DFS Replication A client implementation for Samba. Samuel Cabrero SUSE Labs Samba team

Similar documents
[MS-FRS2]: Distributed File System Replication Protocol. Intellectual Property Rights Notice for Open Specifications Documentation

CIS-331 Spring 2016 Exam 1 Name: Total of 109 Points Version 1

CIS-331 Final Exam Spring 2018 Total of 120 Points. Version 1

CIS-331 Exam 2 Fall 2015 Total of 105 Points Version 1

CIS-331 Exam 2 Spring 2016 Total of 110 Points Version 1

The cache is 4-way set associative, with 4-byte blocks, and 16 total lines

No Trade Secrets. Microsoft does not claim any trade secret rights in this documentation.

CIS-331 Fall 2013 Exam 1 Name: Total of 120 Points Version 1

[MS-FSSHTTPD]: Binary Data Format for File Synchronization via SOAP. Intellectual Property Rights Notice for Open Specifications Documentation

CIS-331 Final Exam Spring 2015 Total of 115 Points. Version 1

Active Directory Replicationm

4. Specifications and Additional Information

CIS-331 Fall 2014 Exam 1 Name: Total of 109 Points Version 1

CIS-331 Exam 2 Fall 2014 Total of 105 Points. Version 1

C1098 JPEG Module User Manual

TLS 1.2 Protocol Execution Transcript

Dfs Replication Schema Version 30 Not Supported

Communications guide. Line Distance Protection System * F1* GE Digital Energy. Title page

Active Directory trust relationships

CIS-331 Final Exam Fall 2015 Total of 120 Points. Version 1

Advanced Operating Systems

UNH-IOL MIPI Alliance Test Program

Jason Manley. Internal presentation: Operation overview and drill-down October 2007

Implementing Persistent Handles in Samba. Ralph Böhme, Samba Team, SerNet

6. Specifications & Additional Information

CSN08101 Digital Forensics. Module Leader: Dr Gordon Russell Lecturers: Robert Ludwiniak

[MS-FSMOD-Diff]: File Services Management Protocols Overview. Intellectual Property Rights Notice for Open Specifications Documentation

APPLESHARE PC UPDATE INTERNATIONAL SUPPORT IN APPLESHARE PC

CS 537: Introduction to Operating Systems Fall 2015: Midterm Exam #1

Fundamentals of Cryptography

Vorlesung Computerforensik. Kapitel 7: NTFS-Analyse

ENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel

CSE 444: Database Internals. Lecture 25 Replication

Integrating OpenLDAP and Samba Active Directory in Univention Corporate Server

ZN-DN312XE-M Quick User Guide

RTP. Prof. C. Noronha RTP. Real-Time Transport Protocol RFC 1889

Gateway Ascii Command Protocol

10. Replication. CSEP 545 Transaction Processing Philip A. Bernstein Sameh Elnikety. Copyright 2012 Philip A. Bernstein

SMB 2.1 & SMB 3 Protocol features, Status, Architecture, Implementation. Gordon Ross Nexenta Systems, Inc.

KNX TinySerial 810. Communication Protocol. WEINZIERL ENGINEERING GmbH

A new DCERPC infrastructure for Samba

ECHO Process Instrumentation, Inc. Modbus RS485 Module. Operating Instructions. Version 1.0 June 2010

B: Modbus Map and Retrieving Logs

Technical Specification. Third Party Control Protocol. AV Revolution

File Layout and Directories

Efficiently Backing up Terabytes of Data with pgbackrest. David Steele

A new DCERPC infrastructure for Samba

Manual Ntp Update Windows 2008 R2 Domain Controller Time

Google File System 2

Here is a C function that will print a selected block of bytes from such a memory block, using an array-based view of the necessary logic:

Chapter 10: Case Studies. So what happens in a real operating system?

RS 232 PINOUTS. 1. We use RJ12 for all of our RS232 interfaces (Link-2-Modbus & Link-2-PC- Serial/RS232). The diagram below shows our pin out.

CPE 448 Exam #2 (50 pts) April Name Class: 448

6.1 Font Types. Font Types

PostgreSQL Replication 2.0

10. Replication. CSEP 545 Transaction Processing Philip A. Bernstein. Copyright 2003 Philip A. Bernstein. Outline

Maintaining the NDS Database

Running And Troubleshooting A Samba/CTDB Cluster. A Tutorial At sambaxp 2011

INF-5360 Presentation

Electronic Payment Systems (1) E-cash

Project 3: An Introduction to File Systems. COP 4610 / CGS 5765 Principles of Operating Systems

Linearizability CMPT 401. Sequential Consistency. Passive Replication

Troubleshooting Communication in WebSphere MQ

Clustered Samba Challenges and Directions. SDC 2016 Santa Clara

July Registration of a Cyrillic Character Set. Status of this Memo

Virtualization Technique For Replica Synchronization

Distributed Information Processing

Active Directory Force Replication Command Line 2003

Digital Lighting Systems, Inc.

SMB2 and SMB3 in Samba: Durable File Handles and Beyond. sambaxp 2012

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced. Chapter 7: Advanced File System Management

PushyDB. Jeff Chan, Kenny Lam, Nils Molina, Oliver Song {jeffchan, kennylam, molina,

DBK24. Isolated Digital Output Chassis. Overview

MS-FSSHTTP. Simon Clarke, SharePoint/OneDrive

CS161 Midterm Exam Spring 2006

EDR Report Information

Why distributed databases suck, and what to do about it. Do you want a database that goes down or one that serves wrong data?"

Last Class: RPCs and RMI. Today: Communication Issues

Tutorial 8 Build resilient, responsive and scalable web applications with SocketPro

CS /15/16. Paul Krzyzanowski 1. Question 1. Distributed Systems 2016 Exam 2 Review. Question 3. Question 2. Question 5.

Chapter 11: Implementing File Systems

Digital Lighting Systems, Inc. CD400-DMX DMX512 Four Channel Dimmer and Switch module

[MS-OXCRPC]: Wire Format Protocol Specification

Interested in learning more? Global Information Assurance Certification Paper. Copyright SANS Institute Author Retains Full Rights

Ceph Block Devices: A Deep Dive. Josh Durgin RBD Lead June 24, 2015

ACMS: The Akamai Configuration Management System. A. Sherman, P. H. Lisiecki, A. Berkheimer, and J. Wein

6.1 Combinational Circuits. George Boole ( ) Claude Shannon ( )

Remote Procedure Call. Tom Anderson

Filesystem. Disclaimer: some slides are adopted from book authors slides with permission

Today CSCI Coda. Naming: Volumes. Coda GFS PAST. Instructor: Abhishek Chandra. Main Goals: Volume is a subtree in the naming space

File Management. Information Structure 11/5/2013. Why Programmers Need Files

SDC EMEA 2019 Tel Aviv

What is an Operating System? A Whirlwind Tour of Operating Systems. How did OS evolve? How did OS evolve?

DISTRIBUTED SYSTEMS [COMP9243] Lecture 9b: Distributed File Systems INTRODUCTION. Transparency: Flexibility: Slide 1. Slide 3.

Analysis of Algorithms

Chapter 8: I/O functions & socket options

Lecture 19: File System Implementation. Mythili Vutukuru IIT Bombay

Triple DES and AES 192/256 Implementation Notes

Samba in a cross protocol environment

ebay Marketplace Architecture

Transcription:

DFS Replication A client implementation for Samba Samuel Cabrero SUSE Labs Samba team scabrero@suse.com

Agenda 1. Introduction 2. DFS-R Configuration 3. Protocol overview 1. Retrieving updates 2. Processing updates 3. Installing updates 4. Demo 5. Next steps 2

Introduction 3

Overview DFS-R is a RPC protocol that replicates files between servers It is a optimistic and multi-master protocol Optimistic Files can be updated without prior consensus Multi-master Files can be changed in any server. Asynchronous, no restrictions on when the changes must be propagated Files are replicated when the application that modifies them closes the file When a file is closed, an update is generated and inserted in a database 4

DFS-R configuration 5

Concepts Replication Groups or replica sets Replicated folders or content sets Computers are members of replication groups Members subscribe to replicated folders Topology, which define the connections between members, is common to the group Configuration is stored in AD Global configuration CN=DFSR-GlobalSettings,CN=System,DC=samba1,DC=ad CN=SambaXP_TestGroup CN=Content CN=SambaXP_TestFolder1 CN=SambaXP_TestFolder2 CN=Topology CN=bc7d1b34-bdac-48e3-9a86-225bcfcc96d7 CN=d7579220-73c3-4c00-b479-347c29576e90 CN=2d13008d-d7f7-47d8-b7df-5ae90c617cf4 CN=b9c16269-1136-49d2-85cc-2cb75114d14c <= <= <= <= <= <= <= <= <= msdfsr-replicationgroup msdfsr-content msdfsr-contentset msdfsr-contentset msdfsr-topology msdfsr-member msdfsr-connection msdfsr-member msdfsr-connection Local configuration CN=DFSR-LocalSettings,CN=WIN2K12R2-2,CN=Computers,DC=samba1,DC=ad CN=bc7d1b34-bdac-48e3-9a86-225bcfcc96d7 <= msdfsr-subscriber CN=18b1586c-232b-4459-98b3-390939c96b8c <= msdfsr-subscription CN=9fdb9b8c-f88e-4438-b689-14a06bbe5c1a <= msdfsr-subscription 6

The SYSVOL replication group It is a special replication group CN=DFSR-GlobalSettings,CN=System,DC=samba1,DC=ad CN=Domain System Volume msdfsr-replicationgrouptype: 1 CN=SambaXP_TestGroup msdfsr-replicationgrouptype: 0 Replication topology follows ntdsconnection from Configuration partition (AD replication) 7

Management PowerShell {New,Get,Set,Remove}-DfsReplicationGroup {New,Get,Set,Remove}-DfsReplicatedFolder {Add,Get,Set,Remove}-DfsrMember {Get,Set}-DfsrMembership {Add,Get,Set,Remove}-DfsrConnection samba-tool samba-tool dfsr group {list,create,edit,delete} samba-tool dfsr folder {list,create,edit,delete} samba-tool dfsr member {list,add,delete} samba-tool dfsr subscription {list,add,delete} samba-tool dfsr connection {list,create,edit,delete} 8

Protocol overview 9

Overview The protocol takes a three tiered approach The client determine which versions is missing The client ask for the missing updates Asking for the server s Version Vectors (VV) Asking the server for the Updates The client download the file s data 10

Version Vectors Define a range of updates from the same server Pair of server s DB GUID range of updates Versions [0 8] are reserved Version 1 represent the replicated folder root version_vector: struct frstrans_versionvector db_guid : 6ff04912-7f6c-4147-a3f9-6231534d919b low : 0x0000000000000009 (9) high : 0x000000000000000b (11) 11

Updates 1. Get version vectors (VVs) version_vector: struct frstrans_versionvector db_guid : 6ff04912-7f6c-4147-a3f9-6231534d919b low : 0x0000000000000009 (9) high : 0x000000000000000b (11) 2. Compute VV delta between the known VV and received VV 3. Get updates in the computed delta frs_update: struct frstrans_update present : 0x00000001 (1) name_conflict : 0x00000000 (0) attributes : 0x00000010 (16) fence : Thu Jan 1 00:00:00 1970 UTC clock : Wed Apr 25 10:16:15 2018 UTC create_time : Wed Apr 25 10:15:55 2018 UTC content_set_guid : 18b1586c-232b-4459-98b3-390939c96b8c sha1_hash : 6f7860df40d05f1187414712fa730c8ad1d8c7a8 rdc_similarity : 00000000000000000000000000000000 uid_db_guid : 18b1586c-232b-4459-98b3-390939c96b8c uid_version : 0x0000000000000001 (1) gsvn_db_guid : ae0da2be-8a27-4e0d-9ecd-06f64efcf24a gsvn_version : 0x0000000000000020 (32) parent_db_guid : 00000000-0000-0000-0000-000000000000 parent_version : 0x0000000000000000 (0) name : 'Folder2' flags : 0x00000000 (0) 12

Updates Each created file is assigned a Unique Identifier (UID) A UID is a pair GUID Version number The UID is used to track the object for its entire lifetime (moved or renamed) uid_db_guid uid_version : ae0da2be-8a27-4e0d-9ecd-06f64efcf24a : 0x0000000000000022 (34) <= DB GUID <= Version number A particular version of a file is identified by its Global Version Sequence Number (GVSN) gsvn_db_guid gsvn_version : ae0da2be-8a27-4e0d-9ecd-06f64efcf24a : 0x0000000000000023 (35) <= DB GUID <= Version number When a file is modified the GVSN is incremented FILE CREATED ON MEMBER 1 FILE MODIFIED ON MEMBER 2 uid_db_guid uid_version : ae0da2be-8a27-4e0d-9ecd-06f64efcf24a : 0x000000000000002c (44) uid_db_guid uid_version : ae0da2be-8a27-4e0d-9ecd-06f64efcf24a : 0x000000000000002c (44) gsvn_db_guid gsvn_version : ae0da2be-8a27-4e0d-9ecd-06f64efcf24a : 0x000000000000002c (44) gsvn_db_guid gsvn_version : d8f38038-ad91-4d15-9b0b-30feac8d65cf : 0x000000000000000f (15) 13

Updates Folders are replicated in the same way as files attributes attributes : 0x00000020 (32) : 0x00000010 (16) <= Files <= Folders Updates does not contain the file path, but the parent s UID parent_db_guid parent_version : ae0da2be-8a27-4e0d-9ecd-06f64efcf24a : 0x0000000000000025 (37) 14

Overview Client Server Establish connection Establish session Request version vectors Request updates Download data Request version vectors Request updates Download data Download data Request version vectors 15

Retrieving updates The process of retrieving all the updates has its own state machine Retrieved updates are queued to be processed in another loop File data download can proceed as an independent process of synchronizing version vectors and updates To enable replication across multiple folders, client and server isolate the activities belonging to one folder in a DFS-R session 16

Asynchronous notifications The client is who drives the protocol The client requests to be notified when the server s VV changes (AsyncPoll) The AsyncPoll response carries the VV Only one pending Async poll per connections, shared among sessions 17

Notifications Client Server Establish connection AsyncPoll Start Establish session Request VV Wait for notify AsyncPoll AsyncPoll Request VV Request VV AsyncPoll with VV AsyncPoll Request updates Request Updates Updates Inbound log No Done? Yes 18

Processing updates 19

Processing updates Recap 1. We got the server s version vector 2. We computed the delta between server s VV and our known VV 3. We got the missing updates and queued them Two level queue Pending VV Traversed in order Pending updates Out of order Pick a candidate update Updates must be installed in ancestral order to prevent conflicts Determine if it is necessary to download the data The downloaded data is staged to a file The update is installed in persistent storage When all updates pertaining to a VV are installed, update the stored VV 20

Downloads While processing updates, the client may download file data Four ways A file starts with an initialization of file transfer RawGetFileData, chunk size 256KB And ends with a close call InitializeFileTransferAsync, which carries the first 256KB of data Client request subsequent chunks RdcGetFileData Require RDC (Remote Differential Compression) RdcGetFileDataAsync Require RDC and DCE-RPC byte pipes RawGetFileData RawGetFileDataAsync Require DCE-RPC byte pipes RdcClose Downloaded data is staged to a file 21

Download data Client Server InitializeTransferAsync InitializeTransferAsync RawGetFileData RawGetFileData RawGetFileData RawGetFileData RawGetFileData RawGetFileData RdcClose RdcClose 22

Installing updates 23

The meet module The client runs as a Samba4 server service task Pick update to install and download data to a stage file The staged data must be installed to the final location through the VFS layer There is a new smbd process, the meet module The dfsr service and the meet module communicate through IRPC The meet module needs read access to the DFS-R database to recursively build the target path from parent s UID. 24

Approach 1. Creates a connection to go through VFS layer 2. Handle tombstone updates (file deletions) 3. Uncompress staged data XPRESS format (LZ77 + Huffman coding) 4. Process the uncompressed stream 1. Metadata stream Create, rename or move the file 2. Security stream Sets the security descriptor 3. Flat data stram [MS-BKUP] format. The content. 4. Other stream types (reparse data and compression data not handled yet) 5. Send result to dfsr service 25

Staged data format Two layers A sequence of streams Metadata Compression data Reparse data Flat data Security data Encapsulated on a compressed data format, even if uncompressed HDR Payload HDR Metadata stream Payload Payload HDR Chunk Block data XPRESS block Payload Payload Security stream Chunk Block Header HDR Block Header Block data XPRESS block Flat data stream Chunk Block Header Block data XPRESS block Chunk Block Header Block data XPRESS block Chunk Block Header Block data XPRESS block 26

Demo 27

Setup SambaXP_TestGroup {8db97569-cfd6-4b13-a99a-b4c6267b07f6} DC1 SambaXP_TestFolder1 {9fdb9b8c-f88e-4438-b689-14a06bbe5c1a} SambaXP_TestFolder2 {18b1586c-232b-4459-98b3-390939c96b8c} M1 Samba => DC 1 {123d3ef6-8fa8-4eea-a1c2-d318b407dba2} M2 Samba => DC 2 {af1ad561-2177-47f8-9e2e-4961ef8690c3} WIN2K12R2-1 DB Guid {ae0da2be-8a27-4e0d-9ecd-06f64efcf24a} WIN2K12R2-2 DB Guid {d8f38038-ad91-4d15-9b0b-30feac8d65cf} WIN2K12R2-3 DB Guid {6ff04912-7f6c-4147-a3f9-6231534d919b} Samba DC 28

Samba configuration [global] netbios name = MONCAYO workgroup = SAMBA1 realm = SAMBA1.AD server role = active directory domain controller #### DFS-R #### server services = +dfsr dfsrsrv: sysvol_join = yes #### DFS-R #### #### New log categories #### log level = 2 dfsr:10 dfsr_meet:10 29

Code Available on https://github.com/kernevil/samba/tree/dfs-r 55 patches 19 are the management tool (samba-tool dfsr) 42 files changed, 9939 insertions(+), 10 deletions(-) 30

Next steps 31

Client side Protocol Slow sync sub-protocol Remote Differential Compression (RDC)? Receiving updates Credit system to throttle update retrieval / install Processing updates Verify hashes to skip data download on match Downloading data DCE-RPC byte pipes Installing updates Set timestamps from metadata stream Handle compression data stream Handle reparse data stream Handle flat data stream as a MS-BKUP stream Find a way to test the client in selftests without a windows server 32

Server side Big uncertainty yet How to catch file closes? Force the windows clients to not use RPC byte pipes and RDC Specially when samba is not on the path File system event notifications, like inotify? Kernel support? The use of RPC byte pipes can be avoided reporting ourselves as Windows 2003 on the connection response Is RDC mandatory? If not, how to tell the client to not use it? Database backend TDB? SQLite? 33

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback