Got it

CIFS Share Feature Overview

Latest reply: May 23, 2014 07:28:28 2119 1 1 0 0

Overview

CIFS is a protocol used for sharing network files. CIFS allows Windows clients on the Internet and intranet to access shared files and other resources. The CIFS share is mainly applicable to the file sharing.

Server Message Block (SMB) is a protocol used for network file access and CIFS is a public version of SMB. The SMB protocol allows a local PC to access files and request services on PCs over the local area network (LAN).

With the continuous expansion of enterprises, more and more users need to access the share service in enterprises. Restricted by the server where shared files reside, the access speed decreases and system response slows down when a large number of users access shared files. Therefore, improving the performance of accessing shared files becomes an urgent need for enterprises.

The CIFS feature allows Windows clients to identify and access shared resources provided by the S2600T/S5500T/S5600T/S5800T storage system. With CIFS, clients can quickly read, write, and create files in the storage system as on local PCs. The storage system delivers high performance, addressing the problems of decreased access speed and slow response.

The CIFS feature has the following advantages:
  • High concurrency

    CIFS supports the file sharing and file locking mechanisms, allowing multiple clients to access a file. Multiple clients can access a file at the same time, but only one client is allowed to update the file each time.

  • High performance

    Access requests sent by a client for a shared file are cached locally but not delivered to the S2600T/S5500T/S5600T/S5800T storage system. When the client sends access requests for shared files again, the system directly reads shared files in the cache, improving access performance.

  • Data integrity

    CIFS provides the cache, pre-read, and write back functions to ensure data integrity. Access requests sent by a client for a shared file are cached locally but not delivered to the S2600T/S5500T/S5600T/S5800T storage system. If other clients want to access the shared file, the cached data is written to the S2600T/S5500T/S5600T/S5800T storage system. Only one copy file is activated each time to prevent data conflicts.

  • Robust security

    CIFS supports anonymous file transfer and share access authentication. The authentication management function controls users' access permissions, ensuring data confidentiality and security.

  • Wide application

    Any client that supports the CIFS protocol can access the CIFS share space.

  • Unified coding standard.

    CIFS supports various types of character sets, applicable to different language systems.

Specifications

This chapter describes the CIFS share specifications.

Table 1 lists specifications of the CIFS share based on one S2600T/S5500T/S5600T/S5800T storage system.


Table 1 CIFS share specifications

Item

Specifications

Number of file systems shared in CIFS Normal mode

≤ 60

Number of file systems shared in CIFS Homedir mode

≤ 16

Number of links in the CIFS Homedir share

≤ 3000a

Number of active links in the CIFS Homedir shareb

≤ 800c

a: The number of local users and domain users in one storage system cannot exceed 3000, and the number of user groups cannot exceed 3000.

b: The number of active links refers to the number of online users.

c: A storage system supports a maximum of 800 active links.


Availability

This section describes the CIFS share availability from the aspects of the license support, version support, network requirements, feature dependency, and system performance.

License Requirement

A license is required to use the CIFS share feature.

Applicable Versions

Product Name

Product Version

OceanStor S2600T/S5500T/S5600T/S5800T Storage System

V100R005

Network Requirements

The CIFS share feature supports the Internet Protocol version 4 (IPv4), but does not support Internet Protocol version 6 (IPv6).

(Optional) When the CIFS share feature is applicable to a domain environment, you need to configure the domain controller. The configuration items are described inTable 1.


Table 1 Configuration items for the domain controller

Item

Description

ADa

Storing information related to network objects, the AD enables the administrator and users to easily find and use the information.

Kerberos or NTLMbauthentication

Authenticates users to protect files in the system.

DNSc server

Storing host names and IP addresses on the network, the DNS server converts host names to corresponding IP addresses.

NTPd server

Synchronizes the time of devices on the network.

a: Active Directory (AD)

b: NT LAN Manager (NTLM)

c: Domain Name Server (DNS)

d: Network Time Protocol (NTP)

Feature Dependency

Table 2 describes the dependency between the CIFS share feature and other features.


Table 2 Dependency between the CIFS share feature and other features

Feature

Dependency

NFSa/FTPb/HTTPcshare

The S2600T/S5500T/S5600T/S5800T storage system can share file systems using multiple protocols. However, clients cannot write one file in a file system at the same time if the file system is shared through multiple protocols. If multiple protocols are used to share file systems, you are advised to configure read-write share for only one protocol and read-only share for other protocols.

Archiving

After a CIFS share is created, the data archiving feature of the file system is unavailable.

File system snapshot

Before accessing the file system snapshot, clients must create the file share for it.

a: Network File Server (NFS)

b: File Transfer Protocol (FTP)

c: Hypertext Transfer Protocol (HTTP)

System Performance

The CIFS share feature has the following impacts on the system performance:
  • The system supports file system sharing through CIFS, NFS, FTP and HTTP. When the file system is accessed by clients using different protocols, the overall system performance is slightly degraded.
  • Different file systems provide services through the CIFS share or NFS share. If one share feature is in use, the performance of another share feature deteriorates.
  • The system performance deteriorates if clients access a large amount of small files in the CIFS share after the full_acl permission is enabled, because the S2600T/S5500T/S5600T/S5800T storage system spends a large amount of time in authentication. Therefore, you are advised not to enable the full_acl permission in the CIFS Normal share.
  • The system performance deteriorates if file system snapshots are created after the CIFS Normal share has been created for a file system.

Application Scenario

The CIFS share is mainly applicable to the file sharing by Windows clients. The CIFS share is classified into CIFS Normal share and CIFS Homedir share. This section describes the CIFS Normal share and CIFS Homedir share in a non-domain and an AD domain environment.

CIFS Normal Share in a Non-Domain Environment

With the continuous expansion of enterprises, more and more data needs to be shared in enterprises. Therefore, enterprises require large shared space for users to store shared data and simplified shared space management.

The S2600T/S5500T/S5600T/S5800T storage system shares the file system to all the users of enterprises in CIFS Normal mode. The shared file system appears as a directory. All the users can access the shared directory. Besides, permission management based on local group allows enterprises to control users' permissions for the shared directory. Meanwhile, the storage system allows enterprises to set shared space quotas for departments and users. User quota management ensures that all the users can perform read and write operations in the file system by preventing some users from occupying too much shared space.

In Figure 1, all the local users can access the shared space provided by the S2600T/S5500T/S5600T/S5800T storage system in CIFS Normal mode. The CIFS normal share allows different local groups to have different shared directory access permissions. Local users belong to different local groups and each group has different permissions for the shared space. Namely, some local users have read/write permission for the shared space while some local users only have read-only permission for the shared space. The storage system can set a shared space quota for each local user.


Figure 1 File sharing in CIFS Normal mode in a non-domain environment 

http://localhost:7890/pages/3118G2D8/07/3118G2D8/07/resources/dita/nas/CIFS_feagud/figure/cifs_fea/os_cifsfea_appscen_fig01.png

CIFS Homedir Share in a Non-Domain Environment

With the continuous expansion of enterprises, the number of users increases. The need for private storage space emerges. The private space of a user cannot be viewed or accessed by other users.

The S2600T/S5500T/S5600T/S5800T storage system shares the file system to a user in CIFS Homedir mode. The shared file system appears as a directory. The directory name is the same as the user name. This user can only access the shared directory of his/her own. Meanwhile, the storage system allows enterprises to set shared space quotas for departments and users. User quota management ensures that all the users can access the file system and files by preventing some users from occupying too much shared space.

In Figure 2, each local user can only access the shared directory whose name is the same as the user name. The S2600T/S5500T/S5600T/S5800T storage system can set a shared space quota for each local user. The quota of a local user can be larger than the capacity of the local user's owning file system.


Figure 2 File sharing in CIFS Homedir mode in a non-domain environment 

http://localhost:7890/pages/3118G2D8/07/3118G2D8/07/resources/dita/nas/CIFS_feagud/figure/cifs_fea/os_cifsfea_appscen_fig02.png

CIFS Normal Share in an AD Domain

With the expansion of LAN and wide area network (WAN), many enterprises use the AD domain to manage networks on Windows. The AD domain make network management simple and flexible.

The S2600T/S5500T/S5600T/S5800T storage system can be added to an AD domain as a client, namely, it can be seamlessly integrated with the AD domain. The AD domain controller saves information about all the users and groups in the domain. All the users in the AD domain can access the CIFS Normal share provided by the storage system. Before the access, they need to be authenticated by the AD domain controller. The AD domain administrator can implement file-specific permission management. Different users have different permissions for each shared folder.

In Figure 3, all the domain users can access the shared space provided by the S2600T/S5500T/S5600T/S5800T storage system. Before accessing the shared space, domain users need to authenticated by the AD domain controller. The storage system can set a shared space quota for each user or group.


Figure 3 File sharing in CIFS Normal mode in an AD domain 

http://localhost:7890/pages/3118G2D8/07/3118G2D8/07/resources/dita/nas/CIFS_feagud/figure/cifs_fea/os_cifsfea_appscen_fig03.png

CIFS Homedir Share in an AD Domain

With the expansion of LAN and WAN, many enterprises use the AD domain to manage networks on Windows. The AD domain make network management simple and flexible.

The S2600T/S5500T/S5600T/S5800T storage system can be added to an AD domain as a client, namely, it can be seamlessly integrated with the AD domain. The AD domain controller saves information about all the users and groups in the domain. A user in the AD domain can only access the directory whose name is the same as the user name.

In Figure 4, each domain user can only access the shared directory whose name is the same as the user name. The S2600T/S5500T/S5600T/S5800T storage system can set a shared space quota for each domain user or group. The quota of a domain user can be larger than the capacity of the domain user's owning file system.


Figure 4 File sharing in CIFS Homedir mode in an AD domain 

http://localhost:7890/pages/3118G2D8/07/3118G2D8/07/resources/dita/nas/CIFS_feagud/figure/cifs_fea/os_cifsfea_appscen_fig04.png

Thanks.
View more
  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.