Notes on NFS V4
Notes from reading The NFS V4 Protocol, by Spencer Shepler, David Robinson, Robert Thurlow and others.
NFS V4 Goals:
- Improve hetero support (especially with Windows);
- Higher performance;
- Better security;
- Improved data sharing;
- Leased-based file locking (Stateful NFS servers);
- Standard data representation (XDR) (Endian-neutral);
- Elimination of separate daemons & utilities (mount, network lock manager);
- Compound operations - aggregates multiple RPC calls w/single server response;
- Aggregation of File Systems on each server into common namespace (server creates pseudo root to put them together);
Benefits of Statefull Open/Close:
- Matches Windows CIFS semantics;
- Allow exclusive file creates;
- Allows higher performance aggressive caching for clients with exclusive opens;
Benefits of elimination of separate protocols:
All NFS operations combined on one port. Makes it easier to enable NFS through a firewall. Also (need to confirm this) - may make it easier to optimize for use through a TOE.
State and File Locking
Uses client IDs to identify clients. ID is globally unique and changes through reboots so the storage server knows to release locks from prior session. Server uses State IDs for each file to keep track of client locks.
Concept that client (with non-exclusive open on a file) can cache changes. Delegated on a lease basis. Client should periodically query the server to see if another client has changed the file and cache the changes. Then, of course, the client flushes all changes.
New in V4. NFS term for an exclusive lock. There must be a lease & lease renewal mechanism but I don't know what it is.
New 'Recommended Attributes'
Includes ACLs, Archive bit, Modification time, create time, access time, Owner, Group, and some other things. The archive and access info will be nice for enabling HSM and archiving.
A way for a server and client to agree on additional attributes on a PER FILE BASIS (yes!). The are name/value pairs. Could be used to instruct servers to handle files in unique ways. BIG ENABLER FOR INTELLIGENT STORAGE!
More Secure RPC V4 adds support for something called Generic Security Services (RPCSEC_GSS). This provides better AUTHENTICATION for RPC calls as well as the option to add ENCRYPTION and integrity checksums to RPC calls.
ACLs V4 adds ACLs, not in V2 or 3. Uses the NT ACL model. Values for a User or Group can be ALLOW, DENY, AUDIT, ALARM. Means server can keep an audit trail and can ALARM if certain users try to access data.
Migration/Replication Support (this is cool) V4 adds a new Attribute called fs_locations (must be a named attribute, I guess since it's not a mandatory or recommended attribute). Anyway there is an error code telling the client to query this attribute. It will tell the client the NEW location of this data, if it's been migrated. It can also identify ALTERNATE locations so the server can mirror the data.