Network File Systems (aka Distributed File System)

  • A network file system is a network protocol used to present a file system over a network. Network file systems are sometimes referred to as distributed file systems, but not often. Network file systems exist at the network application layer (ISO OSI Layer 7) and do not exist "on disk", they require a true file system "on disk" to storage the block data. Network file systems are a clustering layer and create a clustered file system regardless of whether or not the underlying block storage is a traditional file system (e.g. NTFS, ReFS, XFS, EXT4) or a clustered file system (e.g. GFS2, VMFS, CSV.)

    Common network file systems include NFS, SMB (sometimes known as CIFS), AFP, and AFS.

    A server that provides a network file system is called a file server (and an appliance that does this is called a NAS or Network Attached Storage device.) Network file system services are exposed as a share. Client systems see the share as an available file system (via a network file system driver) that can be mounted like any other. Once mounted, a network file system is seen by an application as a normal part of the file system hierarchy.

    Network file systems carry their own security, separate from any security that exists in the underlying on disk file system. Network file systems may include their own ACLs or other security mechanisms, may introduce host or network based security such as IP based restrictions, and may expose, alter, or remove underlying filesystem security mechanisms. Network file systems that are integrated with an ecosystem including operating system and file system (such as SMB with Windows and NTFS, or NFS with RHEL and EXT4) will generally transparently support end to end security; but unexpected combinations of non-integrated components may break security models or expose security in confusing or cumbersome ways.

    Network file systems create much of the backbone of modern storage and are used extensively. However, in practice, all network file systems are designed around usage on a secure LAN and do not have the performance, nor the security, necessary to be useful over a WAN, Internet, or public linkage. In theory a network file system designed for this purpose could be built, but as of yet the market has not made this a practical consideration. (In practice, the closest approximation to this would be WebDAV.)

    Part of a series on Linux Systems Administration by Scott Alan Miller
    Part of a series on WIndows Systems Administration by Scott Alan Miller