SMB3 in Samba. Multi-Channel and Beyond. Michael Adam 2016-04-20. Red Hat / samba.org

Similar documents
Samba 4 AD + Fileserver

SAMBA AND SMB3: ARE WE THERE YET? Ira Cooper Principal Software Engineer Red Hat Samba Team

Samba s Way Toward SMB 3.0

SerNet. Samba Status Update. Linuxkongress Hamburg October 10, Volker Lendecke SerNet Samba Team. Network Service in a Service Network

<Samba status report>

Samba 4.2. Cebit 2015 Hannover

Scalable NAS Cluster With Samba And CTDB Source Talk Tage 2010

CALLING THE WITNESS: SMB3 Failover with Samba/CTDB

SerNet. Samba Status Update. Munich 13. March Volker Lendecke SerNet Samba Team. Network Service in a Service Network

Microsoft SMB Running Over RDMA in Windows Server 8

A COMPARISON BETWEEN THE SAMBA3 AND LIKEWISE LWIOD FILE SERVERS

Clustered CIFS For Everybody Clustering Samba With CTDB. LinuxTag 2009

Samba 4 Status Update

SMB remote file protocol (including SMB 3.0) SW Worth, Microsoft

TFE listener architecture. Matt Klein, Staff Software Engineer Twitter Front End

Active Directory network protocols and traffic

SerNet. Clustered Samba. Nürnberg April 29, Volker Lendecke SerNet Samba Team. Network Service in a Service Network

v7.8.2 Release Notes for Websense Content Gateway

Samba as an Active Directory Domain Controller

Implementation of Hadoop Distributed File System Protocol on OneFS Tanuj Khurana EMC Isilon Storage Division

Integrating Red Hat Enterprise Linux 6 with Microsoft Active Directory Presentation

FreeIPA Cross Forest Trusts

Integration with Active Directory. Jeremy Allison Samba Team

ICANWK504A Design and implement an integrated server solution

EMC ISILON SMARTCONNECT

OVERVIEW OF TYPICAL WINDOWS SERVER ROLES

Samba and Vista with IPv6

Protocols for Dummies

Samba on HP StorageWorks Enterprise File Services (EFS) Clustered File System Software

Network Attached Storage. Jinfeng Yang Oct/19/2015

Configuration Guide BES12. Version 12.3

CYAN SECURE WEB HOWTO. NTLM Authentication

Successful DB2 NETLOGON in LAB (Sniffer on LAB HUB)

Going in production Winbind in large AD domains today. Günther Deschner (Red Hat / Samba Team)

Open Source, Scale-out clustered NAS using nfs-ganesha and GlusterFS

What is included in the ATRC server support

Load Balancing and High availability using CTDB + DNS round robin

INUVIKA TECHNICAL GUIDE

Step by step guide for installing highly available System Centre 2012 Virtual Machine Manager Management server:

Network Configuration Settings

Java Secure Application Manager

Novell Open Enterprise Server 2015 and Microsoft Windows Server 2012 R2 Compare and Contrast:

Configuring Windows Server Clusters

CONFIGURING ACTIVE DIRECTORY IN LIFELINE

Comparing SMB Direct 3.0 performance over RoCE, InfiniBand and Ethernet. September 2014

EMC ISILON AND ELEMENTAL SERVER

Configuration Guide BES12. Version 12.2

ACE Management Server Deployment Guide VMware ACE 2.0

High Performance Cluster Support for NLB on Window

Lustre SMB Gateway. Integrating Lustre with Windows

Configure AlwaysOn Failover Cluster Instances (SQL Server) using InfoSphere Data Replication Change Data Capture (CDC) on Windows Server 2012

SMB2 Big Improvements in the Remote Filesystems Protocol James Pinkerton, Microsoft

ADVANCED NETWORK CONFIGURATION GUIDE

GlobalSCAPE DMZ Gateway, v1. User Guide

41376 UDP performing get device status Command Workstation (CWS), Harmony, Bi-directional Driver TCP/UDP

Active Directory Integration

Millbeck Communications. Secure Remote Access Service. Internet VPN Access to N3. VPN Client Set Up Guide Version 6.0

Open Directory. Apple s standards-based directory and network authentication services architecture. Features

Course Syllabus. Fundamentals of Windows Server 2008 Network and Applications Infrastructure. Key Data. Audience. Prerequisites. At Course Completion

F-Secure Messaging Security Gateway. Deployment Guide

VERITAS Cluster Server Traffic Director Option. Product Overview

EMC Unity Family EMC Unity All Flash, EMC Unity Hybrid, EMC UnityVSA

BlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: Security Note

Placing the BlackBerry Enterprise Server for Microsoft Exchange in a demilitarized zone

Network Layers. CSC358 - Introduction to Computer Networks

Getting Started with RES Automation Manager Agent for Linux

BlackBerry Enterprise Service 10. Version: Configuration Guide

Configuration Guide BES12. Version 12.1

StreamServe Persuasion SP5 Control Center

Introduction to Highly Available NFS Server on scale out storage systems based on GlusterFS

IP SAN Fundamentals: An Introduction to IP SANs and iscsi

Migration of Windows Intranet domain to Linux Domain Moving Linux to a Wider World

7.1. Remote Access Connection

Introduction CORBA Distributed COM. Sections 9.1 & 9.2. Corba & DCOM. John P. Daigle. Department of Computer Science Georgia State University

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

Windows Server Infrastructure for SQL Server

User Identification and Authentication

GL254 - RED HAT ENTERPRISE LINUX SYSTEMS ADMINISTRATION III

Configuring the BIG-IP LTM v11 for Oracle Database and RAC

SSL VPN A look at UCD through the tunnel

Steps for Basic Configuration

NFSv4.1 Server Protocol Compliance, Security, Performance and Scalability Testing - Implement RFC, Going Beyond POSIX Interop!

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

SMB Advanced Networking for Fault Tolerance and Performance. Jose Barreto Principal Program Managers Microsoft Corporation

Implementing the Hadoop Distributed File System Protocol on OneFS Jeff Hughes EMC Isilon

Matrix Technical Support Mailer 167 NAVAN CNX200 PPTP VPN with Windows Client

Red Hat Enterprprise Linux - Renewals DETAILS SUPPORTED ARCHITECTURE

Mark Bennett. Search and the Virtual Machine

Linux Virtual Server Tutorial

Architecture and Data Flow Overview. BlackBerry Enterprise Service Version: Quick Reference

Basic & Advanced Administration for Citrix NetScaler 9.2

Samba in the Enterprise : Samba 3.0 and beyond

EMC VNXe Series. Configuring Hosts to Access CIFS File Systems. Version 3.1 P/N REV. 03

Transcription:

SMB3 in Samba Multi-Channel and Beyond Michael Adam Red Hat / samba.org 2016-04-20

Michael Adam SMB3 in Samba (2/44) agenda History of SMB History of Samba SMB 2+ SMB 2+ in Samba SMB3 Multi-Channel Outlook: SMB3 over RDMA Outlook: SMB3 Clustering/Witness Outlook: SMB3 Persistent Handles

Intro / History

Michael Adam SMB3 in Samba (4/44) SMB - the alien protocol SMB - Server Message Block 1983: created by Barry Feigenbaum, IBM Turn DOS INT 21h local file access into network Microsoft: Lan Manager (from 1990) Windows for Workgroups (from 1992) On top of NetBIOS, TCP port 139 from Windows 2000: directly on TCP port 445

Michael Adam SMB3 in Samba (5/44) SMB versions > 1 SMB 2.0: 2006 - Windows Vista SMB 2.1: 2009 - Windows 7/Server 2008R2 SMB 3.0: 2012 - Windows 8/Server 2012 SMB 3.0.2: 2014 - Windows 8.1/Server 2012R2 SMB 3.1.1: 2015 - Windows 10/Server 2016

Michael Adam SMB3 in Samba (6/44) Enter Samba...... implements SMB...... old Open Source project...... opens windows to a wider world......

Samba... Michael Adam SMB3 in Samba (7/44)

Samba... According to openhub.net, Samba...has had 101,614 commits made by 363 contributors representing 1,637,229 lines of code present on millions of NAS devices and routers one of the oldest OSS projects (24 years) large codebase and small but very active development team Michael Adam SMB3 in Samba (8/44)

Michael Adam SMB3 in Samba (9/44) Samba - History 1992/01: start of the project 1.5: 1993/12: (nbserver) 1.9.16: 1996/05: CVS, Samba Team 2.0: 1999/01: domain-member, +SWAT 2.2: 2001/04: NT4-DC 3.0: 2003/09: AD-member, Samba4 project started 3.2: 2008/07: GPLv3, experimental clustering 3.3: 2009/01: clustering [with CTDB] 3.4: 2009/07: merged S3+S4 code 3.5: 2010/03: experimental SMB 2.0 3.6: 2011/09: SMB 2.0 4.0: 2012/12: AD/DC, SMB 2.0 durable handles, 2.1, 3.0 4.1: 2013/10: stability 4.2: 2015/03: AD trusts, SMB2.1 leases, perf, include CTDB 4.3: 2015/09: spotlight, new FileChangeNotify, SMB 3.1.1 4.4: 2016/03: Multi-Channel core,...

Michael Adam SMB3 in Samba (10/44) Samba - Today Performant, scalable SMB file server Ongoing SMB3 implementation Active Directory domain member with winbindd flexible, performant, clusterable Full Active Directory Domain Controller (Kerberos KDC, LDAP, DNS, Trusted Domains, etc) AWS Directory Service is powered by Samba AD Established SMB clients for Linux: cifs.ko, libsmbclient (nautilus, dolphin, konqueror) Comprehensive testsuite wrappers now published outside of Samba: cwrap.org IDL compiler, autogenerated DCE/RPC code another 1,141,095 lines of code Powerful python(3) bindings, partly autogenerated

SMB3

SMB3 SMB3 (2012) introduced SMB clustering: Clustering - Witness Continuous Availability - Persistent Handles Scale Out Additionally: Transport encryption Multi-Channel RDMA transport (SMB Direct) Michael Adam SMB3 in Samba (12/44)

SMB Features - in Samba SMB 2.0: durable file handles [4.0] SMB 2.1: multi-credit / large mtu [4.0] dynamic reauthentication [4.0] leasing [4.2] resilient file handles [PoC] SMB 3.0: new crypto (sign/encrypt) [4.0] secure negotiation [4.0] durable file handles v2 [4.0] persistent file handles [design/poc] multi-channel [4.4 (experimental)] SMB direct [design] cluster features [design] witness [WIP+] SMB 3.0.2: [4.3] SMB 3.1.1: negotiate contexts, preauth: [4.3] Michael Adam SMB3 in Samba (13/44)

Multi-Channel

Multi-Channel - General multiple transport connections in one SMB(3) session channel: transport connection bound to a session client decides which connections to bind and to use session is valid as long as at least one channel is intact two purposes 1 increase throughput: use multiple connections of same type 2 improve fault tolerance: channel failure: replay/retry detection Michael Adam SMB3 in Samba (15/44)

Michael Adam SMB3 in Samba (16/44) Multi-Channel - General use case: channels of different type/quality use only the channels of best quality fall back to inferior channels if superior ones fail e.g.: laptop switching between WiFi and LAN (?)

Michael Adam SMB3 in Samba (17/44) Multi-Channel - Windows/Protocol 1 establish initial session on TCP connection 2 find interfaces with interface discovery: FSCTL QUERY NETWORK INTERFACE INFO 3 bind additional TCP (or later RDMA) connection (channel) to established SMB3 session (session bind) 4 Windows: uses connections of same (and best) quality 5 Windows: binds only to a single node 6 replay / retry mechanisms, epoch numbers

Michael Adam SMB3 in Samba (18/44) Multi-Channel Samba samba/smbd: multi-process Originally: process TCP connection Idea: transfer new TCP connection to existing smbd How? use fd-passing (sendmsg/recvmsg) When? Natural choice: at SessionSetup (Bind) Idea: as early as possible, based on ClientGUID per ClientGUID single process model

Multi-Channel Samba Michael Adam SMB3 in Samba (19/44)

Michael Adam SMB3 in Samba (20/44) Multi-Channel Samba samba/smbd: multi-process Originally: process TCP connection Idea: transfer new TCP connection to existing smbd How? use fd-passing (sendmsg/recvmsg) When? Natural choice: at SessionSetup (Bind) Idea: as early as possible, based on ClientGUID per ClientGUID single process model

Multi-Channel Samba Michael Adam SMB3 in Samba (21/44)

Multi-Channel Samba Michael Adam SMB3 in Samba (21/44)

Multi-Channel Samba Michael Adam SMB3 in Samba (21/44)

Michael Adam SMB3 in Samba (22/44) Multi-Channel Samba samba/smbd: multi-process Originally: process TCP connection Idea: transfer new TCP connection to existing smbd How? use fd-passing (sendmsg/recvmsg) When? Natural choice: at SessionSetup (Bind) Idea: as early as possible, based on ClientGUID per ClientGUID single process model

Michael Adam SMB3 in Samba (22/44) Multi-Channel Samba samba/smbd: multi-process Originally: process TCP connection Idea: transfer new TCP connection to existing smbd How? use fd-passing (sendmsg/recvmsg) When? Natural choice: at SessionSetup (Bind) Idea: as early as possible, based on ClientGUID per ClientGUID single process model

Multi-Channel Samba : pass by ClientGUID Michael Adam SMB3 in Samba (23/44)

Multi-Channel Samba : pass by ClientGUID Wait a minute - what about performance? Single process... But we use short-lived worker-pthreads for I/O ops! Benchmarks and tunings still to be done. Michael Adam SMB3 in Samba (24/44)

Michael Adam SMB3 in Samba (25/44) Multi-Channel Samba : Status 1 messaging rewrite using unix dgm sockets with sendmsg [DONE,4.2] 2 add fd-passing to messaging [DONE,4.2] 3 preparations in internal structures [DONE,4.4] 4 prepare code to cope with multiple channels [DONE,4.4] 5 implement smbd message to pass a tcp socket [DONE,4.4] 6 transfer connection in Negotiate (by ClientGUID) [DONE,4.4] 7 implement session bind [DONE,4.4] 8 implement channel epoch numbers [DONE,4.4] 9 implement interface discovery [DONE(linux/conf),4.4] 10 implement test cases [WIP(isn t it always?... )] 11 implement fd-passing in socket-wrapper [WIP] 12 implement lease break replay [TODO]

Michael Adam SMB3 in Samba (25/44) Multi-Channel Samba : Status 1 messaging rewrite using unix dgm sockets with sendmsg [DONE,4.2] 2 add fd-passing to messaging [DONE,4.2] 3 preparations in internal structures [DONE,4.4] 4 prepare code to cope with multiple channels [DONE,4.4] 5 implement smbd message to pass a tcp socket [DONE,4.4] 6 transfer connection in Negotiate (by ClientGUID) [DONE,4.4] 7 implement session bind [DONE,4.4] 8 implement channel epoch numbers [DONE,4.4] 9 implement interface discovery [DONE(linux/conf),4.4] 10 implement test cases [WIP(isn t it always?... )] 11 implement fd-passing in socket-wrapper [WIP] 12 implement lease break replay [TODO]

Michael Adam SMB3 in Samba (26/44) Multi-Channel Samba : Details from smbxsrv.idl for MSG SMBXSRV CONNECTION PASS t y p e d e f s t r u c t { NTTIME i n i t i a l c o n n e c t t i m e ; GUID c l i e n t g u i d ; hyper s e q l o w ; DATA BLOB n e g o t i a t e r e q u e s t ; } s m b X s r v c o n n e c t i o n p a s s 0 ;

Michael Adam SMB3 in Samba (27/44) Multi-Channel Samba : Details from smbxsrv.idl layering before s m b X s r v s e s s i o n >s m b X s r v c o n n e c t i o n layering now s m b X s r v s e s s i o n >s m b X s r v c l i e n t >s m b X s r v c o n n e c t i o n s

Michael Adam SMB3 in Samba (28/44) Multi-Channel Samba: TODOs Replay lease breaks upon channel failure (server client) teach socket wrapper fd-passing ( selftest...) clustering integration (CTDB)

Multi-Channel Samba : Clustering/CTDB Special considerations channels of one session only to one node! do not bind connections to CTDB public IPs (can move)! add static IPs on public interfaces use these for interface discovery Michael Adam SMB3 in Samba (29/44)

Multi-Channel Samba : Clustering/CTDB Special considerations channels of one session only to one node! do not bind connections to CTDB public IPs (can move)! add static IPs on public interfaces use these for interface discovery Michael Adam SMB3 in Samba (29/44)

Multi-Channel Demo

Outlook: SMB Direct

Michael Adam SMB3 in Samba (32/44) SMB Direct : SMB3 over RDMA Windows/Protocol requires multi-channel start with TCP, bind an RDMA channel SMB Direct: small wrapper protocol to put SMB into RDMA reads and writes use RDMA write/read protocol/metadata via send/receive

Michael Adam SMB3 in Samba (33/44) SMB Direct Samba wireshark dissector: [DONE] Samba: prereq: multi-channel [ess.done] buffer / transport abstractions [WIP] problem with RDMA libraries: not fork safe no fd-passing central RDMA proxy PoC/dev: user space daemon production: kernel module

SMB Direct Samba Michael Adam SMB3 in Samba (34/44)

Outlook: clustering / witness

Michael Adam SMB3 in Samba (36/44) Witness - General New DCE/RPC Service to witness availability of IPs, shares,... Faster fail-over of clients in the cluster Prompt, explicit, and controlled notifications about failures (CTDB tickle-acks are implicit) Available since SMB3 (Windows 8 / Windows Server 2012)

Witness - Failover with SMB3 in a Samba/CTDB cluster Michael Adam SMB3 in Samba (37/44)

Witness - Failover with SMB3 in a Samba/CTDB cluster Michael Adam SMB3 in Samba (37/44)

Witness - Failover with SMB3 in a Samba/CTDB cluster Michael Adam SMB3 in Samba (37/44)

Witness - Failover with SMB3 in a Samba/CTDB cluster Michael Adam SMB3 in Samba (37/44)

Witness - Failover with SMB3 in a Samba/CTDB cluster Michael Adam SMB3 in Samba (37/44)

Witness - Failover with SMB3 in a Samba/CTDB cluster Michael Adam SMB3 in Samba (37/44)

Witness - Failover with SMB3 in a Samba/CTDB cluster Michael Adam SMB3 in Samba (37/44)

Witness - Failover with SMB3 in a Samba/CTDB cluster Michael Adam SMB3 in Samba (37/44)

Witness - Samba Currently under development in Samba PoC implementation available TODO(wip): new async DCE/RPC infrastructure https://wiki.samba.org/index.php/samba3/ SMB2#Witness Notification Protocol WIP branch: https://git.samba.org/?p=gd/samba/.git;a=shortlog; h=refs/heads/master-witness Samba Witness service will cause Windows clients to reconnect... when client admin tool is used when CTDB (or any other cluster resource control manager) moves resources or IP addresses Michael Adam SMB3 in Samba (38/44)

Outlook: persistent handles

Michael Adam SMB3 in Samba (40/44) Persistent File Handles available on Continuously Available SMB3 shares allows disconnected clients to reconnect like durable handles, but with strong guarantees!

Michael Adam SMB3 in Samba (41/44) Persistent Handles : Challenges protocol is easy persistence/guarantees are hard strategies: filesystem spcific generic, with tdb extensions

Wrapping up...

Michael Adam SMB3 in Samba (43/44) What s next? SMB3 Multi-Channel: finishing moves SMB3 Witness service: async RPC SMB3 Persistent Handles / CA SMB3 over RDMA (SMB direct) Multi-Protocol access (NFS, SMB...) SMB2+ Unix Extensions See Jeremy s Talk!

Thanks for your attention! Questions? obnox@samba.org obnox@redhat.com https://git.samba.org/?p=obnox/slides/2016-04-vault.git

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information