Problem solve Get help with specific problems with your technologies, process and projects.

Server Message Block 2.0: A new protocol for the millennium

Microsoft's Server Message Block was certainly due for an upgrade with Windows Server 2008. Learn how the new protocol can benefit your Windows network.

With the improvements made in Server Message Block (SMB) 2.0 in Windows Server 2008 and Vista SP1, Microsoft has delivered a significant upgrade over the original protocol. The SMB protocol was certainly due for an upgrade, as the original 1.0 protocol debuted in the LAN Manager days of MS-DOS and Windows for Workgroups (WFW), back when the typical network might have been a token ring running at speeds as low as 4 Mbps.

More and more of today's business networks are running at 1 Gbps throughout, with 10 Gbps networking already taking root. It only stands to reason that some improvements could be made to Server Message Block with the release of version 2.

One of the most obvious benefits of SMB 2.0 involves the increased file transfer speeds between client and host (workstation and server) and also between hosts. There are, however, some other attractive improvements and changes to the SMB 2.0 protocol with Windows 2008. I'll outline those briefly here before concluding with a real-world example of how SMB 2.0 impacts data transfer operations.

Improvements to Server Message Block 2.0 in Windows Server 2008

  • Durable handles – These allow for uninterrupted sessions between client and host when a network disconnect occurs, enabling the client and host to re-establish their connection without the additional overhead that's present in SMB 1.0.
  • Reduced command set – Microsoft reduced the number of commands available in SMB 2.0 to around 20, down from approximately 40 commands in SMB 1.0. With fewer commands being called to perform an operation, that improves usability. Fewer commands also means fewer blocks of code are available for exploitation by malware. In addition, the net result of having fewer commands available is that the protocol runs leaner, with less overhead and complexity.
  • Message signing algorithms – SMB 1.0 used the MD-5 hashing algorithm for digitally signing message blocks. SMB 2.0 now uses the SHA-256 hashing algorithm for improved operations and security.

    MD-5, first made available in 1991, has proven to be vulnerable in recent years because of its age and method of operations. SHA-256, a variation of the SHA-2 family, first introduced in draft in 2001 by the United States National Institute of Standards and Technology (NIST), is a much stronger and durable hashing method.

  • Symbolic links – This kind of link allows the linking of a local or remote location to present files available locally. In other words, using a symbolic link lets you link File B on Server B to appear as File B on Server A. Remote symbolic linking must be enabled by Group Policy before it can be used.

    The Server Message Block 2.0 protocol includes extra security measures to ensure that the evaluation of a remote symbolic links does not redirect the client to another (remote) location without the client first being aware of the redirection. Local symbolic links have had some limited support previously in the Windows family through the use of the LinkD tool in Microsoft's Resource Kit and the Fsutil hardlink commands.

  • Compounded packets – SMB 2.0 will speculatively generate requests on behalf of a client based on the initial request the client has sent to the host. In SMB 1.0, an OpenDir request from the client would receive a single reply back with the requested information from the host. Now, in SMB 2.0, the same OpenDir request from the client is answered back with the results of the OpenDir, but the host also then caches the results of the QueryDir, QueryVolume and CloseDir commands. If the host then requests this additional information, it can be presented from cache much quicker, thus improving the overall speed of the communication between client and host.

Taken together, Server Message Block 2.0 is a faster, more secure protocol to use for transferring data between clients and hosts, as well as between hosts and hosts (such as in the implementation of Exchange Server 2007's Cluster Continuous Replication log shipping from host to host). Although Microsoft has presented official testing results, and the Tolly Group has issued an officially commissioned white paper on the topic, you'll want to see how SMB 2.0 can benefit your network. The fact is that a production network is never going to respond exactly the same as a closed, carefully controlled test network.

SMB 1.0 versus 2.0: The need for speed

Figures 1 and 2 represent a simple approach to determining how much faster SMB 2.0-based transfers are compared to those from SMB 1.0. In this test, a single 1.75 GB ISO (DVD image) file was copied from a Windows Vista SP1 virtual machine (VM) with a 100 Mbps link. The virtual machine was running on a Windows Server 2003 SP2 R2 host running Virtual Server 2005 R2. The file was copied from the virtual machine to two different hosts, each with identical hardware configurations. The hosts were both HP BL460c blade servers with 4 GB of RAM, 2 x 3.0 dual-core CPUs and 2 x 73 GB 15K HDD in a RAID-1 array. The network latency between the VM client and hosts was approximately 125 milliseconds. One host was running Windows Server 2003 SP2 R2 (32-bit) and the other host was running Windows Server 2008 (32-bit).

Although the exact times varied somewhat between tests, the file copy to the Windows Server 2008 host was always faster than the file copy to the Windows Server 2003 SP2 R2 host, with an average time difference of 20 to 25 seconds. A sample of one test is presented in the figures below.

Figure 1

Figure 2

The test was conducted using a simple set of commands pasted in the command interpreter window. <CR> represents a carriage return, or pressing of the Enter key. By pasting all five lines into the command interpreter at one time, the time to copy the file can be measured easily without any additional tools.


While the test results are hardly scientific, it's really the end-result that matters the most. SMB 2.0 should provide a wealth of improvements in data transfer on your network and give you one tool for battling a slow network.

Will Schmied is a senior systems administrator for a world renowned children's research hospital. He holds numerous Microsoft MCITP, MCTS and older certifications and is experienced with Exchange and Blackberry. Will has been actively involved with the certification and training side of IT for many years, writing or contributing to several dozen books. He is a founder of the certification portal MCSE World. Having passed the reigns to a good friend from down under, Will maintains a smaller presence today with his blog, Tales of a Systems Administrator.

Dig Deeper on Windows Server troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.