[lpi-discuss] Re: LPIC-3 core exam -- WAS: Recertification Policy
Bryan J. Smith
b.j.smith at ieee.org
Tue Dec 5 18:49:47 EST 2006
Steve Holdoway <steve at greengecko.co.nz> wrote:
> Just to back up your comment... I know those (extremely
> experienced) sysadms who will *always* use it in preference to nfs.
First off, why do people talk "NFS v. SMB" such as "in preference"?
They are _complementary_, not mutually exclusive, including
kernel-level locking. To state such is to only show ignorance of
The only major network filesystems that don't work with NFS or SMB
are AFS (Andrew FS) based, as they use virtual filesystems, instead
of the underlying, physical filesystems.
Secondly, SMB doesn't work for _most_ UNIX clients.
Only Linux and a few other OSes offer a SMB client.
Third, even Linux's SMBfs isn't native, it's a VFS hack. It causes
compatibility issues as various inode meta-data is not available.
Fourth, NFS is just a crapload faster. SMB performance might be fine
for office documents, but it is _unacceptable_ for many engineering,
financial, video and other large transaction or large file services.
Lastly, the only time I've had "issues" with NFS+Samba is when
someone didn't set up filesystem-level permissions correctly, and
respect them in their smb.conf share-level permissions. If anything,
NFS only _exposes_ such _gross_security_ issues in misconfiguration.
NFSv4's user-space support really removes any of the lagging issues
with it -- from authentication to mapping. Samba can be (and is
quite often) configured less securely than even NFSv3 in legacy
authorization mode (let alone when Kerberos is used ;-), so that
argument never sticks.
When you test network filesystem concepts on an enterprise level, you
should cover both Samba and NFS -- namely NFSv4 because the
authentication and mapping concepts overlap -- especially when Samba
is using Kerberos (and I don't just mean to Windows ADS).
Bryan J. Smith Professional, Technical Annoyance
b.j.smith at ieee.org http://thebs413.blogspot.com
Fission Power: An Inconvenient Solution
More information about the lpi-discuss