Applies to: Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012
Mar 31, 2020 The real power of Samba comes when Windows clients can communicate with Linux file servers. In this article, I will cover how you can access Samba shares from both Linux and Windows clients. Install the Samba client packages. To access Samba share from Linux clients we need to install a few Samba client packages. Smb-scripts is a collection of Bash Scripts that uses Samba and LDAP Client commands. These scripts are used by Samba to manage it using Microsoft Tools (like usrmgr and svrmgr) and a LDAP database as information repository. Multichannel - aggregation of network bandwidth and fault tolerance if multiple paths are available between client and server SMB Direct - adds RDMA networking support for high performance, with low latency and low CPU use Encryption - Provides end-to-end encryption and protects from eavesdropping on untrustworthy networks.
This topic describes the SMB 3 feature in Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, and Windows Server 2012—practical uses for the feature, the most significant new or updated functionality in this version compared to previous versions, and the hardware requirements. SMB is also a fabric protocol used by software-defined data center (SDDC) solutions such as Storage Spaces Direct, Storage Replica, and others. SMB version 3.0 was introduced with Windows Server 2012 and has been incrementally improved in subsequent releases.
Feature description
The Server Message Block (SMB) protocol is a network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network. The SMB protocol can be used on top of its TCP/IP protocol or other network protocols. Using the SMB protocol, an application (or the user of an application) can access files or other resources at a remote server. This allows applications to read, create, and update files on the remote server. SMB can also communicate with any server program that is set up to receive an SMB client request. SMB is a fabric protocol that is used by Software-defined Data Center (SDDC) computing technologies, such as Storage Spaces Direct, Storage Replica. For more information, see Windows Server software-defined datacenter.
Practical applications
This section discusses some new practical ways to use the new SMB 3.0 protocol.
- File storage for virtualization (Hyper-V™ over SMB). Hyper-V can store virtual machine files, such as configuration, Virtual hard disk (VHD) files, and snapshots, in file shares over the SMB 3.0 protocol. This can be used for both stand-alone file servers and clustered file servers that use Hyper-V together with shared file storage for the cluster.
- Microsoft SQL Server over SMB. SQL Server can store user database files on SMB file shares. Currently, this is supported with SQL Server 2008 R2 for stand-alone SQL servers. Upcoming versions of SQL Server will add support for clustered SQL servers and system databases.
- Traditional storage for end-user data. The SMB 3.0 protocol provides enhancements to the Information Worker (or client) workloads. These enhancements include reducing the application latencies experienced by branch office users when accessing data over wide area networks (WAN) and protecting data from eavesdropping attacks.
Note
If you need to conserve storage space on an SMB file share, consider using Azure File Sync with cloud tiering enabled. This allows you to cache your most frequently accessed files locally and tier your least frequently accessed files to the cloud, saving local storage space while maintaining performance. For details, see Planning for an Azure File Sync deployment.
New and changed functionality
The following sections describe functionality that was added in SMB 3 and subsequent updates.
Features added in Windows Server 2019 and Windows 10, version 1809
Feature/functionality | New or updated | Summary |
---|---|---|
Ability to require write-through to disk on file shares that aren't continuously available | New | To provide some added assurance that writes to a file share make it all the way through the software and hardware stack to the physical disk prior to the write operation returning as completed, you can enable write-through on the file share using either the NET USE /WRITETHROUGH command or the New-SMBMapping -UseWriteThrough PowerShell cmdlet. There's some amount of performance hit to using write-through; see the blog post Controlling write-through behaviors in SMB for further discussion. |
Features added in Windows Server, version 1709, and Windows 10, version 1709
Feature/functionality | New or updated | Summary |
---|---|---|
Guest access to file shares is disabled | New | The SMB client no longer allows the following actions: Guest account access to a remote server; Fallback to the Guest account after invalid credentials are provided. For details, see Guest access in SMB2 disabled by default in Windows. |
SMB global mapping | New | Maps a remote SMB share to a drive letter that is accessible to all users on the local host, including containers. This is required to enable container I/O on the data volume to traverse the remote mount point. Be aware that when using SMB global mapping for containers, all users on the container host can access the remote share. Any application running on the container host also have access to the mapped remote share. For details, see Container Storage Support with Cluster Shared Volumes (CSV), Storage Spaces Direct, SMB Global Mapping. |
SMB dialect control | New | You can now set registry values to control the minimum SMB version (dialect) and maximum SMB version used. For details, see Controlling SMB Dialects. |
Features added in SMB 3.11 with Windows Server 2016 and Windows 10, version 1607
Feature/functionality | New or updated | Summary |
---|---|---|
SMB Encryption | Updated | SMB 3.1.1 encryption with Advanced Encryption Standard-Galois/Counter Mode (AES-GCM) is faster than SMB Signing or previous SMB encryption using AES-CCM. |
Directory Caching | New | SMB 3.1.1 includes enhancements to directory caching. Windows clients can now cache much larger directories, approximately 500K entries. Windows clients will attempt directory queries with 1 MB buffers to reduce round trips and improve performance. |
Pre-Authentication Integrity | New | In SMB 3.1.1, pre-authentication integrity provides improved protection from a man-in-the-middle attacker tampering with SMB’s connection establishment and authentication messages. For details, see SMB 3.1.1 Pre-authentication integrity in Windows 10. |
SMB Encryption Improvements | New | SMB 3.1.1 offers a mechanism to negotiate the crypto algorithm per connection, with options for AES-128-CCM and AES-128-GCM. AES-128-GCM is the default for new Windows versions, while older versions will continue to use AES-128-CCM. |
Rolling cluster upgrade support | New | Enables rolling cluster upgrades by letting SMB appear to support different max versions of SMB for clusters in the process of being upgraded. For more details on letting SMB communicate using different versions (dialects) of the protocol, see the blog post Controlling SMB Dialects. |
SMB Direct client support in Windows 10 | New | Windows 10 Enterprise, Windows 10 Education, and Windows 10 Pro for Workstations now include SMB Direct client support. |
Native support for FileNormalizedNameInformation API calls | New | Adds native support for querying the normalized name of a file. For details, see FileNormalizedNameInformation. |
For additional details, see the blog post What’s new in SMB 3.1.1 in the Windows Server 2016 Technical Preview 2.
Features added in SMB 3.02 with Windows Server 2012 R2 and Windows 8.1
Feature/functionality | New or updated | Summary |
---|---|---|
Automatic rebalancing of Scale-Out File Server clients | New | Improves scalability and manageability for Scale-Out File Servers. SMB client connections are tracked per file share (instead of per server), and clients are then redirected to the cluster node with the best access to the volume used by the file share. This improves efficiency by reducing redirection traffic between file server nodes. Clients are redirected following an initial connection and when cluster storage is reconfigured. |
Performance over WAN | Updated | Windows 8.1 and Windows 10 provide improved CopyFile SRV_COPYCHUNK over SMB support when you use File Explorer for remote copies from one location on a remote machine to another copy on the same server. You will copy only a small amount of metadata over the network (1/2KiB per 16MiB of file data is transmitted). This results in a significant performance improvement. This is an OS-level and File Explorer-level distinction for SMB. |
SMB Direct | Updated | Improves performance for small I/O workloads by increasing efficiency when hosting workloads with small I/Os (such as an online transaction processing (OLTP) database in a virtual machine). These improvements are evident when using higher speed network interfaces, such as 40 Gbps Ethernet and 56 Gbps InfiniBand. |
SMB bandwidth limits | New | You can now use Set-SmbBandwidthLimit to set bandwidth limits in three categories: VirtualMachine (Hyper-V over SMB traffic), LiveMigration (Hyper-V Live Migration traffic over SMB), or Default (all other types of SMB traffic). |
For more information on new and changed SMB functionality in Windows Server 2012 R2, see What's New in SMB in Windows Server.
Features added in SMB 3.0 with Windows Server 2012 and Windows 8
Feature/functionality | New or updated | Summary |
---|---|---|
SMB Transparent Failover | New | Enables administrators to perform hardware or software maintenance of nodes in a clustered file server without interrupting server applications storing data on these file shares. Also, if a hardware or software failure occurs on a cluster node, SMB clients transparently reconnect to another cluster node without interrupting server applications that are storing data on these file shares. |
SMB Scale Out | New | Support for multiple SMB instances on a Scale-Out File Server. Using Cluster Shared Volumes (CSV) version 2, administrators can create file shares that provide simultaneous access to data files, with direct I/O, through all nodes in a file server cluster. This provides better utilization of network bandwidth and load balancing of the file server clients, and optimizes performance for server applications. |
SMB Multichannel | New | Enables aggregation of network bandwidth and network fault tolerance if multiple paths are available between the SMB client and server. This enables server applications to take full advantage of all available network bandwidth and be resilient to a network failure. SMB Multichannel in SMB 3 contributes to a substantial increase in performance compared to previous versions of SMB. |
SMB Direct | New | Supports the use of network adapters that have RDMA capability and can function at full speed with very low latency, while using very little CPU. For workloads such as Hyper-V or Microsoft SQL Server, this enables a remote file server to resemble local storage. SMB Direct in SMB 3 contributes to a substantial increase in performance compared to previous versions of SMB. |
Performance Counters for server applications | New | The new SMB performance counters provide detailed, per-share information about throughput, latency, and I/O per second (IOPS), allowing administrators to analyze the performance of SMB file shares where their data is stored. These counters are specifically designed for server applications, such as Hyper-V and SQL Server, which store files on remote file shares. |
Performance optimizations | Updated | Both the SMB client and server have been optimized for small random read/write I/O, which is common in server applications such as SQL Server OLTP. In addition, large Maximum Transmission Unit (MTU) is turned on by default, which significantly enhances performance in large sequential transfers, such as SQL Server data warehouse, database backup or restore, deploying or copying virtual hard disks. |
SMB-specific Windows PowerShell cmdlets | New | With Windows PowerShell cmdlets for SMB, an administrator can manage file shares on the file server, end to end, from the command line. |
SMB Encryption | New | Provides end-to-end encryption of SMB data and protects data from eavesdropping occurrences on untrusted networks. Requires no new deployment costs, and no need for Internet Protocol security (IPsec), specialized hardware, or WAN accelerators. It may be configured on a per share basis, or for the entire file server, and may be enabled for a variety of scenarios where data traverses untrusted networks. |
SMB Directory Leasing | New | Improves application response times in branch offices. With the use of directory leases, roundtrips from client to server are reduced since metadata is retrieved from a longer living directory cache. Cache coherency is maintained because clients are notified when directory information on the server changes. Directory leases work with scenarios for HomeFolder (read/write with no sharing) and Publication (read-only with sharing). |
Performance over WAN | New | Directory opportunistic locks (oplocks) and oplock leases were introduced in SMB 3.0. For typical office/client workloads, oplocks/leases are shown to reduce network round trips by approximately 15%. In SMB 3, the Windows implementation of SMB has been refined to improve the caching behavior on the client as well as the ability to push higher throughputs. SMB 3 features improvements to the CopyFile() API, as well as to associated tools such as Robocopy, to push significantly more data over the network. |
Secure dialect negotiation | New | Helps protect against man-in-the-middle attempt to downgrade dialect negotiation. The idea is to prevent an eavesdropper from downgrading the initially negotiated dialect and capabilities between the client and the server. For details, see SMB3 Secure Dialect Negotiation. Note that this has been superceded by the SMB 3.1.1 Pre-authentication integrity in Windows 10 feature in SMB 3.1.1. |
Hardware requirements
SMB Transparent Failover has the following requirements:
- A failover cluster running Windows Server 2012 or Windows Server 2016 with at least two nodes configured. The cluster must pass the cluster validation tests included in the validation wizard.
- File shares must be created with the Continuous Availability (CA) property, which is the default.
- File shares must be created on CSV volume paths to attain SMB Scale-Out.
- Client computers must be running Windows® 8 or Windows Server 2012, both of which include the updated SMB client that supports continuous availability.
Note
Down-level clients can connect to file shares that have the CA property, but transparent failover will not be supported for these clients.
Smb Client On Solaris 10
SMB Multichannel has the following requirements:
- At least two computers running Windows Server 2012 are required. No extra features need to be installed—the technology is on by default.
- For information on recommended network configurations, see the See Also section at the end of this overview topic.
SMB Direct has the following requirements:
- At least two computers running Windows Server 2012 are required. No extra features need to be installed—the technology is on by default.
- Network adapters with RDMA capability are required. Currently, these adapters are available in three different types: iWARP, Infiniband, or RoCE (RDMA over Converged Ethernet).
More information
Smb Client Ubuntu
The following list provides additional resources on the web about SMB and related technologies in Windows Server 2012 R2, Windows Server 2012, and Windows Server 2016.
Comments are closed.