% % colors: % _blue_text text_ % _red_text text_ % ==== SMB3 features in Samba ==== <[center] <[columns] [[[.65\textwidth]]] # SMB 3.0 (Win8 / 2012): #* new crypto (sign/encrypt) [4.0] #* secure negotiation [4.0] #* durable handles v2 [4.0] #* persistent file handles [WIP/tracer] #* '''_red_Multi-Channel_''' [WIP+] #* SMB direct [designing/starting] #* cluster features [designing] #** witness [WIP+] #* storage features [WIP] # SMB 3.0.2 (Win8.1 / 2012R2): [master] # SMB 3.1.1 (Win10 / 2014): #* negotiate contexts, preauth: [master] [[[.35\textwidth]]] %<<>> <<>> [columns]> [center]> ==== SMB 3.1 ==== <[block]{implemented} * 3.1.1 dialect * negotiate contexts * preauthentication integrity * encryption improvements (choose cipher) \\ % AES-128-CCM --> AES-128-GCM [block]> <[block]{not implemented} * cluster dialect fencing * cluster client failover v2 (client) [block]> [frame]> <[sambabg] ==== ====[plain] <[center] \Large '''Multi-Channel''' [center]> [frame]> [sambabg]> ==== Multi-Channel - General ==== * bind multiple transport connections to one session * increase throughput and fault tolerance ==== Multi-Channel - Windows/Protocol ==== # establish initial session on TCP connection # find interfaces with interface discovery: \\ % @FSCTL\_QUERY\_NETWORK\_INTERFACE\_INFO@ # bind additional TCP (or RDMA) connection (channel) to established SMB3 session (session bind) # windows: uses connections of same (and best quality) # windows: binds only to a single node # replay / retry mechanisms, epoch numbers ==== Multi-Channel - Samba ==== <[block]{samba/smbd: multi-process} * '''Currently:''' process $\Leftrightarrow$ TCP connection * '''Idea:''' transfer new TPC connection to existing smbd * '''How?''' ==> use fd-passing (sendmsg/recvmsg) * '''When?''' as early as possible, based on client GUID \\ % ==> per client GUID single process model [block]> ==== Multi-Channel - Samba ==== <[center] <<>> [center]> ==== Multi-Channel - Samba ==== # preparation: \\ % messaging rewrite using unix dgm sockets with sendmsg [DONE,4.2] # add fd-passing to messaging [DONE,4.2] # preparations in internal structures [ess.DONE] # implement smbd message to pass a tcp connection [ess.DONE] # transfer connection already in negprot (ClientGUID) [largely DONE] # implement session bind [ess.DONE] # implement channel epoch numbers [WIP] # implement interface discovery [WIP] # implement test case [WIP] ==== @MSG\_SMBXSRV\_CONNECTION\_PASS@ ==== <[block]{from smbXsrv.idl} <[code] typedef struct { NTTIME initial_connect_time; GUID client_guid; hyper seq_low; DATA_BLOB negotiate_request; } smbXsrv_connection_pass0; [code]> [block]> ==== Internal Structures (smbXsrv) ==== <[block]{before} <[code] smbXsrv_session->smbXsrv_connection [code]> [block]> <[block]{after} <[code] smbXsrv_session->smbXsrv_client->smbXsrv_connections [code]> [block]> [frame]> <[sambabg] ==== ====[plain] <[center] \Large shell breakout to browse code/diff [center]> ==== ====[plain] <[center] \Large Multi-Channel Demo [center]> ==== ====[plain] <[center] \Large '''Outlook: SMB Direct''' [center]> [frame]> [sambabg]> ==== SMB Direct (RDMA) ==== * windows: ** requires multi-channel ** start with TCP, bind an RDMA channel ** reads and writes use RDMA write/read ** protocol/metadata via send/receive * wireshark dissector: [DONE] * samba (TODO): ** prereq: multi-channel / fd-passing ** buffer / transport abstractions [TODO] ** _red_problem_: libraries: not fork safe and no fd-passing \\ % ==> central daemon (or kernel module) to serve as RDMA "proxy" ==== SMB Direct (RDMA) - Plan ==== <[center] <<>> [center]> ==== SMB features in Samba ==== <[center] \Large @https://wiki.samba.org/index.php/Samba3/SMB3@ [center]> [frame]> <[sambabg] ==== Thanks for your attention! ====[plain] %\transdissolve <[center] <[columns] [[[.6\textwidth]]] {\Large Questions? --*3em-- @obnox\@samba.org@ --*.5em-- @madam\@redhat.com@ } [[[.3\textwidth]]] <<>> %<<>> [columns]> [center]> [frame]> [sambabg]>