Bizarre limit alert.

Conrad Minshall conrad at
Tue Feb 25 23:25:23 GMT 2003

My first response was vague.  Now that I've reviewed code I'll try again...

I saw the same "packet drop" with an overlong WRITE_ANDX.  The maximum
buffer size an NT SP6 claims on the NEGOTIATE respone is 0x1104 (4356).
This limit is not on the data, the limit includes the SMB header (32 bytes)
and the SMB command.  Based upon the size of an ECHO command I'd expect you
could send 4319 bytes, not 4323, so on this topic you'll have to have the
last word... sorry.

Conrad Minshall
conrad at

12:04 AM -0800 2/25/03, Christopher R. Hertel wrote:
>I've been testing the SMB Echo message and found a very odd thing.
>If I send an echo request message to NT4 SP6 with a payload of 4323 bytes
>NT4 responds just fine.  If the payload is 4324 bytes NT4 does not reply.
>Of interest, the payload of 4323 bytes generates one ECHO Request and two
>continuation messages on the (Ethernet) wire.  The ECHO Request and first
>continuation message are 1514 bytes in (total) length.  The last
>continuation message is 1498 bytes...16 bytes less than 1514.  Hmmm...
>I like weird stuff like this.
>Chris -)-----
>PS.  W2K doesn't have the same problem.  I can send an ECHO Request with
>     a payload as big as 16611 bytes.  Curiously, at 16612 bytes and above
>     W2K will reset the connection.  "Connection reset by peer".
>Samba Team --     -)-----   Christopher R. Hertel
>jCIFS Team --   -)-----   ubiqx development, uninq.
>ubiqx Team --     -)-----   crh at
>OnLineBook --    -)-----   crh at

Conrad Minshall ... conrad at ... 408 974-2749
Alternative email addresses: rad at and conrad at

More information about the samba-technical mailing list