The Making of NFSv4

SAN FRANCISCO (04/28/2000) - Depending on whom you ask, the name of the inveterate Network File System (NFS) might really be Nightmare File System, because of its poor performance, or No File Security, because of its poor security. But all that is about to change. With improved performance, security, interoperability, and Internet access, NFS version 4 is out to silence the critics for good.

According to Bev Crair, engineering manager at Sun Microsystems Inc., NFSv4 accommodates compound operations (sending multiple commands to the server at one time), provides an aggressive caching mechanism, offers increased internationalization for names and protocol strings, and, for the first time, allows for file attributes.

Herb Hensdorf, group product marketing manager at Sun, adds that, in addition to these new capabilities, NFSv4 will be compatible with the vast majority of existing NFS systems.

NFS has been the de facto file-sharing standard since its introduction in the mid-1980s. Sun intended to make NFS an Internet Engineering Task Force (IETF) standard before the work on NFSv4 was underway, but delays arose. The specification was recently turned in to the IETF as a proposed standard, and should become a draft standard by August.

When it becomes a standard, a second reference implementation will be needed. A Sun-funded University of Michigan project will do two things: create the necessary second reference implementation, and improve the Linux implementation of NFS, which, according to Linux developers, could stand a great deal of improvement.

NFS on Linux

Sun's funding of the NFS version 4 Open Source Reference Implementation for Linux should help NFS's bad reputation, just as the version 4 specification should improve NFS itself. However, the Linux community, whose relationship with Sun can only be described as rocky, has responded to Sun's recent announcements with guarded enthusiasm. Eric S. Raymond, a key figure in the open source movement, has called into question the source license under which a key component of NFSv4, the Transport Independent Remote Procedure Call (TI-RPC), is being released. Still, Jonathan Corbet, an editor at the Linux Weekly News, welcomes the open nature of the license and calls it "a step in the right direction."

NFS, past and future

The Linux NFS version 4 Open Source Reference Implementation development effort will be led by William Andros "Andy" Adamson, assistant director for product development at the Center for Information Technology Integration (CITI) at the University of Michigan. Adamson emphasizes that CITI's Linux modifications will be open source, and that all CITI code derived from work done under the GNU General Public License (GPL) will be released under the GPL. Otherwise, he says, code produced at the University of Michigan is usually released under a Berkeley Software Distribution (BSD)-like license, which, unlike the GPL, doesn't require that modified and redistributed code be issued under the same license agreement as the original.

According to Peter Honeyman, the director of CITI, the promise of NFSv4 is its ability to access files from all over the Internet as easily as you access the files on your LAN.

"Right now, there are about a dozen Internet file sites, [such as] and Riverfront Software," said Crair. "Pac Bell is offering 100 MB of free file space. Typically, to take advantage of that, you have to use HTTP or FTP -- and it's not true file sharing. You've got download and scalability issues, you have potential security and reliability issues. A full implementation of NFSv4 is going to assist those Internet file site companies to create much more effective file sharing software, so that you'll be able to get true Internet file sharing on a business-to-business basis as well."

Additional benefits, according to Honeyman, include an implementation of global namespaces. "Anyone ... can get to the parts of my home directory that I've made available. [This] will be superior to the namespaces we use today, which are URLs [and] which are sucking badly. You can tell a physicist designed this stuff," he joked, referring to World Wide Web inventor Tim Berners-Lee.

According to Honeyman, the NFSv4 server, unlike its predecessors, will keep track of which users have a file, and contact them only when a change has been made to the original instead of, in effect, keeping the connection open all of the time.

Crair says that, in addition to using compound operations to streamline the NFS process, NFSv4 will be using client-side caching, or delegation. "When you open a file, the client can request a delegation, and the server can delegate responsibility for managing the file to the client itself. So the file does all its manipulations to the file locally and cedes responsibility back to the server when it's done."

According to Adamson, version 4 will use a combination of delegation and locking to ensure better consistency. Scalability will be improved, and the security model will add support for Generic Security Services (GSS). With the RPC security protocol (RPCSEC_GSS), users will be able to plug in security technologies such as Kerberos or Public Keys, so that requests and replies can be authenticated to eliminate the possibility of spoofing.

Coda: The deep thought of filesystems?

If consistency, security, and scalability already exist in such filesystems as AFS and Coda, why don't we switch to one of these systems instead of waiting around for NFS to become secure and quick a year or two from now? Peter Honeyman, the director of CITI, admits that AFS is superior to NFSv3, but both Honeyman and Peter Braam of Carnegie Mellon University agree that, with version 4, NFS has finally caught up with AFS and Coda in the important area of security.

Honeyman opined that the reason Coda hasn't enjoyed wider deployment probably has less to do with quality and more to do with lack of money, corporate presence, and backing. "The expense of deploying a new system and the lack of an official support organization probably contribute to the slow pace of Coda adoption as well," he said.

Braam agrees that all of these things are issues, and adds, "If there were 10 more developers for Coda, things would move forward much more rapidly."

Although Braam has nothing but good things to say for Coda's design and is, in fact, basing Intermezzo on many of the ideas in Coda, he told SunWorld that Coda has its own problems. "Parts of [Coda] were designed in 1982, and nobody predicted then that we'd have 50 GB drives." This leads to problems with scalability, for example -- which Braam hopes to overcome with Intermezzo.

NFS's simplicity, while resulting in what Braam calls a lack of vision, may be its saving grace because it has given the protocol a longer lifespan. "NFS has shortcomings in its vision, but it did win, and did become the standard filesystem," he said.

Braam is considering making Intermezzo IETF NFSv4-compliant with hopes that it might encourage the wide adoption of his lightweight, Coda-like filesystem in the future.

According to Crair, "the RPCSEC_GSS API allows you to plug in different security flavors, like Kerberos or LIPKEY or others, in the context of RPC."

This is the code that is now open source.

Dave Dittrich, a security expert who works as a software engineer for the University of Washington, says the modularity Crair describes can only be a really good thing. These improvements to NFSv4 will finally bring NFS into the same league as filesystems like Coda or the Andrew File System (AFS).

But Peter Braam, who has worked on both the Coda and AFS projects at Carnegie Mellon University, as well as on a new CMU filesystem project called Intermezzo, doesn't see the future of NFS as being quite that rosy. While Braam acknowledges that NFSv4 will be faster, and have much better security, it won't be able to solve all of the problems inherent in NFS, which include latencies and the inability to function over extremely low bandwidth. "These problems would still remain," Braam says. "[Version 4] is a good improvement, but it's still very much NFS."

Another Linux first

The IETF standard for NFSv4 might be formalized as early as the second half of this year. While any real implementations can only be started once the standard is nailed down, several companies, including Hummingbird, IBM, and Network Appliance, are already working on their own reference implementations.

As with the Trillian port of Linux to the Intel Itanium processor (formerly known as Merced -- see Resources for more information), this seems to be another sign that Linux is growing up. It may also be a sign that Sun is taking Linux and open source seriously, and is on its way towards mending its fractured relationship with the community.

About the author

J.S. Kelly is a freelance writer who lives in the San Francisco Bay Area.