Share via

NFS over Distributed File System

  • Article

What is DFS?

1) Group shared folders located on different servers by transparently connecting them to one or more DFS namespaces

2) DFS Namespace: Virtual view of shared folders

3) Using the DFS tools, an administrator selects which shared folders to present in the namespace, designs the hierarchy in which those folders appear, and determines the names that the shared folders show in the namespace. When a user views the namespace, the folders appear to reside on a single, high-capacity hard disk. Users can navigate the namespace without needing to know the server names or shared folders hosting the data

Distributed file system or network file system is any file system that allows access to files from multiple hosts sharing via a computer network. This makes it possible for multiple users on multiple machines to share files and storage resources.

DFS Namespaces is the new name in R2 for one component of the Distributed File System (DFS) in Windows Server 2003 and lets you create a single virtual tree of shared folders that maps to actual (physical) shared folders located on multiple different file servers. Using DFS Namespaces lets you consolidate shared resources on your network into a single virtual resource that can be browsed and accessed easily by clients regardless of where the actual shared resources are located

Unlike gateway for NFS User name mapping can still be used over here to make the scenario secure. But we need to specify the mapping mechanism (server name) on each and every client.

Benefits of DFS

1) Simplified data migration: can move data at background without reconfigure applications and shortcuts and without needing to reeducate users about where they can find their data

2) Increased availability of file server data: failover

3) Security integration: file and folder security is enforced by existing the NTFS file system and shared folder permissions on each target

4) Increasing Data Availability: using FRS

Benefits of NFS

1) Cross platform Data sharing ( file system independent)

2) Machine based access ( Security)

3) Simple to implement ( widely used)

4) Open standard ( RFC 1813) for NFS version 3

5) Completely transparent to the file system ( can manage large database)

6) Security integrated with NTFS: makes more secured NFS resource

DFS Dependencies

DFS has the following dependencies:

  • Active Directory replication. Domain-based DFS requires that Active Directory replication is working properly so that the DFS object resides on all domain controllers in the domain.
  • Server Message Block (SMB). Clients must access DFS root servers by using the SMB protocol.
  • Network File system (NFS). Clients must access DFS root Server and then using Client for NFS can access NFS share

dfs1

  • Remote Procedure Call (RPC) service and Remote Procedure Call Locater service. The DFS tools use RPC to communicate with the DFS service running on DFS root servers.
  • Distributed File System service dependencies. The Distributed File System service must be running on all DFS root servers and domain controllers so that DFS can work properly. 

DFS Picture

 

DFS2

Important components for client, root server and domain controller from architecture prospective

Client

=========

Domain cache: domain name referrals and domain controller referrals that is stored in memory on each client computer. Also called SPC cache

Mrxsmb.sys: Handles communications to the root servers, domain controllers, and Windows-based file servers that use the CIFS protocol (redirector)

Mup.sys: redirector which helps to access the UNC path. If the UNC name is a DFS path, Mup.sys resolves it to the physical UNC path. After the path is resolved, or if the path was not a DFS path, Mup.sys determines the local redirector that handles the UNC path.

Referral cache: stores the cache of link referrals when accessed by dfs. Stored in mup.sys

Sever

===========

Active directory: The one which stores dfs metadata.

Srv.sys: smb driver. Passes on referral requests from DFS clients to Dfs.sys.

Dfs.sys: The DFS driver

Dfssvc.exe: The DFS service. Provides server-side support for NetDFSxxx APIs that configures and maintains DFS namespaces. The DFS service is also responsible for maintaining an up-to-date version of the DFS metadata and for giving referrals to clients who attempt to access the namespace

DFS metadata cache: DFS metadata consists of information about entire namespace, including the root, root targets, links, link targets, and settings.

DFS-Related Architecture on Domain Controllers

dfs3

Steps to configure NFS over DFS:

    1. 1. Install the DFS components.

dfs3

 

    1. Install the Client for NFS components
    2. In case, we are not doing replication we need to install only the first two components

dfs4

 

 

 

 

 

 

 

 

 

 

 

 

            

         4. Once done, open DFS management and right click on namespace è New namespace

dfs6

 

 

    1. Follow the namespace wizard. Select the namespace server. In this example the local machine is the name space server

dfs7

           

 

 

 

 

 

 

 

            6.You can click on edit settings and give access accordingly on the DFS folder. This permission would imply on the DFS folder and not on the shared resource.

dfs8

 

 

 

 

 

 

 

 

 

 

 

 

  

 7. Based on the requirement you can create different type of namespace.

dfs9

8. Please find information below on different type of namespaces:

Stand Alone DFS

· Namespace is accessed by servername \\ServerName\RootName

· dfs metadata: stored in registry: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfs\Roots\Standalone.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfs\Roots\Standalone.

· DFS administrators must be members of the local Administrators group on the local server to create or delete stand-alone namespaces, to create link targets

· Availability: A stand-alone DFS root has only one root target. Stand-alone roots are not fault tolerant; when the root target is unavailable, the entire DFS namespace is inaccessible. You can make stand-alone DFS roots fault tolerant by creating them on server clusters.

· In case of standalone User Name mapping would be preferred ( In case of Vista onwards ADLDS would be preferred)

Domain based DFS root

· Namespace is accessed by \\NetbiosDomainName\RootName( You can run ‘set u’ from command prompt to get the net bios name)

     \\DNSDomainName\RootName

· In Active Directory. Also stored in a memory cache on the root server

Active directory location: 

dfs10

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Also in registry: KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Dfs\Roots\Domain

Does not have metadata….but picks the path of domain root servers…contacts PDC

 

· DFS administrators must be members of the Domain Admins group to create or delete domain-based namespaces or have delegated permissions to the DFS-Container object in Active Directory

· Availability: Create multiple root targets in the same domain.

· Domain based DFS è ADlookup is preferred for user authentication

    1. Once done you will get the summary page, Click on è create

dfs11

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

    1. Now you can make different type of shared resources available inside namespaces. In this example we are mounting a NFS share.( for this we need client for NFS to be installed)
    2. Right click on Namespaces è New folder; Put the folder name and click on add; Then give the path to the NFS share

dfs12

 

 

 

 

 

 

 

 

 

 

 

 

 

 

  

   

dfs13

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

NFS resource over DFS has been created successfully. Now you can access the NFS share from other windows clients (you would also require Client for NFS to be installed on those machines)

To access the share put in the \\namespace server name\folder name

 

In case you don’t have Clients for NFS installed on the windows machine then you will get the following error:

dfs14