1.3 Overview

  • Article

The Server Message Block (SMB) Protocol Versions 2 and 3, hereafter referred to as "SMB 2 Protocol", is an extension of the original Server Message Block (SMB) Protocol (as specified in [MS-SMB] and [MS-CIFS]). Both protocols are used by clients to request file and print services from a server system over the network. Both are stateful protocols in which clients establish a connection to a server, establish an authenticated context on that connection, and then issue a variety of requests to access files, printers, and named pipes for interprocess communication.

The SMB 2 Protocol is a major revision of the existing SMB Protocol, as specified in [MS-SMB]. The packet formats are completely different from those of the SMB Protocol; however, many of the underlying concepts are carried over. The underlying transports that are used to initiate and accept connections are either Direct TCP as specified in section 2.1 or NetBIOS over TCP transports as specified in [RFC1001] and [RFC1002].

To retain compatibility with existing clients and servers, the existing SMB Protocol can be used to negotiate the use of the SMB 2 Protocol, as described in section 1.7. However, the two protocols will never be intermixed on a specified connection after one is selected during negotiation.

Like its predecessor, which was the original SMB Protocol (as specified in [MS-SMB]), the SMB 2 Protocol supports the following features:

  • Establishing one or more authenticated contexts for different security principals on a connection.

  • Connecting to multiple shared resources on the target server on a connection.

  • Opening, reading, modifying, or closing multiple files or named pipes on the target server.

  • Using the opportunistic locking of files to allow clients to cache data for better performance.

  • Querying and applying attributes to files or volumes on the target server.

  • Canceling outstanding operations.

  • Passing through IO control code operations to the underlying object store on the server machine.

  • Validating the integrity of requests and responses.

  • Support for share scoping and server aliases to allow a single server to appear as multiple distinct servers, as described in [MS-SRVS] section 1.3.

The SMB 2 Protocol provides several enhancements in addition to the preceding features:

  • Allowing an open to a file to be reestablished after a client connection becomes temporarily disconnected.

  • Allowing the server to balance the number of simultaneous operations that a client can have outstanding at any time.

  • Providing scalability in terms of the number of shares, users, and simultaneously open files.

  • Supporting symbolic links.

  • Using a stronger algorithm to validate the integrity of requests and responses.

The SMB 2.1 dialect introduces the following enhancements:

  • Allowing a client to indicate support for multiple SMB 2 dialects in a multi-protocol negotiate request.

  • Allowing a client to obtain and preserve client caching state across multiple opens from the same client.

  • Allowing a client to mark individual write operations on unbuffered handles to be treated as write-through.

  • Allowing a client to retrieve hashes of a file for use in branch cache retrieval, as specified in [MS-PCCRC] section 2.3.

The SMB 3.0 dialect introduces the following enhancements:

  • Allowing a client to retrieve hashes for a particular region of a file for use in branch cache retrieval, as specified in [MS-PCCRC] section 2.4.

  • Allowing a client to obtain lease on a directory.

  • Supporting the encryption of traffic between client and server on a per-share basis.

  • Supporting the use of Remote Direct Memory Access (RDMA) transports, when the appropriate hardware and network are available.

  • Supporting enhanced failover between client and server, including optional handle persistence.

  • Allowing an application to failover on a new client and open a file that was previously opened using an application instance identifier.

  • Allowing a client to bind a session to multiple connections to the server. A request can be sent through any channel associated to the session, and the corresponding response is sent through the same channel as used by the request. The following diagram shows an example of two sessions using multiple channels to the server.

Two sessions using multiple channels

Figure 1: Two sessions using multiple channels

The SMB 3.0.2 dialect introduces the following enhancements:

  • Allowing a client to detect asymmetric shares through tree connect response, so that client can optimize its connections to the server, in order to improve availability and performance when accessing such shares.

  • Allowing a client to request unbuffered read, write operations.

  • Allowing a client to request remote invalidation while performing I/O using RDMA transport.

The SMB 3.1.1 dialect introduces the following enhancements:

  • Supporting the negotiation of encryption and integrity algorithms. 

  • Enhanced protection of negotiation and session establishment.

  • Reconnecting with a specified dialect.

  • Supporting the compression of messages between client and server.

  • Supporting the encryption of RDMA payloads through negotiation of RDMA transforms.

  • Supporting QUIC as a transport.

  • Supporting mutual authentication and client access control over QUIC.