SlideShare uma empresa Scribd logo

Nfs version 4 protocol presentation

Transferir como PPTX, PDF
Abu Osama
Abu Osama
EducaçãoTecnologia
1 de 27
NETWORK FILE SYSTEM - NFS VERSION 4 PROTOCOL BY: MOHAMMED A. EL-SHEIKH – 120101700 AHMED AHEL - 120101458 1
AGENDA • 1. INTRODUCTION • 2. OVERVIEW • 3. NFS VERSION 4 GOALS • 4. BASIC NFS ARCHITECTURE • 5. LOCKING • 6. SECURITY ERROR • 7. FILE HANDLES • 8. FILE ATTRIBUTES • 9. TIME ACCESS • 10. REFERENCES 2
• 1. INTRODUCTION THE NETWORK FILE SYSTEM (NFS) VERSION 4 IS A DISTRIBUTED FILE SYSTEM PROTOCOL WHICH OWES HERITAGE TO NFS PROTOCOL VERSION 2, RFC 1094, AND VERSION 3, RFC 1813. UNLIKE EARLIER VERSIONS, THE NFS VERSION 4 PROTOCOL SUPPORTS TRADITIONAL FILE ACCESS , STRONG SECURITY. 3
2. OVERVIEW WHAT IS NFS 4 ?? • NFS, WAS DEVELOPED BY SUN MICROSYSTEMS TOGETHER WITH INTERNET ENGINEERING TASK FORCE (IETF). • IETF DEVELOPS AND PROMOTES INTERNET STANDARDS, COOPERATING CLOSELY WITH THE W3C AND ISO/IEC STANDARDS BODIES. • THE DEFINITION OF THE NFS VERSION 4 PROTOCOL IS RFC 3010. 4
3. NFS VERSION 4 GOALS IT RETAINS THE ESSENTIAL CHARACTERISTICS OF PREVIOUS VERSIONS LIKE DESIGN FOR EASY RECOVERY , INDEPENDENT OF TRANSPORT PROTOCOLS ,OPERATING SYSTEMS AND FILE SYSTEMS SIMPLICITY, AND GOOD PERFORMANCE. THE NFS VERSION 4 REVISION HAS THE FOLLOWING GOALS: 1) IMPROVED ACCESS AND GOOD PERFORMANCE ON THE INTERNET. 2) STRONG SECURITY WITH NEGOTIATION BUILT INTO THE PROTOCOL. 3) EXTENSIBILITY OF THE PROTOCOL 5
GENERAL PROPERTIES • THE NFS VERSION 4 PROTOCOL IS STATEFUL. • NFS IS BUILT ON TOP OF THE ONC REMOTE PROCEDURE PROTOCOL. • ALSO USES XDR. • THE EXTERNAL DATA REPRESENTATION (XDR) ENABLES HETEROGENEOUS OPERATION BY DEFINING A CANONICAL DATA ENCODING OVER THE WIRE. 6
4. BASIC NFS ARCHITECTURE 7
THE COMPOUND PROCEDURE • THE COMPOUND PROCEDURE GROUPS MULTIPLE RELATED OPERATIONS INTO A SINGLE RPC PACKET. • THE RPC RESPONSE TO A COMPOUND PROCEDURE CONTAINS THE REPLIES TO ALL THE OPERATIONS. • EVALUATION OF THE OPERATIONS STOPS ON FIRST ERROR. • IT MAY BE UNWISE TO ATTEMPT GROUPING UNRELATED OPERATIONS INTO A SINGLE COMPOUND PROCEDURE. 8
9
5. LOCKING • NFS 4 LOCKING IS SIMILAR TO THE NETWORK LOCK MANAGER (NLM) PROTOCOL. • NLM IS USED WITH NFS VERSIONS 2 AND 3. • LOCKING IS TIGHTLY COUPLED TO THE NFS 4 PROTOCOL. • BETTER SUPPORT DIFFERENT OPERATING SYSTEM SEMANTICS AND ERROR RECOVERY. 10
• CLIENT AND SERVER MUST SUPPORT A MINIMUM SET OF SECURITY. • THE NFS CLIENT WILL START ITS COMMUNICATION WITH THE SERVER WITH ONE OF THE MINIMAL SECURITY TRIPLES. • DURING COMMUNICATION WITH THE SERVER, THE CLIENT MAY RECEIVE AN NFS ERROR OF NFS4ERR_WRONGSEC. • THIS ERROR ALLOWS THE SERVER TO NOTIFY THE CLIENT THAT THE SECURITY TRIPLE CURRENTLY BEING USED IS NOT APPROPRIATE FOR ACCESS TO THE SERVER'S FILE SYSTEM RESOURCES. • THE CLIENT IS THEN RESPONSIBLE FOR DETERMINING WHAT SECURITY TRIPLES ARE AVAILABLE AT THE SERVER AND CHOOSE ONE WHICH IS APPROPRIATE FOR THE CLIENT. 6. SECURITY ERROR 11
7. FILE HANDLES • A FILEHANDLE, IS A PER SERVER UNIQUE IDENTIFIER FOR A FILE SYSTEM OBJECT. • FILEHANDLES THAT ARE EQUAL REFER TO THE SAME FILE SYSTEM OBJECT. • BUT NO ASSUMPTIONS CAN BE MADE BY THE CLIENT IF THE FILEHANDLES DIFFER. • THE CURRENT FILEHANDLE IS USED BY SUBSEQUENT OPERATIONS IN A SINGLE COMPOUND PROCEDURE. • GETFH OPERATION TO FETCH THE CURRENT FILEHANDLE. 12
OBTAINING THE FIRST FILEHANDLE • THE OPERATIONS OF THE NFS PROTOCOL ARE DEFINED IN TERMS OF ONE OR MORE FILEHANDLES. THEREFORE, THE CLIENT NEEDS A FILEHANDLE TO INITIATE COMMUNICATION WITH THE SERVER. • WITH THE NFS VERSION 2 PROTOCOL [RFC1094] AND THE NFS VERSION 3 PROTOCOL [RFC1813], THERE EXISTS AN ANCILLARY PROTOCOL TO OBTAIN THIS FIRST FILEHANDLE. • THE MOUNT PROTOCOL, RPC PROGRAM NUMBER 100005, PROVIDES THE MECHANISM OF TRANSLATING A STRING BASED FILESYSTEM PATH NAME TO A FILEHANDLE, WHICH CAN THEN BE USED BY THE NFS PROTOCOLS. 13
ROOT FILEHANDLE • THE FIRST OF THE SPECIAL FILEHANDLES IS THE ROOT FILEHANDLE. THE ROOT FILEHANDLE IS THE "CONCEPTUAL" ROOT OF THE FILESYSTEM NAME SPACE AT THE NFS SERVER. • THE CLIENT USES OR STARTS WITH THE ROOT FILEHANDLE BY EMPLOYING THE PUTROOTFH OPERATION. THE PUTROOTFH OPERATION INSTRUCTS THE SERVER TO SET THE "CURRENT" FILEHANDLE TO THE ROOT OF THE SERVER'S FILE TREE. • ONCE THIS PUTROOTFH OPERATION IS USED, THE CLIENT CAN THEN TRAVERSE THE ENTIRETY OF THE SERVER'S FILE TREE WITH THE LOOKUP OPERATION. 14
PUBLIC FILEHANDLE • PUBLIC FILEHANDLES ARE NORMALLY CREATED BY THE SERVER AND USED TO IDENTIFY UNIQUELY A PARTICULAR FILE OR DIRECTORY ON THE SERVER. • THE CLIENT DOES NOT NORMALLY CREATE FILEHANDLES OR HAVE ANY KNOWLEDGE OF THE CONTENTS OF A FILEHANDLE. THE SERVER IS RESPONSIBLE FOR THIS BINDING. IT MAY BE THAT THE PUBLIC FILEHANDLE AND THE ROOT FILEHANDLE REFER TO THE SAME FILESYSTEM OBJECT. • HOWEVER, IT IS UP TO THE ADMINISTRATIVE SOFTWARE AT THE SERVER AND THE POLICIES OF THE SERVER ADMINISTRATOR TO DEFINE THE BINDING OF THE PUBLIC FILEHANDLE AND SERVER FILESYSTEM OBJECT. • THE SERVER CREATE PUBLIC FILEHANDLE VIA THE PUTPUBFH OPERATION. 15
8. FILE ATTRIBUTES • TO MEET THE REQUIREMENTS OF EXTENSIBILITY AND INCREASED INTEROPERABILITY WITH NON- UNIX PLATFORMS, ATTRIBUTES MUST BE HANDLED IN A FLEXIBLE MANNER. • THE NFS VERSION 3-FATTR3 STRUCTURE CONTAINS A FIXED LIST OF ATTRIBUTES THAT NOT ALL CLIENTS AND SERVERS ARE ABLE TO SUPPORT OR CARE ABOUT. • THE FATTR3 STRUCTURE CANNOT BE EXTENDED AS NEW NEEDS ARISE AND IT PROVIDES NO WAY TO INDICATE NON-SUPPORT. • WITH THE NFS VERSION 4 PROTOCOL, THE CLIENT IS ABLE QUERY WHAT ATTRIBUTES THE SERVER SUPPORTS AND CONSTRUCT REQUESTS WITH ONLY THOSE SUPPORTED ATTRIBUTES (OR A SUBSET THEREOF). 16
FILE ATTRIBUTES • TO THIS END, ATTRIBUTES ARE DIVIDED INTO THREE GROUPS: MANDATORY, RECOMMENDED, AND NAMED. • BOTH MANDATORY AND RECOMMENDED ATTRIBUTES ARE SUPPORTED IN THE NFS VERSION 4 PROTOCOL BY A SPECIFIC AND WELL-DEFINED ENCODING AND ARE IDENTIFIED BY NUMBER. • THEY ARE REQUESTED BY SETTING A BIT IN THE BIT VECTOR SENT IN THE GETATTR REQUEST; THE SERVER RESPONSE INCLUDES A BIT VECTOR TO LIST WHAT ATTRIBUTES WERE RETURNED IN THE RESPONSE. • NEW MANDATORY OR RECOMMENDED ATTRIBUTES MAY BE ADDED TO THE NFS PROTOCOL BETWEEN MAJOR REVISIONS BY PUBLISHING A STANDARDS-TRACK RFC THAT ALLOCATES A NEW ATTRIBUTE NUMBER VALUE AND DEFINES THE ENCODING FOR THE ATTRIBUTE. 17
FILE ATTRIBUTES • NAMED ATTRIBUTES ARE ACCESSED BY THE NEW OPENATTR OPERATION, WHICH ACCESSES A HIDDEN DIRECTORY OF ATTRIBUTES ASSOCIATED WITH A FILE SYSTEM OBJECT. • OPENATTR TAKES A FILEHANDLE FOR THE OBJECT AND RETURNS THE FILEHANDLE FOR THE ATTRIBUTE HIERARCHY. • THE FILEHANDLE FOR THE NAMED ATTRIBUTES IS A DIRECTORY OBJECT ACCESSIBLE BY LOOKUP OR READDIR AND CONTAINS FILES WHOSE NAMES REPRESENT THE NAMED ATTRIBUTES AND WHOSE DATA BYTES ARE THE VALUE OF THE ATTRIBUTE. 18
MANDATORY ATTRIBUTES • EVERY NFS VERSION 4 CLIENT AND SERVER MUST SUPPORT THESE IN ORDER TO ENSURE A MINIMUM LEVEL OF INTEROPERABILITY. • THE SERVER MUST STORE AND RETURN THESE ATTRIBUTES AND THE CLIENT MUST BE ABLE TO FUNCTION WITH AN ATTRIBUTE SET LIMITED TO THESE ATTRIBUTES. • WITH JUST THE MANDATORY ATTRIBUTES, SOME CLIENT FUNCTIONALITY MAY BE IMPAIRED OR LIMITED IN SOME WAYS. • A CLIENT MAY ASK FOR ANY OF THESE ATTRIBUTES TO BE RETURNED BY SETTING A BIT IN THE GETATTR REQUEST AND THE SERVER MUST RETURN THEIR VALUE. 19
RECOMMENDED ATTRIBUTES • THESE ATTRIBUTES ARE UNDERSTOOD WELL ENOUGH TO WARRANT SUPPORT IN THE NFS VERSION 4 PROTOCOL. HOWEVER, THEY MAY NOT BE SUPPORTED ON ALL CLIENTS AND SERVERS. • A CLIENT MAY ASK FOR ANY OF THESE ATTRIBUTES TO BE RETURNED BY SETTING A BIT IN THE GETATTR REQUEST BUT MUST HANDLE THE CASE WHERE THE SERVER DOES NOT RETURN THEM. • A CLIENT MAY ASK FOR THE SET OF ATTRIBUTES THE SERVER SUPPORTS AND SHOULD NOT REQUEST ATTRIBUTES THE SERVER DOES NOT SUPPORT. • A SERVER SHOULD BE TOLERANT OF REQUESTS FOR UNSUPPORTED ATTRIBUTES AND SIMPLY NOT RETURN THEM RATHER THAN CONSIDERING THE REQUEST AN ERROR 20
RECOMMENDED ATTRIBUTES • IT IS EXPECTED THAT SERVERS WILL SUPPORT ALL ATTRIBUTES THEY COMFORTABLY CAN AND ONLY FAIL TO SUPPORT ATTRIBUTES, WHICH ARE DIFFICULT TO SUPPORT IN THEIR OPERATING ENVIRONMENTS. • A SERVER SHOULD PROVIDE ATTRIBUTES WHENEVER THEY DO NOT HAVE TO "TELL LIES" TO THE CLIENT. FOR EXAMPLE, A FILE MODIFICATION TIME EITHER SHOULD BE AN ACCURATE TIME OR SHOULD NOT BE SUPPORTED BY THE SERVER. • THIS WILL NOT ALWAYS BE COMFORTABLE TO CLIENTS BUT THE CLIENT IS BETTER POSITIONED DECIDE WHETHER AND HOW TO FABRICATE OR CONSTRUCT AN ATTRIBUTE OR WHETHER TO DO WITHOUT THE ATTRIBUTE. 21
NAMED ATTRIBUTES • THESE ATTRIBUTES ARE NOT SUPPORTED BY DIRECT ENCODING IN THE NFS VERSION 4 PROTOCOL BUT ARE ACCESSED BY STRING NAMES RATHER THAN NUMBERS AND CORRESPOND TO AN UNINTERPRETED STREAM OF BYTES, WHICH ARE STORED WITH THE FILESYSTEM OBJECT. • THE NAME SPACE FOR THESE ATTRIBUTES MAY BE ACCESSED BY USING THE OPENATTR OPERATION. • THE OPENATTR OPERATION RETURNS A FILEHANDLE FOR A VIRTUAL "ATTRIBUTE DIRECTORY" AND FURTHER PERUSAL OF THE NAME SPACE MAY BE DONE USING READDIR AND LOOKUP OPERATIONS ON THIS FILEHANDLE. • NAMED ATTRIBUTES MAY THEN BE EXAMINED OR CHANGED BY NORMAL READ AND WRITE AND CREATE OPERATIONS ON THE FILEHANDLES RETURNED FROM READDIR AND LOOKUP. 22
NAMED ATTRIBUTES • IT IS RECOMMENDED THAT SERVERS SUPPORT ARBITRARY NAMED ATTRIBUTES. A CLIENT SHOULD NOT DEPEND ON THE ABILITY TO STORE ANY NAMED ATTRIBUTES IN THE SERVER'S FILESYSTEM. • IF A SERVER DOES SUPPORT NAMED ATTRIBUTES, A CLIENT WHICH IS ALSO ABLE TO HANDLE THEM SHOULD BE ABLE TO COPY A FILE'S DATA AND META-DATA WITH COMPLETE TRANSPARENCY FROM ONE LOCATION TO ANOTHER; THIS WOULD IMPLY THAT NAMES ALLOWED FOR REGULAR DIRECTORY ENTRIES ARE VALID FOR NAMED ATTRIBUTE NAMES AS WELL. 23
9. TIME ACCESS • THE TIME_ACCESS ATTRIBUTE REPRESENTS THE TIME OF LAST ACCESS TO THE OBJECT BY A READ THAT WAS SATISFIED BY THE SERVER. • THE NOTION OF WHAT IS AN "ACCESS" DEPENDS ON SERVER'S OPERATING ENVIRONMENT AND/OR THE SERVER'S FILESYSTEM SEMANTICS. • FOR EXAMPLE, FOR SERVERS OBEYING POSIX SEMANTICS, TIME_ACCESS WOULD BE UPDATED ONLY BY THE READLINK, READ, AND READDIR OPERATIONS AND NOT ANY OF THE OPERATIONS THAT MODIFY THE CONTENT OF THE OBJECT. OF COURSE, SETTING THE CORRESPONDING TIME_ACCESS_SET ATTRIBUTE IS ANOTHER WAY TO MODIFY THE TIME_ACCESS ATTRIBUTE. 24
TIME ACCESS • WHENEVER THE FILE OBJECT RESIDES ON A WRITABLE FILESYSTEM, THE SERVER SHOULD MAKE BEST EFFORTS TO RECORD TIME_ACCESS INTO STABLE STORAGE. • HOWEVER, TO MITIGATE THE PERFORMANCE EFFECTS OF DOING SO, AND MOST ESPECIALLY WHENEVER THE SERVER IS SATISFYING THE READ OF THE OBJECT'S CONTENT FROM ITS CACHE, THE SERVER MAY CACHE ACCESS TIME UPDATES AND LAZILY WRITE THEM TO STABLE STORAGE. IT IS ALSO ACCEPTABLE TO GIVE ADMINISTRATORS OF THE SERVER THE OPTION TO DISABLE TIME_ACCESS UPDATES. 25
10. REFERENCES WEBSITE: HTTP://WWW.HJP.AT • URL: HTTP://WWW.HJP.AT/DOC/RFC/RFC3530.HTML • VISITED DATE: 6.5.2013 - 9:30 PM WEBSITE: HTTP://DATATRACKER.IETF.ORG • URL: HTTP://DATATRACKER.IETF.ORG/WG/NFSV4/CHARTER/ • VISITED DATE: 7.5.2013 - 2:30 PM WEBSITE: HTTP://WWW.IAPS.COM • URL: HTTP://WWW.IAPS.COM/NFSV4.HTML • VISITED DATE: .5.2013 - :30 PM 26
WITHOUT QUESTIONS !! 27

Recomendados

Nfs
NfsNfs
Nfs
tmavroidis
 
Ansible Automation to Rule Them All
Ansible Automation to Rule Them AllAnsible Automation to Rule Them All
Ansible Automation to Rule Them All
Tim Fairweather
 
Ansible 101
Ansible 101Ansible 101
Ansible 101
Gena Mykhailiuta
 
User administration concepts and mechanisms
User administration concepts and mechanismsUser administration concepts and mechanisms
User administration concepts and mechanisms
Duressa Teshome
 
Automating Network Infrastructure : Ansible
Automating Network Infrastructure : AnsibleAutomating Network Infrastructure : Ansible
Automating Network Infrastructure : Ansible
Bangladesh Network Operators Group
 
Automate DBA Tasks With Ansible
Automate DBA Tasks With AnsibleAutomate DBA Tasks With Ansible
Automate DBA Tasks With Ansible
Ivica Arsov
 
Monitoring MySQL with DTrace/SystemTap
Monitoring MySQL with DTrace/SystemTapMonitoring MySQL with DTrace/SystemTap
Monitoring MySQL with DTrace/SystemTap
Padraig O'Sullivan
 
NFS(Network File System)
NFS(Network File System)NFS(Network File System)
NFS(Network File System)
udamale
 

Recomendados

Nfs
NfsNfs
Nfs
tmavroidis
 
Ansible Automation to Rule Them All
Ansible Automation to Rule Them AllAnsible Automation to Rule Them All
Ansible Automation to Rule Them All
Tim Fairweather
 
Ansible 101
Ansible 101Ansible 101
Ansible 101
Gena Mykhailiuta
 
User administration concepts and mechanisms
User administration concepts and mechanismsUser administration concepts and mechanisms
User administration concepts and mechanisms
Duressa Teshome
 
Automating Network Infrastructure : Ansible
Automating Network Infrastructure : AnsibleAutomating Network Infrastructure : Ansible
Automating Network Infrastructure : Ansible
Bangladesh Network Operators Group
 
Automate DBA Tasks With Ansible
Automate DBA Tasks With AnsibleAutomate DBA Tasks With Ansible
Automate DBA Tasks With Ansible
Ivica Arsov
 
Monitoring MySQL with DTrace/SystemTap
Monitoring MySQL with DTrace/SystemTapMonitoring MySQL with DTrace/SystemTap
Monitoring MySQL with DTrace/SystemTap
Padraig O'Sullivan
 
NFS(Network File System)
NFS(Network File System)NFS(Network File System)
NFS(Network File System)
udamale
 
Microsoft Active Directory.pptx
Microsoft Active Directory.pptxMicrosoft Active Directory.pptx
Microsoft Active Directory.pptx
masbulosoke
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
Rayed Alrashed
 
Active Directory
Active DirectoryActive Directory
Active Directory
Hameda Hurmat
 
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
ContainerDay Security 2023
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
MarketingArrowECS_CZ
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptables
Kernel TLV
 
Ansible, best practices
Ansible, best practicesAnsible, best practices
Ansible, best practices
Bas Meijer
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Zabbix
 
Group policy management window server 2008r2
Group policy management window server 2008r2Group policy management window server 2008r2
Group policy management window server 2008r2
IGZ Software house
 
Ceph - A distributed storage system
Ceph - A distributed storage systemCeph - A distributed storage system
Ceph - A distributed storage system
Italo Santos
 
Chapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsChapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User Accounts
Raja Waseem Akhtar
 
NETWORK FILE SYSTEM
NETWORK FILE SYSTEMNETWORK FILE SYSTEM
NETWORK FILE SYSTEM
Roshan Kumar
 
DAS RAID NAS SAN
DAS RAID NAS SANDAS RAID NAS SAN
DAS RAID NAS SAN
Ghassen Smida
 
Nfs
NfsNfs
Nfs
Waqas !!!!
 
Citrix XenDesktop and XenApp 7.5 Architecture Deployment
Citrix XenDesktop and XenApp 7.5 Architecture DeploymentCitrix XenDesktop and XenApp 7.5 Architecture Deployment
Citrix XenDesktop and XenApp 7.5 Architecture Deployment
Huy Pham
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
Duressa Teshome
 
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Vietnam Open Infrastructure User Group
 
Configuration Management in Ansible
Configuration Management in Ansible Configuration Management in Ansible
Configuration Management in Ansible
Bangladesh Network Operators Group
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 
Active directory slides
Active directory slidesActive directory slides
Active directory slides
Timothy Moffatt
 
The NFS Version 4 Protocol
The NFS Version 4 ProtocolThe NFS Version 4 Protocol
The NFS Version 4 Protocol
Kelum Senanayake
 
GWAVACon 2013: Filr Pilot
GWAVACon 2013: Filr PilotGWAVACon 2013: Filr Pilot
GWAVACon 2013: Filr Pilot
GWAVA
 

Mais conteúdo relacionado

Mais procurados

Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
ContainerDay Security 2023
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptables
Kernel TLV
 
Chapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsChapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User Accounts
Raja Waseem Akhtar
 
NETWORK FILE SYSTEM
NETWORK FILE SYSTEMNETWORK FILE SYSTEM
NETWORK FILE SYSTEM
Roshan Kumar
 
Citrix XenDesktop and XenApp 7.5 Architecture Deployment
Citrix XenDesktop and XenApp 7.5 Architecture DeploymentCitrix XenDesktop and XenApp 7.5 Architecture Deployment
Citrix XenDesktop and XenApp 7.5 Architecture Deployment
Huy Pham
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
Castleforce
 

Mais procurados (20)

Microsoft Active Directory.pptx
Microsoft Active Directory.pptxMicrosoft Active Directory.pptx
Microsoft Active Directory.pptx
 
IT Automation with Ansible
IT Automation with AnsibleIT Automation with Ansible
IT Automation with Ansible
 
Active Directory
Active DirectoryActive Directory
Active Directory
 
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
Enhancing Network and Runtime Security with Cilium and Tetragon by Raymond De...
 
F5 DDoS Protection
F5 DDoS ProtectionF5 DDoS Protection
F5 DDoS Protection
 
netfilter and iptables
netfilter and iptablesnetfilter and iptables
netfilter and iptables
 
Ansible, best practices
Ansible, best practicesAnsible, best practices
Ansible, best practices
 
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for EveryoneAlexei Vladishev - Zabbix - Monitoring Solution for Everyone
Alexei Vladishev - Zabbix - Monitoring Solution for Everyone
 
Group policy management window server 2008r2
Group policy management window server 2008r2Group policy management window server 2008r2
Group policy management window server 2008r2
 
Ceph - A distributed storage system
Ceph - A distributed storage systemCeph - A distributed storage system
Ceph - A distributed storage system
 
Chapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User AccountsChapter03 Creating And Managing User Accounts
Chapter03 Creating And Managing User Accounts
 
NETWORK FILE SYSTEM
NETWORK FILE SYSTEMNETWORK FILE SYSTEM
NETWORK FILE SYSTEM
 
DAS RAID NAS SAN
DAS RAID NAS SANDAS RAID NAS SAN
DAS RAID NAS SAN
 
Nfs
NfsNfs
Nfs
 
Citrix XenDesktop and XenApp 7.5 Architecture Deployment
Citrix XenDesktop and XenApp 7.5 Architecture DeploymentCitrix XenDesktop and XenApp 7.5 Architecture Deployment
Citrix XenDesktop and XenApp 7.5 Architecture Deployment
 
Introduction to Network and System Administration
Introduction to Network and System AdministrationIntroduction to Network and System Administration
Introduction to Network and System Administration
 
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
Room 3 - 1 - Nguyễn Xuân Trường Lâm - Zero touch on-premise storage infrastru...
 
Configuration Management in Ansible
Configuration Management in Ansible Configuration Management in Ansible
Configuration Management in Ansible
 
Palo alto networks next generation firewalls
Palo alto networks next generation firewallsPalo alto networks next generation firewalls
Palo alto networks next generation firewalls
 
Active directory slides
Active directory slidesActive directory slides
Active directory slides
 

Semelhante a Nfs version 4 protocol presentation

GWAVACon 2013: Filr Pilot
GWAVACon 2013: Filr PilotGWAVACon 2013: Filr Pilot
GWAVACon 2013: Filr Pilot
GWAVA
 
LF_DPDK17_OpenNetVM: A high-performance NFV platforms to meet future communic...
LF_DPDK17_OpenNetVM: A high-performance NFV platforms to meet future communic...LF_DPDK17_OpenNetVM: A high-performance NFV platforms to meet future communic...
LF_DPDK17_OpenNetVM: A high-performance NFV platforms to meet future communic...
LF_DPDK
 
Ulf troppens - kerberized NFSv4 and secure data access to personalized patien...
Ulf troppens - kerberized NFSv4 and secure data access to personalized patien...Ulf troppens - kerberized NFSv4 and secure data access to personalized patien...
Ulf troppens - kerberized NFSv4 and secure data access to personalized patien...
Ulf Troppens
 
Net app ecmlp2495163
Net app ecmlp2495163Net app ecmlp2495163
Net app ecmlp2495163
forum4user
 
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFiEvent-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
DataWorks Summit
 
Availability of Kafka - Beyond the Brokers | Andrew Borley and Emma Humber, IBM
Availability of Kafka - Beyond the Brokers | Andrew Borley and Emma Humber, IBMAvailability of Kafka - Beyond the Brokers | Andrew Borley and Emma Humber, IBM
Availability of Kafka - Beyond the Brokers | Andrew Borley and Emma Humber, IBM
HostedbyConfluent
 
Proxy servers
Proxy serversProxy servers
Proxy servers
Kumar
 
WarsawITDays_ ApacheNiFi202
WarsawITDays_ ApacheNiFi202WarsawITDays_ ApacheNiFi202
WarsawITDays_ ApacheNiFi202
Timothy Spann
 

Semelhante a Nfs version 4 protocol presentation (20)

The NFS Version 4 Protocol
The NFS Version 4 ProtocolThe NFS Version 4 Protocol
The NFS Version 4 Protocol
 
GWAVACon 2013: Filr Pilot
GWAVACon 2013: Filr PilotGWAVACon 2013: Filr Pilot
GWAVACon 2013: Filr Pilot
 
Jon Gorenflo - Burp Collaborator
Jon Gorenflo - Burp CollaboratorJon Gorenflo - Burp Collaborator
Jon Gorenflo - Burp Collaborator
 
LF_DPDK17_OpenNetVM: A high-performance NFV platforms to meet future communic...
LF_DPDK17_OpenNetVM: A high-performance NFV platforms to meet future communic...LF_DPDK17_OpenNetVM: A high-performance NFV platforms to meet future communic...
LF_DPDK17_OpenNetVM: A high-performance NFV platforms to meet future communic...
 
nfs.ppt
nfs.pptnfs.ppt
nfs.ppt
 
nfs.ppt
nfs.pptnfs.ppt
nfs.ppt
 
Infura
InfuraInfura
Infura
 
Mule ftp connector
Mule ftp connectorMule ftp connector
Mule ftp connector
 
5G core use cases in CORE NetworkSBI.pptx
5G core use cases in CORE NetworkSBI.pptx5G core use cases in CORE NetworkSBI.pptx
5G core use cases in CORE NetworkSBI.pptx
 
NFV Functionality
NFV FunctionalityNFV Functionality
NFV Functionality
 
Ulf troppens - kerberized NFSv4 and secure data access to personalized patien...
Ulf troppens - kerberized NFSv4 and secure data access to personalized patien...Ulf troppens - kerberized NFSv4 and secure data access to personalized patien...
Ulf troppens - kerberized NFSv4 and secure data access to personalized patien...
 
4.1-cnse-study-guide.pdf
4.1-cnse-study-guide.pdf4.1-cnse-study-guide.pdf
4.1-cnse-study-guide.pdf
 
Network File System
Network File SystemNetwork File System
Network File System
 
Net app ecmlp2495163
Net app ecmlp2495163Net app ecmlp2495163
Net app ecmlp2495163
 
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFiEvent-Driven Messaging and Actions using Apache Flink and Apache NiFi
Event-Driven Messaging and Actions using Apache Flink and Apache NiFi
 
Availability of Kafka - Beyond the Brokers | Andrew Borley and Emma Humber, IBM
Availability of Kafka - Beyond the Brokers | Andrew Borley and Emma Humber, IBMAvailability of Kafka - Beyond the Brokers | Andrew Borley and Emma Humber, IBM
Availability of Kafka - Beyond the Brokers | Andrew Borley and Emma Humber, IBM
 
Proxy servers
Proxy serversProxy servers
Proxy servers
 
28th TWNIC OPM and TWNOG 2017: Security best practices for network operators
28th TWNIC OPM and TWNOG 2017: Security best practices for network operators28th TWNIC OPM and TWNOG 2017: Security best practices for network operators
28th TWNIC OPM and TWNOG 2017: Security best practices for network operators
 
WarsawITDays_ ApacheNiFi202
WarsawITDays_ ApacheNiFi202WarsawITDays_ ApacheNiFi202
WarsawITDays_ ApacheNiFi202
 
Linux06 nfs
Linux06 nfsLinux06 nfs
Linux06 nfs
 

Último

Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
Chris Hunter
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
kauryashika82
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
QucHHunhnh
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
ciinovamais
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
heathfieldcps1
 

Último (20)

Key note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdfKey note speaker Neum_Admir Softic_ENG.pdf
Key note speaker Neum_Admir Softic_ENG.pdf
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Class 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdfClass 11th Physics NEET formula sheet pdf
Class 11th Physics NEET formula sheet pdf
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf1029-Danh muc Sach Giao Khoa khoi 6.pdf
1029-Danh muc Sach Giao Khoa khoi 6.pdf
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
Holdier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdfHoldier Curriculum Vitae (April 2024).pdf
Holdier Curriculum Vitae (April 2024).pdf
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
Unit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptxUnit-IV; Professional Sales Representative (PSR).pptx
Unit-IV; Professional Sales Representative (PSR).pptx
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 

Nfs version 4 protocol presentation

  • 1. NETWORK FILE SYSTEM - NFS VERSION 4 PROTOCOL BY: MOHAMMED A. EL-SHEIKH – 120101700 AHMED AHEL - 120101458 1
  • 2. AGENDA • 1. INTRODUCTION • 2. OVERVIEW • 3. NFS VERSION 4 GOALS • 4. BASIC NFS ARCHITECTURE • 5. LOCKING • 6. SECURITY ERROR • 7. FILE HANDLES • 8. FILE ATTRIBUTES • 9. TIME ACCESS • 10. REFERENCES 2
  • 3. • 1. INTRODUCTION THE NETWORK FILE SYSTEM (NFS) VERSION 4 IS A DISTRIBUTED FILE SYSTEM PROTOCOL WHICH OWES HERITAGE TO NFS PROTOCOL VERSION 2, RFC 1094, AND VERSION 3, RFC 1813. UNLIKE EARLIER VERSIONS, THE NFS VERSION 4 PROTOCOL SUPPORTS TRADITIONAL FILE ACCESS , STRONG SECURITY. 3
  • 4. 2. OVERVIEW WHAT IS NFS 4 ?? • NFS, WAS DEVELOPED BY SUN MICROSYSTEMS TOGETHER WITH INTERNET ENGINEERING TASK FORCE (IETF). • IETF DEVELOPS AND PROMOTES INTERNET STANDARDS, COOPERATING CLOSELY WITH THE W3C AND ISO/IEC STANDARDS BODIES. • THE DEFINITION OF THE NFS VERSION 4 PROTOCOL IS RFC 3010. 4
  • 5. 3. NFS VERSION 4 GOALS IT RETAINS THE ESSENTIAL CHARACTERISTICS OF PREVIOUS VERSIONS LIKE DESIGN FOR EASY RECOVERY , INDEPENDENT OF TRANSPORT PROTOCOLS ,OPERATING SYSTEMS AND FILE SYSTEMS SIMPLICITY, AND GOOD PERFORMANCE. THE NFS VERSION 4 REVISION HAS THE FOLLOWING GOALS: 1) IMPROVED ACCESS AND GOOD PERFORMANCE ON THE INTERNET. 2) STRONG SECURITY WITH NEGOTIATION BUILT INTO THE PROTOCOL. 3) EXTENSIBILITY OF THE PROTOCOL 5
  • 6. GENERAL PROPERTIES • THE NFS VERSION 4 PROTOCOL IS STATEFUL. • NFS IS BUILT ON TOP OF THE ONC REMOTE PROCEDURE PROTOCOL. • ALSO USES XDR. • THE EXTERNAL DATA REPRESENTATION (XDR) ENABLES HETEROGENEOUS OPERATION BY DEFINING A CANONICAL DATA ENCODING OVER THE WIRE. 6
  • 7. 4. BASIC NFS ARCHITECTURE 7
  • 8. THE COMPOUND PROCEDURE • THE COMPOUND PROCEDURE GROUPS MULTIPLE RELATED OPERATIONS INTO A SINGLE RPC PACKET. • THE RPC RESPONSE TO A COMPOUND PROCEDURE CONTAINS THE REPLIES TO ALL THE OPERATIONS. • EVALUATION OF THE OPERATIONS STOPS ON FIRST ERROR. • IT MAY BE UNWISE TO ATTEMPT GROUPING UNRELATED OPERATIONS INTO A SINGLE COMPOUND PROCEDURE. 8
  • 9. 9
  • 10. 5. LOCKING • NFS 4 LOCKING IS SIMILAR TO THE NETWORK LOCK MANAGER (NLM) PROTOCOL. • NLM IS USED WITH NFS VERSIONS 2 AND 3. • LOCKING IS TIGHTLY COUPLED TO THE NFS 4 PROTOCOL. • BETTER SUPPORT DIFFERENT OPERATING SYSTEM SEMANTICS AND ERROR RECOVERY. 10
  • 11. • CLIENT AND SERVER MUST SUPPORT A MINIMUM SET OF SECURITY. • THE NFS CLIENT WILL START ITS COMMUNICATION WITH THE SERVER WITH ONE OF THE MINIMAL SECURITY TRIPLES. • DURING COMMUNICATION WITH THE SERVER, THE CLIENT MAY RECEIVE AN NFS ERROR OF NFS4ERR_WRONGSEC. • THIS ERROR ALLOWS THE SERVER TO NOTIFY THE CLIENT THAT THE SECURITY TRIPLE CURRENTLY BEING USED IS NOT APPROPRIATE FOR ACCESS TO THE SERVER'S FILE SYSTEM RESOURCES. • THE CLIENT IS THEN RESPONSIBLE FOR DETERMINING WHAT SECURITY TRIPLES ARE AVAILABLE AT THE SERVER AND CHOOSE ONE WHICH IS APPROPRIATE FOR THE CLIENT. 6. SECURITY ERROR 11
  • 12. 7. FILE HANDLES • A FILEHANDLE, IS A PER SERVER UNIQUE IDENTIFIER FOR A FILE SYSTEM OBJECT. • FILEHANDLES THAT ARE EQUAL REFER TO THE SAME FILE SYSTEM OBJECT. • BUT NO ASSUMPTIONS CAN BE MADE BY THE CLIENT IF THE FILEHANDLES DIFFER. • THE CURRENT FILEHANDLE IS USED BY SUBSEQUENT OPERATIONS IN A SINGLE COMPOUND PROCEDURE. • GETFH OPERATION TO FETCH THE CURRENT FILEHANDLE. 12
  • 13. OBTAINING THE FIRST FILEHANDLE • THE OPERATIONS OF THE NFS PROTOCOL ARE DEFINED IN TERMS OF ONE OR MORE FILEHANDLES. THEREFORE, THE CLIENT NEEDS A FILEHANDLE TO INITIATE COMMUNICATION WITH THE SERVER. • WITH THE NFS VERSION 2 PROTOCOL [RFC1094] AND THE NFS VERSION 3 PROTOCOL [RFC1813], THERE EXISTS AN ANCILLARY PROTOCOL TO OBTAIN THIS FIRST FILEHANDLE. • THE MOUNT PROTOCOL, RPC PROGRAM NUMBER 100005, PROVIDES THE MECHANISM OF TRANSLATING A STRING BASED FILESYSTEM PATH NAME TO A FILEHANDLE, WHICH CAN THEN BE USED BY THE NFS PROTOCOLS. 13
  • 14. ROOT FILEHANDLE • THE FIRST OF THE SPECIAL FILEHANDLES IS THE ROOT FILEHANDLE. THE ROOT FILEHANDLE IS THE "CONCEPTUAL" ROOT OF THE FILESYSTEM NAME SPACE AT THE NFS SERVER. • THE CLIENT USES OR STARTS WITH THE ROOT FILEHANDLE BY EMPLOYING THE PUTROOTFH OPERATION. THE PUTROOTFH OPERATION INSTRUCTS THE SERVER TO SET THE "CURRENT" FILEHANDLE TO THE ROOT OF THE SERVER'S FILE TREE. • ONCE THIS PUTROOTFH OPERATION IS USED, THE CLIENT CAN THEN TRAVERSE THE ENTIRETY OF THE SERVER'S FILE TREE WITH THE LOOKUP OPERATION. 14
  • 15. PUBLIC FILEHANDLE • PUBLIC FILEHANDLES ARE NORMALLY CREATED BY THE SERVER AND USED TO IDENTIFY UNIQUELY A PARTICULAR FILE OR DIRECTORY ON THE SERVER. • THE CLIENT DOES NOT NORMALLY CREATE FILEHANDLES OR HAVE ANY KNOWLEDGE OF THE CONTENTS OF A FILEHANDLE. THE SERVER IS RESPONSIBLE FOR THIS BINDING. IT MAY BE THAT THE PUBLIC FILEHANDLE AND THE ROOT FILEHANDLE REFER TO THE SAME FILESYSTEM OBJECT. • HOWEVER, IT IS UP TO THE ADMINISTRATIVE SOFTWARE AT THE SERVER AND THE POLICIES OF THE SERVER ADMINISTRATOR TO DEFINE THE BINDING OF THE PUBLIC FILEHANDLE AND SERVER FILESYSTEM OBJECT. • THE SERVER CREATE PUBLIC FILEHANDLE VIA THE PUTPUBFH OPERATION. 15
  • 16. 8. FILE ATTRIBUTES • TO MEET THE REQUIREMENTS OF EXTENSIBILITY AND INCREASED INTEROPERABILITY WITH NON- UNIX PLATFORMS, ATTRIBUTES MUST BE HANDLED IN A FLEXIBLE MANNER. • THE NFS VERSION 3-FATTR3 STRUCTURE CONTAINS A FIXED LIST OF ATTRIBUTES THAT NOT ALL CLIENTS AND SERVERS ARE ABLE TO SUPPORT OR CARE ABOUT. • THE FATTR3 STRUCTURE CANNOT BE EXTENDED AS NEW NEEDS ARISE AND IT PROVIDES NO WAY TO INDICATE NON-SUPPORT. • WITH THE NFS VERSION 4 PROTOCOL, THE CLIENT IS ABLE QUERY WHAT ATTRIBUTES THE SERVER SUPPORTS AND CONSTRUCT REQUESTS WITH ONLY THOSE SUPPORTED ATTRIBUTES (OR A SUBSET THEREOF). 16
  • 17. FILE ATTRIBUTES • TO THIS END, ATTRIBUTES ARE DIVIDED INTO THREE GROUPS: MANDATORY, RECOMMENDED, AND NAMED. • BOTH MANDATORY AND RECOMMENDED ATTRIBUTES ARE SUPPORTED IN THE NFS VERSION 4 PROTOCOL BY A SPECIFIC AND WELL-DEFINED ENCODING AND ARE IDENTIFIED BY NUMBER. • THEY ARE REQUESTED BY SETTING A BIT IN THE BIT VECTOR SENT IN THE GETATTR REQUEST; THE SERVER RESPONSE INCLUDES A BIT VECTOR TO LIST WHAT ATTRIBUTES WERE RETURNED IN THE RESPONSE. • NEW MANDATORY OR RECOMMENDED ATTRIBUTES MAY BE ADDED TO THE NFS PROTOCOL BETWEEN MAJOR REVISIONS BY PUBLISHING A STANDARDS-TRACK RFC THAT ALLOCATES A NEW ATTRIBUTE NUMBER VALUE AND DEFINES THE ENCODING FOR THE ATTRIBUTE. 17
  • 18. FILE ATTRIBUTES • NAMED ATTRIBUTES ARE ACCESSED BY THE NEW OPENATTR OPERATION, WHICH ACCESSES A HIDDEN DIRECTORY OF ATTRIBUTES ASSOCIATED WITH A FILE SYSTEM OBJECT. • OPENATTR TAKES A FILEHANDLE FOR THE OBJECT AND RETURNS THE FILEHANDLE FOR THE ATTRIBUTE HIERARCHY. • THE FILEHANDLE FOR THE NAMED ATTRIBUTES IS A DIRECTORY OBJECT ACCESSIBLE BY LOOKUP OR READDIR AND CONTAINS FILES WHOSE NAMES REPRESENT THE NAMED ATTRIBUTES AND WHOSE DATA BYTES ARE THE VALUE OF THE ATTRIBUTE. 18
  • 19. MANDATORY ATTRIBUTES • EVERY NFS VERSION 4 CLIENT AND SERVER MUST SUPPORT THESE IN ORDER TO ENSURE A MINIMUM LEVEL OF INTEROPERABILITY. • THE SERVER MUST STORE AND RETURN THESE ATTRIBUTES AND THE CLIENT MUST BE ABLE TO FUNCTION WITH AN ATTRIBUTE SET LIMITED TO THESE ATTRIBUTES. • WITH JUST THE MANDATORY ATTRIBUTES, SOME CLIENT FUNCTIONALITY MAY BE IMPAIRED OR LIMITED IN SOME WAYS. • A CLIENT MAY ASK FOR ANY OF THESE ATTRIBUTES TO BE RETURNED BY SETTING A BIT IN THE GETATTR REQUEST AND THE SERVER MUST RETURN THEIR VALUE. 19
  • 20. RECOMMENDED ATTRIBUTES • THESE ATTRIBUTES ARE UNDERSTOOD WELL ENOUGH TO WARRANT SUPPORT IN THE NFS VERSION 4 PROTOCOL. HOWEVER, THEY MAY NOT BE SUPPORTED ON ALL CLIENTS AND SERVERS. • A CLIENT MAY ASK FOR ANY OF THESE ATTRIBUTES TO BE RETURNED BY SETTING A BIT IN THE GETATTR REQUEST BUT MUST HANDLE THE CASE WHERE THE SERVER DOES NOT RETURN THEM. • A CLIENT MAY ASK FOR THE SET OF ATTRIBUTES THE SERVER SUPPORTS AND SHOULD NOT REQUEST ATTRIBUTES THE SERVER DOES NOT SUPPORT. • A SERVER SHOULD BE TOLERANT OF REQUESTS FOR UNSUPPORTED ATTRIBUTES AND SIMPLY NOT RETURN THEM RATHER THAN CONSIDERING THE REQUEST AN ERROR 20
  • 21. RECOMMENDED ATTRIBUTES • IT IS EXPECTED THAT SERVERS WILL SUPPORT ALL ATTRIBUTES THEY COMFORTABLY CAN AND ONLY FAIL TO SUPPORT ATTRIBUTES, WHICH ARE DIFFICULT TO SUPPORT IN THEIR OPERATING ENVIRONMENTS. • A SERVER SHOULD PROVIDE ATTRIBUTES WHENEVER THEY DO NOT HAVE TO "TELL LIES" TO THE CLIENT. FOR EXAMPLE, A FILE MODIFICATION TIME EITHER SHOULD BE AN ACCURATE TIME OR SHOULD NOT BE SUPPORTED BY THE SERVER. • THIS WILL NOT ALWAYS BE COMFORTABLE TO CLIENTS BUT THE CLIENT IS BETTER POSITIONED DECIDE WHETHER AND HOW TO FABRICATE OR CONSTRUCT AN ATTRIBUTE OR WHETHER TO DO WITHOUT THE ATTRIBUTE. 21
  • 22. NAMED ATTRIBUTES • THESE ATTRIBUTES ARE NOT SUPPORTED BY DIRECT ENCODING IN THE NFS VERSION 4 PROTOCOL BUT ARE ACCESSED BY STRING NAMES RATHER THAN NUMBERS AND CORRESPOND TO AN UNINTERPRETED STREAM OF BYTES, WHICH ARE STORED WITH THE FILESYSTEM OBJECT. • THE NAME SPACE FOR THESE ATTRIBUTES MAY BE ACCESSED BY USING THE OPENATTR OPERATION. • THE OPENATTR OPERATION RETURNS A FILEHANDLE FOR A VIRTUAL "ATTRIBUTE DIRECTORY" AND FURTHER PERUSAL OF THE NAME SPACE MAY BE DONE USING READDIR AND LOOKUP OPERATIONS ON THIS FILEHANDLE. • NAMED ATTRIBUTES MAY THEN BE EXAMINED OR CHANGED BY NORMAL READ AND WRITE AND CREATE OPERATIONS ON THE FILEHANDLES RETURNED FROM READDIR AND LOOKUP. 22
  • 23. NAMED ATTRIBUTES • IT IS RECOMMENDED THAT SERVERS SUPPORT ARBITRARY NAMED ATTRIBUTES. A CLIENT SHOULD NOT DEPEND ON THE ABILITY TO STORE ANY NAMED ATTRIBUTES IN THE SERVER'S FILESYSTEM. • IF A SERVER DOES SUPPORT NAMED ATTRIBUTES, A CLIENT WHICH IS ALSO ABLE TO HANDLE THEM SHOULD BE ABLE TO COPY A FILE'S DATA AND META-DATA WITH COMPLETE TRANSPARENCY FROM ONE LOCATION TO ANOTHER; THIS WOULD IMPLY THAT NAMES ALLOWED FOR REGULAR DIRECTORY ENTRIES ARE VALID FOR NAMED ATTRIBUTE NAMES AS WELL. 23
  • 24. 9. TIME ACCESS • THE TIME_ACCESS ATTRIBUTE REPRESENTS THE TIME OF LAST ACCESS TO THE OBJECT BY A READ THAT WAS SATISFIED BY THE SERVER. • THE NOTION OF WHAT IS AN "ACCESS" DEPENDS ON SERVER'S OPERATING ENVIRONMENT AND/OR THE SERVER'S FILESYSTEM SEMANTICS. • FOR EXAMPLE, FOR SERVERS OBEYING POSIX SEMANTICS, TIME_ACCESS WOULD BE UPDATED ONLY BY THE READLINK, READ, AND READDIR OPERATIONS AND NOT ANY OF THE OPERATIONS THAT MODIFY THE CONTENT OF THE OBJECT. OF COURSE, SETTING THE CORRESPONDING TIME_ACCESS_SET ATTRIBUTE IS ANOTHER WAY TO MODIFY THE TIME_ACCESS ATTRIBUTE. 24
  • 25. TIME ACCESS • WHENEVER THE FILE OBJECT RESIDES ON A WRITABLE FILESYSTEM, THE SERVER SHOULD MAKE BEST EFFORTS TO RECORD TIME_ACCESS INTO STABLE STORAGE. • HOWEVER, TO MITIGATE THE PERFORMANCE EFFECTS OF DOING SO, AND MOST ESPECIALLY WHENEVER THE SERVER IS SATISFYING THE READ OF THE OBJECT'S CONTENT FROM ITS CACHE, THE SERVER MAY CACHE ACCESS TIME UPDATES AND LAZILY WRITE THEM TO STABLE STORAGE. IT IS ALSO ACCEPTABLE TO GIVE ADMINISTRATORS OF THE SERVER THE OPTION TO DISABLE TIME_ACCESS UPDATES. 25
  • 26. 10. REFERENCES WEBSITE: HTTP://WWW.HJP.AT • URL: HTTP://WWW.HJP.AT/DOC/RFC/RFC3530.HTML • VISITED DATE: 6.5.2013 - 9:30 PM WEBSITE: HTTP://DATATRACKER.IETF.ORG • URL: HTTP://DATATRACKER.IETF.ORG/WG/NFSV4/CHARTER/ • VISITED DATE: 7.5.2013 - 2:30 PM WEBSITE: HTTP://WWW.IAPS.COM • URL: HTTP://WWW.IAPS.COM/NFSV4.HTML • VISITED DATE: .5.2013 - :30 PM 26