[Beowulf] Building new cluster - estimate

Robert G. Brown rgb at phy.duke.edu
Wed Aug 6 12:34:52 PDT 2008


On Wed, 6 Aug 2008, Perry E. Metzger wrote:

>
> Matt Lawrence <matt at technoronin.com> writes:
>> Could be.  Given the long and sordid history of NFS, I prefer to not
>> use it whenever there are practical alternatives.
>
> NFS is a fine protocol and works very well. However, traditionally the
> Linux implementation of NFS has been of less than perfect quality. You
> shouldn't confuse NFS with NFS on Linux.

And even on Linux machines, NFS has been, well, "functional" is a good
way to describe it.  For its primary original purpose, which is serving
home directories or remote mount e.g. binaries in midsize and smaller
workstation LANS, it is adequate and has worked well for us for almost
ten years (not without some pain, mind you, but with no more pain than
anythng else).  For the last five or six years even most of the pain has
gone away and things like automounting work most of the time with only
rare hangs or stale mount problems (on highly reliable server hardware
and with a very reliable network).

Once upon a time, running NFS in a LAN that wasn't controlled at the
port level was basically openly inviting anyone that could plug into a
wired port to have open access to all exported files, and I'm not sure
that has fundamentally changed as to change it would be very difficult.
A host that is permitted to mount a directory is typically known only by
IP number (which of course anybody can set to masquerade as any host)
and no hard authentication tokens are required.  Also, traffic is
typically not encrypted IIRC so anybody can snoop the wire if they're on
it.  I once upon a time had a few lovely cracking tools that let me just
mount any user's home directory with no special privileges from
userspace -- it didn't even require rootspace.  I think things are
better now, but still think of it as a tool to use primarily on trusted
internal networks for primarily bandwidth-limited (few larger files)
and not stat-limited (man smaller files) traffic.

    rgb

>
> Perry
>

-- 
Robert G. Brown                            Phone(cell): 1-919-280-8443
Duke University Physics Dept, Box 90305
Durham, N.C. 27708-0305
Web: http://www.phy.duke.edu/~rgb
Book of Lilith Website: http://www.phy.duke.edu/~rgb/Lilith/Lilith.php
Lulu Bookstore: http://stores.lulu.com/store.php?fAcctID=877977



More information about the Beowulf mailing list