[Bulk] Re: [OpenAFS] Evaluating AFS for in house use, RFCs...

Leroy Tennison leroy_tennison@prodigy.net
Sat, 04 Feb 2006 04:03:21 -0600 

ted creedon wrote:

> How do RoadWarriors share SMB drives from their laptops if they're not 
> using a VPN?
>
> Leaving Microsoft ports open thru a firewall is an invitation to 
> disaster.
>
> Who backups the users shared drives? Particularly if there is a 
> corporate records retention policy required by Sarbanes-Oxley.
>
> Look at the Morgan Stanley presentation from 2004 for a large 
> corporate OpenAFS installation.
>
> I'd recommend making AFS available to those who want it and let the 
> users vote with their feet.
>
> tedc
>
> Jeffrey Altman wrote:
>
>> Volker Lendecke wrote:
>>  
>>
>>> On Fri, Feb 03, 2006 at 10:37:17AM -0500, Jeffrey Altman wrote:
>>>   
>>>
>>>> Theoretically, Samba could implement those IOCTL operations and then
>>>> use the OpenAFS for Windows command line tools and AFS Shell Extension
>>>> to communicate with the Samba server.  That is in fact how Windows 3.1
>>>>      
>>>
>>> Tried to implement that, doesn't work. The windows redirector does 
>>> not allow
>>> arbitrary ioctls to pass over smb over tcp, it's only ones that it 
>>> likes.
>>>    
>>
>>
>> You can't use Microsoft's ioctl mechanism.  You have to define your own.
>> An OAFW ioctl is a special file name that is treated as a communication
>> between the client and the server instead of as an access path to a
>> file/directory.
>>
>>  
>>
>>> I'd be happy though to be proven wrong, I think installing just some 
>>> user space
>>> utilities for administration definitely has benefits over having to 
>>> install
>>> kernel-mode ifs drivers. If you tell me how I get the AFS ioctls 
>>> across to
>>> Samba I might be tempted to implement the server side.... :-)
>>>    
>>
>>
>> Note that OAFW does not currently have any kernel mode IFS drivers.  It
>> is entirely user mode.  However, using IFS instead of SMB has been shown
>> to improve performance 10 times.  Even over localhost, SMB is a serious
>> performance hit.
>>
>> Jeffrey Altman
>>
>>
>>  
>
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info
>
I'm not sure whether the RoadWarriors comment is a genuine question or a 
point being made with a question but I recently heard of an alternative 
to opening the firewall to Microsoft which some may find useful.  A 
variant of VNC called Ultra VNC allows file transfer - just a thought.