Documentation Notes on NFS-20.   

Copyright (C) 1987 by Mark K. Lottor.

News. 
  Send a note to MKL@SRI-NIC.ARPA to be put on a bug-list for NFS-20.

Implementation Goals.
  To build a Tops-20 NFS server that would come close to the performance
    of a SUN file server.  SUN claims 960 kbps read to /dev/null and
    320 kbps writing.  This implementation currently does 270 kbps reading
    and 100 kbps writing with 1k byte packets.  SUN uses 8k packets so we 
    could expect ours to be at least as fast as SUN's if we used larger
    packets also.
  To build a file server that does not compromise any Tops-20 security.
    The implementation does this and the client/directory mappings are
    a way to leave the SUN/UNIX clients with the kind of security they
    are accustomed to without compromising Tops-20 security by giving
    them un-authenticated file access.  By assigning each client a
    directory you effectively isolate their security problems
    from the rest of the system.  
  To make the Tops-20 machine look like a UNIX system to the client.
    This was accomplished very well and you can use the Tops-20 
    machine just like it was a Sun file server with hardly
    any noticeable difference.

Operational Notes.
 Note how security works (see Security section).  Also note that in
  order for things to work properly (getwd on unix) the server allows
  list access (of dir files only) of <root-directory> regardless of
  its protection.  Some sites may not like this and I might be able
  to offer solutions on how to get around it.
 The create and remove directory commands are not implemented
  due to security reasons.
 You will not see file author names.  This is because they are
  based on Unix uids which cannot be authenticated or translated.
  If you do see them they are not real.
 Unix/RPC authentication/verification/credentials data is generally ignored.
 Groups are not implemented.  Group protections are ignored.
 There are no hard links on Tops-20. 
  Symbolic links could be supported if there is interest.
 You cannot clear mappings on the portmapper due to security reasons.
 Tops-20 can crash and reboot and you can restart the NFS server without
  having to do anything on the client to continue normal operation.
 CR/LF translation is not part of the NFS protocol.
 All files are written as 8 bits.  You can specify 7 bits by suffixing
  a file name with ",b7" as in "ls /etc > /ps/mkl/dir.txt,b7".
  If you want to login on the 20 and read an nfs written file you will
  probably want to use 7-bit mode.  7-bit mode also uses less space on
  the server.  7-bit mode is the only alternative to 8-bit.
 You can only read 7 or 8 bit files.
 If you have a directory "foo" (foo.directory) and a file "foo" (foo..1)
  then referencing "foo" on the client will first try for "foo.directory"
  and then "foo..0", or you can specify "foo." to get right to the file.
 Note that "*.txt" won't match anything.  You need to use "*.txt.*"


Server Setup.

To run an NFS server, do, in this order:
  Get PortMapper
  Start, background	
  Get MountServer
  Start, background	
  Run NFS
You need wheel and net-wiz privs.
If one of them crashes you will have to restart all 3.  Kill all the forks,
then run RELIQ to release their queues, then restart them all.
You may have to up NIQ in your monitor.  NIQ=number of internet
queues.  Normally comes set to 8.  These programs use 3 total.

Client setup.

You must mount each Tops-20 disk structure seperately.  You can
only mount the top-level structure.

So, then, on your SUN or NFS client machine, become root and build a
directory to mount onto, say build "/ps" for mounting PS:.
Then do a:
 /etc/mount -o bg,rsize=1024,wsize=1024 tops20-hostname:/ps /ps

1024 is the max byte count for file reads and writes.  You want
this to be as large as possible and a multiple of 512.  Most Tops-20's
won't allow more than 1400 or so bytes without a monitor change.
  [If you have an ethernet interface, use 1024.
   If you only have an imp interface, use 512.]
If you are serious about getting good performance and you can
handle using up more of your internet free space, contact me.
I expect that a doubling of UDP packet size will almost
double file read throughput.

Note:  It appears that you need release 3.0 or better on the SUN
       to run NFS-20.


Security.

The server allows only read-access to world-read protected files.  You
can only get a directory listing from a directory with a directory
protection of 40 in the world field.  You can only see files that have
an 02 in the world field.

In addition, a client can be assigned a directory to which it has
FULL access for reads and/or writes.  

You set up the access mappings in the file SYSTEM:NFS-ACCESS.CMD. 
The file is read once on server startup.  The format is a host name or
internet number, some white space, the access allowed (R or W or
both), some white space, and the name of the directory to which FULL
(R and/or W) access is to be given.  Access does not extend to subdirs.
Multiple assignments of clients and/or directories is allowed.  

Note: The NET keyword/control stuff isn't implemented in this release.
;You may also have lines starting with the word NET followed by a
;network number (4 octets in OCTAL!) followed by a network number
;mask (in the same format).  Adding this line will only allow requests
;to the NFS server to come from that network.  If you don't have a
;NET line then any net is allowed.  

example file: SYSTEM:NFS-ACCESS.CMD
---------------------------------------------------------------------
;client access control file ;allowed network, network number mask
(octal)
;NET	200 22 0 0 377 377 0 0
;client			access	directory
NIXON.SRI.COM		RW	PS:<NFS.NIXON>
NIXON.SRI.COM		R	PS:<NFS.COMMON>
128.18.17.43		RW	PS:<NFS.FROBSUN> ;joe luser
128.18.17.43		R	PS:<NFS.COMMON>
M-KL10.SRI.COM		RW	PS:<NFS.MKL>
---------------------------------------------------------------------
Note all the directories above are subdirs of PS:<NFS>.  You can map
to any directory you want, but doing something like above will allow
you to confine NFS security problems from your Tops-20 system.  I
certainly wouldn't want to put an entry in there pointing to PS:<MKL>
(my tops-20 login directory) since access to that dir is easily
spoofed and faked with the NFS protocol.


Comments and Suggestions for future modifications.

Add NET control stuff as above.

Better security/authentication.  If you have an idea let me know.
Most likely everyone will want to do it their own way.  I suggest you
understand NFS fully before you try to make your own security mods.

Contact me if you are interested in getting better throughput
performance out of the server.  It will involve monitor changes.

Future NFS protocol versions.  SUN is coming out with an NFS version 3
protocol spec.  It fixes many dumb things in the protocol and will
make possible a Tops-20 implementation without as many kludges.


Known Bugs.

Some things couldn't be implemented exactly to spec and some things
are kludged to work right.  Almost all these kludges and problems
can be implemented properly using the next protocol release NFS 3.0.

If you 'ls' <root-directory> just after doing a 'cd ..' from
a top-level dir <foo> to <root-directory>, then the dir 'foo'
may show up twice in the directory listing.  This bug is introduced
by a kludge to make Unix getwd calls work fast.  If it bothers you
then recompile NFS with $GWSW off.  Most people will never want
to list their Tops-20 root directories.

Files with long names (over 24 bytes) may take a little longer
to directory list and find.  This could be sped up if it becomes
a problem for anyone.

There is no continuous disk quota checking.  Currently quotas
are only checked at file creation time.

It is not known how the server will hold up under heavy usage.

The server has only been tested with a SUN client.


Unknown Bugs.

Yes.


Files.

If you want to write an RPC based server, use MountServer as an example.
If you want to write an RPC based client, use RPCInfo as an example.

Note that the RPC client code has not been optimized for client usage
since it is hardly used in this server implmentation.  It may need
some work (the retransmitter for instance) if you plan to implement
any reasonable client code.

Descriptions of files included:

UDP
	The User Datagram Protocol library.

XDR
	External Data Representation conversion routines.

RPC
	Remote Procedure Call routines.

PortMapper
	Maps RPC program numbers into UDP port numbers.
	Every RPC server registers with the portmapper.

MountServer
	Accepts requests to mount a filesystem and returns a handle
	to its root.  The handle is then used with the NFS server.
	The mountserver is NOT a place for access controls!
	Logs mounts to file SYSTEM:NFS-MOUNT.LOG.

NFS
	The actual NFS server.
	Set Debug non-zero for useful debugging output.

NFSstat
	Dumps statistics of an NFS-20 server.

RPCInfo
	Asks a PortMapper on a host to dump it's mappings.

----------debugging stuff----------
Reliq
        Releases ALL internet queues assigned by your job.
	You will need to do this if you want to restart your
	NFS server programs.

UDP.EXE
	A UDP debugging tool.  Not related to UDP.MID.