2.1 Transport
In addition to the transport protocols listed in section 2.1 of [MS-CIFS], the extended version of the protocol supports the use of TCP as a transport layer. Hereafter, the special TCP-related characteristics that are employed in the application of SMB over TCP are known as the Direct TCP transport.<2>
The extended version of the SMB Version 1.0 Protocol can use Direct TCP over either IPv4 or IPv6 as a reliable stream-oriented transport for SMB messages. No NetBIOS layer is provided or used. TCP provides a full, duplex, sequenced, and reliable transport for the connection. When using TCP as the reliable connection-oriented transport, the extended version of the SMB Version 1.0 Protocol makes no higher-level attempts to ensure sequenced delivery of messages between a client and server. The TCP transport has mechanisms to detect failures of either the client node or the server node, and to deliver such an indication to the client or server software so that it can clean up the state.
When using Direct TCP as the SMB transport, the implementer MUST establish a TCP connection from an SMB client to a TCP port on the server. The TCP source port used by the SMB client can be of any TCP port value. The SMB server SHOULD listen for connections on port 445. This port number has been registered with the Internet Assigned Numbers Authority (IANA) and has been officially assigned for Microsoft-DS.<3>
When using Direct TCP as the SMB transport, the implementer MUST prepend a 4-byte Direct TCP transport packet header to each SMB message. This transport header MUST be formatted as a byte of zero (8 zero bits) followed by 3 bytes that indicate the length of the SMB message that is encapsulated. The body of the SMB packet follows as a variable-length payload. A Direct TCP transport packet has the following structure (in network byte order).
|
|
|
|
|
|
|
|
|
|
1 |
|
|
|
|
|
|
|
|
|
2 |
|
|
|
|
|
|
|
|
|
3 |
|
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Zero |
Stream Protocol Length |
||||||||||||||||||||||||||||||
SMB Message (variable) |
|||||||||||||||||||||||||||||||
... |
Zero (1 byte): The first byte of the Direct TCP transport packet header MUST be zero (0x00).
Stream Protocol Length (3 bytes): The length, in bytes, of the SMB message. This length is formatted as a 3-byte integer in network byte order. The length field does not include the 4-byte Direct TCP transport header; rather, it is only the length of the enclosed SMB message. For SMB messages, if this value exceeds 0x1FFFF, the server SHOULD<4> disconnect the connection.
SMB Message (variable): The body of the SMB packet. The length of an SMB message varies based on the SMB command represented by the message.