[cifs-protocol] [REG:111062056241038] SMB1 maximum packet size with signing enabled

Hongwei Sun hongweis at microsoft.com
Mon Jun 20 16:11:57 MDT 2011

Moving Interoperability Documentation Help (dochelp) to bcc.

Hi, all

    This is an expected behavior.  I have a blog about this topic  that  should explain the behaviors you have observed (http://blogs.msdn.com/b/openspecification/archive/2009/04/10/smb-maximum-transmit-buffer-size-and-performance-tuning.aspx).   


    Please let me know if you have more questions.  I can provide you more clarification if needed.


Hongwei  Sun - Sr. Escalation Engineer
DSC Protocol  Team, Microsoft
hongweis at microsoft.com
Tel:  469-7757027 x 57027

Exceeding your expectations is my highest priority.  If you would like to provide feedback on your case you may contact my manager at allisong at microsoft.com.


-----Original Message-----
From: cifs-protocol-bounces at cifs.org [mailto:cifs-protocol-bounces at cifs.org] On Behalf Of Shirish Pargaonkar
Sent: Monday, June 20, 2011 4:16 PM
To: Jeff Layton
Cc: Interoperability Documentation Help; cifs-protocol at samba.org
Subject: Re: [cifs-protocol] SMB1 maximum packet size with signing enabled

On Mon, Jun 20, 2011 at 2:56 PM, Jeff Layton <jlayton at samba.org> wrote:
> On Mon, 20 Jun 2011 11:42:01 -0700
> George K Colley <gcolley at apple.com> wrote:
>> On Jun 20, 2011, at 6:43 AM, Jeff Layton wrote:
>> > Hash: SHA1
>> >
>> > I've been doing some testing with signing enabled and have found 
>> > that
>> > win2k8 seems to consistently return STATUS_ACCESS_DENIED whenever I 
>> > send it a SMB that's larger than 16704 bytes. It seems to have no 
>> > issue with larger sized SMBs when signing is disabled.
>> >
>> > It seems sort of like a protocol violation since the NEGOTIATE 
>> > response from the server has the CAP_LARGE_READX and WRITEX bits 
>> > set. It's possible though that I've missed something in the spec.
>> >
>> > In any case, my questions:
>> >
>> > 1) is this a known limitation in windows, or a bug?
>> This has been a known issue for a very long time. When signing is on you need to use the negotiated buffer size not the Large CAP size.
>> >
>> > 2) is this common to all (most?) versions of windows?
>> Yes
>> >
>> > 3) is there some way we can detect what the server's limit is in this situation?
>> If the UNIX CAPS is not set and they have signing on then I turn off CAP_LARGE_WRITEX. Note this does not affect CAP_LARGE_READX.
> Thanks George...
> So we need to use the max buffer size advertised by the server? When I 
> look at captures, I can see that the server is sending a max buffer 
> size of 4356 bytes in the NEGOTIATE reply. That's quite a bit smaller 
> than the max size that gives me errors (~16k).
> Also, I'll note that Shirish looked at some captures between windows 
> and found that sends around 16k packets when signing is negotiated.

In negrprot response (from a Windows 2008 server to a Windows 2003 client), max buffer size is 16634, max raw buffer 65536 and unix extensions not supported, large read andx and large write andx supported.

> I'll bet we can exceed that size by some amount, it would be good 
> though to know how big a size we can get away with...
> Thanks,
> --
> Jeff Layton <jlayton at samba.org>
> _______________________________________________
> cifs-protocol mailing list
> cifs-protocol at cifs.org
> https://lists.samba.org/mailman/listinfo/cifs-protocol
cifs-protocol mailing list
cifs-protocol at cifs.org

More information about the cifs-protocol mailing list