[OpenAFS] OpenAFS for Windows IFS Status

Jeffrey Altman jaltman@your-file-system.com
Sat, 03 Sep 2011 14:44:41 -0400 

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig7C9882B828D059EF8EBC7FFE
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 9/3/2011 11:01 AM, Lars Schimmer wrote:
> Hi!
>=20
> Due to the outstanding Windows 7 bug annoying us very deeply, we search=

> for a solution to this problem.

The solution to the Windows 7 bug is the OpenAFS for Windows client with
native installable file system driver which will be released as the
1.7.x development series.

Now that 1.6.0 has finally been released work will begin on creating the
openafs-devel-1_7_x branch from which the IFS windows client will be
issued.  The first official release from OpenAFS.org will be 1.7.1.  I
am hoping that we will be able to release on or around the 15th of Sept.

The IFS client will bring some significant changes from the SMB client.

No Loopback Adapter
-------------------

Now that a native IFS driver (afsredir.sys / afsredirlib.sys) is used,
there is no need to install the Microsoft Loopback Adapter.  Sites that
have experienced problems due to the 10.254.254.253 address registration
on multiple machines will be able to remove or disable the adapter once
and for all.

No Delays After a Resume
------------------------

Windows Vista and 7 shutdown the network stack when the machine is
suspended.  This causes problems when the machine resumes because the
network path to \\AFS is not immediately accessible.  This is no longer
an issue with the IFS driver.

No "AFS" server name collisions
-------------------------------

It is now possible to add a machine named "AFS" to domain or subnet
without breaking the OpenAFS for Windows client.

Performance Improvements
------------------------

The transaction rate and throughput performance of the SMB client was
limited by the "SMB client <-> loopback <-> SMB server" performance:
54MB/sec maximum on 32-bit systems and 63MB/sec on 64-bit systems.  The
IFS client is capable of throughput rates to/from cache up to 800MB/sec
depending on the system I/O bus and backing store capabilities.

Symlinks to UNC Paths permit a cohesive name space
--------------------------------------------------

It has always been possible to create reparse points in MS DFS that
refer to \\AFS paths.  It is now possible to create symlinks in AFS
that refer to arbitrary UNC paths.  This permits the construction of
a cohesive name space that spans across both AFS and DFS storage.

Reparse Points
--------------

AFS Mount Points and Symlinks are exported by the file system
as Windows reparse points with a Microsoft assigned tag value.
Tools that are OpenAFS reparse point aware can create, query
and remove AFS symlinks and mount points without requiring knowledge
of AFS pioctls.  The explorer shell will be able to delete a mount
point or symlink as part of a recursive directory tree removal without
crossing into the reparse point target.

AFS Volumes are Windows File Systems
------------------------------------

Each AFS volume is represented in the Windows kernel as a distinct
file system.  This will permit AFS volume quotas to viewed as
Windows file system quotas.


Authentication Groups
---------------------

AFS Tokens are associated with Windows user names in the SMB client.
With the IFS client, tokens are associated with Authentication Groups.
By default, an authentication group is allocated for each User SID
and Logon Session Id combination.  In addition, it is possible for
processes to create additional Authentication Groups.  Each thread in
a process can select an Authentication Group within the process as the
active Authentication Group.  This will permit AFS aware IIS modules
to associate AFS credentials with a particular incoming request.  An
IIS implementation of File Drawers will be the preferred implementation
once it is developed.

One of the significant benefits of Authentication Groups within the
Windows environment is that Windows services (svchost.exe, csrss.exe,
etc.) which impersonate user processes will seamlessly gain access
to the user's AFS credentials for the lifetime of the impersonation.


Explorer Shell Integration
--------------------------

The AFS Explorer Shell integration will gain support for symlink
and mount point overlay icons, tool tips, and Property dialog pages
that replace many of the existing AFS Context Menu dialogs.


Jeffrey Altman


--------------enig7C9882B828D059EF8EBC7FFE
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)

iQEcBAEBAgAGBQJOYnWbAAoJENxm1CNJffh4hdIH/1CL5lOD4fLaeYdYuSsZrnvB
U/Rwi/q02avukdA2kNcT9kPQfmA39bPSB5IGOeUnfSd5mJb4HJnclS1Nu4iV6K7Q
k53LSuRtAmDCpjfqsj5Oo35l7pVr84ODb6NOi+oTssrMM97HqkJfwLEYfKkeYGp/
AMJZzs2CC29il+fnYaxlNQT1DOkBA+rhVBrOKp6TppDbGWBzF9757A+jD3ggeHWI
DmhMfKrecQZJwEdUV1CTiJWgEI/0X/mF5p/tiCp4o8puP+odmNUdyfuQObU1rWKV
tAgbURevDm9psahN1xPFKy+brvrGQuBSRPDZN+Uscps6HoA2kAgILiHTthiVLSU=
=WUs0
-----END PGP SIGNATURE-----

--------------enig7C9882B828D059EF8EBC7FFE--