An Overview of Rx - PowerPoint PPT Presentation

About This Presentation

Title:

An Overview of Rx

Description:

AFS & Kerberos Best Practices Workshop 2005. http://rmitz.org/rx/rx ... Well, perhaps we'll skip ahead just a bit...to the ITC. Information ... Greetings ... – PowerPoint PPT presentation

Number of Views:62

Avg rating:3.0/5.0

Slides: 12

Provided by: roman4

Learn more at: http://rmitz.org

Category:

more less

Transcript and Presenter's Notes

Title: An Overview of Rx

1
An Overview of Rx We like things that make us
go. Roman Mitz rmitz_at_cmu.edu AFS Kerberos Best
Practices Workshop 2005 http//rmitz.org/rx/rx-bpw
-2005.ppt
2
Outline

History, ancient and otherwise
Why Rx?
High level protocol overview
Bottom-up tech

3
In the beginning

The Universe was created
Well, perhaps well skip ahead just a bitto the
ITC
Information Technology Center, CMU/IBM

4
In the beginning there was

R and RFTP1. And it was okay.
Actually, were skipping over some other bits
here, like RPC2, RPC23, MultiRPC4ysee,
Kazar
R was an RPC protocol
Built on the LWP5 and XDR6 packages
Meant to provide a reliable datagram service
Run on top of UDP/IP (whew!)
Basic authentication via shared secret
Data transfer limited to one packet
RFTP was
A simple addition to transfer files. Requires
setting up the transfer then making an R call.

5
And then the spawn, Rx

Inherits the good things of the previous
protocols
Lightweight
Security deeply embedded (but modular!)
With some additions
Arbitrary amounts of bulk data transfer as an
ordinary call
Adds more security hooks (encryption)
Imports some TCP network adaptive behavior
(increased over time 7)

6
Rx

Benefits
Handles large numbers of connections (but..)
Only requires one RPC for bulk data transfer
Tight integration with AFS
Very lightweight overall
Drawbacks
Not taking advantage of all the TCP research and
enhancements over the years without explicit code
(window sizes, security, etc.)
Firewalls can sometimes cause issues
Still a less-known factor

7
Rx, High-level8

An Rx-based server exports services
ltIP address, UDP Port, service Idgt
One UDP Port per server, 16bits of services
Remember different server vs client distinctions
Connection based
Each connection support four simultaneous calls
via a mechanism called channels
Each call is half-duplex
Calls can be aborted explicitly at any time, and
via two different timeouts (max time, and max
time with no activity)

8
Rx, High-Level - Security

Specified per-service and per-connection
NOT per call
A service may specify more than one security
class, but a connection may not
Work done via external security class (e.g.
rxkad)
Only needs to follow API.
Pretty simple
If a connection is to be authenticated, there is
a challenge-response handshake

9
Rx, the Header! 9
High-order bit of Epoch -- used for addressless
connections if set
Start time of the clients RPC Package
0 1 2
3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4
5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-------------------------
-------
Connection Epoch
-------------------------
-------
Connection ID
-------------------------
-------
Call Number
-------------------------
-------
Sequence Number
-------------------------
-------
Serial Number
-------------------------
------- Type Flags
Status Security
-------------------------
------- Checksum
Service ID
-------------------------
------- Payload .... -----
Used to determine channel number
DATA ACK BUSY ABORT ACKALL CHALLENGE RESPONSE DEBU
G PARAMS VERSION
CLIENT-INITIATED REQUEST-ACK LAST-PACKET
MORE-PACKETS SLOW-START-OK JUMBO-PACKET
Set by client. Could be random, but isnt
normally.
Incremented by client on each new call, beginning
with 1. Used for basic avoidance of call
duplication
Per-call
Per-connection
Defined for individual RPCs
Indicates type of security - none, rxkad, etc.
Used only by security plugins--rxkad calculates a
cryptographic header checksum solving Rx
hijacking issues10
10
Greetings and Salutations