rfc1057.txt
来自「RFC 的详细文档!」· 文本 代码 · 共 1,398 行 · 第 1/4 页
TXT
1,398 行
Network Working Group Sun Microsystems, Inc.
Request For Comments: 1057 June 1988
Obsoletes: RFC 1050
RPC: Remote Procedure Call
Protocol Specification
Version 2
STATUS OF THIS MEMO
This RFC describes a standard that Sun Microsystems and others are
using, and is one we wish to propose for the Internet's
consideration. This memo is not an Internet standard at this time.
Distribution of this memo is unlimited.
1. INTRODUCTION
This document specifies version two of the message protocol used in
Sun's Remote Procedure Call (RPC) package. The message protocol is
specified with the eXternal Data Representation (XDR) language [9].
This document assumes that the reader is familiar with XDR. It does
not attempt to justify remote procedure calls systems or describe
their use. The paper by Birrell and Nelson [1] is recommended as an
excellent background for the remote procedure call concept.
2. TERMINOLOGY
This document discusses clients, calls, servers, replies, services,
programs, procedures, and versions. Each remote procedure call has
two sides: an active client side that sends the call to a server,
which sends back a reply. A network service is a collection of one
or more remote programs. A remote program implements one or more
remote procedures; the procedures, their parameters, and results are
documented in the specific program's protocol specification (see
Appendix A for an example). A server may support more than one
version of a remote program in order to be compatible with changing
protocols.
For example, a network file service may be composed of two programs.
One program may deal with high-level applications such as file system
access control and locking. The other may deal with low-level file
input and output and have procedures like "read" and "write". A
client of the network file service would call the procedures
associated with the two programs of the service on behalf of the
client.
The terms client and server only apply to a particular transaction; a
Sun Microsystems [Page 1]
RFC 1057 Remote Procedure Call, Version 2 June 1988
particular hardware entity (host) or software entity (process or
program) could operate in both roles at different times. For
example, a program that supplies remote execution service could also
be a client of a network file service. On the other hand, it may
simplify software to separate client and server functionality into
separate libraries or programs.
3. THE RPC MODEL
The Sun RPC protocol is based on the remote procedure call model,
which is similar to the local procedure call model. In the local
case, the caller places arguments to a procedure in some well-
specified location (such as a register window). It then transfers
control to the procedure, and eventually regains control. At that
point, the results of the procedure are extracted from the well-
specified location, and the caller continues execution.
The remote procedure call model is similar. One thread of control
logically winds through two processes: the caller's process, and a
server's process. The caller process first sends a call message to
the server process and waits (blocks) for a reply message. The call
message includes the procedure's parameters, and the reply message
includes the procedure's results. Once the reply message is
received, the results of the procedure are extracted, and caller's
execution is resumed.
On the server side, a process is dormant awaiting the arrival of a
call message. When one arrives, the server process extracts the
procedure's parameters, computes the results, sends a reply message,
and then awaits the next call message.
In this model, only one of the two processes is active at any given
time. However, this model is only given as an example. The Sun RPC
protocol makes no restrictions on the concurrency model implemented,
and others are possible. For example, an implementation may choose
to have RPC calls be asynchronous, so that the client may do useful
work while waiting for the reply from the server. Another
possibility is to have the server create a separate task to process
an incoming call, so that the original server can be free to receive
other requests.
There are a few important ways in which remote procedure calls differ
from local procedure calls:
1. Error handling: failures of the remote server or network must be
handled when using remote procedure calls.
2. Global variables and side-effects: since the server does not have
Sun Microsystems [Page 2]
RFC 1057 Remote Procedure Call, Version 2 June 1988
access to the client's address space, hidden arguments cannot be
passed as global variables or returned as side effects.
3. Performance: remote procedures usually operate one or more orders
of magnitude slower than local procedure calls.
4. Authentication: since remote procedure calls can be transported
over insecure networks, authentication may be necessary.
The conclusion is that even though there are tools to automatically
generate client and server libraries for a given service, protocols
must still be designed carefully.
4. TRANSPORTS AND SEMANTICS
The RPC protocol can be implemented on several different transport
protocols. The RPC protocol does not care how a message is passed
from one process to another, but only with specification and
interpretation of messages. On the other hand, the application may
wish to obtain information about (and perhaps control over) the
transport layer through an interface not specified in this document.
For example, the transport protocol may impose a restriction on the
maximum size of RPC messages, or it may be stream-oriented like TCP
with no size limit. The client and server must agree on their
transport protocol choices, through a mechanism such as the one
described in Appendix A.
It is important to point out that RPC does not try to implement any
kind of reliability and that the application may need to be aware of
the type of transport protocol underneath RPC. If it knows it is
running on top of a reliable transport such as TCP [6], then most of
the work is already done for it. On the other hand, if it is running
on top of an unreliable transport such as UDP [7], it must implement
its own time-out, retransmission, and duplicate detection policies as
the RPC layer does not provide these services.
Because of transport independence, the RPC protocol does not attach
specific semantics to the remote procedures or their execution
requirements. Semantics can be inferred from (but should be
explicitly specified by) the underlying transport protocol. For
example, consider RPC running on top of an unreliable transport such
as UDP. If an application retransmits RPC call messages after time-
outs, and does not receive a reply, it cannot infer anything about
the number of times the procedure was executed. If it does receive a
reply, then it can infer that the procedure was executed at least
once.
A server may wish to remember previously granted requests from a
Sun Microsystems [Page 3]
RFC 1057 Remote Procedure Call, Version 2 June 1988
client and not regrant them in order to insure some degree of
execute-at-most-once semantics. A server can do this by taking
advantage of the transaction ID that is packaged with every RPC
message. The main use of this transaction is by the client RPC layer
in matching replies to calls. However, a client application may
choose to reuse its previous transaction ID when retransmitting a
call. The server may choose to remember this ID after executing a
call and not execute calls with the same ID in order to achieve some
degree of execute-at-most-once semantics. The server is not allowed
to examine this ID in any other way except as a test for equality.
On the other hand, if using a "reliable" transport such as TCP, the
application can infer from a reply message that the procedure was
executed exactly once, but if it receives no reply message, it cannot
assume the remote procedure was not executed. Note that even if a
connection-oriented protocol like TCP is used, an application still
needs time-outs and reconnection to handle server crashes.
There are other possibilities for transports besides datagram- or
connection-oriented protocols. For example, a request-reply protocol
such as VMTP [2] is perhaps a natural transport for RPC. The Sun RPC
package currently uses both TCP and UDP transport protocols, with
experimentation underway on others such as ISO TP4 and TP0.
5. BINDING AND RENDEZVOUS INDEPENDENCE
The act of binding a particular client to a particular service and
transport parameters is NOT part of this RPC protocol specification.
This important and necessary function is left up to some higher-level
software. (The software may use RPC itself; see Appendix A.)
Implementors could think of the RPC protocol as the jump-subroutine
instruction ("JSR") of a network; the loader (binder) makes JSR
useful, and the loader itself uses JSR to accomplish its task.
Likewise, the binding software makes RPC useful, possibly using RPC
to accomplish this task.
6. AUTHENTICATION
The RPC protocol provides the fields necessary for a client to
identify itself to a service, and vice-versa, in each call and reply
message. Security and access control mechanisms can be built on top
of this message authentication. Several different authentication
protocols can be supported. A field in the RPC header indicates
which protocol is being used. More information on specific
authentication protocols is in section 9: "Authentication Protocols".
Sun Microsystems [Page 4]
RFC 1057 Remote Procedure Call, Version 2 June 1988
7. RPC PROTOCOL REQUIREMENTS
The RPC protocol must provide for the following:
(1) Unique specification of a procedure to be called.
(2) Provisions for matching response messages to request messages.
(3) Provisions for authenticating the caller to service and vice-
versa.
Besides these requirements, features that detect the following are
worth supporting because of protocol roll-over errors, implementation
bugs, user error, and network administration:
(1) RPC protocol mismatches.
(2) Remote program protocol version mismatches.
(3) Protocol errors (such as misspecification of a procedure's
parameters).
(4) Reasons why remote authentication failed.
(5) Any other reasons why the desired procedure was not called.
7.1 RPC Programs and Procedures
The RPC call message has three unsigned integer fields -- remote
program number, remote program version number, and remote procedure
number -- which uniquely identify the procedure to be called.
Program numbers are administered by some central authority (like
Sun). Once implementors have a program number, they can implement
their remote program; the first implementation would most likely have
the version number 1. Because most new protocols evolve, a version
field of the call message identifies which version of the protocol
the caller is using. Version numbers make speaking old and new
protocols through the same server process possible.
The procedure number identifies the procedure to be called. These
numbers are documented in the specific program's protocol
specification. For example, a file service's protocol specification
may state that its procedure number 5 is "read" and procedure number
12 is "write".
Just as remote program protocols may change over several versions,
the actual RPC message protocol could also change. Therefore, the
call message also has in it the RPC version number, which is always
equal to two for the version of RPC described here.
The reply message to a request message has enough information to
distinguish the following error conditions:
(1) The remote implementation of RPC does not speak protocol version
Sun Microsystems [Page 5]
RFC 1057 Remote Procedure Call, Version 2 June 1988
2. The lowest and highest supported RPC version numbers are returned.
(2) The remote program is not available on the remote system.
(3) The remote program does not support the requested version number.
The lowest and highest supported remote program version numbers are
returned.
(4) The requested procedure number does not exist. (This is usually
a client side protocol or programming error.)
(5) The parameters to the remote procedure appear to be garbage from
the server's point of view. (Again, this is usually caused by a
disagreement about the protocol between client and service.)
7.2 Authentication
Provisions for authentication of caller to service and vice-versa are
provided as a part of the RPC protocol. The call message has two
authentication fields, the credentials and verifier. The reply
message has one authentication field, the response verifier. The RPC
protocol specification defines all three fields to be the following
opaque type (in the eXternal Data Representation (XDR) language [9]):
enum auth_flavor {
AUTH_NULL = 0,
AUTH_UNIX = 1,
AUTH_SHORT = 2,
AUTH_DES = 3
/* and more to be defined */
};
struct opaque_auth {
auth_flavor flavor;
opaque body<400>;
};
In other words, any "opaque_auth" structure is an "auth_flavor"
enumeration followed by bytes which are opaque to (uninterpreted by)
the RPC protocol implementation.
The interpretation and semantics of the data contained within the
authentication fields is specified by individual, independent
authentication protocol specifications. (Section 9 defines the
various authentication protocols.)
If authentication parameters were rejected, the reply message
contains information stating why they were rejected.
Sun Microsystems [Page 6]
RFC 1057 Remote Procedure Call, Version 2 June 1988
7.3 Program Number Assignment
Program numbers are given out in groups of hexadecimal 20000000
(decimal 536870912) according to the following chart:
0 - 1fffffff defined by Sun
20000000 - 3fffffff defined by user
40000000 - 5fffffff transient
60000000 - 7fffffff reserved
80000000 - 9fffffff reserved
a0000000 - bfffffff reserved
c0000000 - dfffffff reserved
e0000000 - ffffffff reserved
⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?