AFS Intro | F.A.Q. | Basic AFS | Advanced AFS | Kerberos | Features | Other Info
Better Networking Performance: AFS was designed for larger networks so it's faster and more efficiently. Under AFS, files are maintained by a central server. Client machines cache files they access to the local disk. If a client machine updates a file, it updates a local copy and sends the update to the server. In contrast, NFS requires that filing systems be synchronized; this is not feasible across a large network connected by routers, like Stanford's. NFS works well on small and medium size networks, but is not suited for a large network like Sweet Hall's.
User Authentication: AFS authenticates users, not machines. This allows people with an AFS account to access their account files from any machine that mounts the AFS filing system, such as the residential NeXTs and Terman cluster.
Global File System: Each institution that uses AFS and is connected to the Internet most likely has a cell. Check under the directory /afs/ for the file system of other institutions. For instance, you can access the Macintosh archive at university of Michigan by changing directory to /afs/umich.edu/group/itd/archive/mac, thus eliminating the need to ftp public files on a remote AFS server.
Easier Administration: Since AFS is a distributed system, the administrators can focus on the servers instead of the client machines since the client machines get all their information from the server anyway. This makes updating and maintaining software much easier.
File Permissions: AFS allows greater control over the file permissions of one's directories. Individuals can grant privileges to individuals or user-created groups. This is ideal for group projects. AFS users need to learn a new set of commands and file permissions different from those that they may have used in NFS. One important distinction: AFS does not yet support file-based permissions; AFS permissions only apply to directories though Unix file permissions still exist for files. The permission are covered in Basic AFS document. Note that this will also affect how you should setup your .plan, and .rhosts files.
One word, Backups: Each night, the AFS server creates a backup of your account which you can access. This sometimes allows you to undelete files you accidently deleted or overwrote.
And last but not least, Security: AFS combined with Kerberos offers the best security since it authenticates users and jobs and not machines, thus reducing the possibility of ip spoofing. It also offers encryption through Kerberos, thus helping to lessen the chances of someone sniffing your password out of packets.
Does not use Unix file semantics: AFS only supports directory
permissions which may confuse those who are used to the standard
unix chmod permission sets. However, you will soon find typing
fs setacl ~/Public system:anyuser rl as easy as
typing chmod 755 ~/Public. Fun, ain't it?
Unfortunately, AFS permissions only work for directories right
now, however, future version promises to support file
permissions as well.
Authentication may cause problems: The need to authenticate everything and everyone may some times cause problems for people who have no idea how to handle authentication. Hopefully, this will change as security becomes a bigger issue and people realize the need for more authentication.
Special files used in standard UNIX not supported. These include hard links and device files.
It works.
Nothing else does.
We're all waiting for DFS: the messiah of distributed filesystems.
To AFS Main Page
