[OpenAFS-devel] AFS with DNS using AFSDB records

Derek Atkins warlord@MIT.EDU
02 May 2001 17:05:56 -0400 

Um, why do you need to perform a DNS lookup on every mountpoint?  That
certainly seems like a PitA.  All you need to do is have the client
execute the equivalent of 'fs newcell' with the DNS information and
then subsequent mountpoints for the same cell will use the
kernel-cached entries.  Then you just need to time-out those entries.

If you're performing a DNS request on every mountpoint then you
have the wrong approach to this problem.

-derek

Jeff Riegel <riegel@almaden.ibm.com> writes:

> Nickolai Zeldovich writes:
> > In user-space I did essentially the same thing (though using res_search
> > instead of manually constructing DNS queries), and for the kernel module,
> > afsd spawns another process that blocks in the kernel waiting for AFSDB
> > lookup requests, performs them in user-space using afsconf_GetCellInfo,
> > and passes the information back into the kernel.
> 
> Your approach sounds cleaner in some ways.  It's definitely nicer to use
> res_search than to manually construct packets.  However, for performance I
> think it's better to do the network I/O in the kernel.  Since a DNS lookup
> is done each time you stat a mount point, there can be a huge number of
> requests (e.g, ls -l on a directory containing user home directories.)
> Does the Linux resolver do caching of DNS records?  My code currently does
> a new DNS lookup each time and always overwrites the existing cell database
> entry.  It should be fairly easy to do internal caching by using the DB
> entry but invalidating it after some reasonable time (a few hours or so.)
> 
> I think the DNS should be more authoritative than the CellServDB, at
> least initially.  This is to allow clients to keep the existing CellServDB
> for cells that have not yet been entered into a name server.  Otherwise,
> clients will end up using the (potentially stale) CellServDB when the
> cell should be resolved by DNS.  Once AFSDB usage becomes widespread,
> it makes sense to make the CellServDB authoritative and prune it to just
> those cells that the administrator wants to override the DNS entries.
> Sounds like it would be useful to implement a way to switch between the
> two behaviors (e.g. nsswitch.conf as Thomas Vincent suggested.)
> 
> Jeff Riegel
> _______________________________________________
> OpenAFS-devel mailing list
> OpenAFS-devel@openafs.org
> https://lists.openafs.org/mailman/listinfo.cgi/openafs-devel

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available