/dev/urandom of=/tmp/randomness bs=1M count=50`), then mounted the router's drive locally with either sshfs of NFS, both with default options. I tested the time (in seconds) it took to transfer with `time rsync …`.
On my laptop connecting on 5 GHz 802.11n:
On my wife's laptop with 802.11ac:
sshfs download: 16.766
NFS download: 7.409
However, I'm concerned about the lack of security in NFS. Occasionally others use my network, and I'd prefer not to let them access my shares.
In your /etc/exportfs file, you can specify which computers are allowed to access which NFS exported partition. For instance, the following will allow only the IP Address (10.0.0.100) to be able to see and mount the exported NFS drive (/opt). Other computers will probably be able to mount the exported NFS drive (/opt) with an empty directory.
root@lede:~# cat /etc/exports
/opt 10.0.0.100/255.0.0.0(rw,insecure,nohide,no_subtree_check,sync)
root@lede:~#
Yes, I did see configurations for IP addresses, but I didn't feel like that was very secure. It seems that any computer on the network can simply run `showmount -e <server IP>`, and get a list of shares and IP addresses. It's then trivial to spoof the IP address and gain access.
If your router supports multiple local subnets, then you can specify computers in which subnet are allowed to access your NFS drive
root@lede:~# cat /etc/exports
/opt 10.0.0.0/255.0.0.0(rw,insecure,nohide,no_subtree_check,sync)
root@lede:~#
Hmmm… I'll have to investigate this further. Currently my OpenWRT wifi router is in DHCP bridge mode, so I guess it's not the one creating subnets.
Inferring from your answer, though, is guest networks the wrong way to go about this? And can they not increase the number of SSIDs and password pairs produces by the router?