No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Basic Storage Service Configuration Guide for File

OceanStor V3 Series V300R006

This document is applicable to OceanStor 2200 V3, 2600 V3, 5300 V3, 5500 V3, 5600 V3, 5800 V3, 6800 V3, 18500 V3, and 18800 V3. It describes the basic storage services and explains how to configure and manage them.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring an FTP Share

Configuring an FTP Share

This section describes how to configure an FTP share. The storage system enables you to allocate different FTP share access permissions to different users.

Configuration Process

Figure 3-29 shows the FTP share configuration process.

Figure 3-29 FTP share configuration process

Preparing Data

Before configuring an FTP share, plan and collect required data to facilitate follow-up service configurations.

Table 3-63 lists the data required for configuring an FTP share.

Table 3-63 Data required for configuring an FTP share

Item

Description

IP address of the storage system

Service IP address used by a storage system to provide FTP shares for clients. Ethernet ports or logical ports can be used.

File system

File system or its quota tree shared through an FTP share.

User

User used to access an FTP share. Storage systems use local authentication users to enable clients to access FTP shares.

User group

Local authentication user groups used to control the share access permissions of local authentication users.

Permission

Permissions include:

  • Viewing a file list: Users can view FTP share contents.
  • Creating a file: Users can create files in the FTP share directory.
  • Uploading a file: Users can upload files to an FTP share.
  • Downloading a file: Users can download files from an FTP share.
  • Deleting a file: Users can delete files from an FTP share.

Configuring a Network

Before configuring shared services, plan and configure a network properly for accessing and managing file services.

(Optional) Bonding Ethernet Ports

This section describes how to bond Ethernet ports on a same controller.

Prerequisites

Ethernet ports to be bonded are not configured with any IP addresses.

Context
  • Port bonding provides more bandwidth and link redundancy. Although ports are bonded, each host still transmits data through a single port and the total bandwidth can be increased only when there are multiple hosts. Determine whether to bond ports based on site requirements.
  • Port bonding on a storage system has the following restrictions:
    • Only Ethernet ports with the same rate (GE or 10GE) on a same controller can be bonded. A maximum of eight Ethernet ports can be bonded as a bond port.
    • Ethernet ports on a SmartIO interface module cannot be bonded if they are in cluster or FC mode or run FCoE service in FCoE/iSCSI mode.
    • The MTU of bonded SmartIO ports must be the same as that of the hosts.
    • Read-only users are unable to bond Ethernet ports.
    • A port can only be added to one bond port.
    • A member in a port group cannot be added to a bond port.
  • After Ethernet ports are bonded, MTU changes to the default value and you must set the link aggregation mode for the ports. On Huawei switches, you must set the ports to work in static LACP mode.

    The link aggregation modes vary with switch manufacturers. If a non-Huawei switch is used, contact technical support of the switch manufacturer for specific link aggregation configurations.

Procedure
  1. Log in to DeviceManager.
  2. Choose Provisioning > Port > Bond Ports.
  3. Click Create.

    The Create Bond Port dialog box is displayed.

  4. Set the name, controller, interface module, and optional ports that can be bonded.

    1. Specify Name for the bond port.

      The name:

      • Contains only letters, digits, underscores (_), periods (.), and hyphens (-).
      • Contains 1 to 31 characters.
    2. From Controller, select the owning controller of the Ethernet ports to be bonded.
    3. Specify Interface Module.
    4. From the Optional port list, select the Ethernet ports you want to bond.
      NOTE:
      • Select at least two ports.
      • The port name format is controller enclosure ID.interface module ID.port ID.
    5. Click OK.

      The security alert dialog box is displayed.

  5. Confirm the bonding of the Ethernet ports.

    1. Confirm the information in the dialog box and select I have read and understand the consequences associated with performing this operation.
    2. Click OK.

      The Success dialog box is displayed, indicating that the operation succeeded.

    3. Click OK.

(Optional) Creating a VLAN

Ethernet ports and bond ports on a storage system can be added into multiple independent VLANs. You can configure different services in different VLANs to ensure the security and reliability of service data.

Prerequisites

The Ethernet ports for which you want to create VLANs have not been assigned IP addresses or used for networking.

Procedure
  1. Log in to DeviceManager.
  2. Choose Provisioning > Port > VLAN.
  3. Click Create.

    The Create VLAN dialog box is displayed.

  4. Select the type of ports used to create VLANs from the Port Type drop-down list.

    Port Type can be Ethernet port or Bond port.

  5. In the port list, select the desired Ethernet port or bond port.
  6. In ID, enter the VLAN ID and click Add.

    NOTE:
    • The VLAN ID ranges from 1 to 4094. You can enter a single VLAN ID or VLAN IDs in batches in the format of "start ID-end ID".
    • To remove a VLAN ID, select it and click Remove.

  7. Click OK.

    The Execution Result dialog box is displayed, indicating that the operation succeeded.

  8. Click Close.
Creating a Logical Port

This section describes how to create a logical port for managing and accessing files based on Ethernet ports, bond ports, or VLANs.

Context

The logical ports are virtual ports that carry host services. A unique IP address is allocated to each logical port for carrying services.

Procedure
  1. Log in to DeviceManager.
  2. Choose Provisioning > Port > Logical Ports.
  3. Click Create.

    The Create Logical Port dialog box is displayed.

  4. In the Create Logical Port dialog box, configure related parameters.

    Table 3-64 describes the related parameters.

    NOTE:

    GUIs may vary with product versions and models. The actual GUIs prevail.

    Table 3-64 Logical port parameters

    Parameter

    Description

    Value

    Name

    Name of the logical port.

    The name:

    • Must be unique.
    • Can contain only letters, digits, underscores (_), periods (.), and hyphens (-).
    • Must contain 1 to 31 characters.

    [Example]

    Lif01

    IP Address Type

    IP address type of the logical port, including IPv4 Address and IPv6 Address.

    [Example]

    IPv4 Address

    IPv4 Address

    IPv4 address of the logical port.

    [Example]

    192.168.50.16

    Subnet Mask

    IPv4 subnet mask of the logical port.

    [Example]

    255.255.255.0

    IPv4 Gateway

    IPv4 gateway of the logical port.

    [Example]

    192.168.50.1

    IPv6 Address

    IPv6 address of the logical port.

    [Example]

    fc00::1234

    Prefix

    IPv6 prefix length of the logical port.

    [Example]

    64

    IPv6 Gateway

    IPv6 gateway of the logical port.

    [Example]

    fc00::1

    Home Port

    Port to which the logical port belongs, including Ethernet port, Bond port, and VLAN.

    [Example]

    CTE0.A.IOM0.P0

    Failover Group

    Failover group name.

    NOTE:
    • If a failover group is specified, services on the failed home port will be taken over by a port in the specified failover group.
    • If no failover group is specified, services on the failed home port will be taken over by a port in the default failover group.

    [Example]

    System-defined

    IP Address Failover

    After IP address failover is enabled, services fail over to other normal ports within the failover group if the home port fails. In addition, the IP address used by services remains unchanged.

    NOTE:

    Shares of file systems do not support the multipathing mode. IP address failover is used to improve reliability of links.

    [Example]

    Enable

    Failback Mode

    Mode in which services fail back to the home port after the home port is recovered. The mode can be Manual or Automatic.

    NOTE:
    • If Failback Mode is Manual, you need to ensure that the link to the home port is normal before the failback. Services will manually fail back to the home port only when the link to the home port keeps normal for over five minutes.
    • If Failback Mode is Automatic, ensure that the link to the home port is normal before the failback. Services will automatically fail back to the home port only when the link to the home port keeps normal for over five minutes.

    [Example]

    Automatic

    Activate Now

    To activate the logical port immediately.

    [Example]

    Enable

    Role

    Roles of the logical ports, including:

    • Management: The port is used by a super administrator to log in to the system for management.
    • Service: The port is used by a super administrator to access services such as CIFS shares.
    • Management+Service: The port is used by a super administrator to log in to the system to manage the system and access services.

    [Example]

    Service

    Dynamic DNS

    When dynamic DNS is enabled, the DNS service will automatically and periodically update the IP address configured for the logical port.

    [Example]

    Enable

    Listen DNS Query Request

    After this function is enabled, external NEs can access the DNS service provided by the storage system by using the IP address of this logical port.

    NOTE:

    This parameter applies to V300R006C10 and later versions.

    [Example]

    Disabled

    DNS Zone

    Name of the DNS zone.

    NOTE:
    • If you do not specify this parameter, the logical port will not used for DNS-based load balancing.
    • Only the logical ports whose Role is Service or Management+Service can be added to a DNS zone. The logical ports whose Role is Management cannot be added to a DNS zone.
    • One logical port can be associated with only one DNS zone. One DNS zone can be associated with multiple logical ports.
    • A DNS zone can be associated with both IPv4 and IPv6 logical ports.
    • The load balancing effect varies with the distribution of logical ports associated with a DNS zone. To obtain a better load balancing effect, ensure that logical ports associated with a DNS zone are evenly distributed among controllers.
    • This parameter applies to V300R006C10 and later versions.

    [Example]

    None

  5. Click OK.

    The Success dialog box is displayed, indicating that the logical port has been successfully created.

  6. Click OK.
(Optional) Configuring DNS-based Load Balancing Parameters (Applicable to V300R006C10 and Later Versions)

The DNS-based load balancing feature can detect loads on various IP addresses on a storage system in real time and use a proper IP address as the DNS response to achieve load balancing among IP addresses.

Context

Working principle:

  1. When a host accesses the NAS service of a storage system using a domain name, the host first sends a DNS request to the built-in DNS server and the DNS server obtains the IP address according to the domain name.
  2. If the domain name contains multiple IP addresses, the storage system selects the IP address with a light load as the DNS response based on the configured load balancing policy and returns the DNS response to the host.
  3. After receiving the DNS response, the host sends a service request to the destination IP address.
Procedure
  1. Log in to DeviceManager.
  2. Choose Settings > Storage Settings > File Storage Service > DNS-based Load Balancing.

    Table 3-65 lists parameters related to DNS-based load balancing.
    Table 3-65 DNS-based load balancing parameters

    Parameter

    Description

    Value

    DNS-based Load Balancing

    Enables or disables DNS-based load balancing.

    NOTE:
    • When enabling the DNS-based load balancing function, you are advised to disable the GNS forwarding function. This function affects DNS-based load balancing.
    • After the DNS-based load balancing function is disabled, the domain name resolution service is unavailable and file systems cannot use the function.
    • This parameter can be set only in the system view, not in the vStore view. The setting takes effect for the entire storage system.

    [Example]

    Enabled

    Load Balancing Policy

    Specifies a DNS-based load balancing policy. The following load balancing policies are available:

    • Weighted round robin: When a client uses a domain name to initiate an access request, the storage system calculates the weight based on the performance data. Under the same domain name, IP addresses that are required to process loads have the same probability to be selected to process client services.
    • CPU usage: When a client uses a domain name to initiate an access request, the storage system calculates the weight based on the CPU usage of each node. Using the weight as the probability reference, the storage system selects a node to process the client's service request.
    • Bandwidth usage: When a client uses a domain name to initiate an access request, the storage system calculates the weight based on the total bandwidth usage of each node. Using the weight as the probability reference, the storage system selects a node to process the client's service request.
    • Open connections: When a client uses a domain name to initiate an access request, the storage system calculates the weight based on the NAS connections of each node. Using the weight as the probability reference, the storage system selects a node to process the client's service request.
    • Overall load: When a client uses a domain name to initiate an access request, the storage system selects a node to process the client's service request based on the comprehensive load. The comprehensive node load is calculated based on the CPU usage, bandwidth usage, and number of NAS connections. Less loaded nodes are more likely to be selected.
    NOTE:

    This parameter can be set only in the system view, not in the vStore view. The setting takes effect for the entire storage system.

    [Example]

    Weighted round robin

  3. Configure a DNS zone.

    A DNS zone contains IP addresses of a group of logical ports. A host can use the name of a DNS zone to access shared services provided by a storage system. Services can be evenly distributed to logical ports.

    NOTE:

    Only the logical ports whose Role is Service or Management+Service can be added to a DNS zone. The logical ports whose Role is Management cannot be added to a DNS zone.

    1. Add a DNS zone.
      1. Click Add.
      2. The Add DNS Zone dialog box is displayed. In Domain Name, type the domain name of the DNS zone you want to add and click OK.
      NOTE:

      The domain name complexity requirements are as follows:

      • The domain name can contain 1 to 255 characters and consists of multiple labels separated by periods (.).
      • A label can contain 1 to 63 characters including letters, digits, hyphens (-), and underscores (_), and must start and end with a letter or a digit.
      • The domain name must be unique.
    2. Remove a DNS zone.
      1. In the DNS zones that are displayed, select a DNS zone you want to remove.
      2. Click Remove.
    3. Modify a DNS zone.
      1. In the DNS zones that are displayed, select a DNS zone you want to modify.
      2. Click Modify.
      3. The Modify DNS Zone dialog box is displayed. In Domain Name, type the domain name of the DNS zone you want to modify and click OK.
    4. View a DNS zone.
      1. In DNS Zone, type a keyword and click Search.
      2. In DNS Zone, the DNS zone names relevant to the keyword will be displayed.
    NOTE:

    You can select a DNS zone to modify or remove it.

  4. Click Save.

    The Warning dialog box is displayed.

  5. Confirm the information in the dialog box and select I have read and understand the consequences associated with performing this operation.
  6. Click OK.

    The Execution Result page is displayed.

  7. On the Execution Result page, confirm the modification and click Close. The DNS zone configuration is complete.
Follow-up Procedure

After associating logical ports with a DNS zone, configuring logical ports to listen to DNS requests, setting a DNS-based load balancing policy, and enabling DNS-based load balancing, you need to configure DNS server addresses on clients. For details about how to configure and use DNS-based load balancing, see How Can I Configure and Use DNS-based Load Balancing?

(Optional) Managing the Routes of a Logical Port

When configuring share access, ensure that the logical port can ping the IP addresses of the domain controller, DNS server, and clients. If the ping test fails, add routes from the IP address of the logical port to the network segment of the domain controller, DNS server, or clients.

Prerequisites

The logical port has been assigned an IP address.

Procedure
  1. Log in to DeviceManager.
  2. Choose Provisioning > Port > Logical Ports.
  3. Select the logical port for which you want to add a route and click Route Management.

    The Route Management dialog box is displayed.

  4. Configure the route information for the logical port.

    1. Click Add.

      The Add Route dialog box is displayed.

    The default IP addresses of the internal heartbeat on a dual-controller storage system are 127.127.127.10 and 127.127.127.11, and those on a four-controller storage system are 127.127.127.10, 127.127.127.11, 127.127.127.12, and 127.127.127.13. Therefore, the destination address cannot fall within the 127.127.127.XXX segment. Besides, the IP address of the gateway cannot be 127.127.127.10, 127.127.127.11, 127.127.127.12, or 127.127.127.13. Otherwise, routing will fail. (Internal heartbeat links are established between controllers for these controllers to detect each other's working status. You do not need to separately connect cables. In addition, internal heartbeat IP addresses have been assigned before delivery, and you cannot change these IP addresses).

    1. In Type, select the type of the route to be added.

      Possible values are Default route, Host route, and Network segment route.

    2. Set Destination Address.
      • If IP Address is an IPv4 address, set Destination Address to the IPv4 address or network segment of the application server's service network port or that of the other storage system's logical port.
      • If IP Address is an IPv6 address, set Destination Address to the IPv6 address or network segment of the application server's service network port or that of the other storage system's logical port.
    3. Set Destination Mask (IPv4) or Prefix (IPv6).
      • Destination Mask specifies the subnet mask of the IPv4 address for the service network port on the application server or storage device.
      • Prefix specifies the prefix of the IPv6 address for application server's service network port or that of the other storage system's logical port.
    4. In Gateway, enter the gateway for the IP address of the local storage system's logical port.

  5. Click OK. The route information is added to the route list.

    The security alert dialog box is displayed.

  6. Confirm the information in the dialog box and select I have read and understand the consequences associated with performing this operation.
  7. Click OK.

    The Success dialog box is displayed, indicating that the operation succeeded.

    NOTE:

    To remove a route, select it and click Remove.

  8. Click Close.

Enabling the FTP Service

Before creating an FTP share, verify that the FTP service has been enabled and parameters are correct.

Prerequisites

You have logged in to DeviceManager as an administrator or super administrator.

Procedure
  1. Log in to DeviceManager.
  2. Choose Settings > Storage Settings > File Storage Service > FTP Service.
  3. Configure FTP service parameters.

    Table 3-66 describes the related parameters.

    Table 3-66 FTP parameters

    Parameter

    Description

    Value

    Enable

    Whether to enable FTP sharing. After this function is enabled, you need to set FTPS Connection Mode and Plaintext FTP.

    [Default value]

    Disable

    [Example]

    Enable

    FTPS Connection Mode

    File Transfer Protocol over SSL (FTPS) is an encrypted FTP protocol. It supports two transfer modes:

    • Explicit: Port 21 is used by default.
    • Implicit: Port 990 is used by default.

    [Default value]

    Explicit

    [Example]

    Implicit

    Plaintext FTP

    Whether to enable the plaintext FTP. After the plaintext FTP is enabled, there may be security risks.

    NOTE:
    • This parameter is displayed only when FTPS Connection Mode is Explicit.
    • Plaintext FTP must be enabled if an OS native FTP client (such as the browser, resource manager, or CLI) is used on a Windows or Linux client to access FTP shares.

    [Default value]

    Disable

    [Example]

    Enable

    Allow anonymous user access

    Whether anonymous users are allowed to access an FTP shared directory. After enabled, you must specify the shared directory, including file system and quota tree.

    NOTE:

    Anonymous users cannot:

    • Upload a file whose name starts with a period (.).
    • Delete or rename files.

    [Default value]

    Disable

    [Example]

    Enable

    File System

    File system that is shared in FTP (mandatory).

    [Example]

    FileSystem001

    Quota Tree

    Level-1 directory of a file system (optional).

    [Example]

    Share

    Share Path

    The directory that anonymous users can access. It consists of File System and Quota Tree.

    [Example]

    /FileSystem001/Share

  4. Click Save.

    The Warning dialog box is displayed.

  5. Confirm the information in the dialog box, select I have read and understand the consequences associated with performing this operation, and click OK.

    The Success dialog box is displayed.

  6. Click OK.

Creating a Local Authentication User

This section describes how to create a local authentication user. For applications that use local authentication, local user accounts are used to access a share. You can add a local user to a user group and access a share as the user group.

Procedure
  1. Log in to DeviceManager.
  2. Choose Provisioning > User Authentication.
  3. Click the Local Authentication User tab.
  4. Click Create.

    The Local Authentication User dialog box is displayed.

  5. Specify Username.

    A user name:

    • Cannot contain space, double quotation mark ("), slash (/), backslash (\), square brackets ([]), less than sign (<), larger than sign (>), plus (+), colon (:), semicolon (;), comma (,), question mark (?), asterisk (*), vertical bar (|), equal mark (=), at sign (@), or end with a period (.).
    • Can contain case-insensitive letters. Therefore, you cannot create both aaaaaaaa and AAAAAAAA users.
    • Cannot be the same as the name of a local authentication user group.
    • Must contain 8 to 32 characters by default.
    NOTE:

    You can modify the minimum length of user name by choosing More > Set Security Policies.

  6. Specify Password.

    By default, a password:

    • Contains 8 to 16 characters.
    • Contains special characters, including !"#$%&'()*+,-./:;<=>?@[\]^`{_|}~ and space.
    • Contains any two types of the uppercase letters, lowercase letters, and digits.
    • Cannot contain three consecutive same characters.
    • Differs from the user name or the reverse of the user name.
    NOTE:

    Click More and choose Set Security Policies to set a security policy for the password of a local authentication user. If Password Validity Period (days) is not selected, your password will never expire. For the security purpose, you are advised to select Password Validity Period (days) and set a validity period. After the password expires, you cannot access shares, but you can set a password again or modify the password security policy.

  7. In Confirm Password, enter the password again.
  8. Select Primary Group.

    The Select Primary Group dialog box is displayed.

    NOTE:

    The primary group to which users belong controls the users' permission for CIFS shares. A user must and can only belong to one primary group.

  9. Select the user group to which the user belongs and click OK.
  10. (Optional) Select Secondary Group.

    The Select Secondary Group dialog box is displayed.

    NOTE:

    A local authentication user must belong to a primary group but not to a secondary group.

  11. Click Add.

    The Select User Group dialog box is displayed.

  12. Select one or multiple secondary groups which the user belongs to and click OK.

    The Select Secondary Group dialog box is displayed.

  13. Click OK.

    The Local Authentication User dialog box is displayed.

  14. Optional: Specify Description.
  15. Click OK.

    The Success dialog box is displayed, indicating that the operation succeeded.

  16. Click OK

Creating an FTP Share

FTP allows two hosts that use different operating systems, file structures, and character sets to transfer files to each other. After a directory is shared in FTP mode, FTP clients can access the directory.

Prerequisites
  • You have logged in to DeviceManager as an administrator or super administrator.
  • A file system to be shared has been created.
  • At least one local authentication user has been created.
Cautions

You cannot create a new FTP share for a local authentication user for whom an FTP share has already been created. You can only modify the properties of the created FTP share for this user.

Procedure
  1. Log in to DeviceManager.
  2. Choose Provisioning > Share > FTP.
  3. Click Create.

    The Create FTP Share Wizard dialog box is displayed.

  4. In File System, select the file system you want to create an FTP share.

    is the secondary end in a HyperReplication or HyperVault pair, data in the file system is probably being modified when it is accessed. Before performing this operation, confirm that the application allows possible data inconsistency.

  5. Optional: In Quota Tree, select a quota tree you want to share.

    NOTE:

    Quota tree is a level-1 directory under the root directory of a file system.

  6. Optional: In Directory, set the directory or subdirectory under the file system root directory.

    NOTE:
    • The share path must not contain space, double quotation mark ("), backslash (\), square brackets ([]), less than (<), larger than (>), plus (+), colon (:), semicolon (;), comma (,), question mark (?), asterisk (*), vertical bar (|), equal mark (=), (@), or ('). Otherwise, creating an FTP share will fail.
    • Share Path consists of File System, Quota Tree, and Directory.

  7. Click Next.
  8. On the Set Permissions page, set access permissions to the shared directory.

    1. Click Add.
    2. In the Name text box, enter the criteria for searching for users and click Find.
    3. In the Find Local Authentication User dialog box that is displayed, select the users that you want to add and click OK.
      NOTE:

      You can add multiple users at a time.

    4. Go back to the Add Users dialog box.

      The newly added users are displayed on the page.

    5. In Share Permissions, set permissions for the users and click OK.
      Table 3-67 Share permission parameters

      Parameter

      Description

      Value

      Share Permissions

      Permissions of a new user. Possible values are:

      • View file lists
      • Create folders
      • Upload files

        After this item is selected, you need to specify Bandwidth Limit (KB/s) to limit the maximum upload speed for a single file. By default, the bandwidth is 0 KB/s, indicating no limit on the bandwidth.

      • Download files

        After this item is selected, you need to specify Bandwidth Limit (KB/s) to limit the maximum download speed for a single file. By default, the bandwidth is 0 KB/s, indicating no limit on the bandwidth.

      • Delete and rename files

      [Value range]

      • The upload speed (bandwidth) ranges from 0 to 102,400 (unit: KB/s).
      • The download speed (bandwidth) ranges from 0 to 102,400 (unit: KB/s).

      [Default value]

      • View file lists
      • Download files
    1. Go back to the Set Permissions page.

      The newly added users are included in the user list.

    NOTE:
    • To modify permissions of a user , select the user from the user list and click Modify.
    • To remove a user, select the user and click Remove.

  9. Click Next.
  10. On the Summary page, confirm the preceding information and click Finish.
  11. In the security alert dialog box, select I have read and understand the consequences associated with performing this operation, and click OK.
  12. On Execution Result page, click Close.

Accessing an FTP Share

This section describes how to access an FTP share.

Accessing FTP Shares with a Windows Client
  1. Open the Internet Explorer.
  2. In the address box, enter ftp://logical ip address, where logical ip address indicates the logical port IP address of the storage system.

    The system asks you to enter the user name and password.

    NOTE:
    • To obtain the logical IP address for accessing FTP shares, choose Provisioning > Port > Logical Ports. The running status of the logical port must be Link up.
    • If the storage system allows access by anonymous users, anonymous users can directly log in to directories of anonymous users without entering their user names or passwords by default.

  3. Enter the user name and password that can be used to access FTP shares.
Accessing FTP Shares with a Linux/UNIX Client
  1. Enter ftp logical ip address, where logical ip address indicates the logical port IP address of the storage system.

    The system asks you to enter the user name and password.

  2. Enter the user name and password that can be used to access FTP shares.

    NOTE:
    • When accessing the directory of an anonymous user, you need only to enter user name anonymous without entering the password.
    • If many files or directories exist under a shared directory, ensure that the timeout parameter is properly configured (set the parameter value to a large one or disable the parameter) on the client so that the ls command can be successfully executed.

    For example, run an FTP command to access the FTP shares on the server whose IP address is 192.168.50.16.

    ldap-server:~ # ftp 192.168.50.16 
    Connected to 192.168.50.16. 
    220---------- Welcome to FTPd [privsep] ---------- 
    220-You are user number 2 of 100 allowed. 
    220-Local time is now 16:16. Server port: 21. 
    220-IPv6 connections are also welcome on this server. 
    220 You will be disconnected after 10 minutes of inactivity. 
    Name (192.168.50.16:root): hlwuser1 
    331 User hlwuser1 OK. Password required 
    Password: 
    230-Your bandwidth usage is restricted 
    230-This server supports FXP transfers 
    230 OK. Current directory is / 
    Remote system type is UNIX. 
    Using binary mode to transfer files. 
    ftp> ls 
    229 Extended Passive mode OK (|||30267|) 
    150 Accepted data connection 
    drwxrwxrwx    3 0          0                   5 Jan  7 16:36 . 
    drwxrwxrwx    3 0          0                   5 Jan  7 16:36 .. 
    -rw-rw----    1 100002     100000        4160064 Jan  7 16:36 FileZilla_3.3.2_win32-setup.exe 
    -rw-rw----    1 100002     100000             70 Jan  7 16:35 sdfdf.txt 
    drwxrwx---    3 100002     100000              3 Jan  7 16:34 testdir 
    226-Options: -a -l  
    226 5 matches total

Accessing FTP Shares with an LFTP Client

LFTP is a file transmission client that supports multiple file transmission protocols including FTP, FTPS, SFTP, HTTP, and HTTPS.

NOTE:

When FTPS is used, you need to add set ssl:verify-certificate no at the end of the LTFP configuration file /etc/lftp.conf to disable certificate verification.

  1. Run lftp -u username,password ip_address. username and password are used to log in to the FTP server (ip_address).
  2. Run the ls command to check the remote file list.

    For example, access the FTP shares on the server whose IP address is 192.168.1.11.

    linux-11215:~ # lftp -u user_ftp01,Admin@123 192.168.1.11 
    lftp user_ftp01@192.168.1.11:~> ls 
    drwxrwxrwx 2 root root           3 May 19 10:29 . 
    drwxrwxrwx 2 root root           3 May 19 10:29 .. 
    -rw-rw---- 1 lyr_ftp01 default_group           0 Apr 18 16:20 ftp_01.txt     

Accessing FTP Shares over FTPS

Currently, you can only access FTP shares over FTPS using related software. The following describes how to access FTP shares over FTPS using FileZilla as an example.

  1. Open the FileZilla client software.
  2. Choose File > Site Manager.

    Site Manager is displayed.

  3. Click New Site to create a site.
  4. On the General tab page, type configuration information of storage system's FTP shares.

    Where:

    • Host indicates the IP address of a logical port for FTP sharing.
    • Port indicates the default port.
    • Protocol indicates the used protocol type. Select FTP - File Transfer Protocol here.
    • Encryption indicates the encryption mode. The value that you select must be consistent with that set in FTPS Connection Mode. If FTPS Connection Mode is Show, select Require explicit FTP over TLS. If FTPS Connection Mode is Hide, select Require implicit FTP over TLS.
    • Logon Type indicates the login mode. Select Normal here.
    • User indicates the name of a user account used to access FTP shares.
    • Password indicates the password used to access FTP shares.

  5. Click Connect to connect to the FTP server.

    If you use the default certificate, a certificate warning message is displayed.

  6. Optional: Click OK to confirm the certificate information.
  7. Go to the page of FTP shares.

Follow-up Procedure
  • If the information about a local authentication user or domain user is changed (for example, the user is forbidden, the password is changed or expires, the relationship is changed, or the user is deleted) when a client accesses FTP shared file systems, the changed information will take effect after authentication is passed in the next time (by mounting shares again).
  • Newly modified FTP configuration parameters need several seconds to take effect in all controllers. During that period, your client may fail to access other controllers. In such a case, wait a few seconds and use your client to retry.
Translation
Download
Updated: 2019-07-12

Document ID: EDOC1000138856

Views: 65332

Downloads: 853

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next