Institute for Advanced Professional Studies

NFSv4: Protocol and Implementation




NFSv4 Technical Overview:

Sun's NFS has been the standard distributed file system for UNIX systems for almost two decades. New features in NFS version 4 add a great deal of functionality, including a new model for server exportation of file systems, improvements to the RPC protocol, stronger security, better caching, expanded locking, and support for the file-system semantics required by Windows clients. Additional features are being proposed as part of NFSv4.1: sessions, support for clustered servers, and directory delegation.

Links to more detailed information about NFS Protocol Specifications and IETF Internet Drafts may be found at http://www.iaps.com/nfs-specifications.html.


Workshop Overview:

This three-day course is for systems designers, programmers and technical support personnel who need to implement, test and support the Network File System version 4 (NFSv4) protocol.

The first day of the course is an in-depth tutorial for participants with little or no background in the previous versions of NFS. The second and third days of the course provide a detailed description of NFSv4, and an explanation of how the NFSv4 protocol is meant to work.

The NFSv4 protocol and its ramifications are covered in sufficient detail to satisfy the needs of participants who will be working on the internals of any particular implementation, e.g., the Open Source Reference Implementation for Linux. We present an overview of the authentication and authorization technologies used in NFSv4 and discuss client-side semantics issues that must be dealt with, covering Windows and UNIX/Linux clients.

This course can also include:

  • Discussion of the proposed new features and goals of NFSv4.1 including Sessions, Directory Delegations, and parallel NFS (pNFS)
  • Demonstrations of operating system and network traces to illustrate how things look when an NFSv4 installation is working correctly and what to probe when there are problems
  • Hands-on network administration exercises with third-party troubleshooting tools on specific client and server platforms
  • System security considerations
  • OS and application-specific topics

Workshop Objectives:

Upon successful completion of this course, participants will be able to:

  • Explain the NFS architectural model, both for version 4 and for earlier versions.
  • Describe NFSv4 remote procedure call, ONC RPC (including External Data Representation (XDR)).
  • Describe the functions of the mount protocol, explain how it works, provide the details of how it is used for authentication and authorization, and explain why it was eliminated from NFSv4.
  • Describe the NFS protocol as used in versions prior to 4. This includes being able to list the ramifications of server statelessness, provide the details of NFS's assumptions about the underlying file model, and explain the weak-consistency model used in NFS and its ramifications.
  • Explain how failures, both client and server, are coped with by the NFS protocol and how this is affected by the various mount options.
  • Enumerate and explain the idempotency and ordering issues that occur in client-server exchanges and how they are handled in both NFSv4 and earlier versions.
  • List the consequences to clients of the stateless nature of NFSv3 servers and describe how clients cope with these issues.
  • Describe how file locking is handled in the earlier versions of NFS and explain how failures are coped with.
  • List the new features added to NFS in version 4 and explain why they were added.
  • Explain the compound RPC command and how it is used in NFSv4.
  • Describe what NFSv4 requires of the transport protocol and how its features are used.
  • Describe the new file system model and explain how file system IDs are constructed and used, why there is a need for both persistence and volatile file handles and how they are used, and how the earlier mount protocol has been replaced.
  • Explain and give examples of client-server interaction in pathname traversals.
  • List and explain what was added to NFS for support of Win32 clients.
  • Describe the support for attributes and what they are used for.
  • Describe locking and sharing mechanisms in NFSv4 and explain the new functionality provided in version 4.
  • Explain the security limitations in earlier NFS versions and how they are dealt with in version 4.
  • Explain the use of GSS-API for support of authentication protocols.
  • Describe the architecture of Kerberos and Lipkey.
  • Describe how authentication is negotiated.
  • Explain how ACLs are used in NFSv4 and what is required of servers to implement them.

Topic Outline:

Day 1

NFS Versions 2 and 3:

  • Overview
    • History
    • Competitors
    • Current status
  • RPC/XDR
    • RPC model
    • Marshalling and unmarshalling
    • Using ONC RPC
  • Mount protocol
    • File-system model
    • Exporting file systems
      • Functionality
      • Security
    • Automounting
  • NFS protocol
    • Statelessness
    • File model
      • Functionality
    • Consistency and Caching
      • Weak-consistency model
      • Rules for maintaining it
    • Failure semantics
      • Mount options
      • Safe storage, nonvolatile storage, committing changes
    • Idempotency and ordering issues
  • Client issues
    • Coping with statelessness
      • Consequences of no open-file state
    • Attribute caching
    • Other anomalies
  • Network Lock Manager protocol
    • Functionality
    • Coping with failures

Day 2

NFSv4 Overview:

  • Problems with earlier versions
    • Missing functionality
    • Performance issues
  • New features of version 4
  • New features of version 4.1

Mechanisms:

  • Additions to RPC
    • Compound RPC
    • Callbacks
  • Transport issues
    • Reliability concerns
    • Congestion control

Functionality:

  • File-system model
    • File-system ID
    • File handles
      • Persistent and volatile
    • Exporting file systems
    • Pseudo file systems
    • Pathname traversals
  • File Model
    • Support for Win32
    • Attributes
      • Mandatory
      • Recommended
      • Named
    • Locking and Sharing
      • New functionality
        • Share reservations
        • Mandatory record locking
  • Security
    • User identification
    • Authentication
      • Technology overview
        • GSSAPI
        • Kerberos
        • Lipkey
      • Flavors and negotiation
    • Authorization
      • NFS4 ACLs
  • Multi-Server Issues
    • Migration
    • Replication
  • Internationalization
    • UTF-8 encoding

Day 3

Caching and Failure Resistance:
  • Managing shared state and failures
    • Verifiers
    • Client IDs
    • State IDs
    • Timestamps
  • Cache consistency and validation
  • Locking and Sharing
    • Caching and failure issues
    • Sequencing issues
    • Security issues
      • Protection from rogue clients
  • Delegation
    • Delegation of server control
      • What state information is delegated
      • Maintaining consistency
    • Leases
    • Callbacks
    • Revocation
  • Attributes
    • Rules for caching
    • Rules for usage
  • Name and directory caching
  • Rules for consistency

NFSv4.1 Features (Optional):

  • Sessions
    • Exactly once semantics
  • Directory delegations
  • Parallel NFS (pNFS)
    • Clients, metadata servers, storage devices
    • Storage protocol vs. data protocol
    • Layouts
    • NFSv4.1 data servers

Course Duration:

3 days. A two-day version of this course is available for participants who are intimately familiar with NFS versions 2 and 3. IAPS will further customize this on-site NFSv4 course, e.g., add material on Linux internals or NFSv4 administration and troubleshooting, to achieve specific organizational training objectives.


Intended Audience:

The course is intended for system designers, programmers, and technical support personnel who will be implementing and supporting NFSv4. Customized courses such as NFSv4 Administration can be presented to groups needing NFSv4 system management training.


Technical Prerequisites:

Participants must be experienced C programmers who have a working understanding of the following OS concepts: processes, threads, file systems, scheduling, and network protocols.


Course Format:

Interactive lecture with optional hands-on exercises and demonstrations of NFSv4 tracing and administration




© Copyright 2002-2015 Institute for Advanced Professional Studies (IAPS)