I have home networks at two separate locations. Both run a pfSense router, with a permanent Wireguard link between them. Both have a TrueNAS server with identically set up SMB shares, and they syncthing their data in realtime so even the contents of the shares should be identical.
If I perform maintenance on one of the TrueNAS servers and need to take it down, is there a way to redirect that LAN’s SMB requests over Wireguard to the server at the other location?
What makes this difficult I guess is the fact that LAN traffic doesn’t pass through the router, as there’s a switch behind it. Can pfSense somehow broadcast the new temporary IP address for the server the clients might be looking for, or does this have to be done on the clients (Windows and Mac)?
Depends on how you setup your SMB. Did you do this by setting up DFS? Because DFS is the proper way to have HA and syncing between nodes.
Have a read here
That guide seems to be very Windows focused. Since both sites already have the TrueNAS running in a VM under Proxmox, I could in theory spin up Windows Servers in VMs as well, but that doesn’t seem very lightweight for this purpose only.
I’m not familiar with DFS, but after reading up on it a bit, it seems that what I need is:
- A DFS Namespace server. And if it goes down, there needs to be a backup DFS server, so both sites needs one. These would tell the clients about the primary and secondary SMB servers.
- A domain controller or active directory seems to be needed to tell the clients about the DFS servers, because apparently I can’t get the clients to fallback to the remote DFS without one. And again, I would need one at both locations.
… so who tells the clients to fallback to the remote domain controller if the local one is down? Because if the local Proxmox machine is down for whatever reason (maintenance, or an unexpected an unexplained shutdown, which happened today and got me to finally look into this issue), the local site will have no SMB server, no DFS server, and no domain controller. This is why everything needs a backup running at the remote site. The pfSense machine is the only thing assumed to be running in that case, because without that, the remote site won’t be accessible anyway.
You can still use DFS on truenas. This is kind of old but might lead you in the right direction.