[cifs-protocol] [REG:111062056241038] SMB1 maximum packet size with signing enabled
Hongwei Sun
hongweis at microsoft.com
Mon Jun 20 16:11:57 MDT 2011
Moving Interoperability Documentation Help (dochelp) to bcc.
Hi, all
This is an expected behavior. I have a blog about this topic that should explain the behaviors you have observed (http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx).
Jeff,
Please let me know if you have more questions. I can provide you more clarification if needed.
Thanks!
--------------------------------------------------------------------
Hongwei Sun - Sr. Escalation Engineer
DSC Protocol Team, Microsoft
hongweis at microsoft.com
Tel: 469-7757027 x 57027
Exceeding your expectations is my highest priority. If you would like to provide feedback on your case you may contact my manager at allisong at microsoft.com.
---------------------------------------------------------------------
-----Original Message-----
From: cifs-protocol-bounces at cifs.org [mailto:cifs-protocol-bounces at cifs.org] On Behalf Of Shirish Pargaonkar
Sent: Monday, June 20, 2011 4:16 PM
To: Jeff Layton
Cc: Interoperability Documentation Help; cifs-protocol at samba.org
Subject: Re: [cifs-protocol] SMB1 maximum packet size with signing enabled
On Mon, Jun 20, 2011 at 2:56 PM, Jeff Layton <jlayton at samba.org> wrote:
> On Mon, 20 Jun 2011 11:42:01 -0700
> George K Colley <gcolley at apple.com> wrote:
>
>>
>> On Jun 20, 2011, at 6:43 AM, Jeff Layton wrote:
>>
>> > -----BEGIN PGP SIGNED MESSAGE-----
>> > Hash: SHA1
>> >
>> > I've been doing some testing with signing enabled and have found
>> > that
>> > win2k8 seems to consistently return STATUS_ACCESS_DENIED whenever I
>> > send it a SMB that's larger than 16704 bytes. It seems to have no
>> > issue with larger sized SMBs when signing is disabled.
>> >
>> > It seems sort of like a protocol violation since the NEGOTIATE
>> > response from the server has the CAP_LARGE_READX and WRITEX bits
>> > set. It's possible though that I've missed something in the spec.
>> >
>> > In any case, my questions:
>> >
>> > 1) is this a known limitation in windows, or a bug?
>> This has been a known issue for a very long time. When signing is on you need to use the negotiated buffer size not the Large CAP size.
>> >
>> > 2) is this common to all (most?) versions of windows?
>> Yes
>> >
>> > 3) is there some way we can detect what the server's limit is in this situation?
>> If the UNIX CAPS is not set and they have signing on then I turn off CAP_LARGE_WRITEX. Note this does not affect CAP_LARGE_READX.
>>
>
> Thanks George...
>
> So we need to use the max buffer size advertised by the server? When I
> look at captures, I can see that the server is sending a max buffer
> size of 4356 bytes in the NEGOTIATE reply. That's quite a bit smaller
> than the max size that gives me errors (~16k).
>
> Also, I'll note that Shirish looked at some captures between windows
> and found that sends around 16k packets when signing is negotiated.
In negrprot response (from a Windows 2008 server to a Windows 2003 client), max buffer size is 16634, max raw buffer 65536 and unix extensions not supported, large read andx and large write andx supported.
> I'll bet we can exceed that size by some amount, it would be good
> though to know how big a size we can get away with...
>
> Thanks,
> --
> Jeff Layton <jlayton at samba.org>
> _______________________________________________
> cifs-protocol mailing list
> cifs-protocol at cifs.org
> https://lists.samba.org/mailman/listinfo/cifs-protocol
>
_______________________________________________
cifs-protocol mailing list
cifs-protocol at cifs.org
https://lists.samba.org/mailman/listinfo/cifs-protocol
More information about the cifs-protocol
mailing list