TARGET = $(TARGET_BASE_NAME)
-# IMAGE_MC_V1 = smb3-mc-samba
-# IMAGE_MC_V2 = smb3-mc-samba-v2
-# IMAGE_MC_DAEMONS_N1 = smb3-mc-daemons-n1
-# IMAGE_MC_DAEMONS_N1A = smb3-mc-daemons-n1a
-# IMAGE_MC_DAEMONS_N2 = smb3-mc-daemons-n2
-# IMAGE_MC_DAEMONS_N3 = smb3-mc-daemons-n3
+IMAGE_MC_V1 = smb3-mc-samba
+IMAGE_MC_V2 = smb3-mc-samba-v2
+IMAGE_MC_DAEMONS_N1 = smb3-mc-daemons-n1
+IMAGE_MC_DAEMONS_N1A = smb3-mc-daemons-n1a
+IMAGE_MC_DAEMONS_N2 = smb3-mc-daemons-n2
+IMAGE_MC_DAEMONS_N3 = smb3-mc-daemons-n3
# IMAGE_RDMA_V2 = smb3-rdma-samba-v2
# IMAGE_CTDB_3N = design-ctdb-three-nodes
# IMAGE_CTDB_DAEMONS = ctdb-design-daemons
# IMAGE_SAMBA_LAYERS = samba-layers
# IMAGE_SAMBA_RELEASES = samba-release-stream
#
-# DIAIMAGES_BASE := $(IMAGE_MC_V1) \
-# $(IMAGE_MC_V2) \
-# $(IMAGE_MC_DAEMONS_N1) \
-# $(IMAGE_MC_DAEMONS_N1A) \
-# $(IMAGE_MC_DAEMONS_N2) \
-# $(IMAGE_MC_DAEMONS_N3) \
+DIAIMAGES_BASE := $(IMAGE_MC_V1) \
+ $(IMAGE_MC_V2) \
+ $(IMAGE_MC_DAEMONS_N1) \
+ $(IMAGE_MC_DAEMONS_N1A) \
+ $(IMAGE_MC_DAEMONS_N2) \
+ $(IMAGE_MC_DAEMONS_N3)
# $(IMAGE_RDMA_V2) \
# $(IMAGE_CTDB_3N) \
# $(IMAGE_CTDB_DAEMONS) \
# $(IMAGE_SAMBA_LAYERS) \
# $(IMAGE_SAMBA_RELEASES)
-DIAIMAGES_BASE :=
+#DIAIMAGES_BASE :=
DIAIMAGES := $(foreach image, $(DIAIMAGES_BASE), $(image).dia)
DIAIMAGES_PNG := $(foreach image, $(DIAIMAGES_BASE), $(image).png)
EXTRA_WIKI_FILES = \
intro-history.wiki \
- smb3.wiki
+ smb3.wiki \
+ multichannel.wiki
CMN_DEPS = Makefile $(IMAGES)
==== Enter Samba ... ====
* ... implements SMB ...
-* ... ''old'' Open Source project (similar to Linux) ...
+* ... ''old'' Open Source project ...
* ... opens windows to a wider world ... \smiley
* ...
representing 1,637,229 lines of code"
[block]>
* present on millions of NAS devices and routers
-* one of the oldest OSS projects (older than Windows NT)
-* large codebase and very active development team
+* one of the oldest OSS projects (24 years)
+* large codebase and small but very active development team
==== Samba - History ====
==== Samba - Today ====
-*<1-> Performant, scalable SMB file server \\ %
+* Performant, scalable SMB file server \\ %
==> Ongoing SMB3 implementation
-*<2-> Active Directory domain member with @winbindd@ \\ %
+* Active Directory domain member with @winbindd@ \\ %
==> flexible, performant, clusterable
-*<3-> Full Active Directory Domain Controller \\ %
+* Full Active Directory Domain Controller \\ %
(Kerberos KDC, LDAP, DNS, Trusted Domains, etc) \\ %
"AWS Directory Service" is powered by Samba AD
-*<4-> Established SMB clients for Linux: \\ %
+* Established SMB clients for Linux: \\ %
cifs.ko, libsmbclient (nautilus, dolphin, konqueror)
-*<5-> Comprehensive testsuite \\ %
+* Comprehensive testsuite \\ %
==> wrappers now published outside of Samba: cwrap.org
-*<6-> IDL compiler, autogenerated DCE/RPC code \\ %
+* IDL compiler, autogenerated DCE/RPC code \\ %
==> another 1,141,095 lines of code % wc -l bin/default/{source3,source4,""}/librpc/gen_ndr/{*.c,*.h}
-*<7-> Powerful python(3) bindings, partly autogenerated
+* Powerful python(3) bindings, partly autogenerated
--- /dev/null
+[frame]>
+
+<[sambabg]
+
+==== ====[plain]
+
+<[center]
+\Large
+'''Multi-Channel'''
+[center]>
+
+[frame]>
+[sambabg]>
+
+
+==== Multi-Channel - General ====
+
+<[block]{multiple transport connections in one SMB(3) session}
+* '''channel''': transport connection bound to a session
+* client decides which connections to bind and to use
+* session is valid as long as at least one channel is intact
+[block]>
+
+<[block]{two purposes}
+# increase throughput:
+#* use multiple connections of same type
+# improve fault tolerance:
+#* channel failure: replay/retry detection
+%%#* session is valid as long as one channel is still intact
+[block]>
+
+==== Multi-Channel - General ====
+
+<[block]{use case: channels of different type/quality}
+* use only the channels of best quality
+* fall back to inferior channels if superior ones fail
+* e.g.: laptop switching between WiFi and LAN (?)
+[block]>
+
+==== Multi-Channel - Windows/Protocol ====
+
+# establish initial session on TCP connection
+# find interfaces with interface discovery: \\ %
+@FSCTL\_QUERY\_NETWORK\_INTERFACE\_INFO@
+# bind additional TCP (or later RDMA) connection (channel) to established SMB3 session (''session bind'')
+# Windows: uses connections of same (and best) quality
+# Windows: binds only to a single node
+# replay / retry mechanisms, epoch numbers
+
+==== Multi-Channel $\in$ Samba ====
+
+<[block]{samba/smbd: multi-process}
+* '''Currently:''' process $\Leftrightarrow$ TCP connection
+*<0> '''Idea:''' transfer new TCP connection to existing smbd
+*<0> '''How?''' ==> use fd-passing (sendmsg/recvmsg)
+*<0> '''When?'''
+** ''Natural choice'': at SessionSetup (Bind)
+** !Idea!: as early as possible, based on ClientGUID \\ %
+==> per ClientGUID single process model
+*<0> !But!: This may not work! \frownie
+[block]>
+
+==== Multi-Channel $\in$ Samba ====
+
+<[center]
+<<<smb3-mc-daemons-n1.png,width=.9\textwidth>>>
+[center]>
+
+==== Multi-Channel $\in$ Samba ====
+
+<[block]{samba/smbd: multi-process}
+* '''Currently:''' process $\Leftrightarrow$ TCP connection
+* '''Idea:''' transfer new TCP connection to existing smbd
+*<0> '''How?''' ==> use fd-passing (sendmsg/recvmsg)
+*<0> '''When?'''
+** ''Natural choice'': at SessionSetup (Bind)
+** !Idea!: as early as possible, based on ClientGUID \\ %
+==> per ClientGUID single process model
+*<0> !But!: There may be problems! ... \frownie
+[block]>
+
+
+==== Multi-Channel $\in$ Samba ====
+
+-<1>{
+<[center]
+<<<smb3-mc-daemons-n1a.png,width=.9\textwidth>>>
+[center]>
+}
+
+-<2>{
+<[center]
+<<<smb3-mc-daemons-n2.png,width=.9\textwidth>>>
+[center]>
+}
+
+-<3>{
+<[center]
+<<<smb3-mc-daemons-n3.png,width=.9\textwidth>>>
+[center]>
+}
+
+
+%%%% ==== Multi-Channel $\in$ Samba ====
+%%%%
+%%%% <[block]{samba/smbd: multi-process}
+%%%% * '''Currently:''' process $\Leftrightarrow$ TCP connection
+%%%% * '''Idea:''' transfer new TCP connection to existing smbd
+%%%% * '''How?''' ==> use fd-passing (sendmsg/recvmsg)
+%%%% *<2-> '''When?'''
+%%%% ** ''Natural choice'': at SessionSetup (Bind)
+%%%% ** !Idea!: as early as possible, based on ClientGUID \\ %
+%%%% ==> per ClientGUID single process model
+%%%% *<0> !But!: There may be problems! ... \frownie
+%%%% [block]>
+%%%%
+%%%%
+%%%% ==== Multi-Channel $\in$ Samba : pass by ClientGUID ====
+%%%%
+%%%% <[center]
+%%%% %%<<<smb3-mc-samba_exp.png,height=.9\textheight>>>
+%%%% <<<smb3-mc-samba.png,height=.9\textheight>>>
+%%%% [center]>
+%%%%
+%%%%
+%%%% ==== Multi-Channel $\in$ Samba : pass by ClientGUID ====
+%%%%
+%%%% <[block]{Wait a minute - what about performance?}
+%%%% * Single process...
+%%%% * But we use short-lived worker-pthreads for I/O ops!
+%%%% * Benchmarks and tunings still to be done.
+%%%% [block]>
+%%%%
+%%%% ==== Multi-Channel $\in$ Samba ====
+%%%%
+%%%% <[block]{samba/smbd: multi-process}
+%%%% * '''Currently:''' process $\Leftrightarrow$ TCP connection
+%%%% * '''Idea:''' transfer new TCP connection to existing smbd
+%%%% * '''How?''' ==> use fd-passing (sendmsg/recvmsg)
+%%%% * '''When?'''
+%%%% ** ''Natural choice'': at SessionSetup (Bind)
+%%%% ** ''Idea'': as early as possible, based on ClientGUID \\ %
+%%%% ==> per ClientGUID single process model
+%%%% * !But!: There may be problems! ... \frownie
+%%%% [block]>
+%%%%
+%%%%
+%%%% ==== The Relevance of the ClientGUID ====
+%%%%
+%%%% +<1->{
+%%%% <[block]{Assumption was:}
+%%%% * All channels in a session have the same ClientGUID
+%%%% * The server enforces this
+%%%% [block]>
+%%%% }
+%%%%
+%%%% +<2->{
+%%%% <[block]{Evidence from [MS-SMB2]:}
+%%%% * 3.3.5.9 Receiving an SMB2 CREATE Request:
+%%%% ** sets Open.ClientGuid to Connection.ClientGuid
+%%%% ** replay detection checks \\ %
+%%%% Open.ClientGuid == Connection.ClientGuid
+%%%% * 3.3.5.9.7/12 Durable (v2) Reconnect Create Context:
+%%%% ** check Open.ClientGuid == Connection.ClientGuid
+%%%% [block]>
+%%%% }
+%%%%
+%%%% +<3->{
+%%%% <[block]{The truth is...}
+%%%% The Windows server does not enforce it!
+%%%% [block]>
+%%%% }
+%%%%
+%%%%
+%%%% ==== The Relevance of the ClientGUID ====
+%%%%
+%%%% <[block]{Windows behaviour according to MS}
+%%%% * The server does NOT enforce same ClientGUID in a session.
+%%%% * But clients can be expected to do it.
+%%%% * But it is not explicitly documented like this.
+%%%% [block]>
+%%%%
+%%%% +<2->{
+%%%% <[block]{The good news:}
+%%%% There will be documentation notes:
+%%%% * Things will not work as expected when clients behave differently.
+%%%% * It is OK for a server to enforce equality of ClientGUID within session.
+%%%% [block]>
+%%%% }
+%%%%
+%%%% ==== More digression on ClientGUID : Leases ====
+%%%%
+%%%% <[block]{According to [MS-SMB2]}
+%%%% * Server Global data Structures:
+%%%% ** GlobalLeaseTableList indexed by ClientGuid (3.3.1.5)
+%%%% *** LeaseTable indexed by LeaseKey (3.3.1.11)
+%%%% * Requesting a lease (3.3.1.4):
+%%%% ** Object store takes an abstract ClientLeaseId
+%%%% *** Win7: combination of ClientGuid and LeaseKey
+%%%% *** Win8+: LeaseKey
+%%%% * Object store indicates a lease break (3.3.4.7):
+%%%% ** smb server uses ClientGuid and LeaseKey given by ObjectStore
+%%%%
+%%%% ==> !Inconsistent\! -- What to do?!
+%%%% [block]>
+%%%%
+%%%%
+%%%% ==== Multi-Channel $\in$ Samba : pass by SessionID (plan B) ====
+%%%%
+%%%% <[center]
+%%%% <<<smb3-mc-samba-v2.png,height=.9\textheight>>>
+%%%% [center]>
+
+
+==== Multi-Channel $\in$ Samba : Status ====
+
++<2->{
+# messaging rewrite using unix dgm sockets with sendmsg [DONE,4.2]
+# add fd-passing to messaging [DONE,4.2]
+# preparations in internal structures [DONE,4.4]
+# prepare code to cope with multiple channels [DONE,4.4]
+# implement smbd message to pass a tcp socket [DONE,4.4]
+# transfer connection in Negotiate (by ClientGUID) [DONE,4.4]
+# implement session bind [DONE,4.4]
+# implement channel epoch numbers [DONE,4.4]
+# implement interface discovery [DONE(linux/conf),4.4]
+# implement test cases [WIP(isn't it always?... $\smiley$)]
+# implement fd-passing in socket-wrapper [WIP]
+# implement lease break replay [TODO]
+}
+
+%%% ==== Multi-Channel $\in$ Samba : Status ====
+%%%
+%%% <[block]{WIP code}
+%%% * @git://git.samba.org/obnox/samba/samba-obnox.git@
+%%% * branch: @master-multi-channel-obnox@
+%%% [block]>
+
+
+==== Multi-Channel $\in$ Samba: TODOs ====
+
+* Replay lease breaks upon channel failure (server $\rightarrow$ client)
+* teach socket\_wrapper fd-passing ( ==> selftest...)
+* clustering integration (CTDB)
+
+==== Multi-Channel $\in$ Samba : Clustering/CTDB ====
+
++<2->{
+<[block]{Special considerations}
+* channels of one session only to one node !
+* do not bind connections to CTDB public IPs (can move)!
+* ==> !add static IPs on public interfaces! \\ %
+use these for interface discovery
+[block]>
+}
+
+
+==== Multi-Channel $\in$ Samba : Details from @smbXsrv.idl@ ====
+%%==== @MSG\_SMBXSRV\_CONNECTION\_PASS@ ====
+
+<[block]{for @MSG\_SMBXSRV\_CONNECTION\_PASS@}
+<[code]
+typedef struct {
+ NTTIME initial_connect_time;
+ GUID client_guid;
+ hyper seq_low;
+ DATA_BLOB negotiate_request;
+} smbXsrv_connection_pass0;
+[code]>
+[block]>
+
+%%==== Internal Structures (@smbXsrv.idl@) ====
+==== Multi-Channel $\in$ Samba : Details from @smbXsrv.idl@ ====
+
+
+<[block]{layering before}
+<[code]
+smbXsrv_session
+ ->smbXsrv_connection
+[code]>
+[block]>
+
+<[block]{layering now}
+<[code]
+smbXsrv_session
+ ->smbXsrv_client
+ ->smbXsrv_connections
+[code]>
+[block]>
+
+
+[frame]>
+
+<[sambabg]
+
+
+==== ====[plain]
+
+<[center]
+\Large
+Multi-Channel Demo
+[center]>
+
+[frame]>
+[sambabg]>
** SMB direct [designed/starting]
** cluster features [designing]
*** witness [WIP+]
+* SMB 3.0.2: [4.3]
* SMB 3.1.1:
-** basic support [4.3]
+** negotiate contexts, preauth: [4.3]
-==== Witness - General ====
-
-New DCE/RPC Service to “witness” availability of other services, in particular SMB3 connections
-* Prompt and explicit notifications about failures in highly available systems
-* Allows Continuous Availability of SMB shares in clustered environments (together with persistent handles)
-* Controlled way of dealing with reconnects instead of detecting failures due to timeouts
-* Available since SMB3 (Windows 8 / Windows Server 2012)
-* More advanced failover mechanism than Tickle-ACK that is used within CTDB
-
-%%% ==== Witness - Failover with SMB3 in a Samba/CTDB cluster ====
-%%%
-%%% -<1>{
-%%% <[center]
-%%% <<<design-ctdb-three-nodes-with-witness-step0.png, width=.95\textwidth>>>
-%%% [center]>
-%%% }
-%%%
-%%% -<2>{
-%%% <[center]
-%%% <<<design-ctdb-three-nodes-with-witness-step1.png, width=.95\textwidth>>>
-%%% [center]>
-%%% }
-%%%
-%%% -<3>{
-%%% <[center]
-%%% <<<design-ctdb-three-nodes-with-witness-step2a.png, width=.95\textwidth>>>
-%%% [center]>
-%%% }
-%%%
-%%% -<4>{
-%%% <[center]
-%%% <<<design-ctdb-three-nodes-with-witness-step2b.png, width=.95\textwidth>>>
-%%% [center]>
-%%% }
-%%%
-%%% -<5>{
-%%% <[center]
-%%% <<<design-ctdb-three-nodes-with-witness-step3a.png, width=.95\textwidth>>>
-%%% [center]>
-%%% }
-%%%
-%%% -<6>{
-%%% <[center]
-%%% <<<design-ctdb-three-nodes-with-witness-step3b.png, width=.95\textwidth>>>
-%%% [center]>
-%%% }
-%%%
-%%% -<7>{
-%%% <[center]
-%%% <<<design-ctdb-three-nodes-with-witness-step4.png, width=.95\textwidth>>>
-%%% [center]>
-%%% }
-%%%
-%%% -<8>{
-%%% <[center]
-%%% <<<design-ctdb-three-nodes-with-witness-step5.png, width=.95\textwidth>>>
-%%% [center]>
-%%% }
-
-==== Witness - Samba ====
-
-Currently under development in Samba
-* PoC implementation available
-* Currently on hold until new DCE/RPC async infrastructure is available
-* {\footnotesize @https://wiki.samba.org/index.php/Samba3/ \\ %
- SMB2\#Witness\_Notification\_Protocol@}
-* WIP branch: \\ %
- {\footnotesize @https://git.samba.org/?p=gd/samba/.git;a=shortlog; \\ %
- h=refs/heads/master-witness@}
-
-Samba Witness service will cause Windows clients to reconnect:
-* when client admin tool is used
-* when CTDB (or any other cluster resource control manager) moves resources or IP addresses
-
-==== What's next ? ====
-
-* SMB3 Multichannel (in Samba 4.4)
-* SMB3 DCE/RPC Witness service
-* SMB3 Persistent Handles / CA
-* SMB Direct (SMB3 over RDMA)
-* Multi-Protocol access (NFS,SMB...)
-* SMB2+ Unix Extensions
git.samba.org / obnox / slides / 2016-04-vault.git / commitdiff