Everything about Server Message Block totally explained
CIFS currently redirects to
Server Message Block, even though the two concepts don't exactly equate to each other.
In
computer networking,
Server Message Block (
SMB) operates as an
application-level network protocol mainly used to provide
shared access to
files,
printers,
serial ports, and miscellaneous communications between nodes on a network. It also provides an authenticated
Inter-process communication mechanism. Most usage of SMB involves computers running
Microsoft Windows: in Microsoft environments users often know it simply as "Microsoft Windows Network". (Non-Windows users often use the
NFS protocol to achieve similar functionality.)
When discussing SMB, one should distinguish:
History
Barry Feigenbaum originally invented SMB at
IBM with the aim of turning
DOS "
Interrupt 33" (21h) local file-access into a networked file-system.
Microsoft has made considerable modifications to the version used most commonly. Microsoft merged the SMB protocol with the
LAN Manager product which it had started developing with
3Com circa 1990, and continued to add features to the protocol in
Windows for Workgroups (circa 1992) and in later versions of Windows.
The original design of SMB envisaged it running on top of the
NetBIOS and
NetBEUI APIs (typically implemented with
NBF, NetBIOS over
IPX/SPX, or
NBT), though SMB can also run directly on top of
TCP, a feature introduced with
Windows 2000 (the server listens on TCP port 445 for this purpose).
At around the time when Sun Microsystems announced
WebNFS (External Link
), Microsoft launched an initiative in
1996 to rename SMB to
Common Internet File System (
CIFS), and added more features, including support for
symbolic links,
hard links, larger file sizes, and an initial attempt at supporting direct connections over TCP port 445 without all the
NetBIOS trimmings (a largely experimental effort that required further refinement). Microsoft submitted some partial specifications as
Internet-Drafts to the
IETF, though these submissions have expired.
Because of the importance of the SMB protocol in interacting with the widespread
Microsoft Windows platform, coupled with the heavily modified nature of the SMB implementation present in that platform, the
Samba project originated with the aim of
reverse engineering and providing a
free implementation of a compatible SMB client and server for use with non-Microsoft operating systems.
With
Windows Vista (released in 2006), Microsoft introduced
Server Message Block 2.0.
Implementation
Client-server approach
SMB works through a
peer-to-peer approach, where a
client makes specific requests and the server responds accordingly. One section of the SMB protocol specifically deals with access to
filesystems, such that clients may make requests to a
file server; but some other sections of the SMB protocol specialize in
inter-process communication (IPC). Developers have optimized the SMB protocol for local
subnet usage, but users have also put SMB to work to access different subnets across the Internet —
exploits involving file-sharing or print-sharing in MS Windows environments usually focus on such usage.
SMB servers make their file systems and other
resources available to clients on the network. Client computers may want access to the shared file systems and printers on the server, and in this primary functionality SMB has become best-known and most heavily used. However, the SMB file-server aspect would count for little without the
NT domains suite of protocols, which provide NT-style domain-based
authentication at the very least. The NT Domains protocols offer
MSRPC services available almost exclusively on SMB IPC "
named pipe", and almost all implementations of SMB servers use NT Domain authentication to validate user-access to resources.
Performance issues
Many people believe that the SMB protocol makes heavy use of network
bandwidth because each client
broadcasts its presence to the whole subnet. SMB itself doesn't use broadcasts. The broadcast problems commonly associated with SMB actually originate with the NetBIOS
service location protocol. By default, a Microsoft Windows server will use NetBIOS to advertise and locate services. NetBIOS functions by broadcasting services available on a particular host at regular intervals. While this usually makes for an acceptable default in a network with fewer than 20 hosts, broadcast traffic will cause problems as the number of hosts increases. A proper implementation of a NetBIOS Name Server (NBNS) can mitigate this problem — for example
Windows Internet Naming Service (WINS) offers a suitable solution in Microsoft environments. WINS uses a much more advanced system of registration and centralized service requests, but imposes its own complexity upon the design and maintenance of the network. Microsoft recommends the use of
Dynamic DNS, another viable option, in Microsoft
Active Directory environments.
Network designers should expect that
latency will have a significant impact on the performance of the SMB protocol. Monitoring reveals this most commonly in cases of navigating among
directories through SMB when significant network latency exists between hosts. For example, a
VPN connection over the
Internet will often introduce network latency, which can make for a frustrating experience.
Microsoft's modifications
Microsoft added several extensions to its own SMB implementation. For example, it added
NTLM Version 2 because NTLM version 1 (derived from the original legacy SMB specification's requirement to use IBM "LanManager" passwords) uses
DES in a flawed manner. Additionally, the NT 4.0 Domain Logon protocols use 40-bit encryption outside of the
United States of America, which doesn't conform with
modern security standards.
SMB2
Microsoft introduced a new version of the
Server Message Block (SMB) protocol (
SMB 2.0 or SMB2) with
Windows Vista in 2006.
SMB2 improves prior versions of SMB for Windows by adding the ability to compound multiple actions into a single request, which significantly reduces the number of
round-trips the client needs to make to the server, improving performance as a result. SMB1 also has a compounding mechanism — known as AndX — to compound multiple actions, but Microsoft clients rarely use AndX.
SMB2 supports larger buffer-sizes, which can provide better performance with large file-transfers.
SMB2 introduces the notion of "durable file handles": these allow a connection to an SMB server to survive brief network-outages, such as may occur in a wireless network, without having to construct a new session.
SMB2 includes support for
symbolic links.
The SMB 1 protocol often uses 16-bit sizes. SMB2 uses 32 or 64 bits for many of these, and 16 bytes in the case of
file-handles.
Windows Vista uses SMB 2.0 when communicating with other Windows Vista machines, or with
Windows Server 2008. SMB 1.0 continues in use for connections to any previous version of Windows, or to
Samba. Samba 4 also includes experimental support for SMB 2.0.
SMB2 brings two substantial benefits to Microsoft:
clearer intellectual-property ownership. SMB 1, originally designed by IBM, became part of a wide variety of non-Windows operating systems such as SCO Xenix, OS/2 and DEC VMS (Pathworks). X/Open standardised it partially; it also had draft IETF standards which lapsed. (See http://ubiqx.org/cifs/Intro.html for historical detail).
a relatively clean break with the past. Microsoft's SMB1 code has to work with a huge variety of SMB clients and servers. A large number of items in the protocol remain optional (such as short and long filenames). SMB1 features many levels of information for commands (selecting what structure to return for a particular request). SMB1 added Unicode at a later date. SMB2 involves significantly reduced compatibility-testing for Microsoft (currently involving only other Windows Vista clients and servers). SMB2 code has considerably less complexity since far less variability exists (for example, non-Unicode code paths become redundant as SMB2 requires Unicode support).
Points of interest
SMB's "Inter-Process Communication" mechanism deserves a specific mention. The SMB "IPC" system provides named pipes. SMB's IPC mechanism provides one of the first few inter-process mechanisms commonly available to programmers that provides a means for services to inherit the authentication carried out when a client first connected to an SMB server. The inherited authentication in named pipes has become so ubiquitous and transparent that both Windows-users and programmers who use the Windows API often simply take it for granted.
Some services that operate over named pipes, such as those which use Microsoft's own implementation of DCE/RPC over SMB, known as MSRPC over SMB, also allow MSRPC client programs to perform authentication, which over-rides the authorization provided by the SMB server, but only in the context of the MSRPC client program that successfully makes the additional authentication.
Packet-signing has a significant deleterious effect on SMB over TCP, because it enforces serialization. However, because Windows Servers use SMB to transmit system policies at login, they normally have packet-signing enabled (used to prevent Man-in-the-middle attacks). The design of Server Message Block version 2 (SMB2) aims to mitigate this performance-limitation by coalescing SMB signals into single packets.
As another point of interest, SMB supports opportunistic locking — a special type of locking-mechanism — on files in order to improve performance.
SMB serves as the basis for Microsoft's Distributed File System implementation.
Versions and implementations
The list below explicitly refers to "SMB" as including an SMB client or an SMB server, plus the various protocols that extend SMB, such as the Network Neighborhood suite of protocols and the NT Domains suite. For simplicity and conciseness and vagueness, however, the list omits mention of the extent or completeness of the reimplementation or porting status for any of these implementations, "lumping" them all together simply as "SMB".
Samba, which re-implements the SMB protocol and the Microsoft extensions to it as free software, includes an SMB server and a command-line SMB client.
Samba TNG: a fork of Samba.
The Linux kernel includes two SMB client implementations that use the Linux VFS, providing access to files on an SMB server through the standard file system API: smbfs and cifs.
ONStor Inc. offers an SMB implementation that also supports NFS protocol so users can access the same data through both protocols.
Novell NetWare version 6 and newer has a CIFS server implementation providing access to NetWare volumes for Microsoft Network clients.
FreeBSD includes an SMB client implementation called smbfs that uses its VFS.
NetBSD and Mac OS X include SMB client implementations called smbfs, originally derived from the FreeBSD smbfs; they use the NetBSD and OS X VFS.
Solaris has a project called CIFS client for Solaris, based on the Mac OS X smbfs.
OpenSolaris added in-kernel CIFS server support in October 2007.
Sun Microsystems Cascade, which became known as PC-Netlink, represents a port of Advanced Server for Unix. Sun took over two years making the code useful, due to the poor quality of the original port.
FreeNAS, a dedicated small-sized NAS server, runs FreeBSD for Network-attached storage (NAS) services, and supports protocols including CIFS/Samba
Advanced Server for Unix (AS/U) comprises a port of Windows NT 3.51's SMB server code to Unix. Microsoft licensed the code to AT&T, which then licensed it to major Unix vendors. The poor quality of the original port (allegedly carried out by Microsoft itself) has caused any vendor sub-licensing it significant grief.
VERITAS Software has an implementation of SMB.
SCO has a port of Advanced Server for Unix.
SCO also has VisionFS, a Microsoft-independent re-implementation of SMB developed through reference to Samba source code.
EMC has an SMB server with its Celerra platforms
Network Appliance has an SMB server implementation
Objective Development's Sharity provides an SMB file-system client for Unix.
The Alfresco content-management system includes a Java implementation of SMB
JCIFS offers an implementation of SMB in Java
RTSMB, a CIFS/SMB implementation written in ANSI C. EBS designed RTSMB from scratch, independently of MS or SAMBA design reference, to run in embedded devices.
Visuality Systems NQ CIFS, a CIFS (SMB) server and client solution for embedded devices — ported to many popular real-time operating systems (RTOSs)
Thursby Software Systems offers a commercial implementation of SMB/CIFS for Mac OS.
References
Further Information
Get more info on 'Server Message Block'.
|
External Link Exchanges
Do you know how hard it is to get a link from a large encyclopaedia? Well we're different and will prove it. To get a link from us just add the following HTML to your site on a relevant page:
<a href="http://server_message_block.totallyexplained.com">Server Message Block Totally Explained</a>
Then simply click through this link from your web page. Our crawlers will verify your link, extract the title of your web page and instantly add a link back to it. If you like you can remove the words Totally Explained and embed the link in article text.
As long as your link remains in place, we'll keep our link to you right here. Please play fair - our crawlers are watching. Your site must be closely related to this one's topic. Any kind of spamming, dubious practises or removing the link will result in your link from us being dropped and, potentially, your whole site being banned. |
