The Sad State of Networked File Systems

When it comes to networked filesystems, you pretty much have three choices: CIFS, NFS, and AFS. We won't talk about others here, such as Lustre, Gluster, other cluster-based things. CIFS is mostly for Windows, and NFS and AFS are mostly for *NIX systems. CIFS and NFS are strictly over the network (i.e. if you're on the fileserver, you don't have to use a CIFS or NFS client to read the files), while AFS additionally maintains its own on-disk layout (you need the AFS client, even on the fileserver).

Naturally, NAS appliances tend to use CIFS and NFS. The appliance can maintain its own on-disk layout, and just about every client is covered by exporting CIFS and NFS. Yes, I know Windows can also do NFS and *NIX can also do CIFS, but if given a choice, what would you choose? That's to say they don't do them very well.

CIFS on Windows just works. It's a kludge on just about anything *NIX, though, at least when you start supporting multiple users. Plus using symlinks means the server has to be very specific in implementation. Most appliances don't support CIFS symlinks, and symlinks are a *NIX user's friend. Okay, moving on.

NFS just works, until you want to start enabling security features, namely NFSv4 with Kerberos. Now it only works for the most part. On Solaris or Linux, you edit a file to enable Kerberos features. But on Linux, you also need a client keytab, and then find out that the GSSAPI credentials context (basically the authorization to NFS derived from your Kerberos credentials) stick around in a way that they shouldn't (at least on Ubuntu 8.04 and 8.10); they don't go away like your Kerberos credentials do when you log out.

AFS is it's own little monster, but on Solaris and Linux, it works pretty well. So you conclude that for Linux, AFS is your best option if you want reasonable security and features. And it usually is. But that's sad. AFS works pretty well on Solaris, too. However, you can't do AFS in combination with CIFS because of the on-disk layout, and the AFS client on Windows leaves much to be desired in its current state (I'm not very reassured by the list of bugfixes for Windows that are listed for each new release). In time, AFS on Windows might be something desirable.

Windows: CIFS. Linux: AFS. Solaris: NFS, AFS. Well they say you can't please everyone. I guess they're right. We'll see where the future goes...perhaps Linux NFSv4 with Kerberos will get better, AFS on Windows will be stabler, or Microsoft will make NFSv4 work really really well on Windows.