Transcript ppt

CMPE 151: Network
Administration
Lecture 5
Spring 2004
Project Proposals


Due by 05.13.
Samples will be posted on the Web
page by later today.
Spring 2004
More services…

NFS and Samba.
Spring 2004
Network File System (NFS)
Spring 2004
File Systems

Provide set of primitives that abstract
users from details of storage access and
management.
Spring 2004
Distributed File Systems





Promote sharing across machine
boundaries.
Transparent access to files.
Make diskless machines viable.
Increase disk space availability by
avoiding duplication.
Balance load among multiple servers.
Spring 2004
Sun Network File System

De facto standard:




Mid 80’s.
Widely adopted in academia and industry.
Provides transparent access to remote files.
Uses Sun RPC and XDR.


NFS protocol defined as set of procedures and
corresponding arguments.
Synchronous RPC:

Client blocks until it gets results from server.
Spring 2004
Stateless server


Remote procedure calls are self-contained.
Servers don’t need to keep state about
previous requests.


Flush all modified data to disk before returning
from RPC call.
Robustness.


No state to recover.
Clients retry.
Spring 2004
Location Transparency

Client’s file name space includes remote
files.


Shared remote files are exported by server.
They need to be remote-mounted by
client.
Spring 2004
File system hierarchy
Server 1
/root
export
users
joe
Server 2
/root
Client
/root
nfs
vmunix usr
students
users
staff
ann eve
bob
Spring 2004
Achieving Transparency

Mount service.



Mount remote file systems in the client’s
local file name space.
Mount service process runs on each node
to provide RPC interface for mounting and
unmounting file systems at client.
Runs at system boot time or user login
time.
Spring 2004
Automounter





Dynamically mounts file systems.
Runs as user-level process on clients
(daemon).
Resolves references to unmounted
pathnames by mounting them on demand.
Maintains a table of mount points and the
corresponding server(s); sends probes to
server(s).
Primitive form of replication.
Spring 2004
Transparency?

Early binding.



Mount system call attaches remote file
system to local mount point.
Client deals with host name once.
But, mount needs to happen before remote
files become accessible.
Spring 2004
Other Functions

NFS file and directory operations:


Access control:


read, write, create, delete, getattr, etc.
File and directory access permissions.
Path name translation:


Lookup for each path component.
Caching.
Spring 2004
Implementation
Client
process
Unix Kernel
Unix Kernel
VFS
Unix
FS
NFS
client
VFS
RPC
Client
NFS
server
Unix
FS
Server
Spring 2004
Observations

NFS didn’t change the file system API.


Users access remote files with the same
operations used for local ones.
If access is to remote file, NFS client
makes a remote procedure call to NSF
server where file resides.
Spring 2004
Remote Procedure Call (RPC)





Builds on message passing.
Main idea: extend traditional (local)
procedure call to perform transfer of control
and data across network.
Easy to use: analogous to local calls.
But, procedure is executed by a different
process, probably on a different machine.
Fits very well with client-server model.
Spring 2004
RPC Mechanism
1. Invoke RPC.
2. Calling process suspends.
3. Parameters passed across network to
target machine.
4. Procedure executed remotely.
5. When done, results passed back to caller.
6. Caller resumes execution.
Is this synchronous or asynchronous?
Spring 2004
RPC Advantages



Easy to use.
Well-known mechanism.
Abstract data type




Client-server model.
Server as collection of exported procedures
on some shared resource.
Example: file server.
Reliable.
Spring 2004
RPC Semantics (1)


Delivery guarantees.
“Maybe call”:


Clients cannot tell for sure whether remote
procedure was executed or not due to
message loss, server crash, etc.
Usually not acceptable.
Spring 2004
RPC Semantics (2)

“At-least-once” call:



Remote procedure executed at least once,
but maybe more than once.
Retransmissions but no duplicate filtering.
Idempotent operations OK; e.g., reading
data that is read-only.
Spring 2004
RPC Semantics (3)

“At-most-once” call




Most appropriate for non-idempotent
operations.
Remote procedure executed 0 or 1 time,
ie, exactly once or not at all.
Use of retransmissions and duplicate
filtering.
Example: Birrel et al. implementation.

Use of probes to check if server crashed.
Spring 2004
RPC Implementation (1)
User
call
Caller
User
stub
pck
args
RPC
runtime
xmit
Callee
RPC
Server
Call
packet runtime stub
rcv
unpk
Server
call
work
Result
return
unpk
result
xmit
rcv
Spring 2004
pck
result
return
RPC Implementation (2)


RPC runtime mechanism responsible for
retransmissions, acknowledgments.
Stubs responsible for data packaging
and un-packaging;

AKA marshalling and un-marshalling:
putting data in form suitable for
transmission. Example: Sun’s XDR.
Spring 2004
Binding

How to determine where server is? Which
procedure to call?

“Resource discovery” problem



Name service: advertises servers and services.
Example: Birrel et al. uses Grapevine.
Early versus late binding.


Early: server address and procedure name
hard-coded in client.
Late: go to name service.
Spring 2004
Synchronous and
Asynchronous RPC
Synchronous
Client
Server
Asynchronous
Client
Spring 2004
Server
RPC Performance

Sources of overhead



data copying
scheduling and context switch.
Light-Weight RPC



Shows that most invocations took place on a single
machine.
LW-RPC: improve RPC performance for local case.
Optimizes data copying and thread scheduling for
local case.
Spring 2004
Transport protocol

Originally used UDP.



Most current implementations use TCP.


Better performance in LANs.
NFS and RPC do their own reliability
checks.
WANs: congestion control.
TCP officially integrated in NFS v.3.
Spring 2004
Virtual File System (1)

VFS added to UNIX kernel.



@ client:


Location-transparent file access.
Distinguishes between local and remote access.
Processes file system system calls to determine
whether access is local (passes it to UNIX FS) or
remote (passes it to NFS client).
@ server:

NFS server receives request and passes it to local
FS through VFS.
Spring 2004
VFS (2)


If local, translates file handle to internal file id’s (in
UNIX i-nodes).
V-node:



If file local, reference to file’s i-node.
If file remote, reference to file handle.
File handle: uniquely distinguishes file.
File system id
I-node #
I-node generation #
Spring 2004
NFS caching


File contents and attributes.
Client versus server caching.
Server
Client
$
$
Spring 2004
Server caching

Read:




Same as UNIX FS.
Caching of file pages and attributes.
Cache replacement uses LRU.
Write:


Write through (as opposed to delayed
writes of conventional UNIX FS). Why?
[Delayed writes: modified pages written to
disk when buffer space needed, sync
operation (every 30 sec), file close].
Spring 2004
Client caching (1)


Timestamp-based cache invalidation.
Read:


Cached entries have TS with last-modified
time.
Blocks assumed to be valid for TTL.


TTL specified at mount time.
Typically 3 sec for files.
Spring 2004
Client caching (2)

Write:


Modified pages marked and flushed to
server at file close or sync (every 30 sec).
Consistency?


Not always guaranteed!
E.g., client modifies file; delay for
modification to reach servers + 3-sec
window for cache validation from clients
sharing file.
Spring 2004
Cache validation

Validation check performed when:




First reference to file after TTL expires.
File open or new block fetched from server.
Done for all files (even if not being shared).
Expensive!



Potentially, every 3 sec get file attributes.
If needed invalidate all blocks.
Fetch fresh copy when file is next accessed.
Spring 2004
Network Information Service
(NIS)
Spring 2004
NIS

Originally called Sun Yellow Pages.


NIS commands still start with “yp”.
Administrative database.




Spans server and its clients.
Server keeps authoritative copies of system
files.
Server propagates database over network.
Maps in /var/yp.
Spring 2004
Data files and the NIS
database



Data files edited with text editor.
Updated files are then converted into
database format (hashing) using e.g.,
ypmake.
Example data file: /etc/passwd,
/etc/group
Spring 2004
Replication


Slave servers can replicate network
maps.
When master copy is updated, updated
copy needs to be pushed out to slavs
(yppush and ypxfr).
Spring 2004
NIS Operation



ypbind runs on every machine;
detects a NIS server and returns its id
to client.
Server used for all remaining queries.
ypserv runs on servers (master and
slaves) accepting and answering
queries by looking up NIS maps.
Spring 2004
Samba
Spring 2004
What is Samba?

Allows resource sharing between Unixbased and MS Windows-based systems.
“Samba is a freely available SMB server
for Unix… Samba runs on a great many
Unix variants (Linux, Solaris, …,
FreeBSD, …, etc.)…”
[www.samba.org/cifs/docs/what-is-smb.html]
Spring 2004
How does it work?

Set of UNIX applications running the
Server Message Block (SMB) protocol.



SMB is the protocol MS Windows use for
client-server interactions over a network.
By running SMB, Unix systems appear as
another MS Windows system.
smbd daemon.
Spring 2004
Samba Services



File sharing.
Printer sharing.
Client authentication.
Spring 2004
SMB Protocol



Request/response.
Runs atop TCP/IP.
E.g., file and print operations.


Open close, read, write, delete, etc.
Queuing/dequeing files in printer spool.
Spring 2004
SMB Message



Header + command/response.
Header: protocol id, command code,
etc.
Command: command parameters.
Spring 2004
Establishing a SMB Connection


Establish TCP connection.
Negotiate protocol variant.




Client sends SMBnegprot.
Client sends lists of variants it can speak.
Server responds with index into client’s list.
Set session and login parameters.

Account name, passwd, workgroup name,
etc.
Spring 2004
Security Levels


“Share-wide”: authorized clients can
access any file under that share.
“File-level”: before accessing any file,
client needs to be authenticated; in
fact, client authenticated once and uses
UID for future accesses.
Spring 2004
More servers: DNS and Mail
Spring 2004
Domain Name System (DNS)


Basic function: translation of names
(ASCII strings) to network (IP)
addresses and vice-versa.
Example:

zephyr.isi.edu <-> 128.9.160.160
Spring 2004
History

Original approach (ARPANET, 1970’s):




File hosts.txt listed all hosts and their IP
addresses.
Every night every host fetches file from
central repository.
OK for a few hundred hosts.
Scalability?


File size.
Centrally managed.
Spring 2004
DNS



Hierarchical name space.
Distributed database.
RFCs 1034 and 1035.
Spring 2004
How is it used?

Client-server model.




Client DNS (running on client hosts), or
resolver.
Application calls resolver with name.
Resolver contacts local DNS server (using
UDP) passing the name.
Server returns corresponding IP address.
Spring 2004
Namespace


Flat versus hierarchical.
Flat:



Sequence of characters with no structure.
Short, convenient names.
But, doesn’t scale! Why?



Unique names.
Hard to decentralize.
Hierarchical:


Name space partitioned and decentralized.
Portions delegated to different authorities.
Spring 2004
DNS Name Space

Tree-based hierarchy.
int
com
ibm
eng sales cs
edu
gov mil
usc
ee
Spring 2004
org
net
us
ca …
Name Space Structure

Top-level domains:




Generic.
Countries.
Leaf domains: no sub-domains.
In practice all US organizations are
under a generic domain, while
everything outside the US is under the
corresponding country domain.
Spring 2004
DNS Names

Domain names:





Concatenation of all domain names starting
from its own all the way to the root separated
by “.”.
Refers to a tree node and all names under it.
Case insensitive.
Components up to 63 characters.
Full name less than 255 characters.
Spring 2004

Name Space Management
Domains are autonomous.



Organizational boundaries.
Each domain manages its own name space
independently of other domains.
Delegation:

When creating new domain: register with
parent domain.


For name uniqueness.
For name resolution.
Spring 2004
Resource Records





Entry in the DNS database.
Several types of entries or RRs.
Example: RR “A” contains IP address.
Name <-> several resource records.
RR format: five-tuple.





Name.
TTL (in seconds).
Class (usually “IN” for Internet info).
Type: type of RR.
Value.
Spring 2004
RR Types 1

SOA: start of authority.



A: address.



Marks beginning of zone’s database.
Provides general info about the zone: e-mail
address of admin, default TTL, etc.
Contains 32-bit IP address.
Single name <-> several A RRs.
MX: mail exchange.

Name of mail server for this domain.
Spring 2004
RR Types 2

NS: name server.


CNAME: canonical name.


Alias.
HINFO: host description.


Name of name server for this domain.
Provides information about host, e.g., CPU type,
OS, etc.
TXT: arbitrary string of characters.

Generic description of the domain, where it is
located, etc.
Spring 2004
Name Servers

Entire database in a single name server.





DNS database is partitioned into zones.
Each zone contains part of the DNS tree.
Zone <-> name server.



Practical?
Why?
Each zone may be served by more than 1 server.
A server may serve multiple zones.
Primary and secondary name servers.
Spring 2004
Name Resolution 1


Application wants to resolve name.
Resolver sends query to local name server.



Resolver configured with list of local name servers.
Select servers in round-robin fashion.
If name is local, local name server returns
matching authoritative RRs.


Authoritative RR comes from authority managing the
RR and is always correct.
Cached RRs may be out of date.
Spring 2004
Name Resolution 2

If information not available locally (not
even cached), local NS will have to ask
someone else.

It asks the server of the top-level domain
of the name requested.
Spring 2004
Recursive Resolution

Recursive query:



Each server that doesn’t have info forwards it
to someone else.
Response finds its way back.
Alternative: iterative resolution



Name server not able to resolve query, sends
back the name of the next server to try.
Some servers use this method.
More control for clients.
Spring 2004

Example
Suppose resolver on flits.cs.vu.nl wants to
resolve linda.cs.yale.edu.






Local NS, cs.vu.nl, gets queried but cannot resolve it.
It then contacts .edu server.
.edu server forwards query to yale.edu server.
yale.edu contacts cs.yale.edu, which has the
authoritative RR.
Response finds its way back to originator.
cs.vu.nl caches this info.


Not authoritative (since may be out-of-date).
RR TTL determines how long RR should be cached.
Spring 2004
Caching




Name servers cache recent requests
and corresponding mappings.
Also, cache server that provided
mapping.
Cached information is non-authoritative.
Clients may choose to use them or go
to authoritative server for fresh copy.
Spring 2004
Cache consistency




TTL: how long cached copy is valid.
Specified by original server.
May be different for each object.
Long versus short TTLs.
Spring 2004
More details…

RFC 1034 and 1035.
Spring 2004
Electronic Mail

Non-interactive.


Deferred mail (e.g., destination temporarily
unavailable).
Spooling:


Message delivery as background activity.
Mail spool: temporary storage area for
outgoing mail.
Spring 2004
Mail system
User
sends mail
User
interface
User
reads mail
Outgoing
mail
spool
Mailboxes
incoming
mail
Spring 2004
Client
(send)
TCP
connection
(outgoing)
Server TCP
(receive) connection
(incoming)
Observations




When user sends mail, message stored
is system spool area.
Client transfer runs on background.
Initiates transfer to remote machine.
If transfer succeeds, local copy of
message removed; otherwise, tries
again later (30 min) for a maximum
interval (3 days).
Spring 2004
Mail alias expansion

Mapping of e-mail identifiers to mail
addresses.



Mail interface consults local alias database and
performs mapping before passing message to
outgoing mail spool.
One-to-many (e.g., mailing lists) and many-to-one
(e.g., multiple ways to refer to a single user)
mapping.
Incoming mail also goes through alias expansion
before delivery.
Spring 2004
SMTP




Simple Mail Transfer Protocol
How messages are transferred over a
TCP/IP internet.
Defines commands used to exchange
mail between mail clients and servers.
Problems reported to user by e-mail.
Spring 2004
Example
SMTP
exchange
User [email protected] sends message to jones, green, and
[email protected].
S: 220 beta.gov ready
C: Helo alpha.edu
S: 250 beta.gov
C: MAIL FROM [email protected]
S: 250 OK
C: RCPT TO: [email protected]
S: 250 OK
C: RCPT TO: [email protected]
S: 550 no such user
C: DATA …
Spring 2004
Mail retrieval


SMTP implies server is always listening.
What about machines with intermittent
Internet access?


2-stage delivery: message delivered to
user permanent mailbox; then user
connects to retrieve messages.
User needs protocol to retrieve messages
from “permanent” mailboxes.
Spring 2004
Post Office Protocol version 3





POP3.
User invokes POP3 client; connects to POP3
server through TCP.
Requires authentication (user id and passwd).
Commands to retrieve and delete messages
from permanent mailbox.
Mail server needs to run SMTP and POPP3.

Mailbox a shared data.
Spring 2004
More details…

RFC 821 and 822 specify SMTP and its
message formats.
Spring 2004