8.3 NAS File Sharing Protocols


Different methods or protocols can be used to access files on a NAS system. The most common methods of accessing NAS systems or NAS file sharing protocols are 

  • Network File System (NFS)
  • Common Internet File System (CIFS) or Server Message Block (SMB)
  • Hadoop Distribution File System (HDFS)

NAS File Sharing Protocols

Network File System (NFS)

NFS was introduced by Sun Microsystems which is a client-server protocol that operates natively over TCPIP networks and is mainly used for UNIX servers. However, it is also implemented in WIndows servers less frequently than in UNIX servers. NFS was originally based on the connectionless User Datagram Protocol (UDP). It uses a machine-independent model to represent user data. It also uses Remote Procedure Call (RPC) as a method of inter-process communication between two computers. The NFS protocol provides a set of RPCs to access a remote file system for the following operations
  • Searching files and directories
  • Opening, reading, writing to, and closing a file
  • Changing file attributes
  • Modifying file links and directories NFS creates a connection between the client and the remote system to transfer data.
Currently, three versions of NFS are in use
  • NFS version 2 (NFSv2)
  • NFS version 3 (NFSv3)
  • NFS version 4 (NFSv4)
The major components in an NFS configuration are the NFS server and the NFS client. The NFS server exports specific directories to specific clients over the network. The NFS client mounts the NFS exports in order to read and write from them. NFS servers can be either general-purpose UNIX/Linux servers, or can be NAS devices running an NFS service.
NFSv2 was the oldest version and rarely used in current IT data centers.
NFSv3 Overview
NFSv3 is a stateless protocol that operates over UDP or TCP and is based on the Open Network Computing (ONC) Remote Procedure Call (RPC) protocol. NFSv3 doesnt have good security features because of which many organizations doenst prefer to use it. Therefore, some organizations, especially financial institutions, try to avoid NFSv3.
NFSv3 is also tricky to configure behind and connect to through a firewall. This is because it utilizes the port mapper service to determine which network ports to listen and connect on. Basically, when an NFS server starts up, it tells the port mapper service which TCP/IP port numbers it is listening on for particular RPC numbers. This means that NFS clients have to ask the port mapper service on the NFS server which TCP or UDP port number to contact the NFS server on for a given RPC number. This mapping can change if the NFS daemon is restarted. Despite these deficiencies, NFSv3 is still a highly functional and popular file-serving protocol, so long as you can overlook the gaping security holes.
NFSv4 Overview
NFSv4 is a massive step forward for the NFS protocol, bringing it up to par with other network file-sharing protocols such as SMB/CIFS. NFSv4 offers some good features and it is gaining in popularity. Some of the major improvements include the following:
  • Access control lists that are similar to Windows ACLs
  • Mandated strong security
  • Compound RPCs
  • Delegations and client-side caching
  • Operation over well-known TCP port 2049
  • NFSv4.1 also brought parallel NFS (pNFS)
NFS4 offers better security features than NFS3. The major security enhancements are
  • Authentication
  • Integrity
  • Encryption
Both Windows and UNIX servers support these security features.

Common Internet File System (CIFS) or Server Message Block (SMB)

Initially SMB is used to be known as CIFS (Common Internet File System) which works on a client server protocol. Common Internet File System (CIFS) is a client-server application protocol that enables client programs to make requests for files and services on remote computers over TCP/IP. It is a public or open variation of Server Message Block (SMB) protocol. The CIFS protocol enables remote clients to gain access to files on a server. CIFS enables file sharing with other clients by using special locks. Filenames in CIFS are encoded using unicode characters. CIFS provides the following features to ensure data integrity
  • It uses file and record locking to prevent users from overwriting the work of another user on a file or a record.
  • It supports fault tolerance and can automatically restore connections and reopen files that were open prior to an interruption.
Just like NFS shares, CIFS also uses CIFS shares, CIFS clients and CIFS servers. A CIFS share is any folder that is shared on the network using the SMB/CIFS protocol and by using UNC path names. For example
A CIFS server can be a windows server which is sharing some of its drives or directories or it can be an instance of a file server on a NAS array. A CIFS client is any device that accesses a CIFS share over the network. To access these CIFS shares on Linux, you need to install Samba client and no additional software is needed on windows.
CIFS Advantages
CIFS is one of the best file server protocol which is widely used these days. CIFS operates over TCPIP networks on TCP port 445. CIFS offers the following advantageous features
  • Authentication
  • Encryption
  • Quotas
  • Branch Caching
  • Advanced Permission settings
  • Request Compounding
  • Request Pipelining
SMB 3.0 was introduced my Microsoft with Windows Server 2012 by adding an advanced feature called SMB Direct. SMB Direct allows SMB traffic to be sent over high performance, low-latency remote direct memory access (RDMA) technologies like Infiband. Also CIFS utilizes Kerberos for cryptographic services such as authentication and encryption. However, not all NAS vendors support Kerberos-based cryptographic services.

Hadoop Distribution File System (HDFS)

HDFS is a file system that spans multiple nodes in a cluster and allows user data to be stored in files. It presents a traditional hierarchical file organisation so that users or applications can manipulate (create, rename, move, or remove) files and directories. It also presents a streaming interface to run any application of choice using the MapReduce framework. HDFS requires programmatic access because the file system cannot be mounted. All HDFS communication is layered on top of the TCP/IP protocol. HDFS has a master/slave architecture.

Go To >> Index Page

Leave a Reply