SMB Dialects

Over the years, the SMB protocol has evolved through several versions, each introducing new features and capabilities. Fusion File Share Server supports from SMB1 (CIFS) to SMB 3.1.1.

SMB1 (a.k.a. CIFS)

SMB1 is the earliest version of the SMB protocol. Originally developed by IBM in the 1980s, it was used primarily in Microsoft's and IBM's operating systems of the time. The 1980s and 1990s saw the introduction of several SMB1 dialects, extending its functionality and enabling support for more operating systems.

Windows NT shipped with an enhanced SMB1 dialect called CIFS (Common Internet File System)–identified as NT LM 0.12 in the protocol specification–which extended SMB1 with new capabilities such as large file support. CIFS became widely popular in the Windows ecosystem during the 1990s and 2000s. Due to this popularity, the terms SMB1 and CIFS are often used interchangeably.

important

1. Fusion File Share Server only supports the CIFS dialect of SMB1.
2. All mentions of SMB1 in this documentation refer to the CIFS dialect.

Microsoft officially deprecated SMB1 in 2014, and stopped shipping it with Windows in 2017. Consequently, enabling SMB1 is strongly discouraged.

Fusion File Share Server supports SMB1 primarily for compatibility with legacy clients.

Important considerations regarding SMB1:

• SMB1 Requires NetBIOS: To support clients relying on SMB1, NetBIOS must be enabled.
• SMB1 is Insecure: SMB1 is widely regarded as insecure and should be avoided whenever possible.
• SMB1 is Obsolete: Modern operating systems, including recent versions of Windows, Linux, and macOS, do not enable SMB1 by default.

All modern Windows, Linux, and macOS versions that are currently supported by their respective vendors, include support for SMB2 or later. In environments consisting only of modern clients, SMB1 can be disabled.

SMB2

SMB2 was introduced by Microsoft in 2006 to address the limitations of SMB1. It provides substantial security and performance improvements.

Fusion File Share Server supports the following SMB2 dialects:

• SMB 2.002: Introduced in Windows Vista and Windows Server 2008.
• SMB 2.1: Introduced in Windows 7 and Windows Server 2008 R2.

SMB3

SMB3 is the latest version of the SMB protocol, introduced by Microsoft in 2012 and refined through subsequent updates. It offers significant security and performance enhancements over earlier versions, along with advanced features, including:

• Encryption: Encrypts data in transit to protect, protecting against eavesdropping and man-in-the-middle attacks.
• Multichannel: Supports multiple concurrent connections between the client and the server, increasing SMB session throughput.
• Compression: Compresses data intransit to reduce the amount of data transferred, improving overall performance.
• RDMA: Leverages Remote Direct Memory Access (RDMA) for high-speed data transfers using the SMB Direct protocol.
• Scale-out: Distributes the SMB workloads across multiple nodes to improve performance, scalability, and fault tolerance, ensuring high availability.

Fusion File Share Server supports the following SMB3 dialects:

• SMB 3.0: Introduced in Windows 8 and Windows Server 2012.
• SMB 3.02: Introduced in Windows 8.1 and Windows Server 2012 R2.
• SMB 3.1.1: Introduced in Windows 10 and Windows Server 2016.

Configuring Exposed SMB Dialects

Each transport protocol, hardware capability, or advanced SMB feature may require a specific or minimum SMB dialect to be exposed by Fusion File Share Server. By default, Fusion File Share Server exposes all SMB dialects starting from SMB2. If the default configuration has not been modified, no additional steps are necessary.

However, there are scenarios where configuring SMB dialects may be necessary. Examples include:

• Ensuring feature compatibility: If a specific feature is not working as expected, verify that the required SMB dialects for that feature (e.g., encryption, compression) are enabled in your configuration.
• Enhancing security: If there are no older clients on your network, you can restrict the SMB dialects exposed by Fusion File Share Server to enhance security (e.g., disable SMB1/CIFS).

Fusion File Share Server provides two methods for controlling the SMB dialects it exposes:

• Specify a list of dialects: Explicitly define which SMB dialects should be exposed to clients.
• Set the maximum dialect: Restrict the server to a specific maximum SMB dialect.

Features unsupported by the exposed dialects will not be available to clients.

important

1. Only one method can be used to control SMB dialects at a time. If both methods are specified in the configuration file, Fusion File Share Server will fail to start.
2. CLI Restrictions: If one method is configured in the file, attempts to set the other via the CLI will result in the command being rejected by Fusion File Share Server.

Global Parameter Explicitly Specifying Dialects

• Configuration file's [global] section: dialects
• tsmb-cfg global update: -d or --dialects
• tsmb-cfg global add and tsmb-cfg global del: Not supported

Mutually exclusive with: dialect_max

Value Type: string

Value Format: <dialect> [<dialect> ...]

• Multiple <dialect> values can be specified, separated by spaces.
• <dialect> is one of:
  • SMB1: Enable SMB 1 (or CIFS).
  • SMB2.002: Enable SMB 2.002.
  • SMB2.1: Enable SMB 2.1.
  • SMB3.0: Enable SMB 3.0. Required minimum for Multichannel, SMB Direct (RDMA), and encryption.
  • SMB3.02: Enable SMB 3.02.
  • SMB3.1.1: Enable SMB 3.11. Required minimum for compression.

Default Value: SMB2.002 SMB2.1 SMB3.0 SMB3.02 SMB3.1.1

Examples:

• SMB1 SMB2.002 SMB2.1 SMB3.0 SMB3.02 SMB3.1.1: Enables all supported SMB dialects.
• SMB2.002 SMB2.1 SMB3.0 SMB3.02 SMB3.1.1: Enables all supported SMB dialects, except for SMB1 (CIFS).

Global Parameter Specifying Maximum Dialect Version

• Configuration file's [global] section: dialect_max
• tsmb-cfg global update: -D or --dialect_max
• tsmb-cfg global add and tsmb-cfg global del: Not supported

Mutually exclusive with: dialects

Value Type: string

Value Format: <dialect>

• Only one <dialect> value can be specified.
• The specified value will enable all SMB dialects up to and including the specified version.
• <dialect> is one of:
  • SMB1: Enable SMB 1 (or CIFS).
  • SMB2.002: Enable SMB 2.002. Required minimum for Direct TCP.
  • SMB2.1: Enable SMB 2.1.
  • SMB3.0: Enable SMB 3.0. Required minimum for Multichannel, SMB Direct (RDMA), and encryption.
  • SMB3.02: Enable SMB 3.02.
  • SMB3.1.1: Enable SMB 3.11. Required minimum for compression.

Default Value: SMB3.1.1

Examples:

• SMB3.1.1: Enables all supported SMB dialects.
• SMB2.1: Enables only dialects SMB1 through SMB2.1.
• SMB1: Enables only SMB1 (CIFS).

Specifying Exposed SMB Dialects Using the Configuration File

In the [global] section of the configuration file, specify the SMB dialects you want to expose using the dialects parameter. The following example demonstrates how to expose all supported SMB dialects except for SMB1:

[global]
. . .

dialects = SMB2.002 SMB2.1 SMB3.0 SMB3.02 SMB3.1.1

. . .
[/global]

Alternatively, specify the maximal SMB dialect version that you want to expose using the dialect_max parameter. The following example shows how to expose all supported SMB dialects up to and including SMB3.1.1.

[global]
. . .

dialect_max = SMB3.1.1

. . .
[/global]

Specifying Exposed SMB Dialects Using the CLI

Use the tsmb-cfg global update command to specify the SMB dialects you want to expose. The following example shows how to expose all supported SMB dialects, except for SMB1.

sudo tsmb-cfg global update --dialects "SMB2.002 SMB2.1 SMB3.0 SMB3.02 SMB3.1.1"

Alternatively, you can specify the maximal SMB dialect version that you want to expose using the dialect_max parameter. The following example shows how to expose all supported SMB dialects up to and including SMB3.1.1.

sudo tsmb-cfg global update --dialect_max SMB3.1.1