[OpenAFS] Evaluating AFS for in house use, RFCs...

ted creedon tcreedon@easystreet.com
Fri, 03 Feb 2006 08:29:08 -0800

How do RoadWarriors share SMB drives from their laptops if they're not 
using a VPN?

Leaving Microsoft ports open thru a firewall is an invitation to disaster.

Who backups the users shared drives? Particularly if there is a 
corporate records retention policy required by Sarbanes-Oxley.

Look at the Morgan Stanley presentation from 2004 for a large corporate 
OpenAFS installation.

I'd recommend making AFS available to those who want it and let the 
users vote with their feet.


Jeffrey Altman wrote:
>Volker Lendecke wrote:
>>On Fri, Feb 03, 2006 at 10:37:17AM -0500, Jeffrey Altman wrote:
>>>Theoretically, Samba could implement those IOCTL operations and then
>>>use the OpenAFS for Windows command line tools and AFS Shell Extension
>>>to communicate with the Samba server.  That is in fact how Windows 3.1
>>Tried to implement that, doesn't work. The windows redirector does not allow
>>arbitrary ioctls to pass over smb over tcp, it's only ones that it likes.
>You can't use Microsoft's ioctl mechanism.  You have to define your own.
>An OAFW ioctl is a special file name that is treated as a communication
>between the client and the server instead of as an access path to a
>>I'd be happy though to be proven wrong, I think installing just some user space
>>utilities for administration definitely has benefits over having to install
>>kernel-mode ifs drivers. If you tell me how I get the AFS ioctls across to
>>Samba I might be tempted to implement the server side.... :-)
>Note that OAFW does not currently have any kernel mode IFS drivers.  It
>is entirely user mode.  However, using IFS instead of SMB has been shown
>to improve performance 10 times.  Even over localhost, SMB is a serious
>performance hit.
>Jeffrey Altman